Wireghoul

25 exploits Active since May 2005
CVE-2014-2008 EXPLOITDB text WRITEUP
mpay24 < 1.6 - SQL Injection via TID Parameter
SQL injection vulnerability in confirm.php in the mPAY24 payment module before 1.6 for PrestaShop allows remote attackers to execute arbitrary SQL commands via the TID parameter.
CVE-2013-10042 EXPLOITDB CRITICAL perl WORKING POC
freeFTPd < 1.0.10 - Stack-based Buffer Overflow via FTP PASS Command
A stack-based buffer overflow vulnerability exists in freeFTPd version 1.0.10 and earlier in the handling of the FTP PASS command. When an attacker sends a specially crafted password string, the application fails to validate input length, resulting in memory corruption. This can lead to denial of service or arbitrary code execution. Exploitation requires the anonymous user account to be enabled.
CVSS 9.8
CVE-2011-0923 METASPLOIT ruby WORKING POC
HP Data Protector - Remote Code Execution via EXEC_CMD Argument Injection
The client in HP Data Protector does not properly validate EXEC_CMD arguments, which allows remote attackers to execute arbitrary Perl code via a crafted command, related to the "local bin directory."
CVE-2011-0923 METASPLOIT ruby WORKING POC
HP Data Protector - Remote Code Execution via EXEC_CMD Argument Injection
The client in HP Data Protector does not properly validate EXEC_CMD arguments, which allows remote attackers to execute arbitrary Perl code via a crafted command, related to the "local bin directory."
CVE-2013-10042 METASPLOIT CRITICAL ruby WORKING POC
freeFTPd < 1.0.10 - Stack-based Buffer Overflow via FTP PASS Command
A stack-based buffer overflow vulnerability exists in freeFTPd version 1.0.10 and earlier in the handling of the FTP PASS command. When an attacker sends a specially crafted password string, the application fails to validate input length, resulting in memory corruption. This can lead to denial of service or arbitrary code execution. Exploitation requires the anonymous user account to be enabled.
CVSS 9.8
CVE-2005-0575 EXPLOITDB perl WORKING POC
Stormy Studios Knet <= 1.04c - Buffer Overflow via Long HTTP GET Request
Buffer overflow in Stormy Studios Knet 1.04c and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long HTTP GET request.
CVE-2011-0923 EXPLOITDB ruby WORKING POC
HP Data Protector - Remote Code Execution via EXEC_CMD Argument Injection
The client in HP Data Protector does not properly validate EXEC_CMD arguments, which allows remote attackers to execute arbitrary Perl code via a crafted command, related to the "local bin directory."
EIP-2026-118586 EXPLOITDB ruby WORKING POC
freeFTPd 1.0.10 - 'PASS' Remote Buffer Overflow (SEH) (Metasploit)
EIP-2026-118584 EXPLOITDB ruby WORKING POC
freeFTPd 1.0.10 - 'PASS' Remote Buffer Overflow (Metasploit)
EIP-2026-118548 EXPLOITDB html WORKING POC
FirePHP Firefox Plugin 0.7.1 - Remote Command Execution
CVE-2010-2620 EXPLOITDB python WORKING POC
Open-FTPD < 1.2 - Unauthenticated Authentication Bypass via FTP Command Injection
Open&Compact FTP Server (Open-FTPD) 1.2 and earlier allows remote attackers to bypass authentication by sending (1) LIST, (2) RETR, (3) STOR, or other commands without performing the required login steps first.
EIP-2026-113038 EXPLOITDB perl SUSPICIOUS
VegaDNS 0.13.2 - Remote Command Injection
EIP-2026-112523 EXPLOITDB text WRITEUP
Symphony CMS 2.3 - Multiple Vulnerabilities
EIP-2026-112522 EXPLOITDB text WRITEUP
Symphony CMS 2.1.2 - Blind SQL Injection
CVE-2014-2009 EXPLOITDB text WRITEUP
mpay24 < 1.5.1 - Unauthenticated Sensitive Information Exposure via Direct Request to API Log
The mPAY24 payment module before 1.6 for PrestaShop allows remote attackers to obtain credentials, the installation path, and other sensitive information via a direct request to api/curllog.log.
EIP-2026-107141 EXPLOITDB perl WORKING POC
Flatpress 1.0 - Remote Code Execution
CVE-2011-2744 EXPLOITDB text WRITEUP
Chyrp < 2.1 - Remote File Inclusion via Action Parameter
Directory traversal vulnerability in Chyrp 2.1 and earlier allows remote attackers to include and execute arbitrary local files via a ..%2F (encoded dot dot slash) in the action parameter to the default URI.
CVE-2011-2780 EXPLOITDB text WRITEUP
Chyrp < 2.0 - Path Traversal via File Parameter in gz.php
Directory traversal vulnerability in includes/lib/gz.php in Chyrp 2.0 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter, a different vulnerability than CVE-2011-2744.
CVE-2011-2743 EXPLOITDB text WRITEUP
Chyrp < 2.1 - Cross-Site Scripting via Action Parameter
Multiple cross-site scripting (XSS) vulnerabilities in Chyrp 2.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the action parameter to (1) the default URI or (2) includes/javascript.php, or the (3) title or (4) body parameter to admin/help.php.
CVE-2011-2743 EXPLOITDB text WRITEUP
Chyrp < 2.1 - Cross-Site Scripting via Action Parameter
Multiple cross-site scripting (XSS) vulnerabilities in Chyrp 2.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the action parameter to (1) the default URI or (2) includes/javascript.php, or the (3) title or (4) body parameter to admin/help.php.
CVE-2011-2745 EXPLOITDB text WORKING POC
Chyrp < 2.0 - Authenticated Arbitrary PHP File Upload via swfupload Extension
upload_handler.php in the swfupload extension in Chyrp 2.0 and earlier relies on client-side JavaScript code to restrict the file extensions of uploaded files, which allows remote authenticated users to upload a .php file, and consequently execute arbitrary PHP code, via a write_post action to the default URI under admin/.
CVE-2014-4644 EXPLOITDB bash WORKING POC
Cacti superlinks plugin 1.4-2 - SQL Injection via id Parameter
SQL injection vulnerability in superlinks.php in the superlinks plugin 1.4-2 for Cacti allows remote attackers to execute arbitrary SQL commands via the id parameter.
EIP-2026-105261 EXPLOITDB php WRITEUP
ASCET Interactive Huski CMS - 'i' Local File Inclusion
EIP-2026-105262 EXPLOITDB text WRITEUP
ASCET Interactive Huski Retail - Multiple SQL Injections
CVE-2013-5697 EXPLOITDB text WORKING POC
mod_accounting < 0.5 - SQL Injection via Host Header
SQL injection vulnerability in mod_accounting.c in the mod_accounting module 0.5 and earlier for Apache allows remote attackers to execute arbitrary SQL commands via a Host header.