High-Tech Bridge SA

441 exploits Active since Apr 2010
CVE-2011-0503 EXPLOITDB text WORKING POC
vam_shop <= 1.6.1 - Cross-Site Request Forgery in Admin User Management
Cross-site request forgery (CSRF) vulnerability in VaM Shop 1.6, 1.6.1, and probably earlier versions allows remote attackers to hijack the authentication of administrators for requests that (1) change user status via admin/customers.php or (2) change user permissions via admin/accounting.php. NOTE: some of these details are obtained from third party information.
CVE-2010-4851 EXPLOITDB text WORKING POC
Eclime 1.1.2b - SQL Injection via ref poll_id or country Parameter
Multiple SQL injection vulnerabilities in Eclime 1.1.2b allow remote attackers to execute arbitrary SQL commands via the (1) ref or (2) poll_id parameter to index.php, or the (3) country parameter to create_account.php.
CVE-2010-4780 EXPLOITDB text WRITEUP
Enano CMS <1.1.8-1.0.6pl3 - SQL Injection
SQL injection vulnerability in the check_banlist function in includes/sessions.php in Enano CMS 1.1.7pl1; 1.0.6pl2; and possibly other versions before 1.1.8, 1.0.6pl3, and 1.1.7pl2 allows remote attackers to execute arbitrary SQL commands via the email parameter to index.php. NOTE: some of these details are obtained from third party information.
CVE-2010-4749 EXPLOITDB text WORKING POC
BLOG:CMS 4.2.1.e - Cross-Site Scripting via Multiple Parameters
Multiple cross-site scripting (XSS) vulnerabilities in BLOG:CMS 4.2.1.e, and possibly earlier, allow remote attackers to inject arbitrary web script or HTML via the (1) body parameter to action.php and the (2) amount and (3) action parameters to admin/index.php.
CVE-2010-4400 EXPLOITDB text WORKING POC
DynPG CMS 4.2.0 - SQL Injection via giveRights_UserId Parameter
SQL injection vulnerability in _rights.php in DynPG CMS 4.2.0 allows remote attackers to execute arbitrary SQL commands via the giveRights_UserId parameter.
CVE-2010-4399 EXPLOITDB text WORKING POC
DynPG CMS 4.1.1 and 4.2.0 - Path Traversal via CHG_DYNPG_SET_LANGUAGE Parameter
Directory traversal vulnerability in languages.inc.php in DynPG CMS 4.1.1 and 4.2.0, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the CHG_DYNPG_SET_LANGUAGE parameter to index.php. NOTE: some of these details are obtained from third party information.
CVE-2010-3026 EXPLOITDB html WORKING POC
Tomaz Muraus Open Blog 1.2.1 - CSRF
Cross-site request forgery (CSRF) vulnerability in application/modules/admin/controllers/users.php in Tomaz Muraus Open Blog 1.2.1, and possibly earlier, allows remote attackers to hijack the authentication of administrators for requests to admin/users/edit that grant administrative privileges.
CVE-2013-4900 EXPLOITDB text WORKING POC
DeWeS web server <0.4.2 - Path Traversal
Directory traversal vulnerability in DeWeS web server 0.4.2 and possibly earlier, as used in Twilight CMS, allows remote attackers to read arbitrary files via a ..%5c (dot dot encoded backslash) in a GET request.
CVE-2010-0817 EXPLOITDB text WORKING POC
Microsoft SharePoint Server 2007 <12.0.0.6421 - XSS
Cross-site scripting (XSS) vulnerability in _layouts/help.aspx in Microsoft SharePoint Server 2007 12.0.0.6421 and possibly earlier, and SharePoint Services 3.0 SP1 and SP2, versions, allows remote attackers to inject arbitrary web script or HTML via the cid0 parameter.
CVE-2012-3810 EXPLOITDB HIGH text WORKING POC
Samsung Kies <2.5.0.12094 - Privilege Escalation
Samsung Kies before 2.5.0.12094_27_11 has registry modification.
