Dr_IDE

101 exploits Active since Apr 2008
CVE-2009-3708 EXPLOITDB python WORKING POC
Alleycode HTML Editor 2.21 - Stack-Based Buffer Overflow via Long META Tag Value
Stack-based buffer overflow in the Meta Content Optimizer in Konae Technologies Alleycode HTML Editor 2.21 allows user-assisted remote attackers to execute arbitrary code via a long value in a (1) description or (2) keyword META tag. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-7244 EXPLOITDB html WORKING POC
Firefox < 3.0.1 - Denial of Service via Window Print Loop
Mozilla Firefox 3.0.1 and earlier allows remote attackers to cause a denial of service (browser hang) by calling the window.print function in a loop, aka a "printing DoS attack," possibly a related issue to CVE-2009-0821.
CVE-2008-7245 EXPLOITDB html WORKING POC
Opera < 9.52 - Denial of Service via Window Print Function Loop
Opera 9.52 and earlier allows remote attackers to cause a denial of service (unusable browser) by calling the window.print function in a loop, aka a "printing DoS attack," possibly a related issue to CVE-2009-0821.
CVE-2008-7246 EXPLOITDB html WORKING POC
Google Chrome < 0.2.149.29 - Denial of Service via Window Print Function
Google Chrome 0.2.149.29 and earlier allows remote attackers to cause a denial of service (unusable browser) by calling the window.print function in a loop, aka a "printing DoS attack," possibly a related issue to CVE-2009-0821.
CVE-2010-5193 EXPLOITDB ruby WORKING POC
Viscom Image Viewer CP Pro/Gold <8.0-6.0 - Buffer Overflow
Stack-based buffer overflow in the TIFMergeMultiFiles function in the SCRIBBLE.ScribbleCtrl.1 ActiveX control (ImageViewer2.ocx) in Viscom Image Viewer CP Pro 8.0 and Gold 6.0 allows remote attackers to execute arbitrary code via a long strDelimit parameter.
CVE-2010-2263 EXPLOITDB text WORKING POC
nginx 0.7.52-0.7.65 and 0.8-0.8.39 on Windows - Unauthenticated Arbitrary File Read via ::$DATA URI Suffix
nginx 0.8 before 0.8.40 and 0.7 before 0.7.66, when running on Windows, allows remote attackers to obtain source code or unparsed content of arbitrary files under the web document root by appending ::$DATA to the URI.
CVE-2009-4657 EXPLOITDB text WRITEUP
Xerver 4.32 - Unauthenticated Administrator Access via Port 32123
The administrator package for Xerver 4.32 does not require authentication, which allows remote attackers to alter application settings by connecting to the application on port 32123, as demonstrated by setting the action option to wizardStep1.
CVE-2009-3837 METASPLOIT ruby WORKING POC
Eureka Email 2.2q - Remote Code Execution via Long POP3 Error Message
Stack-based buffer overflow in Eureka Email 2.2q allows remote POP3 servers to execute arbitrary code via a long error message.
CVE-2008-1914 METASPLOIT ruby WORKING POC
BigAnt IM Server <2.2 - Buffer Overflow
Stack-based buffer overflow in the AntServer module (AntServer.exe) in BigAnt IM Server in BigAnt Messenger 2.2 allows remote attackers to execute arbitrary code via a long URI in a request to TCP port 6080. NOTE: some of these details are obtained from third party information.
CVE-2010-4321 METASPLOIT ruby WORKING POC
Novell iPrint Client 5.52 - Stack-based Buffer Overflow via ienipp.ocx ActiveX Control
Stack-based buffer overflow in an ActiveX control in ienipp.ocx in Novell iPrint Client 5.52 allows remote attackers to execute arbitrary code via a long argument to (1) the GetDriverSettings2 method, as reachable by (2) the GetDriverSettings method.
CVE-2010-5193 METASPLOIT ruby WORKING POC
Viscom Image Viewer CP Pro/Gold <8.0-6.0 - Buffer Overflow
Stack-based buffer overflow in the TIFMergeMultiFiles function in the SCRIBBLE.ScribbleCtrl.1 ActiveX control (ImageViewer2.ocx) in Viscom Image Viewer CP Pro 8.0 and Gold 6.0 allows remote attackers to execute arbitrary code via a long strDelimit parameter.
