Sha0

7 exploits Active since May 2007
CVE-2007-2815 EXPLOITDB bash WORKING POC
Microsoft IIS Web Server 5.0 - Auth Bypass
The "hit-highlighting" functionality in webhits.dll in Microsoft Internet Information Services (IIS) Web Server 5.0 only uses Windows NT ACL configuration, which allows remote attackers to bypass NTLM and basic authentication mechanisms and access private web directories via the CiWebhitsfile parameter to null.htw.
CVE-2007-6528 EXPLOITDB text WORKING POC
TikiWiki < 1.9.9 - Path Traversal via Movie Parameter
Directory traversal vulnerability in tiki-listmovies.php in TikiWiki before 1.9.9 allows remote attackers to read arbitrary files via a .. (dot dot) and modified filename in the movie parameter.
CVE-2008-6393 EXPLOITDB python WORKING POC
PSI < 0.12.1 - Remote Denial of Service and Possible Code Execution via SOCKS5 File Transfer Option
PSI Jabber client before 0.12.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a file transfer request with a negative value in a SOCKS5 option, which bypasses a signed integer check and triggers an integer overflow and a heap-based buffer overflow.
CVE-2014-1912 EXPLOITDB python WORKING POC
Python <2.7.7, <3.3.4, <3.4rc1 - Buffer Overflow
Buffer overflow in the socket.recvfrom_into function in Modules/socketmodule.c in Python 2.5 before 2.7.7, 3.x before 3.3.4, and 3.4.x before 3.4rc1 allows remote attackers to execute arbitrary code via a crafted string.
CVE-2012-1586 EXPLOITDB text WORKING POC
cifs-utils - Exposure of Sensitive Information via Error Message
mount.cifs in cifs-utils 2.6 allows local users to determine the existence of arbitrary files or directories via the file path in the second argument, which reveals their existence in an error message.
EIP-2026-102770 EXPLOITDB WORKING POC
.ELF Binaries - Local Privilege Escalation
EIP-2026-102789 EXPLOITDB c WORKING POC
BitchX 1.0c19 - Local Privilege Escalation