CVSS 7.5
EIP-2026-119171 EXPLOITDB html WORKING POC
StudioLine Photo Basic 3.70.34.0 - 'NMSDVDXU.dll' ActiveX Control Arbitrary File Overwrite
EIP-2026-119052 EXPLOITDB html WORKING POC
Pro Softnet IDrive Online Backup 3.4.0 - ActiveX 'SaveToFile()' Arbitrary File Overwrite
EIP-2026-118722 EXPLOITDB html WORKING POC
LeadTools Imaging LEADSmtp - ActiveX Control 'SaveMessage()' Insecure Method
CVE-2012-5879 EXPLOITDB text WORKING POC
McAfee Virtual Technician and ePO-MVT < 6.5.0.2101 - Arbitrary File Write via McHealthCheck.dll Save Method
An ActiveX control in McHealthCheck.dll in McAfee Virtual Technician (MVT) and ePO-MVT 6.5.0.2101 and earlier allows remote attackers to modify or create arbitrary files via a full pathname argument to the Save method.
EIP-2026-118395 EXPLOITDB html WORKING POC
CygniCon CyViewer - ActiveX Control 'SaveData()' Insecure Method
EIP-2026-116408 EXPLOITDB text WORKING POC
threedify designer 5.0.2 - Multiple Vulnerabilities
CVE-2012-0985 EXPLOITDB html WORKING POC
Sony VAIO PC Wireless LAN Wizard 1.0-4.11 - Buffer Overflow
Multiple buffer overflows in the Wireless Manager ActiveX control 4.0.0.0 in WifiMan.dll in Sony VAIO PC Wireless LAN Wizard 1.0; VAIO Wireless Wizard 1.00, 1.00_64, 1.0.1, 2.0, and 3.0; SmartWi Connection Utility 4.7, 4.7.4, 4.8, 4.9, 4.10, and 4.11; and VAIO Easy Connect software 1.0.0 and 1.1.0 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in the second argument of the (1) SetTmpProfileOption or (2) ConnectToNetwork method.
CVE-2012-5451 EXPLOITDB text WORKING POC
TVMOBiLi <2.1.0.3974 - Buffer Overflow
Multiple stack-based buffer overflows in HttpUtils.dll in TVMOBiLi before 2.1.0.3974 allow remote attackers to cause a denial of service (tvMobiliService service crash) via a long string in a (1) GET or (2) HEAD request to TCP port 30888.
CVE-2012-5877 EXPLOITDB text WORKING POC
Nero MediaHome < 4.5.8.0 - Denial of Service via HTTP Header Without Name
Nero MediaHome 4.5.8.0 and earlier allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via an HTTP header without a name.
CVE-2011-4162 EXPLOITDB html WORKING POC
HP Protect Tools Device Access Manager <6.1.0.1 - RCE
The (1) AddUser, (2) AddUserEx, (3) RemoveUser, (4) RemoveUserByGuide, (5) RemoveUserEx, and (6) RemoveUserRegardless methods in HP Protect Tools Device Access Manager (PTDAM) before 6.1.0.1 allow remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a long SidString argument.
EIP-2026-115181 EXPLOITDB html WORKING POC
Easewe FTP OCX ActiveX Control 4.5.0.9 - 'EaseWeFtp.ocx' Multiple Insecure Method Vulnerabilities
CVE-2012-5875 EXPLOITDB text WORKING POC
Firefly Media Server 1.0.0.1359 - Denial of Service via Crafted HTTP Headers
Firefly Media Server 1.0.0.1359 allows remote attackers to cause a denial of service (NULL pointer dereference) via a (1) crafted Connection HTTP header; a return carriage control character in the (2) Accept Language header, (3) User-agent header, (4) Host header, or (5) protocol version; or a (6) crafted HTTP protocol version.
CVE-2010-1724 EXPLOITDB text WORKING POC
Zikula Application Framework 1.2.2 - Cross-Site Scripting via Func or Lang Parameter
Multiple cross-site scripting (XSS) vulnerabilities in Zikula Application Framework 1.2.2, and possibly earlier, allow remote attackers to inject arbitrary web script or HTML via the (1) func parameter to index.php, or the (2) lang parameter to index.php, which is not properly handled by ZLanguage.php.
CVE-2010-1724 EXPLOITDB text WORKING POC
Zikula Application Framework 1.2.2 - Cross-Site Scripting via Func or Lang Parameter
Multiple cross-site scripting (XSS) vulnerabilities in Zikula Application Framework 1.2.2, and possibly earlier, allow remote attackers to inject arbitrary web script or HTML via the (1) func parameter to index.php, or the (2) lang parameter to index.php, which is not properly handled by ZLanguage.php.
CVE-2015-8352 EXPLOITDB CRITICAL text WRITEUP
Zen Cart 1.5.4 - Remote File Inclusion via AJAX act Parameter Path Traversal
Directory traversal vulnerability in Zen Cart 1.5.4 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the act parameter to ajax.php.
CVSS 9.8