Underz0ne Crew

6 exploits Active since Jun 2008
CVE-2008-6959 EXPLOITDB html WORKING POC
Chilkat Socket ActiveX <2.3.1.1 - RCE
Insecure method vulnerability in the Chilkat Socket ActiveX control (ChilkatSocket.ChilkatSocket.1) in ChilkatSocket.dll 2.3.1.1 allows remote attackers to overwrite arbitrary files via the SaveLastError method. NOTE: this might be related to CVE-2008-1647.
CVE-2008-5383 EXPLOITDB python WORKING POC
National Instruments Electronics Workbench - Buffer Overflow
Stack-based buffer overflow in National Instruments Electronics Workbench allows user-assisted attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted .ewb file.
EIP-2026-101428 EXPLOITDB python WORKING POC
Sagem F@ST Routers - DHCP Hostname Cross-Site Request Forgery
CVE-2008-2691 EXPLOITDB text WORKING POC
Jiro Faq Manager Experience - SQL Injection
SQL injection vulnerability in read.asp in JiRo's FAQ Manager eXperience 1.0 allows remote attackers to execute arbitrary SQL commands via the fID parameter.
CVE-2008-6739 EXPLOITDB text WRITEUP
Toddwoolums Asp Download - Authentication Bypass
Todd Woolums ASP Download management script 1.03 does not require authentication for setupdownload.asp, which allows remote attackers to gain administrator privileges via a direct request.
CVE-2008-2868 EXPLOITDB text WORKING POC
Duware Ducalendar < 1.0 - SQL Injection
SQL injection vulnerability in detail.asp in DUware DUcalendar 1.0 and possibly earlier allows remote attackers to execute arbitrary SQL commands via the iEve parameter.