zcgonvh

16 exploits Active since Mar 2016
CVE-2020-0688 NOMISEC HIGH WORKING POC
Microsoft Exchange Server - Authentication Bypass
A remote code execution vulnerability exists in Microsoft Exchange software when the software fails to properly handle objects in memory, aka 'Microsoft Exchange Memory Corruption Vulnerability'.
356 stars
CVSS 8.8
CVE-2020-17144 NOMISEC HIGH WORKING POC
Microsoft Exchange - RCE
Microsoft Exchange Remote Code Execution Vulnerability
159 stars
CVSS 8.4
CVE-2017-7269 NOMISEC CRITICAL WORKING POC
IIS 6.0 - Buffer Overflow
Buffer overflow in the ScStoragePathFromUrl function in the WebDAV service in Internet Information Services (IIS) 6.0 in Microsoft Windows Server 2003 R2 allows remote attackers to execute arbitrary code via a long header beginning with "If: <http://" in a PROPFIND request, as exploited in the wild in July or August 2016.
135 stars
CVSS 9.8
CVE-2017-7269 NOMISEC CRITICAL WORKING POC
IIS 6.0 - Buffer Overflow
Buffer overflow in the ScStoragePathFromUrl function in the WebDAV service in Internet Information Services (IIS) 6.0 in Microsoft Windows Server 2003 R2 allows remote attackers to execute arbitrary code via a long header beginning with "If: <http://" in a PROPFIND request, as exploited in the wild in July or August 2016.
88 stars
CVSS 9.8
CVE-2016-0099 NOMISEC HIGH WORKING POC
MS16-032 Secondary Logon Handle Privilege Escalation
The Secondary Logon Service in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 does not properly process request handles, which allows local users to gain privileges via a crafted application, aka "Secondary Logon Elevation of Privilege Vulnerability."
83 stars
CVSS 7.8
CVE-2017-0213 NOMISEC HIGH WRITEUP
Microsoft Windows - Privilege Escalation
Windows COM Aggregate Marshaler in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an elevation privilege vulnerability when an attacker runs a specially crafted application, aka "Windows COM Elevation of Privilege Vulnerability". This CVE ID is unique from CVE-2017-0214.
58 stars
CVSS 7.3
CVE-2017-7269 NOMISEC CRITICAL WORKING POC
IIS 6.0 - Buffer Overflow
Buffer overflow in the ScStoragePathFromUrl function in the WebDAV service in Internet Information Services (IIS) 6.0 in Microsoft Windows Server 2003 R2 allows remote attackers to execute arbitrary code via a long header beginning with "If: <http://" in a PROPFIND request, as exploited in the wild in July or August 2016.
11 stars
CVSS 9.8
CVE-2020-0688 NOMISEC HIGH WORKING POC
Microsoft Exchange Server - Authentication Bypass
A remote code execution vulnerability exists in Microsoft Exchange software when the software fails to properly handle objects in memory, aka 'Microsoft Exchange Memory Corruption Vulnerability'.
2 stars
CVSS 8.8
CVE-2020-17144 PATCHAPALOOZA HIGH WORKING POC
Microsoft Exchange - RCE
Microsoft Exchange Remote Code Execution Vulnerability
CVSS 8.4
CVE-2020-17144 PATCHAPALOOZA HIGH WORKING POC
Microsoft Exchange - RCE
Microsoft Exchange Remote Code Execution Vulnerability
CVSS 8.4
CVE-2020-17144 PATCHAPALOOZA HIGH WORKING POC
Microsoft Exchange - RCE
Microsoft Exchange Remote Code Execution Vulnerability
CVSS 8.4
CVE-2020-0688 PATCHAPALOOZA HIGH WORKING POC
Microsoft Exchange Server - Authentication Bypass
A remote code execution vulnerability exists in Microsoft Exchange software when the software fails to properly handle objects in memory, aka 'Microsoft Exchange Memory Corruption Vulnerability'.
CVSS 8.8
CVE-2017-7269 PATCHAPALOOZA CRITICAL WORKING POC
IIS 6.0 - Buffer Overflow
Buffer overflow in the ScStoragePathFromUrl function in the WebDAV service in Internet Information Services (IIS) 6.0 in Microsoft Windows Server 2003 R2 allows remote attackers to execute arbitrary code via a long header beginning with "If: <http://" in a PROPFIND request, as exploited in the wild in July or August 2016.
CVSS 9.8
CVE-2022-23277 METASPLOIT HIGH ruby WORKING POC
Microsoft Exchange Server ChainedSerializationBinder RCE
Microsoft Exchange Server Remote Code Execution Vulnerability
CVSS 8.8
CVE-2017-7269 METASPLOIT CRITICAL ruby WORKING POC
IIS 6.0 - Buffer Overflow
Buffer overflow in the ScStoragePathFromUrl function in the WebDAV service in Internet Information Services (IIS) 6.0 in Microsoft Windows Server 2003 R2 allows remote attackers to execute arbitrary code via a long header beginning with "If: <http://" in a PROPFIND request, as exploited in the wild in July or August 2016.
CVSS 9.8
CVE-2017-7269 EXPLOITDB CRITICAL ruby WORKING POC
IIS 6.0 - Buffer Overflow
Buffer overflow in the ScStoragePathFromUrl function in the WebDAV service in Internet Information Services (IIS) 6.0 in Microsoft Windows Server 2003 R2 allows remote attackers to execute arbitrary code via a long header beginning with "If: <http://" in a PROPFIND request, as exploited in the wild in July or August 2016.
CVSS 9.8