Level

9 exploits Active since Jan 2012
CVE-2011-5161 EXPLOITDB text WORKING POC
OpenEMR 4 - Unauthenticated Arbitrary PHP File Upload via Patient Photograph Feature
Unrestricted file upload vulnerability in the patient photograph functionality in OpenEMR 4 allows remote attackers to execute arbitrary PHP code by uploading a file with an executable extension followed by a safe extension, then accessing it via a direct request to the patient directory under documents/.
CVE-2011-5160 EXPLOITDB text WORKING POC
OpenEMR 4 - Cross-Site Scripting via Site Parameter
Cross-site scripting (XSS) vulnerability in setup.php in OpenEMR 4 allows remote attackers to inject arbitrary web script or HTML via the site parameter.
EIP-2026-115807 EXPLOITDB python WORKING POC
Microsoft Windows Media Player 11.0.5721.5262 - Remote Denial of Service
EIP-2026-115794 EXPLOITDB python WORKING POC
Microsoft Windows Explorer - Denial of Service
CVE-2011-5049 EXPLOITDB python WORKING POC
MySQL 5.5.8 - Denial of Service via Crafted Packet
MySQL 5.5.8, when running on Windows, allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted packet to TCP port 3306.
EIP-2026-116107 EXPLOITDB python WORKING POC
Putty 0.60 - Crash (PoC)
EIP-2026-115300 EXPLOITDB text WORKING POC
freeSSHd - Denial of Service (PoC)
CVE-2012-2115 EXPLOITDB text WORKING POC
OpenEMR < 4.1.0 - SQL Injection via User Parameter
SQL injection vulnerability in interface/login/validateUser.php in OpenEMR 4.1.0 and possibly earlier allows remote attackers to execute arbitrary SQL commands via the u parameter.
CVE-2013-2571 EXPLOITDB CRITICAL text WORKING POC
hcomm xpient_iris < 3.8 - Remote Code Execution via TCP Port 7510
Iris 3.8 before build 1548, as used in Xpient point of sale (POS) systems, allows remote attackers to execute arbitrary commands via a crafted request to TCP port 7510, as demonstrated by opening the cash drawer.
CVSS 9.8