aushack

88 exploits Active since May 1999
CVE-2003-0558 METASPLOIT ruby WORKING POC
LeapFTP 2.7.3.600 - Buffer Overflow
Buffer overflow in LeapFTP 2.7.3.600 allows remote FTP servers to execute arbitrary code via a long IP address response to a PASV request.
CVE-2006-2212 METASPLOIT ruby WORKING POC
KarjaSoft Sami FTP Server <= 2.0.2 - Remote Code Execution via Long USER or PASS Command
Buffer overflow in KarjaSoft Sami FTP Server 2.0.2 and earlier allows remote attackers to execute arbitrary code via a long (1) USER or (2) PASS command.
CVE-1999-1011 METASPLOIT ruby WORKING POC
Microsoft Data Access Components - Remote Code Execution via RDS DataFactory
The Remote Data Service (RDS) DataFactory component of Microsoft Data Access Components (MDAC) in IIS 3.x and 4.x exposes unsafe methods, which allows remote attackers to execute arbitrary commands.
CVE-2002-1142 METASPLOIT ruby WORKING POC
Microsoft MDAC <2.7 - Buffer Overflow
Heap-based buffer overflow in the Remote Data Services (RDS) component of Microsoft Data Access Components (MDAC) 2.1 through 2.6, and Internet Explorer 5.01 through 6.0, allows remote attackers to execute code via a malformed HTTP request to the Data Stub.
CVE-2005-0308 METASPLOIT ruby WORKING POC
W32Dasm 8.93 and earlier - Buffer Overflow via Large Import or Export Function Name
Buffer overflow in the wsprintf function in W32Dasm 8.93 and earlier allows remote attackers to execute arbitrary code via a large import or export function name.
CVE-2004-0964 METASPLOIT ruby WORKING POC
Zinf <2.2.1 - Remote Code Execution
Buffer overflow in Zinf 2.2.1 on Windows, and other older versions for Linux, allows remote attackers or local users to execute arbitrary code via certain values in a .pls file.
CVE-2007-3314 METASPLOIT ruby WORKING POC
Altap Salamander 2.5 PE Viewer Buffer Overflow
Stack-based buffer overflow in peviewer.spl in Altap Servant Salamander 2.5 with Portable Executable Viewer 2.02 (English Trial), and 2.0 with Portable Executable Viewer 1.00 (English Trial), allows remote attackers to execute arbitrary code via a long PDB debug filename in a PE file.
CVE-2005-1099 METASPLOIT ruby WORKING POC
Greylisting daemon <1.4 - Buffer Overflow
Multiple buffer overflows in the HandleChild function in server.c in Greylisting daemon (GLD) 1.3 and 1.4, when GLD is listening on a network interface, allow remote attackers to execute arbitrary code.
CVE-2007-3010 METASPLOIT CRITICAL ruby WORKING POC
Alcatel OmniPCX Enterprise < 7.1 - Remote Command Execution via Unified Maintenance Tool
masterCGI in the Unified Maintenance Tool in Alcatel OmniPCX Enterprise Communication Server R7.1 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the user parameter during a ping action.
CVSS 9.8
CVE-2000-0248 METASPLOIT ruby WORKING POC
Red Hat Linux Piranha - Command Injection
The web GUI for the Linux Virtual Server (LVS) software in the Red Hat Linux Piranha package has a backdoor password that allows remote attackers to execute arbitrary commands.
CVE-2000-0284 METASPLOIT ruby WORKING POC
University of Washington imapd 4.7 - Authenticated Buffer Overflow via LIST Command
Buffer overflow in University of Washington imapd version 4.7 allows users with a valid account to execute commands via LIST or other commands.
CVE-2010-1549 EXPLOITDB ruby WORKING POC
HP LoadRunner < 9.50 and Performance Center < 9.50 - Remote Code Execution
Unspecified vulnerability in the Agent in HP LoadRunner before 9.50 and HP Performance Center before 9.50 allows remote attackers to execute arbitrary code via unknown vectors.
CVE-2018-15133 EXPLOITDB HIGH ruby WORKING POC
Laravel Framework < 5.5.40 and 5.6.x < 5.6.30 - Remote Code Execution via Unserialize of X-XSRF-TOKEN
In Laravel Framework through 5.5.40 and 5.6.x through 5.6.29, remote code execution might occur as a result of an unserialize call on a potentially untrusted X-XSRF-TOKEN value. This involves the decrypt method in Illuminate/Encryption/Encrypter.php and PendingBroadcast in gadgetchains/Laravel/RCE/3/chain.php in phpggc. The attacker must know the application key, which normally would never occur, but could happen if the attacker previously had privileged access or successfully accomplished a previous attack.
CVSS 8.1