His0k4

100 exploits Active since Feb 2005
CVE-2007-4803 EXPLOITDB python WORKING POC
AtomixMP3 2.3 - Buffer Overflow via Long Strings in .pls File Fields
Buffer overflow in AtomixMP3 2.3 allows user-assisted remote attackers to execute arbitrary code via long strings in file and title fields in a .pls file, as demonstrated by the (1) File1 and (2) Title1 fields, different vectors than CVE-2006-6287 and CVE-2007-2487.
CVE-2009-1815 EXPLOITDB python WORKING POC
Sonic Spot Audioactive Player 1.93b - Stack-based Buffer Overflow via Playlist File
Stack-based buffer overflow in Sonic Spot Audioactive Player 1.93b allows remote attackers to execute arbitrary code via a long string in a playlist file, as demonstrated by a long .mp3 URL in a .m3u file.
CVE-2009-4756 EXPLOITDB python WORKING POC
TraktorBeatport.exe <1.0.0.283 - Buffer Overflow
Stack-based buffer overflow in TraktorBeatport.exe 1.0.0.283 in Beatport Player 1.0.0.0 allows remote attackers to execute arbitrary code via a long string in a malformed playlist (.m3u) file.
CVE-2009-1068 EXPLOITDB python WORKING POC
BS.Player <=2.34 Build 980 - Stack-based Buffer Overflow via Long Hostname in .bsl Playlist File
Stack-based buffer overflow in BS.Player (bsplayer) 2.32 Build 975 Free and 2.34 Build 980 PRO and earlier allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a long hostname in a .bsl playlist file.
CVE-2008-5754 EXPLOITDB python WORKING POC
BulletProof FTP Client - Buffer Overflow
Stack-based buffer overflow in BulletProof FTP Client allows user-assisted attackers to execute arbitrary code via a .bps file (aka Session-File) with a long second line, possibly a related issue to CVE-2008-5753.
EIP-2026-116953 EXPLOITDB python WORKING POC
Chasys Media Player 1.1 - '.pls' Local Stack Overflow
CVE-2009-1437 EXPLOITDB python WORKING POC
CoolPlayer Portable < 2.19.6 - Stack-based Buffer Overflow via Malformed Playlist File
Stack-based buffer overflow in PortableApps CoolPlayer Portable (aka CoolPlayer+ Portable) 2.19.6 and earlier allows remote attackers to execute arbitrary code via a long string in a malformed playlist (.m3u) file. NOTE: this may overlap CVE-2008-3408.
CVE-2009-3429 EXPLOITDB python WORKING POC
Pirate Radio Destiny Media Player 1.61 - Stack-Based Buffer Overflow via .pls Playlist File
Stack-based buffer overflow in Pirate Radio Destiny Media Player 1.61 allows remote attackers to execute arbitrary code via a long string in a .pls playlist file.
CVE-2008-3733 EXPLOITDB python WORKING POC
EO Video 1.36 - Stack-Based Buffer Overflow via Long Name Element in ProjectElement
Stack-based buffer overflow in EO Video (eo-video) 1.36 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a .eop (aka playlist) file with a ProjectElement element that contains a long Name element.
CVE-2009-2485 EXPLOITDB ruby WORKING POC
HT-MP3Player 1.0 - Stack-Based Buffer Overflow via Long String in .ht3 File
Stack-based buffer overflow in HT-MP3Player 1.0 allows remote attackers to execute arbitrary code via a long string in a .ht3 file.
CVE-2009-2485 EXPLOITDB python WORKING POC
HT-MP3Player 1.0 - Stack-Based Buffer Overflow via Long String in .ht3 File
Stack-based buffer overflow in HT-MP3Player 1.0 allows remote attackers to execute arbitrary code via a long string in a .ht3 file.
CVE-2009-1071 EXPLOITDB python WORKING POC
Icarus 2.0 - Stack-based Buffer Overflow via Crafted PGN File
Stack-based buffer overflow in Icarus 2.0 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a crafted Portable Game Notation (.pgn) file.
