D3V!L FUCKER

13 exploits Active since Feb 2008
CVE-2011-0900 EXPLOITDB perl WORKING POC
Erick Woods Terminal Server Client - Memory Corruption
Stack-based buffer overflow in the tsc_launch_remote function (src/support.c) in Terminal Server Client (tsclient) 0.150, and possibly other versions, allows user-assisted remote attackers to execute arbitrary code via a .RDP file with a long hostname argument.
EIP-2026-118803 EXPLOITDB html WORKING POC
Microsoft Internet Explorer - 'wshom.ocx' ActiveX Control Remote Code Execution
EIP-2026-118705 EXPLOITDB html WORKING POC
JcomBand toolbar on IE - ActiveX Buffer Overflow
EIP-2026-117641 EXPLOITDB perl WORKING POC
MP3 Studio 1.x - '.m3u' Local Stack Overflow (Universal)
EIP-2026-116481 EXPLOITDB perl WORKING POC
VideoLAN VLC Media Player 1.0.3 - '.asx' Denial of Service (PoC)
EIP-2026-116479 EXPLOITDB html WORKING POC
VideoLAN VLC Media Player 0.8.6i - ActiveX Denial of Service (PoC)
EIP-2026-116158 EXPLOITDB perl WORKING POC
Real Player - Local Crash (PoC)
EIP-2026-115915 EXPLOITDB perl WORKING POC
Nero Express 7.9.6.4 - Local Heap (PoC)
EIP-2026-115488 EXPLOITDB perl WORKING POC
JetAudio Basic 7.5.5.25 - '.asx' Buffer Overflow (PoC)
CVE-2008-0747 EXPLOITDB perl WORKING POC
Cowon America Jetaudio Basic < 7.0.5 - Memory Corruption
Stack-based buffer overflow in COWON America jetAudio 7.0.5 and earlier allows user-assisted remote attackers to execute arbitrary code via a long URL in a .asx file, a different vulnerability than CVE-2007-5487.
EIP-2026-108975 EXPLOITDB text WORKING POC
Kayako eSupport 3.04.10 - Cross-Site Scripting / Cross-Site Request Forgery
EIP-2026-104872 EXPLOITDB text WRITEUP
@lex Guestbook 5.0 - Multiple Cross-Site Scripting Vulnerabilities
CVE-2011-0901 EXPLOITDB perl WORKING POC
Erick Woods Terminal Server Client - Memory Corruption
Multiple stack-based buffer overflows in the tsc_launch_remote function (src/support.c) in Terminal Server Client (tsclient) 0.150, and possibly other versions, allow user-assisted remote attackers to execute arbitrary code via a .RDP file with a long (1) username, (2) password, or (3) domain argument. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.