His0k4

100 exploits Active since Feb 2005
CVE-2009-1608 EXPLOITDB python WORKING POC
Microchip Mplab Ide - Memory Corruption
Multiple buffer overflows in Microchip MPLAB IDE 8.30 and possibly earlier versions allow user-assisted remote attackers to execute arbitrary code via a .MCP project file with long (1) FILE_INFO, (2) CAT_FILTERS, and possibly other fields.
CVE-2008-2184 EXPLOITDB WORKING POC
Toocharger Smartblog - SQL Injection
Multiple SQL injection vulnerabilities in SMartBlog (aka SMBlog) 1.3 allow remote attackers to execute arbitrary SQL commands via the (1) mois, (2) an, (3) jour, and (4) id parameters to index.php, and the (5) login parameter to gestion/logon.php, different vectors than CVE-2008-2183. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2009-4755 EXPLOITDB python WORKING POC
Mercury Audio Player 1.21 - Buffer Overflow
Multiple stack-based buffer overflows in Mercury Audio Player 1.21 allow remote attackers to execute arbitrary code via a long string in a malformed (1) .b4s or (2) .pls playlist file.
CVE-2008-2416 EXPLOITDB perl WORKING POC
Fichive - SQL Injection
SQL injection vulnerability in index.php in FicHive 1.0 allows remote attackers to execute arbitrary SQL commands via the category parameter in a Fiction action, possibly related to sources/fiction.class.php.
CVE-2008-2183 EXPLOITDB text WORKING POC
Toocharger Smartblog - SQL Injection
SQL injection vulnerability in index.php in SMartBlog (aka SMBlog) 1.3 allows remote attackers to execute arbitrary SQL commands via the idt parameter.
CVE-2008-1957 EXPLOITDB text WORKING POC
Tr Script News 2.1 - SQL Injection
SQL injection vulnerability in news.php in Tr Script News 2.1 allows remote attackers to execute arbitrary SQL commands via the nb parameter in voir mode.
CVE-2008-2630 EXPLOITDB perl WORKING POC
Joomla Com Jb2 - SQL Injection
SQL injection vulnerability in the JooBlog (com_jb2) component 0.1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the CategoryID parameter in a category action to index.php.
CVE-2009-3976 METASPLOIT ruby WORKING POC
Labtam ProFTP 2.9 - Buffer Overflow
Buffer overflow in Labtam ProFTP 2.9 allows remote FTP servers to cause a denial of service (application crash) or execute arbitrary code via a long 220 reply (aka connection greeting or welcome message).
CVE-2009-2485 METASPLOIT ruby WORKING POC
HT-MP3Player 1.0 - Buffer Overflow
Stack-based buffer overflow in HT-MP3Player 1.0 allows remote attackers to execute arbitrary code via a long string in a .ht3 file.
EIP-2026-119254 EXPLOITDB python WORKING POC
VideoLAN VLC Media Player 0.8.6f - 'smb://' URI Handling Remote Universal Buffer Overflow
CVE-2009-1611 EXPLOITDB python WORKING POC
Electrasoft 32bit FTP - Memory Corruption
Stack-based buffer overflow in ElectraSoft 32bit FTP 09.04.24 allows remote FTP servers to execute arbitrary code via a long 257 reply to a CWD command.
CVE-2009-1675 EXPLOITDB ruby WORKING POC
Electrasoft 32bit FTP - Memory Corruption
Stack-based buffer overflow in ElectraSoft 32bit FTP 09.04.24 allows remote FTP servers to execute arbitrary code via a long 227 reply to a PASV command.
EIP-2026-119310 EXPLOITDB python WORKING POC
XBMC 8.10 - 'HEAD' Remote Buffer Overflow (SEH)
CVE-2009-1592 EXPLOITDB python WORKING POC
Electrasoft 32bit FTP - Memory Corruption
Stack-based buffer overflow in ElectraSoft 32bit FTP 09.04.24 allows remote FTP servers to execute arbitrary code via a long banner. NOTE: this might overlap CVE-2003-1368.
CVE-2009-1611 EXPLOITDB python WORKING POC
Electrasoft 32bit FTP - Memory Corruption
Stack-based buffer overflow in ElectraSoft 32bit FTP 09.04.24 allows remote FTP servers to execute arbitrary code via a long 257 reply to a CWD command.
EIP-2026-119169 EXPLOITDB python WORKING POC
Steamcast - HTTP Request Remote Buffer Overflow (SEH) (1)
EIP-2026-119170 EXPLOITDB python WORKING POC
Steamcast - HTTP Request Remote Buffer Overflow (SEH) (2)
CVE-2009-1830 EXPLOITDB python WORKING POC
Slsknet Soulseek - Memory Corruption
Stack-based buffer overflow in Soulseek 156 and 157 NS allows remote attackers to execute arbitrary code via a long search query.
CVE-2009-3976 EXPLOITDB ruby WORKING POC
Labtam ProFTP 2.9 - Buffer Overflow
Buffer overflow in Labtam ProFTP 2.9 allows remote FTP servers to cause a denial of service (application crash) or execute arbitrary code via a long 220 reply (aka connection greeting or welcome message).
CVE-2009-4840 EXPLOITDB html WORKING POC
Roxio Cineplayer - Memory Corruption
Heap-based buffer overflow in the IAManager ActiveX control in IAManager.dll in Roxio CinePlayer 3.2 allows remote attackers to execute arbitrary code via a long argument to the SetIAPlayerName method.
CVE-2009-3976 EXPLOITDB ruby WORKING POC
Labtam ProFTP 2.9 - Buffer Overflow
Buffer overflow in Labtam ProFTP 2.9 allows remote FTP servers to cause a denial of service (application crash) or execute arbitrary code via a long 220 reply (aka connection greeting or welcome message).
EIP-2026-119036 EXPLOITDB python WORKING POC
Pirch IRC 98 Client - 'Response' Remote Buffer Overflow (SEH)
EIP-2026-119045 EXPLOITDB python WORKING POC
POP Peeper 3.4.0.0 - 'From' Remote Buffer Overflow (SEH)
CVE-2007-4566 EXPLOITDB ruby WORKING POC
Alpha Centauri Software SIDVault <2.0f - RCE
Multiple buffer overflows in the login mechanism in sidvault in Alpha Centauri Software SIDVault LDAP Server before 2.0f allow remote attackers to execute arbitrary code via crafted LDAP packets, as demonstrated by a long dc entry in an LDAP bind.
EIP-2026-118557 EXPLOITDB python WORKING POC
Free Download Manager 2.5/3.0 - Control Server Remote Buffer Overflow