mandiant

9 exploits Active since Dec 2019
CVE-2019-19781 NOMISEC CRITICAL SCANNER
Citrix ADC (NetScaler) Directory Traversal Scanner
An issue was discovered in Citrix Application Delivery Controller (ADC) and Gateway 10.5, 11.1, 12.0, 12.1, and 13.0. They allow Directory Traversal.
94 stars
CVSS 9.8
CVE-2023-3519 NOMISEC CRITICAL SCANNER
Citrix NetScaler ADC and Gateway - Unauthenticated Remote Code Execution
Unauthenticated remote code execution
66 stars
CVSS 9.8
CVE-2025-42999 GITHUB CRITICAL python SCANNER
SAP NetWeaver Visual Composer Metadata Uploader - Code Injection
SAP NetWeaver Visual Composer Metadata Uploader is vulnerable when a privileged user can upload untrusted or malicious content which, when deserialized, could potentially lead to a compromise of confidentiality, integrity, and availability of the host system.
8 stars
CVSS 9.1
CVE-2023-2868 METASPLOIT CRITICAL ruby WORKING POC
Barracuda Email Security Gateway <9.2.0.006 - Command Injection
A remote command injection vulnerability exists in the Barracuda Email Security Gateway (appliance form factor only) product effecting versions 5.1.3.001-9.2.0.006. The vulnerability arises out of a failure to comprehensively sanitize the processing of .tar file (tape archives). The vulnerability stems from incomplete input validation of a user-supplied .tar file as it pertains to the names of the files contained within the archive. As a consequence, a remote attacker can specifically format these file names in a particular manner that will result in remotely executing a system command through Perl's qx operator with the privileges of the Email Security Gateway product. This issue was fixed as part of BNSF-36456 patch. This patch was automatically applied to all customer appliances.
CVSS 9.4
CVE-2023-7101 METASPLOIT HIGH ruby WORKING POC
Spreadsheet::ParseExcel < 0.65 - Remote Code Execution via Number Format String Eval
Spreadsheet::ParseExcel version 0.65 is a Perl module used for parsing Excel files. Spreadsheet::ParseExcel is vulnerable to an arbitrary code execution (ACE) vulnerability due to passing unvalidated input from a file into a string-type “eval”. Specifically, the issue stems from the evaluation of Number format strings (not to be confused with printf-style format strings) within the Excel parsing logic.
CVSS 7.8
CVE-2023-7102 METASPLOIT CRITICAL ruby WORKING POC
Barracuda ESG Appliance <9.2.1.001 - Parameter Injection
Use of a Third Party library produced a vulnerability in Barracuda Networks Inc. Barracuda ESG Appliance which allowed Parameter Injection.This issue affected Barracuda ESG Appliance, from 5.1.3.001 through 9.2.1.001, until Barracuda removed the vulnerable logic.
CVSS 9.8
CVE-2021-33615 WRITEUP HIGH WRITEUP
RSA Archer <6.8.00500.1003 - Unrestricted Upload
RSA Archer 6.8.00500.1003 P5 allows Unrestricted Upload of a File with a Dangerous Type.
CVSS 7.5
CVE-2021-33616 WRITEUP MEDIUM WRITEUP
RSA Archer 6.1.0.0-6.9.1.4 - Stored Cross-Site Scripting
RSA Archer 6.x through 6.9 SP1 P4 (6.9.1.4) allows stored XSS.
CVSS 5.4
CVE-2021-38362 WRITEUP MEDIUM WRITEUP
RSA Archer <6.9.3.0 - Info Disclosure
In RSA Archer 6.x through 6.9 SP3 (6.9.3.0), an authenticated attacker can make a GET request to a REST API endpoint that is vulnerable to an Insecure Direct Object Reference (IDOR) issue and retrieve sensitive data.
CVSS 6.5