tintinweb

13 exploits Active since Oct 2014
CVE-2016-3116 NOMISEC MEDIUM WORKING POC
Dropbear SSH <2016.72 - Auth Bypass
CRLF injection vulnerability in Dropbear SSH before 2016.72 allows remote authenticated users to bypass intended shell-command restrictions via crafted X11 forwarding data.
2 stars
CVSS 6.4
CVE-2017-16929 EXPLOITDB HIGH python WORKING POC
Claymore Dual GPU miner 10.1 - Path Traversal
The remote management interface on the Claymore Dual GPU miner 10.1 is vulnerable to an authenticated directory traversal vulnerability exploited by issuing a specially crafted request, allowing a remote attacker to read/write arbitrary files. This can be exploited via ../ sequences in the pathname to miner_file or miner_getfile.
CVSS 8.1
CVE-2017-16930 EXPLOITDB CRITICAL python WORKING POC
Claymore Dual GPU Miner 10.1 - Remote Code Execution via Stack-Based Buffer Overflow
The remote management interface on the Claymore Dual GPU miner 10.1 allows an unauthenticated remote attacker to execute arbitrary code due to a stack-based buffer overflow in the request handler. This can be exploited via a long API request that is mishandled during logging.
CVSS 9.8
CVE-2016-5725 EXPLOITDB MEDIUM text WORKING POC
JCraft JSch <0.1.54 - Path Traversal
Directory traversal vulnerability in JCraft JSch before 0.1.54 on Windows, when the mode is ChannelSftp.OVERWRITE, allows remote SFTP servers to write to arbitrary files via a ..\ (dot dot backslash) in a response to a recursive GET command.
CVSS 5.9
CVE-2014-2022 EXPLOITDB python WORKING POC
vBulletin < 4.2.2 - Authenticated SQL Injection via XMLRPC API conceptid Argument
SQL injection vulnerability in includes/api/4/breadcrumbs_create.php in vBulletin 4.2.2, 4.2.1, 4.2.0 PL2, and earlier allows remote authenticated users to execute arbitrary SQL commands via the conceptid argument in an xmlrpc API request.
CVE-2014-2021 EXPLOITDB python WORKING POC
vBulletin < 4.2.2 and 5.0.x-5.0.5 - Authenticated Stored Cross-Site Scripting via XMLRPC API Client Name
Cross-site scripting (XSS) vulnerability in admincp/apilog.php in vBulletin 4.2.2 and earlier, and 5.0.x through 5.0.5 allows remote authenticated users to inject arbitrary web script or HTML via a crafted XMLRPC API request, as demonstrated using the client name.
CVE-2014-2023 EXPLOITDB CRITICAL python WORKING POC
Tapatalk plugin <4.9.0, 5.x-5.2.1 - SQL Injection
Multiple SQL injection vulnerabilities in the Tapatalk plugin 4.9.0 and earlier and 5.x through 5.2.1 for vBulletin allow remote attackers to execute arbitrary SQL commands via a crafted xmlrpc API request to (1) unsubscribe_forum.php or (2) unsubscribe_topic.php in mobiquo/functions/.
CVSS 9.8
CVE-2016-3115 EXPLOITDB MEDIUM python WORKING POC
OpenSSH < 7.2 - Authenticated Command Restriction Bypass via X11 Forwarding CRLF Injection
Multiple CRLF injection vulnerabilities in session.c in sshd in OpenSSH before 7.2p2 allow remote authenticated users to bypass intended shell-command restrictions via crafted X11 forwarding data, related to the (1) do_authenticated1 and (2) session_x11_req functions.
CVSS 6.4
CVE-2016-0772 EXPLOITDB MEDIUM text WORKING POC
CPython <3.4.5-2.7.12 - Info Disclosure
The smtplib library in CPython (aka Python) before 2.7.12, 3.x before 3.4.5, and 3.5.x before 3.5.2 does not return an error when StartTLS fails, which might allow man-in-the-middle attackers to bypass the TLS protections by leveraging a network position between the client and the registry to block the StartTLS command, aka a "StartTLS stripping attack."
CVSS 6.5
CVE-2017-18016 EXPLOITDB MEDIUM text WORKING POC
Parity Browser <= 1.6.10 - Origin Validation Error via Web Proxy Engine
Parity Browser 1.6.10 and earlier allows remote attackers to bypass the Same Origin Policy and obtain sensitive information by requesting other websites via the Parity web proxy engine (reusing the current website's token, which is not bound to an origin).
CVSS 5.3
CVE-2016-2563 EXPLOITDB CRITICAL text WORKING POC
9bis kitty < 0.66.6.3 - Stack-based Buffer Overflow via SCP-SINK File-Size Response
Stack-based buffer overflow in the SCP command-line utility in PuTTY before 0.67 and KiTTY 0.66.6.3 and earlier allows remote servers to cause a denial of service (stack memory corruption) or execute arbitrary code via a crafted SCP-SINK file-size response to an SCP download request.
CVSS 9.8
CVE-2017-8798 EXPLOITDB CRITICAL text WORKING POC
MiniUPnP MiniUPnPc 1.4.20101221-2.0 - Denial of Service via Integer Signedness Error
Integer signedness error in MiniUPnP MiniUPnPc v1.4.20101221 through v2.0 allows remote attackers to cause a denial of service or possibly have unspecified other impact.
CVSS 9.8
CVE-2016-3116 EXPLOITDB MEDIUM WORKING POC
Dropbear SSH <2016.72 - Auth Bypass
CRLF injection vulnerability in Dropbear SSH before 2016.72 allows remote authenticated users to bypass intended shell-command restrictions via crafted X11 forwarding data.
CVSS 6.4