AlpHaNiX

50 exploits Active since Dec 2008
CVE-2009-1329 EXPLOITDB perl WORKING POC
Mini-stream Shadow Stream Recorder 3.0.1.7 - Remote Code Execution via Long URI in Playlist File
Stack-based buffer overflow in Mini-stream Shadow Stream Recorder 3.0.1.7 allows remote attackers to execute arbitrary code via a long URI in a playlist (.m3u) file.
CVE-2009-1321 EXPLOITDB perl WORKING POC
ASP Product Catalog 1.0 - Cross-Site Scripting via Search Keywords Parameter
Cross-site scripting (XSS) vulnerability in search.asp in ASP Product Catalog 1.0 allows remote attackers to inject arbitrary web script or HTML via the keywords parameter.
CVE-2008-6320 EXPLOITDB text WORKING POC
CF Shopkart 5.2.2 - SQL Injection via Category Parameter
SQL injection vulnerability in index.cfm in CF Shopkart 5.2.2 allows remote attackers to execute arbitrary SQL commands via the Category parameter in a ViewCategory action.
CVE-2008-5595 EXPLOITDB text WRITEUP
ASP AutoDealer - SQL Injection via ID Parameter
SQL injection vulnerability in detail.asp in ASP AutoDealer allows remote attackers to execute arbitrary SQL commands via the ID parameter.
CVE-2008-5591 EXPLOITDB text WRITEUP
Nightfall Personal Diary 1.0 - Cross-Site Scripting via login.asp Username Parameter
Cross-site scripting (XSS) vulnerability in login.asp in Nightfall Personal Diary 1.0 allows remote attackers to inject arbitrary web script or HTML via the username parameter and possibly other "login fields." NOTE: some of these details are obtained from third party information.
CVE-2008-5559 EXPLOITDB text WORKING POC
PostEcards - SQL Injection via cid Parameter
SQL injection vulnerability in sendcard.cfm in PostEcards allows remote attackers to execute arbitrary SQL commands via the cid parameter.
CVE-2008-5892 EXPLOITDB text WORKING POC
ClickAndEmail - SQL Injection via ID Parameter or Admin Credentials
Multiple SQL injection vulnerabilities in ClickAndEmail allow remote attackers to execute arbitrary SQL commands via (1) the ID parameter to admin_dblayers.asp in an update action, (2) the adminid parameter to admin_loginCheck.asp (aka the USERNAME field in admin_main.asp), and (3) the PassWord parameter to admin_loginCheck.asp (aka the PASSWORD field in admin_main.asp). NOTE: some of these details are obtained from third party information.
CVE-2008-5888 EXPLOITDB text WRITEUP
Click&Rank - SQL Injection via id or userid or PassWord Parameter
Multiple SQL injection vulnerabilities in Click&Rank allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) hitcounter.asp, (2) user_delete.asp, and (3) user_update.asp; (4) the userid parameter to admin_login.asp (aka the USERNAME field in admin.asp); and (5) the PassWord parameter to admin_login.asp (aka the PASSWORD field in admin.asp). NOTE: some of these details are obtained from third party information.
CVE-2009-1641 METASPLOIT ruby WORKING POC
Mini-stream Ripper 3.0.1.1 - Remote Code Execution via Long RTSP URL or HREF Attribute
Multiple stack-based buffer overflows in Mini-stream Ripper 3.0.1.1 allow remote attackers to execute arbitrary code via (1) a long rtsp URL in a .ram file and (2) a long string in the HREF attribute of a REF element in a .asx file.
CVE-2009-1642 EXPLOITDB ruby WORKING POC
Mini-stream ASX to MP3 Converter 3.0.0.7 - Stack-based Buffer Overflow via Long rtsp URL or HREF Attribute
Multiple stack-based buffer overflows in Mini-stream ASX to MP3 Converter 3.0.0.7 allow remote attackers to execute arbitrary code via (1) a long rtsp URL in a .ram file and (2) a long string in the HREF attribute of a REF element in a .asx file. NOTE: the latter was also subsequently reported in "prior to 3.1.3.7."
EIP-2026-117734 EXPLOITDB perl WORKING POC
OtsTurntables 1.00.027 - '.m3u' / '.ofl' Universal Buffer Overflow
EIP-2026-116928 EXPLOITDB perl WORKING POC
Browser3D 3.5 - '.sfs' Local Stack Overflow
EIP-2026-117124 EXPLOITDB perl WORKING POC
Elecard MPEG Player - '.m3u' Local Stack Overflow
EIP-2026-115608 EXPLOITDB perl WORKING POC
MediaMonkey 3.0.6 - '.m3u' Local Buffer Overflow (PoC)
CVE-2009-0443 EXPLOITDB perl WORKING POC
Elecard AVC HD PLAYER 5.5.90116 - Buffer Overflow
Stack-based buffer overflow in Elecard AVC HD PLAYER 5.5.90116 allows remote attackers to execute arbitrary code via an M3U file containing a long string in a URL.
CVE-2008-5601 EXPLOITDB text WRITEUP
User Engine Lite ASP - Info Disclosure
User Engine Lite ASP stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request for users.mdb.
CVE-2008-5981 EXPLOITDB text WRITEUP
PacPoll 4.0 - Unauthenticated Sensitive Information Exposure via Direct Database Request
PacPoll 4.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for (1) poll.mdb or (2) poll97.mdb.
CVE-2008-5592 EXPLOITDB text WRITEUP
Nightfall Personal Diary 1.0 - Info Disclosure
Nightfall Personal Diary 1.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request for users-zza21.mdb.
CVE-2008-6494 EXPLOITDB text WRITEUP
ASP User Engine.NET - Unauthenticated Sensitive Information Exposure via Direct Database Download
ASP User Engine.NET stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for users.mdb.
CVE-2008-6874 EXPLOITDB text WORKING POC
ASP SiteWare autoDealer 1 and 2 - SQL Injection via iType Parameter
Multiple SQL injection vulnerabilities in ASP SiteWare autoDealer 1 and 2 allow remote attackers to execute arbitrary SQL commands via the iType parameter in (1) Auto1/type.asp or (2) auto2/type.asp.
CVE-2009-1322 EXPLOITDB perl WORKING POC
ASP Product Catalog 1.0 - Unauthenticated Sensitive Information Exposure via Direct Database Request
ASP Product Catalog 1.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing user credentials via a direct request for database/aspProductCatalog.mdb.
CVE-2008-5972 EXPLOITDB text WRITEUP
Active Business Directory 2 - SQL Injection
SQL injection vulnerability in default.asp in Active Business Directory 2 allows remote attackers to execute arbitrary SQL commands via the catid parameter.
CVE-2008-5632 EXPLOITDB text WORKING POC
Active Time Billing 3.2 - SQL Injection
SQL injection vulnerability in Account.asp in Active Time Billing 3.2 allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters, possibly related to start.asp. NOTE: some of these details are obtained from third party information.
CVE-2009-0542 EXPLOITDB perl WORKING POC
ProFTPD Server <1.3.2rc2 - SQL Injection
SQL injection vulnerability in ProFTPD Server 1.3.1 through 1.3.2rc2 allows remote attackers to execute arbitrary SQL commands via a "%" (percent) character in the username, which introduces a "'" (single quote) character during variable substitution by mod_sql.
EIP-2026-101968 EXPLOITDB perl WORKING POC
Sagem Routers - Remote Authentication Bypass