Morgan

8 exploits Active since Mar 2002
CVE-2026-40033 WRITEUP HIGH WRITEUP
FreeRDP - Heap-buffer-overflow in gdi_CacheToSurface via rectangle validation bypass
FreeRDP before 3.26.0 contains a heap-buffer-overflow vulnerability in gdi_CacheToSurface that allows remote attackers to write out-of-bounds heap memory. The vulnerability occurs because rectangle validation clamps coordinates to UINT16_MAX but performs copy operations using unclamped cache entry dimensions, enabling malicious RDP servers to trigger large out-of-bounds writes and potentially achieve remote code execution or client crash.
CVSS 8.8
CVE-2002-1522 EXPLOITDB c WORKING POC
PowerFTP 2.24 - Buffer Overflow via Long USER Argument
Buffer overflow in PowerFTP FTP server 2.24, and possibly other versions, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long USER argument.
CVE-2002-0083 EXPLOITDB CRITICAL text WRITEUP
OpenSSH <3.0.2 - Privilege Escalation
Off-by-one error in the channel code of OpenSSH 2.0 through 3.0.2 allows local users or remote malicious servers to gain privileges.
CVSS 9.8
CVE-2006-4437 EXPLOITDB text WORKING POC
Tagger LE - Remote Code Execution via Query String Eval Injection
Eval injection vulnerability in Tagger LE allows remote attackers to execute arbitrary PHP code via the query string in (1) tags.php, (2) sign.php, and (3) admin/index.php.
EIP-2026-111234 EXPLOITDB text WORKING POC
PHPWCMS 1.1-RC4 - 'spaw' Remote File Inclusion
CVE-2007-4923 EXPLOITDB text WORKING POC
Joomla Radio 5 - Remote Code Execution via mosConfig_live_site Parameter
PHP remote file inclusion vulnerability in admin.joomlaradiov5.php in the Joomla Radio 5 (com_joomlaradiov5) component for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_live_site parameter.
CVE-2007-4955 EXPLOITDB text WRITEUP
Joomla Flash Fun! Component - Remote Code Execution via mosConfig_live_site Parameter
PHP remote file inclusion vulnerability in admin.joomlaflashfun.php in the Flash Fun! (com_joomlaflashfun) 1.0 component for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_live_site parameter.
CVE-2007-4954 EXPLOITDB text WRITEUP
joom12pic_component - Remote Code Execution via mosConfig_live_site Parameter
PHP remote file inclusion vulnerability in admin.joom12pic.php in the joom12Pic (com_joom12pic) 1.0 component for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_live_site parameter.