EIP-2026-115944 EXPLOITDB python WORKING POC
Nofeel FTP Server 3.6 - 'CWD' Remote Memory Consumption
CVE-2008-5753 EXPLOITDB python WORKING POC
BulletProof FTP Client <2.63 - Buffer Overflow
Stack-based buffer overflow in BulletProof FTP Client 2.63 and 2010 allows user-assisted attackers to execute arbitrary code via a bookmark file entry with a long host name, which appears as a host parameter within the quick-connect bar.
CVE-2008-1958 EXPLOITDB text WORKING POC
Tr Script News 2.1 - Authenticated Remote Code Execution via File Upload
Unrestricted file upload vulnerability in the ajout_cat mode in admin/main.php in Tr Script News 2.1 allows remote authenticated users to execute arbitrary code by uploading a file with a .php extension.
CVE-2008-2185 EXPLOITDB text WORKING POC
SMartBlog 1.3 - Path Traversal via Page Parameter
Directory traversal vulnerability in index.php in SMartBlog (aka SMBlog) 1.3 allows remote attackers to include arbitrary local files via directory traversal sequences in the page parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-6633 EXPLOITDB text WORKING POC
RoomPHPlanning 1.5 - SQL Injection via idresa Parameter
SQL injection vulnerability in RoomPHPlanning 1.5 allows remote attackers to execute arbitrary SQL commands via the idresa parameter to resaopen.php.
CVE-2009-1587 EXPLOITDB text WORKING POC
PHP Site Lock 2.0 - Unauthenticated Authentication Bypass via Cookie Manipulation
index.php in PHP Site Lock 2.0 allows remote attackers to bypass authentication and obtain administrative access by setting the login_id, group_id, login_name, user_id, and user_type cookies to certain values.
CVE-2008-6429 EXPLOITDB text WORKING POC
com_prayercenter < 1.4.9 - SQL Injection via id Parameter
SQL injection vulnerability in the PrayerCenter (com_prayercenter) component 1.4.9 and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a view_request action to index2.php.
CVE-2008-3498 EXPLOITDB text WORKING POC
nBill (com_netinvoice) 1.2.0 SP1 - SQL Injection
SQL injection vulnerability in the nBill (com_netinvoice) component 1.2.0 SP1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the cid parameter in an orders action to index.php. NOTE: some of these details are obtained from third party information.
CVE-2008-6430 EXPLOITDB perl WORKING POC
Joomla com_mycontent 1.1.13 - SQL Injection via id Parameter
SQL injection vulnerability in the MyContent (com_mycontent) component 1.1.13 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a view action to index.php.
CVE-2008-4715 EXPLOITDB text WORKING POC
jpad 1.0 - SQL Injection via cid Parameter
SQL injection vulnerability in the Jpad (com_jpad) 1.0 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the cid parameter to index.php.
CVE-2008-2564 EXPLOITDB perl WORKING POC
JotLoader < 1.2.1.a - SQL Injection via cid Parameter
SQL injection vulnerability in the JotLoader (com_jotloader) component 1.2.1.a and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the cid parameter to index.php.
CVE-2008-6068 EXPLOITDB text WORKING POC
Joomla! com_joomladate 1.2 - SQL Injection
SQL injection vulnerability in the JoomlaDate (com_joomladate) component 1.2 for Joomla! allows remote attackers to execute arbitrary SQL commands via the user parameter in a viewProfile action to index.php.
CVE-2008-2633 EXPLOITDB text WORKING POC
Joomla com_joomradio 1.0 - SQL Injection via id Parameter
Multiple SQL injection vulnerabilities in the EXP JoomRadio (com_joomradio) component 1.0 for Joomla! allow remote attackers to execute arbitrary SQL commands via the id parameter in a (1) show_radio or (2) show_video action to index.php.