Nine:Situations:Group::strawdog

9 exploits Active since Mar 2009
CVE-2008-6936 EXPLOITDB WORKING POC
Exodus 0.10 - Argument Injection via Encoded Spaces in pres:// URI
Argument injection vulnerability in Exodus 0.10 allows remote attackers to inject arbitrary command line arguments, overwrite arbitrary files, and cause a denial of service via encoded spaces in a pres:// URI, a different vector than CVE-2008-6935.
CVE-2008-6936 EXPLOITDB html WORKING POC
Exodus 0.10 - Argument Injection via Encoded Spaces in pres:// URI
Argument injection vulnerability in Exodus 0.10 allows remote attackers to inject arbitrary command line arguments, overwrite arbitrary files, and cause a denial of service via encoded spaces in a pres:// URI, a different vector than CVE-2008-6935.
CVE-2008-6935 EXPLOITDB html WORKING POC
Exodus 0.10 - Argument Injection via Encoded Spaces in im:// URI
Argument injection vulnerability in Exodus 0.10 allows remote attackers to inject arbitrary command line arguments, overwrite arbitrary files, and cause a denial of service via encoded spaces in an im:// URI.
CVE-2008-6935 EXPLOITDB text WORKING POC
Exodus 0.10 - Argument Injection via Encoded Spaces in im:// URI
Argument injection vulnerability in Exodus 0.10 allows remote attackers to inject arbitrary command line arguments, overwrite arbitrary files, and cause a denial of service via encoded spaces in an im:// URI.
CVE-2009-1087 EXPLOITDB text WORKING POC
PPLive < 1.9.21 - Remote Code Execution via URI Handler Argument Injection
Multiple argument injection vulnerabilities in PPLive.exe in PPLive 1.9.21 and earlier allow remote attackers to execute arbitrary code via a UNC share pathname in the LoadModule argument to the (1) synacast, (2) Play, (3) pplsv, or (4) ppvod URI handler. NOTE: some of these details are obtained from third party information.
CVE-2008-7070 EXPLOITDB html WORKING POC
KVIrc 3.4.2 - Remote Code Execution via URI Handler Argument Injection
Argument injection vulnerability in the URI handler in KVIrc 3.4.2 Shiny allows remote attackers to execute arbitrary commands via a " (quote) followed by command line switches in a (1) irc:///, (2) irc6:///, (3) ircs:///, or (4) and ircs6:/// URI. NOTE: this might be due to an incomplete fix for CVE-2007-2951.
CVE-2008-6937 EXPLOITDB html WORKING POC
Exodus 0.10 - Argument Injection via Encoded Spaces in xmpp:// URI
Argument injection vulnerability in Exodus 0.10 allows remote attackers to inject arbitrary command line arguments, overwrite arbitrary files, and cause a denial of service via encoded spaces in an xmpp:// URI, a different vector than CVE-2008-6935 and CVE-2008-6936. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-6937 EXPLOITDB text WORKING POC
Exodus 0.10 - Argument Injection via Encoded Spaces in xmpp:// URI
Argument injection vulnerability in Exodus 0.10 allows remote attackers to inject arbitrary command line arguments, overwrite arbitrary files, and cause a denial of service via encoded spaces in an xmpp:// URI, a different vector than CVE-2008-6935 and CVE-2008-6936. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
EIP-2026-107601 EXPLOITDB text WORKING POC
hMAilServer 4.4.2 - 'PHPWebAdmin' File Inclusion