0x90

10 exploits Active since Oct 2007
CVE-2014-0160 NOMISEC HIGH WORKING POC
OpenSSL 1.0.1-1.0.1f - Out-of-bounds Read via Heartbeat Extension
The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by reading private keys, related to d1_both.c and t1_lib.c, aka the Heartbleed bug.
8 stars
CVSS 7.5
CVE-2007-5918 EXPLOITDB html WORKING POC
MS TopSites - Authenticated Cross-Site Request Forgery via uname Parameter
Cross-site request forgery (CSRF) vulnerability in edit.php in the MS TopSites add-on for PHP-Nuke does not verify that the uname parameter matches the current account, which allows remote authenticated users to change arbitrary accounts or change the SiteTitleName field as an arbitrary user via a modified uname value in an edit action to modules.php.
CVE-2008-4736 EXPLOITDB text WORKING POC
RPG.Board <= 0.8 Beta2 - SQL Injection via showtopic Parameter
SQL injection vulnerability in index.php in RPG.Board 0.8 Beta2 and earlier allows remote attackers to execute arbitrary SQL commands via the showtopic parameter.
CVE-2008-1492 EXPLOITDB text WORKING POC
CoronaMatrix phpAddressBook <2.11 - Path Traversal
Multiple directory traversal vulnerabilities in CoronaMatrix phpAddressBook 2.11 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the skin parameter to (1) index.php and (2) install.php. NOTE: it was later reported that vector 1 is also present in 2.0.
EIP-2026-110878 EXPLOITDB perl WORKING POC
PHP-Nuke Advertising Module 0.9 - 'modules.php' SQL Injection
CVE-2007-5752 EXPLOITDB html WORKING POC
PHP-AGTC Membership System 1.1a - Unauthenticated Account Creation via adduser.php
adduser.php in PHP-AGTC Membership (AGTC-Membership) System 1.1a does not require authentication, which allows remote attackers to create accounts via a modified form, as demonstrated by an account with admin (userlevel 4) privileges.
CVE-2008-5097 EXPLOITDB text WORKING POC
MyFWB 1.0 - SQL Injection via Page Parameter
SQL injection vulnerability in index.php in MyFWB 1.0 allows remote attackers to execute arbitrary SQL commands via the page parameter.
CVE-2008-6038 EXPLOITDB text WORKING POC
MapCal 0.1 - SQL Injection via id Parameter in editevent Action
SQL injection vulnerability in index.php in MapCal 0.1 allows remote attackers to execute arbitrary SQL commands via the id parameter in an editevent action, possibly related to dsp_editevent.php.
CVE-2008-6464 EXPLOITDB text WORKING POC
Basic PHP Events Lister 1.0 - SQL Injection via event.php id Parameter
SQL injection vulnerability in event.php in Mevin Productions Basic PHP Events Lister 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-4166 EXPLOITDB javascript WORKING POC
Avant Browser < 11.7 - Denial of Service via JavaScript URL Encoding
Integer overflow in the JavaScript engine in Avant Browser 11.7 Build 9 and earlier allows remote attackers to cause a denial of service (application crash) by attempting to URL encode a string containing many instances of an invalid character.