CVE-2010-2590 METASPLOIT ruby WORKING POC
SAP Crystal Reports 2008 SP3 Fix Pack 3.2 - Remote Code Execution via Long ServerResourceVersion Property
Heap-based buffer overflow in the CrystalReports12.CrystalPrintControl.1 ActiveX control in PrintControl.dll 12.3.2.753 in SAP Crystal Reports 2008 SP3 Fix Pack 3.2 allows remote attackers to execute arbitrary code via a long ServerResourceVersion property value.
CVE-2009-4265 METASPLOIT ruby WORKING POC
Ideal Administration 2009 <9.7.1 - Buffer Overflow
Stack-based buffer overflow in Ideal Administration 2009 9.7.1, and possibly other versions, allows remote attackers to execute arbitrary code via a long Computer value in an .ipj project file.
CVE-2019-5618 METASPLOIT HIGH ruby WORKING POC
A-PDF WAV to MP3 1.0.0 - Stack-based Buffer Overflow
A-PDF WAV to MP3 version 1.0.0 suffers from an instance of CWE-121: Stack-based Buffer Overflow.
CVSS 7.8
EIP-2026-119379 EXPLOITDB text WORKING POC
httpdx 1.4.6b - Source Disclosure
EIP-2026-119335 EXPLOITDB text WORKING POC
Zervit Web Server 0.4 - Directory Traversals
CVE-2010-5193 EXPLOITDB html WORKING POC
Viscom Image Viewer CP Pro/Gold <8.0-6.0 - Buffer Overflow
Stack-based buffer overflow in the TIFMergeMultiFiles function in the SCRIBBLE.ScribbleCtrl.1 ActiveX control (ImageViewer2.ocx) in Viscom Image Viewer CP Pro 8.0 and Gold 6.0 allows remote attackers to execute arbitrary code via a long strDelimit parameter.
EIP-2026-119336 EXPLOITDB text WRITEUP
Zervit Web Server 0.4 - Source Disclosure/Download
CVE-2009-3902 EXPLOITDB text WRITEUP
Cherokee Web Server <0.5.4 - Path Traversal
Directory traversal vulnerability in Cherokee Web Server 0.5.4 and earlier for Windows allows remote attackers to read arbitrary files via a /\.. (slash backslash dot dot) in the URL.
EIP-2026-119255 EXPLOITDB python WORKING POC
VideoLAN VLC Media Player 1.0.2 - 'smb://' URI Stack Overflow
CVE-2010-5194 EXPLOITDB ruby WORKING POC
Viscom Image Viewer <8.0 - Buffer Overflow
Stack-based buffer overflow in the Image2PDF function in the SCRIBBLE.ScribbleCtrl.1 ActiveX control (ImageViewer2.ocx) in Viscom Image Viewer CP Pro 8.0, Gold 5.5, Gold 6.0, and earlier allows remote attackers to execute arbitrary code via a long strPDFFile parameter.
CVE-2009-3544 EXPLOITDB text WRITEUP
Xerver HTTP Server 4.32 - Exposure of Sensitive Information via ::$DATA Suffix
Xerver HTTP Server 4.32 allows remote attackers to obtain the source code for a web page via an HTTP request with the addition of ::$DATA after the HTML file name.
EIP-2026-118944 EXPLOITDB text WRITEUP
NaviCOPA 3.0.1.2 - Source Disclosure
CVE-2009-3646 EXPLOITDB text WRITEUP
InterVations NaviCOPA Web Server 3.01 - Unauthenticated Source Code Exposure via ::$DATA Suffix
InterVations NaviCOPA Web Server 3.01 allows remote attackers to obtain the source code for a web page via an HTTP request with the addition of ::$DATA after the HTML file name.
EIP-2026-119220 EXPLOITDB html WORKING POC
Trend Micro Internet Security 2010 - 'UfPBCtrl.DLL' ActiveX Remote Command Execution