Morning Wood

10 exploits Active since Mar 2003
CVE-2003-0109 EXPLOITDB text WRITEUP
Windows 2000 - Remote Code Execution via WebDAV Request
Buffer overflow in ntdll.dll on Microsoft Windows NT 4.0, Windows NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows remote attackers to execute arbitrary code, as demonstrated via a WebDAV request to IIS 5.0.
CVE-2005-1606 EXPLOITDB text WRITEUP
H-Sphere Winbox <2.4.3 - Info Disclosure
H-Sphere Winbox 2.4.2 and 2.4.3 RC1 stores sensitive information such as username and password in plaintext in world-readable log files, which allows local users to gain privileges.
EIP-2026-115889 EXPLOITDB text WRITEUP
MyServer 0.4.2 - Malformed URI Denial of Service
EIP-2026-110896 EXPLOITDB text WRITEUP
PHP-Nuke Splatt Forum 4.0 Module - Cross-Site Scripting
EIP-2026-110897 EXPLOITDB text WRITEUP
PHP-Nuke Splatt Forum 4.0 Module - HTML Injection
CVE-2005-1077 EXPLOITDB text WRITEUP
XAMPP 1.4.x - Cross-Site Scripting via cds.php, Guestbook-EN.pl, or phonebook.php
Multiple cross-site scripting (XSS) vulnerabilities in XAMPP 1.4.x allow remote attackers to inject arbitrary web script or HTML via (1) cds.php, (2) Guestbook-EN.pl, or (3) phonebook.php.
CVE-2005-1078 EXPLOITDB text WRITEUP
XAMPP 1.4.x - Default Credential Vulnerability
XAMPP 1.4.x has multiple default or null passwords, which allows attackers to gain privileges.
EIP-2026-100851 EXPLOITDB text WORKING POC
MegaBook 1.1/2.0/2.1 - Multiple HTML Injection Vulnerabilities
CVE-2005-0420 EXPLOITDB text WORKING POC
Microsoft Exchange Server - Open Redirect via OWA Login Page
Microsoft Outlook Web Access (OWA), when used with Exchange, allows remote attackers to redirect users to arbitrary URLs for login via a link to the owalogon.asp application.
CVE-2005-2035 EXPLOITDB text WORKING POC
Cool Cafe Chat 1.2.1 - SQL Injection via login.asp Password Parameter
SQL injection vulnerability in login.asp for Cool Cafe (Cool Café) Chat 1.2.1 allows remote attackers to execute arbitrary SQL commands via the password.