David Maciejak

15 exploits Active since May 2005
CVE-2010-10013 EXPLOITDB CRITICAL ruby WORKING POC
AjaXplorer < 2.6 - Unauthenticated Remote Code Execution via access.ssh checkInstall.php destServer Parameter
An unauthenticated remote command execution vulnerability exists in AjaXplorer (now known as Pydio Cells) versions prior to 2.6. The flaw resides in the checkInstall.php script within the access.ssh plugin, which fails to properly sanitize user-supplied input to the destServer GET parameter. By injecting shell metacharacters, remote attackers can execute arbitrary system commands on the server with the privileges of the web server process.
CVE-2005-10004 EXPLOITDB HIGH ruby WORKING POC
Cacti < 0.8.6-d - Authenticated Remote Command Execution via graph_view.php graph_start Parameter
Cacti versions prior to 0.8.6-d contain a remote command execution vulnerability in the graph_view.php script. An authenticated user can inject arbitrary shell commands via the graph_start GET parameter, which is improperly handled during graph rendering. This flaw allows attackers to execute commands on the underlying operating system with the privileges of the web server process, potentially compromising system integrity.
CVSS 8.8
CVE-2005-10004 EXPLOITDB HIGH ruby WORKING POC
Cacti < 0.8.6-d - Authenticated Remote Command Execution via graph_view.php graph_start Parameter
Cacti versions prior to 0.8.6-d contain a remote command execution vulnerability in the graph_view.php script. An authenticated user can inject arbitrary shell commands via the graph_start GET parameter, which is improperly handled during graph rendering. This flaw allows attackers to execute commands on the underlying operating system with the privileges of the web server process, potentially compromising system integrity.
CVSS 8.8
CVE-2005-10004 METASPLOIT HIGH ruby WORKING POC
Cacti < 0.8.6-d - Authenticated Remote Command Execution via graph_view.php graph_start Parameter
Cacti versions prior to 0.8.6-d contain a remote command execution vulnerability in the graph_view.php script. An authenticated user can inject arbitrary shell commands via the graph_start GET parameter, which is improperly handled during graph rendering. This flaw allows attackers to execute commands on the underlying operating system with the privileges of the web server process, potentially compromising system integrity.
CVSS 8.8
CVE-2010-10013 METASPLOIT CRITICAL ruby WORKING POC
AjaXplorer < 2.6 - Unauthenticated Remote Code Execution via access.ssh checkInstall.php destServer Parameter
An unauthenticated remote command execution vulnerability exists in AjaXplorer (now known as Pydio Cells) versions prior to 2.6. The flaw resides in the checkInstall.php script within the access.ssh plugin, which fails to properly sanitize user-supplied input to the destServer GET parameter. By injecting shell metacharacters, remote attackers can execute arbitrary system commands on the server with the privileges of the web server process.
CVE-2005-1348 METASPLOIT ruby WORKING POC
MailEnable Enterprise < 1.04 and Professional < 1.54 - Remote Code Execution via HTTP Authorization Header
Buffer overflow in HTTPMail in MailEnable Enterprise 1.04 and earlier and Professional 1.54 and earlier allows remote attackers to execute arbitrary code via a long HTTP Authorization header.
CVE-2005-1348 EXPLOITDB ruby WORKING POC
MailEnable Enterprise < 1.04 and Professional < 1.54 - Remote Code Execution via HTTP Authorization Header
Buffer overflow in HTTPMail in MailEnable Enterprise 1.04 and earlier and Professional 1.54 and earlier allows remote attackers to execute arbitrary code via a long HTTP Authorization header.
CVE-2005-3934 EXPLOITDB perl WORKING POC
Symantec pcAnywhere 11.0.1 and 11.5.1 - Buffer Overflow
Buffer overflow in Symantec pcAnywhere 11.0.1, 11.5.1, and all other 32-bit versions allows remote attackers to cause a denial of service (application crash) via unknown attack vectors.
CVE-2007-2964 EXPLOITDB WORKING POC
F-secure Policy Manager < 7.00 - Denial of Service
The fsmsh.dll host module in F-Secure Policy Manager Server 7.00 and earlier allows remote attackers to cause a denial of service (application crash) via NTFS reserved words in filenames in URLs.
EIP-2026-112819 EXPLOITDB WORKING POC
TWiki 4.0.4 - Configure Script Remote Code Execution (Metasploit)
CVE-2005-3980 EXPLOITDB text WRITEUP
Trac 0.9 - SQL Injection via Ticket Query Group Parameter
SQL injection vulnerability in the ticket query module in Edgewall Trac 0.9 and possibly earlier allows remote attackers to execute arbitrary SQL commands via the group parameter.
CVE-2005-3081 EXPLOITDB WORKING POC
wzdftpd 0.5.4 - Authenticated Remote Command Execution via SITE Command
wzdftpd 0.5.4 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the SITE command.
CVE-2005-4694 EXPLOITDB text WORKING POC
Plain Black WebGUI < 6.7.6 - Remote Code Execution via Asset.pm www_add Method
Unspecified vulnerability in the www_add method in Asset.pm in Plain Black WebGUI 6.3.0 and other versions before 6.7.6 allows attackers to execute arbitrary code via unknown attack vectors.
CVE-2006-2351 EXPLOITDB text WRITEUP
IPswitch WhatsUp Professional 2006 - Cross-Site Scripting via sDeviceView, nDeviceID, or sHostname Parameter
Multiple cross-site scripting (XSS) vulnerabilities in IPswitch WhatsUp Professional 2006 and WhatsUp Professional 2006 Premium allow remote attackers to inject arbitrary web script or HTML via the (1) sDeviceView or (2) nDeviceID parameter to (a) NmConsole/Navigation.asp or (3) sHostname parameter to (b) NmConsole/ToolResults.asp.
CVE-2006-2351 EXPLOITDB text WRITEUP
IPswitch WhatsUp Professional 2006 - Cross-Site Scripting via sDeviceView, nDeviceID, or sHostname Parameter
Multiple cross-site scripting (XSS) vulnerabilities in IPswitch WhatsUp Professional 2006 and WhatsUp Professional 2006 Premium allow remote attackers to inject arbitrary web script or HTML via the (1) sDeviceView or (2) nDeviceID parameter to (a) NmConsole/Navigation.asp or (3) sHostname parameter to (b) NmConsole/ToolResults.asp.