Julien Ahrens

68 exploits Active since Jul 2012
EIP-2026-119252 EXPLOITDB python WORKING POC
VideoCharge Studio 2.12.3.685 - 'GetHttpResponse()' Man In The Middle Remote Code Execution
CVE-2016-4469 EXPLOITDB HIGH text WORKING POC
Apache Archiva < 1.3.9 - Cross-Site Request Forgery via Token Parameter
Multiple cross-site request forgery (CSRF) vulnerabilities in Apache Archiva 1.3.9 and earlier allow remote attackers to hijack the authentication of administrators for requests that (1) add new repository proxy connectors via the token parameter to admin/addProxyConnector_commit.action, (2) new repositories via the token parameter to admin/addRepository_commit.action, (3) edit existing repositories via the token parameter to admin/editRepository_commit.action, (4) add legacy artifact paths via the token parameter to admin/addLegacyArtifactPath_commit.action, (5) change the organizational appearance via the token parameter to admin/saveAppearance.action, or (6) upload new artifacts via the token parameter to upload_submit.action.
CVSS 8.8
EIP-2026-119251 EXPLOITDB python WORKING POC
VideoCharge Studio - 'CHTTPResponse::GetHttpResponse()' Remote Stack Buffer Overflow
CVE-2012-5002 EXPLOITDB ruby WORKING POC
Ricoh DC Software DL-10 <4.5.0.1 - Buffer Overflow
Stack-based buffer overflow in SR10 FTP server (SR10.exe) 1.1.0.6 in Ricoh DC Software DL-10 4.5.0.1, when the Log file name option is enabled, allows remote attackers to execute arbitrary code via a long USER FTP command.
EIP-2026-119035 EXPLOITDB text WORKING POC
Photodex ProShow Producer - Multiple DLL Loading Arbitrary Code Execution Vulnerabilities
CVE-2014-2206 EXPLOITDB python WORKING POC
GetGo Download Manager <4.9.0.1982 - Buffer Overflow
Stack-based buffer overflow in GetGo Download Manager 4.9.0.1982, 4.8.2.1346, 4.4.5.502, and earlier allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a long HTTP Response Header.
EIP-2026-118455 EXPLOITDB ruby WORKING POC
Easy File Management Web Server - Remote Stack Buffer Overflow (Metasploit)
EIP-2026-118456 EXPLOITDB python WORKING POC
Easy File Management Web Server 5.3 - 'UserID' Remote Buffer Overflow (ROP)
EIP-2026-118208 EXPLOITDB python WORKING POC
Zoner Photo Studio 15 Build 3 - 'Zps.exe' Registry Value Parsing
EIP-2026-117918 EXPLOITDB text WORKING POC
Socusoft Photo 2 Video 8.05 - Local Buffer Overflow
CVE-2016-6914 EXPLOITDB HIGH text WRITEUP
UniFi Video < 3.8.0 - Local Privilege Escalation via Weak Installation Directory Permissions
Ubiquiti UniFi Video before 3.8.0 for Windows uses weak permissions for the installation directory, which allows local users to gain SYSTEM privileges via a Trojan horse taskkill.exe file.
CVSS 7.8
CVE-2013-5701 EXPLOITDB c WORKING POC
WatchGuard Server Center <= 11.7.4 - Untrusted Search Path Privilege Escalation via wgpr.dll
Multiple untrusted search path vulnerabilities in (1) Watchguard Log Collector (wlcollector.exe) and (2) Watchguard WebBlocker Server (wbserver.exe) in WatchGuard Server Center 11.7.4, 11.7.3, and possibly earlier allow local users to gain privileges via a Trojan horse wgpr.dll file in the application's bin directory.
EIP-2026-117761 EXPLOITDB text WRITEUP
Photodex ProShow Gold/Producer 5.0.3310/6.0.3410 - 'ScsiAccess.exe' Local Privilege Escalation
EIP-2026-117764 EXPLOITDB python WORKING POC
Photodex ProShow Producer 5.0.3297 - '.pxs' Memory Corruption
EIP-2026-117763 EXPLOITDB perl WORKING POC
Photodex ProShow Producer 5.0.3256 - Local Buffer Overflow
CVE-2013-3934 EXPLOITDB python WORKING POC
Kingsoft Writer 2012 8.1.0.3030 - Stack-based Buffer Overflow via Long Font Name in WPS File
Stack-based buffer overflow in Kingsoft Writer 2012 8.1.0.3030, as used in Kingsoft Office 2013 before 9.1.0.4256, allows remote attackers to execute arbitrary code via a long font name in a WPS file.
EIP-2026-117669 EXPLOITDB python WORKING POC
NCMedia Sound Editor Pro 7.5.1 - 'MRUList201202.dat' File Handling Buffer Overflow
EIP-2026-117432 EXPLOITDB python WORKING POC
Macro Toolworks 7.5 - Local Buffer Overflow
EIP-2026-117175 EXPLOITDB python WORKING POC
FormatFactory 3.0.1 - Profile File Handling Buffer Overflow
EIP-2026-116234 EXPLOITDB python WORKING POC
Serva 2.0.0 - DNS Server QueryName Remote Denial of Service
EIP-2026-116704 EXPLOITDB python WORKING POC
ABBS Audio Media Player 3.1 - '.lst' Local Buffer Overflow
CVE-2013-4694 EXPLOITDB text WRITEUP
Winamp <5.64 Build 3418 - Buffer Overflow
Stack-based buffer overflow in gen_jumpex.dll in Winamp before 5.64 Build 3418 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a package with a long Skin directory name. NOTE: a second buffer overflow involving a long GUI Search field to ml_local.dll was also reported. However, since it is only exploitable by the user of the application, this issue would not cross privilege boundaries unless Winamp is running under a highly restricted environment such as a kiosk.
CVE-2013-4695 EXPLOITDB HIGH text WRITEUP
Winamp 5.63 - Arbitrary Code Execution via Invalid Pointer Dereference
Winamp 5.63: Invalid Pointer Dereference leading to Arbitrary Code Execution
CVSS 7.8
EIP-2026-116235 EXPLOITDB python WORKING POC
Serva 2.0.0 - HTTP Server GET Remote Denial of Service
CVE-2015-6750 EXPLOITDB python WORKING POC
Ricoh DL-1 SR10 < 1.1.0.6 - Remote Code Execution via Long USER Command
Buffer overflow in Ricoh DL FTP Server 1.1.0.6 and earlier allows remote attackers to execute arbitrary code via a long USER command.