S2 Crew

15 exploits Active since Jan 2009
CVE-2012-0297 EXPLOITDB WORKING POC
Symantec Web Gateway < 5.0.3 - Remote Code Execution via Management GUI Script Access
The management GUI in Symantec Web Gateway 5.0.x before 5.0.3 does not properly restrict access to application scripts, which allows remote attackers to execute arbitrary code by (1) injecting crafted data or (2) including crafted data.
CVE-2010-0759 EXPLOITDB text WORKING POC
Core Design Scriptegrator <1.4.1 - Path Traversal
Directory traversal vulnerability in plugins/system/cdscriptegrator/libraries/highslide/js/jsloader.php in the Core Design Scriptegrator plugin 1.4.1 for Joomla! allows remote attackers to read, and possibly include and execute, arbitrary files via directory traversal sequences in the files[] parameter, a different vector than CVE-2010-0760.
EIP-2026-119058 EXPLOITDB perl WORKING POC
ProSSHD 1.2 20090726 - Remote Buffer Overflow
CVE-2011-3478 EXPLOITDB python WORKING POC
Symantec pcAnywhere 12.5.x-12.5.3 & IT Management Suite 7.0-7.1 - RCE via TCP Port 5631
The host-services component in Symantec pcAnywhere 12.5.x through 12.5.3, and IT Management Suite pcAnywhere Solution 7.0 (aka 12.5.x) and 7.1 (aka 12.6.x), does not properly filter login and authentication data, which allows remote attackers to execute arbitrary code via a crafted session on TCP port 5631.
CVE-2010-1185 EXPLOITDB python WORKING POC
SAP MaxDB <7.6.07 - Buffer Overflow
Stack-based buffer overflow in serv.exe in SAP MaxDB 7.4.3.32, and 7.6.0.37 through 7.6.06 allows remote attackers to execute arbitrary code via an invalid length parameter in a handshake packet to TCP port 7210. NOTE: some of these details are obtained from third party information.
CVE-2010-1554 EXPLOITDB python WORKING POC
HP OpenView Network Node Manager <7.53 - Buffer Overflow
Stack-based buffer overflow in getnnmdata.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via an invalid iCount parameter.
CVE-2010-1555 EXPLOITDB python WORKING POC
HP OpenView Network Node Manager <7.53 - Buffer Overflow
Stack-based buffer overflow in getnnmdata.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via an invalid Hostname parameter.
CVE-2010-1553 EXPLOITDB python WORKING POC
HP OpenView Network Node Manager <7.53 - Buffer Overflow
Stack-based buffer overflow in getnnmdata.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via an invalid MaxAge parameter.
CVE-2009-4178 EXPLOITDB python WORKING POC
HP OpenView Network Node Manager <7.53 - Buffer Overflow
Heap-based buffer overflow in OvWebHelp.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via a long Topic parameter.
CVE-2010-0760 EXPLOITDB text WORKING POC
Core Design Scriptegrator <1.4.1 - Path Traversal
Multiple directory traversal vulnerabilities in the Core Design Scriptegrator plugin 1.4.1 for Joomla! allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the (1) file parameter to libraries/jquery/js/ui/jsloader.php and the (2) files[] parameter to libraries/jquery/js/jsloader.php, a different vector than CVE-2010-0759. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2009-2817 EXPLOITDB ruby WORKING POC
Apple iTunes < 9.0.1 - Remote Code Execution via Crafted .pls File
Buffer overflow in Apple iTunes before 9.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted .pls file.
CVE-2012-0298 EXPLOITDB text WORKING POC
Symantec Web Gateway <5.0.3 - Info Disclosure
The file-management scripts in the management GUI in Symantec Web Gateway 5.0.x before 5.0.3 allow remote attackers to (1) read or (2) delete arbitrary files via unspecified vectors.
CVE-2008-5517 EXPLOITDB text WORKING POC
git < 1.5.6 - Remote Code Execution via gitweb Shell Metacharacters
The web interface in git (gitweb) 1.5.x before 1.5.6 allows remote attackers to execute arbitrary commands via shell metacharacters related to (1) git_snapshot and (2) git_object.
CVE-2010-2307 EXPLOITDB text WORKING POC
Motorola SURFBoard SBV6120E - Directory Traversal via URL Request
Multiple directory traversal vulnerabilities in the web server for Motorola SURFBoard cable modem SBV6120E running firmware SBV6X2X-1.0.0.5-SCM-02-SHPC allow remote attackers to read arbitrary files via (1) "//" (multiple leading slash), (2) ../ (dot dot) sequences, and encoded dot dot sequences in a URL request.
CVE-2014-8904 EXPLOITDB bash WORKING POC
IBM AIX/VIOS <7.1 - Privilege Escalation
lquerylv in cmdlvm in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.x allows local users to gain privileges via a crafted DBGCMD_LQUERYLV environment-variable value.