Karol Wiesek

11 exploits Active since Mar 2002
CVE-2008-3155 EXPLOITDB text WRITEUP
Panda ActiveScan <1.02.00 - Buffer Overflow
Stack-based buffer overflow in the ActiveX control (as2guiie.dll) in Panda ActiveScan before 1.02.00 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a long argument to the Update method.
CVE-2006-4124 EXPLOITDB bash WORKING POC
LessTif <0.95.0 - Privilege Escalation
The libXm library in LessTif 0.95.0 and earlier allows local users to gain privileges via the DEBUG_FILE environment variable, which is used to create world-writable files when libXm is run from a setuid program.
CVE-2008-3156 EXPLOITDB text WRITEUP
Panda ActiveScan <1.02.00 - RCE
The ActiveScan ActiveX Control (as2guiie.dll) in Panda ActiveScan before 1.02.00 allows remote attackers to download and execute arbitrary cabinet (CAB) files via unspecified URLs passed to the Update method.
EIP-2026-118814 EXPLOITDB text WRITEUP
Microsoft Internet Explorer 5 / Firefox 0.8 / OmniWeb 4.x - URI Protocol Handler Arbitrary File Creation/Modification
CVE-2002-1211 EXPLOITDB text WORKING POC
Prometheus <6.0 - RCE
Prometheus 6.0 and earlier allows remote attackers to execute arbitrary PHP code via a modified PROMETHEUS_LIBRARY_BASE that points to code stored on a remote server, which is then used in (1) index.php, (2) install.php, or (3) various test_*.php scripts.
CVE-2003-1412 EXPLOITDB text WRITEUP
Gonicus System Administration - Code Injection
PHP remote file inclusion vulnerability in index.php for GONiCUS System Administrator (GOsa) 1.0 allows remote attackers to execute arbitrary PHP code via the plugin parameter to (1) 3fax/1blocklists/index.php; (2) 6departamentadmin/index.php, (3) 5terminals/index.php, (4) 4mailinglists/index.php, (5) 3departaments/index.php, and (6) 2groupd/index.php in 2administration/; or (7) the base parameter to include/help.php.
EIP-2026-106218 EXPLOITDB bash WORKING POC
cPanel 9.9.1 -R3 Front Page Extension - Installation Information Disclosure
CVE-2003-0034 EXPLOITDB text WRITEUP
Jean-jacques Sarton Mtink - Buffer Overflow
Buffer overflow in the mtink status monitor, as included in the printer-drivers package in Mandrake Linux, allows local users to execute arbitrary code via a long HOME environment variable.
CVE-2003-0388 EXPLOITDB text WORKING POC
Linux-PAM 0.78 - Privilege Escalation
pam_wheel in Linux-PAM 0.78, with the trust option enabled and the use_uid option disabled, allows local users to spoof log entries and gain privileges by causing getlogin() to return a spoofed user name.
EIP-2026-102831 EXPLOITDB text WRITEUP
ESCPUtil 1.15.2 2 - Printer Name Local Buffer Overflow
CVE-2002-0137 EXPLOITDB bash WORKING POC
CDRDAO <1.1.5 - Local Privilege Escalation
CDRDAO 1.1.4 and 1.1.5 allows local users to overwrite arbitrary files via a symlink attack on the $HOME/.cdrdao configuration file.