Luigi Auriemma

568 exploits Active since Feb 2002
EIP-2026-119299 EXPLOITDB text SUSPICIOUS
X-Motor Racing 1.26 - Remote Buffer Overflow / Multiple Denial of Service Vulnerabilities
CVE-2011-3487 EXPLOITDB text WRITEUP
Carel PlantVisor <2.4.4 - Path Traversal
Directory traversal vulnerability in CarelDataServer.exe in Carel PlantVisor 2.4.4 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in an HTTP GET request.
EIP-2026-119278 EXPLOITDB text WRITEUP
Winamp Web interface 7.5.13 - Multiple Vulnerabilities
CVE-2007-6682 EXPLOITDB c WORKING POC
VLC < 0.8.6d - Remote Code Execution via Format String in HTTP Connection Parameter
Format string vulnerability in the httpd_FileCallBack function (network/httpd.c) in VideoLAN VLC 0.8.6d allows remote attackers to execute arbitrary code via format string specifiers in the Connection parameter.
EIP-2026-119264 EXPLOITDB text SUSPICIOUS
VyPRESS Messenger 3.5 - Remote Buffer Overflow
CVE-2011-3502 EXPLOITDB text WRITEUP
Cogent DataHub <7.1.1.63 - Info Disclosure
The web server in Cogent DataHub 7.1.1.63 and earlier allows remote attackers to obtain the source code of executable files via a request with a trailing (1) space or (2) %2e (encoded dot).
CVE-2006-1652 EXPLOITDB text WRITEUP
UltraVNC and tabbed_viewer - Buffer Overflow via Long String on TCP Port 5900
Multiple buffer overflows in (a) UltraVNC (aka Ultr@VNC) 1.0.1 and earlier and (b) tabbed_viewer 1.29 (1) allow user-assisted remote attackers to execute arbitrary code via a malicious server that sends a long string to a client that connects on TCP port 5900, which triggers an overflow in Log::ReallyPrint; and (2) allow remote attackers to cause a denial of service (server crash) via a long HTTP GET request to TCP port 5800, which triggers an overflow in VNCLog::ReallyPrint.
EIP-2026-119237 EXPLOITDB perl WORKING POC
Unreal Tournament - Remote Buffer Overflow (SEH)
CVE-2008-4243 EXPLOITDB text WORKING POC
Unreal Tournament 3 WebAdmin < 1.7 - Unauthenticated Path Traversal via ImageServer URI
Directory traversal vulnerability in ImageServer (aka UTImageServer) in WebAdmin before 1.7 for Epic Games Unreal Tournament 3 (UT3) 1.3 allows remote attackers to read arbitrary files via a .. (dot dot) in the URI.
CVE-2006-1652 EXPLOITDB python WORKING POC
UltraVNC and tabbed_viewer - Buffer Overflow via Long String on TCP Port 5900
Multiple buffer overflows in (a) UltraVNC (aka Ultr@VNC) 1.0.1 and earlier and (b) tabbed_viewer 1.29 (1) allow user-assisted remote attackers to execute arbitrary code via a malicious server that sends a long string to a client that connects on TCP port 5900, which triggers an overflow in Log::ReallyPrint; and (2) allow remote attackers to cause a denial of service (server crash) via a long HTTP GET request to TCP port 5800, which triggers an overflow in VNCLog::ReallyPrint.
CVE-2011-5001 EXPLOITDB ruby WORKING POC
Trend Micro Control Manager < 5.5 - Remote Code Execution via Crafted IPC Packet
Stack-based buffer overflow in the CGenericScheduler::AddTask function in cmdHandlerRedAlertController.dll in CmdProcessor.exe in Trend Micro Control Manager 5.5 before Build 1613 allows remote attackers to execute arbitrary code via a crafted IPC packet to TCP port 20101.
EIP-2026-119228 EXPLOITDB text WRITEUP
Ubisoft CoGSManager ActiveX Control 1.0.0.23 - 'Initialize()' Method Stack Buffer Overflow
EIP-2026-119233 EXPLOITDB python WORKING POC
Ultr@VNC 1.0.1 - 'client Log::ReallyPrint' Remote Buffer Overflow
EIP-2026-119242 EXPLOITDB text SUSPICIOUS
Valve Software Source Engine - Format String
EIP-2026-119134 EXPLOITDB text WORKING POC
siemens tecnomatix factorylink 8.0.1.1473 - Multiple Vulnerabilities
CVE-2008-1169 EXPLOITDB text WORKING POC
SCI Photo Chat Server <3.4.9 - Path Traversal
Directory traversal vulnerability in the embedded HTTP server in SCI Photo Chat Server 3.4.9 and earlier allows remote attackers to read arbitrary files via a "..\" (dot dot backslash) or "../" (dot dot forward slash) in the GET command.
CVE-2007-6405 EXPLOITDB text WRITEUP
Sergey Lyubka Simple HTTPD <1.38 - RCE
Sergey Lyubka Simple HTTPD (shttpd) 1.38 and earlier on Windows allows remote attackers to download arbitrary CGI programs or scripts via a URI with an appended (1) '+' character, (2) '.' character, (3) %2e sequence (hex-encoded dot), or (4) hex-encoded character greater than 0x7f. NOTE: the %20 vector is already covered by CVE-2007-3407.
EIP-2026-119131 EXPLOITDB ruby WORKING POC
Siemens FactoryLink 8 - CSService Logging Path Parameter Buffer Overflow (Metasploit)
CVE-2011-0517 EXPLOITDB ruby WORKING POC
Sielco Sistemi Winlog Pro < 2.07.00 - Remote Code Execution via Crafted 0x02 Opcode
Stack-based buffer overflow in Sielco Sistemi Winlog Pro 2.07.00 and earlier, when Run TCP/IP server is enabled, allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a crafted 0x02 opcode to TCP port 46823.
EIP-2026-118933 EXPLOITDB c WORKING POC
MultiTheftAuto 0.5 - Multiple Vulnerabilities
EIP-2026-119180 EXPLOITDB text WRITEUP
Sybase Advantage Server 10.0.0.3 - 'ADS' Process Off-by-One Buffer Overflow
CVE-2008-1319 EXPLOITDB text WRITEUP
VersantD service - Command Injection
Untrusted search path and argument injection vulnerability in the VersantD service in Versant Object Database 7.0.1.3 and earlier, as used in Borland CaliberRM and probably other products, allows remote attackers to execute arbitrary commands via a request to TCP port 5019 with a modified VERSANT_ROOT field.
CVE-2012-1221 EXPLOITDB text WRITEUP
RabidHamster R2/Extreme - Unauthenticated Path Traversal via Telnet File Command
Directory traversal vulnerability in the telnet server in RabidHamster R2/Extreme 1.65 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the File command.
EIP-2026-119077 EXPLOITDB text WRITEUP
Raven Software Soldier Of Fortune 2 - Remote Buffer Overflow
EIP-2026-119084 EXPLOITDB ruby WORKING POC
RealWin SCADA Server - DATAC Login Buffer Overflow (Metasploit)