alt3kx

45 exploits Active since Apr 2001
CVE-2001-0680 NOMISEC WRITEUP
QPC QVT/Net 4.0 and AVT/Term 5.0 - Directory Traversal via LIST Command
Directory traversal vulnerability in ftpd in QPC QVT/Net 4.0 and AVT/Term 5.0 allows a remote attacker to traverse directories on the web server via a "dot dot" attack in a LIST (ls) command.
CVE-2001-0758 NOMISEC WRITEUP
Shambala 4.5 - Directory Traversal via CWD Command
Directory traversal vulnerability in Shambala 4.5 allows remote attackers to escape the FTP root directory via "CWD ..." command.
CVE-2001-0931 NOMISEC WRITEUP
Cooolsoft PowerFTP Server 2.03 - Directory Traversal via LS or GET Command
Directory traversal vulnerability in Cooolsoft PowerFTP Server 2.03 allows attackers to list or read arbitrary files and directories via a .. (dot dot) in (1) LS or (2) GET.
CVE-2001-0932 NOMISEC STUB
Cooolsoft PowerFTP Server 2.03 - Buffer Overflow via Long Command
Buffer overflow in Cooolsoft PowerFTP Server 2.03 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long command.
CVE-2001-0933 NOMISEC WRITEUP
Cooolsoft PowerFTP Server 2.03 - Info Disclosure
Cooolsoft PowerFTP Server 2.03 allows remote attackers to list the contents of arbitrary drives via a ls (LIST) command that includes the drive letter as an argument, e.g. "ls C:".
CVE-2001-0934 NOMISEC WRITEUP
Cooolsoft PowerFTP Server 2.03 - Info Disclosure
Cooolsoft PowerFTP Server 2.03 allows remote attackers to obtain the physical path of the server root via the pwd command, which lists the full pathname.
CVE-2001-1442 NOMISEC WORKING POC
ISC InterNetNews <2.3.0 - Privilege Escalation
Buffer overflow in innfeed for ISC InterNetNews (INN) before 2.3.0 allows local users in the "news" group to gain privileges via a long -c command line argument.
CVE-2002-0200 NOMISEC WRITEUP
Cyberstop Web Server 0.1 - Denial of Service via MS-DOS Device Name Request
Cyberstop Web Server for Windows 0.1 allows remote attackers to cause a denial of service via an HTTP request for an MS-DOS device name.
CVE-2002-0201 NOMISEC WORKING POC
Cyberstop Web Server 0.1 - Denial of Service via Long HTTP GET Request
Cyberstop Web Server for Windows 0.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long HTTP GET request, possibly triggering a buffer overflow.
CVE-2002-0288 NOMISEC STUB
Phusion Web Server 1.0 - Directory Traversal via Triple Dot Sequence
Directory traversal vulnerability in Phusion web server 1.0 allows remote attackers to read arbitrary files via a ... (triple dot dot) in the HTTP request.
CVE-2002-0289 NOMISEC STUB
Phusion Web Server 1.0 - Buffer Overflow via Long HTTP Request
Buffer overflow in Phusion web server 1.0 allows remote attackers to cause a denial of service and execute arbitrary code via a long HTTP request.
CVE-2002-0346 NOMISEC WRITEUP
Cobalt RAQ 4 - Cross-Site Scripting via service.cgi or alert.cgi
Cross-site scripting vulnerability in Cobalt RAQ 4 allows remote attackers to execute arbitrary script as other Cobalt users via Javascript in a URL to (1) service.cgi or (2) alert.cgi.
CVE-2002-0347 NOMISEC WRITEUP
Cobalt RAQ 4 - Directory Traversal via Dot-Dot in HTTP Request
Directory traversal vulnerability in Cobalt RAQ 4 allows remote attackers to read password-protected files, and possibly files outside the web root, via a .. (dot dot) in an HTTP request.
CVE-2002-0348 NOMISEC WORKING POC
Cobalt RAQ 4 - Denial of Service and Possible Remote Code Execution via Long Service Argument
service.cgi in Cobalt RAQ 4 allows remote attackers to cause a denial of service, and possibly execute arbitrary code, via a long service argument.
CVE-2022-1388 METASPLOIT CRITICAL ruby WORKING POC
F5 BIG-IP iControl RCE via REST Authentication Bypass
On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, 13.1.x versions prior to 13.1.5, and all 12.1.x and 11.6.x versions, undisclosed requests may bypass iControl REST authentication. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated
CVSS 9.8
CVE-2019-10685 EXPLOITDB MEDIUM text WORKING POC
Heidelberg Prinect Archiver v2013 release 1.0 - Reflected Cross-Site Scripting
A Reflected Cross Site Scripting (XSS) Vulnerability was discovered in Heidelberg Prinect Archiver v2013 release 1.0.
CVSS 6.1
CVE-2018-7691 EXPLOITDB MEDIUM text WORKING POC
Micro Focus Fortify SSC <18.10 - RCE
A potential Remote Unauthorized Access in Micro Focus Fortify Software Security Center (SSC), versions 17.10, 17.20, 18.10 this exploitation could allow Remote Unauthorized Access
CVSS 6.5
CVE-2018-7690 EXPLOITDB MEDIUM text WORKING POC
Micro Focus Fortify SSC <18.10 - RCE
A potential Remote Unauthorized Access in Micro Focus Fortify Software Security Center (SSC), versions 17.10, 17.20, 18.10 this exploitation could allow Remote Unauthorized Access
CVSS 6.5
CVE-2018-12463 EXPLOITDB CRITICAL text WORKING POC
HP Fortify Software Security Center 17.1, 17.2, 18.1 - Unauthenticated XML External Entity Injection via Crafted DTD
An XML external entity (XXE) vulnerability in Fortify Software Security Center (SSC), version 17.1, 17.2, 18.1 allows remote unauthenticated users to read arbitrary files or conduct server-side request forgery (SSRF) attacks via a crafted DTD in an XML request.
CVSS 9.8
CVE-2018-12596 EXPLOITDB CRITICAL text WORKING POC
Episerver Ektron CMS < 9.0 SP3 CU 31 / 9.1 < SP3 CU 45 / 9.2 < SP2 CU 22 - Unauthenticated Privilege Escalation
Episerver Ektron CMS before 9.0 SP3 Site CU 31, 9.1 before SP3 Site CU 45, or 9.2 before SP2 Site CU 22 allows remote attackers to call aspx pages via the "activateuser.aspx" page, even if a page is located under the /WorkArea/ path, which is forbidden (normally available exclusively for local admins).
CVSS 9.8