Luigi Auriemma

568 exploits Active since Feb 2002
CVE-2011-3176 EXPLOITDB ruby WORKING POC
Novell Zenworks Configuration Management - Memory Corruption
Stack-based buffer overflow in the Preboot Service in Novell ZENworks Configuration Management (ZCM) 11.1 and 11.1a allows remote attackers to execute arbitrary code via an opcode 0x4c request.
CVE-2011-4044 EXPLOITDB ruby WORKING POC
ARC Informatique PcVue <10.0 - RCE
An unspecified ActiveX control in SVUIGrd.ocx in ARC Informatique PcVue 6.0 through 10.0, FrontVue, and PlantVue allows remote attackers to modify files via calls to unknown methods.
EIP-2026-118952 EXPLOITDB text WRITEUP
NetDecision 4.6.1 - Multiple Directory Traversal Vulnerabilities
EIP-2026-118933 EXPLOITDB c WORKING POC
MultiTheftAuto 0.5 - Multiple Vulnerabilities
EIP-2026-118935 EXPLOITDB c WORKING POC
MX Simulator Server - Remote Buffer Overflow
EIP-2026-119056 EXPLOITDB text WRITEUP
PROMOTIC 8.1.3 - Multiple Vulnerabilities
CVE-2008-1319 EXPLOITDB text WRITEUP
VersantD service - Command Injection
Untrusted search path and argument injection vulnerability in the VersantD service in Versant Object Database 7.0.1.3 and earlier, as used in Borland CaliberRM and probably other products, allows remote attackers to execute arbitrary commands via a request to TCP port 5019 with a modified VERSANT_ROOT field.
CVE-2006-1652 EXPLOITDB text WRITEUP
UltraVNC <1.0.1 - Buffer Overflow
Multiple buffer overflows in (a) UltraVNC (aka Ultr@VNC) 1.0.1 and earlier and (b) tabbed_viewer 1.29 (1) allow user-assisted remote attackers to execute arbitrary code via a malicious server that sends a long string to a client that connects on TCP port 5900, which triggers an overflow in Log::ReallyPrint; and (2) allow remote attackers to cause a denial of service (server crash) via a long HTTP GET request to TCP port 5800, which triggers an overflow in VNCLog::ReallyPrint.
EIP-2026-119237 EXPLOITDB perl WORKING POC
Unreal Tournament - Remote Buffer Overflow (SEH)
CVE-2008-4243 EXPLOITDB text WORKING POC
Epic Games Unreal Tournament 3 - Path Traversal
Directory traversal vulnerability in ImageServer (aka UTImageServer) in WebAdmin before 1.7 for Epic Games Unreal Tournament 3 (UT3) 1.3 allows remote attackers to read arbitrary files via a .. (dot dot) in the URI.
EIP-2026-119060 EXPLOITDB text WRITEUP
PY Software Active Webcam 4.3 - WebServer Cross-Site Scripting
EIP-2026-119242 EXPLOITDB text SUSPICIOUS
Valve Software Source Engine - Format String
CVE-2008-0108 EXPLOITDB c WORKING POC
Microsoft Office - Memory Corruption
Stack-based buffer overflow in wkcvqd01.dll in Microsoft Works 6 File Converter, as used in Office 2003 SP2 and SP3, Works 8.0, and Works Suite 2005, allows remote attackers to execute arbitrary code via a .wps file with crafted field lengths, aka "Microsoft Works File Converter Field Length Vulnerability."
CVE-2008-1221 EXPLOITDB text WRITEUP
MicroWorld eScan <9.0.742.98-9.0.742.1 - Path Traversal
Absolute path traversal vulnerability in the FTP server in MicroWorld eScan Corporate Edition 9.0.742.98 and eScan Management Console (aka eScan Server) 9.0.742.1 allows remote attackers to read arbitrary files via an absolute pathname in the RETR (get) command.
CVE-2011-3400 EXPLOITDB ruby WORKING POC
Microsoft Windows XP <SP2-SP3 & Server 2003 <SP2 - RCE
Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 do not properly handle OLE objects in memory, which allows remote attackers to execute arbitrary code via a crafted object in a file, aka "OLE Property Vulnerability."
EIP-2026-118779 EXPLOITDB text WORKING POC
MG-SOFT Net Inspector 6.5.0.826 - Multiple Remote Vulnerabilities
CVE-2008-1402 EXPLOITDB text WRITEUP
MG-SOFT Net Inspector <6.5.0.828 - DoS
MG-SOFT Net Inspector 6.5.0.828 and earlier for Windows allows remote attackers to cause a (1) denial of service (exception and crash) via a UDP packet to the SNMP Trap Service (MgWTrap3.exe) or (2) denial of service (device freeze or memory consumption) via a malformed request to the Net Inspector Server (niengine).
EIP-2026-118710 EXPLOITDB text WRITEUP
Jordan Windows Telnet Server 1.0/1.2 - 'Username' Stack Buffer Overrun (3)
CVE-2006-3491 EXPLOITDB c WORKING POC
Kaillera Server <0.86 - Buffer Overflow
Stack-based buffer overflow in Kaillera Server 0.86 and earlier allows remote attackers to execute arbitrary code via a long nickname.
CVE-2011-3496 EXPLOITDB ruby WORKING POC
Measuresoft ScadaPro <4.0.0 - Command Injection
service.exe in Measuresoft ScadaPro 4.0.0 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) BF, (2) OF, or (3) EF command.
EIP-2026-118673 EXPLOITDB text WRITEUP
id Software id Tech 4 Engine - 'idGameLocal::GetGameStateObject()' Remote Code Execution
CVE-2011-4051 EXPLOITDB ruby WORKING POC
InduSoft Web Studio <7.0 - RCE
CEServer.exe in the CEServer component in the Remote Agent module in InduSoft Web Studio 6.1 and 7.0 does not require authentication, which allows remote attackers to execute arbitrary code via vectors related to creation of a file, loading a DLL, and process control.
EIP-2026-118672 EXPLOITDB ruby WORKING POC
Iconics GENESIS32 9.21.201.01 - Integer Overflow (Metasploit)
EIP-2026-118651 EXPLOITDB text WRITEUP
HTTP File Server 2.2 - Security Bypass / Denial of Service
CVE-2004-1561 EXPLOITDB c WORKING POC
Icecast - Buffer Overflow
Buffer overflow in Icecast 2.0.1 and earlier allows remote attackers to execute arbitrary code via an HTTP request with a large number of headers.