basher13

28 exploits Active since Sep 2002
CVE-2006-4669 EXPLOITDB text WORKING POC
Somery < 0.4.6 - Remote File Inclusion via skindir Parameter
PHP remote file inclusion vulnerability in admin/system/include.php in Somery 0.4.6 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the skindir parameter.
EIP-2026-119148 EXPLOITDB perl WORKING POC
Small HTTP Server 3.05.28 - Arbitrary Data Execution
CVE-2002-1120 EXPLOITDB perl WORKING POC
Savant Web Server < 3.1 - Remote Code Execution via Long HTTP GET Request
Buffer overflow in Savant Web Server 3.1 and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request.
EIP-2026-118698 EXPLOITDB perl WORKING POC
Intruder Client 1.00 - Remote Command Execution / Denial of Service
EIP-2026-118590 EXPLOITDB perl WORKING POC
FTP Internet Access Manager 1.2 - Command Execution
CVE-2005-2857 EXPLOITDB perl WORKING POC
Free SMTP Server 2.2 - Open Redirect
Free SMTP Server 2.2 allows remote attackers to use the server as an open mail relay (spam proxy).
EIP-2026-118302 EXPLOITDB perl WORKING POC
Baby Web Server 2.6.2 - Command Validation
EIP-2026-116177 EXPLOITDB perl WORKING POC
Remote File Explorer 1.0 - Denial of Service
EIP-2026-116389 EXPLOITDB c++ WORKING POC
TCP-IP Datalook 1.3 - Local Denial of Service
CVE-2005-2141 EXPLOITDB c++ WORKING POC
TCP Chat 1.0 - Denial of Service via Long String to Chat Service
TCP Chat 1.0 allows remote attackers to cause a denial of service (crash) via a long string to the chat service, possibly triggering a buffer overflow.
CVE-2005-1603 EXPLOITDB c++ WORKING POC
NiteEnterprises Remote File Manager 1.0 - Denial of Service via Crafted TCP String
NiteEnterprises Remote File Manager 1.0 allows remote attackers to cause a denial of service (crash) via a crafted string to TCP port 7080.
CVE-2005-2305 EXPLOITDB perl WORKING POC
DG Remote Control Server 1.6.2 - Denial of Service and Possible Remote Code Execution via Long TCP Message
DG Remote Control Server 1.6.2 allows remote attackers to cause a denial of service (crash or CPU consumption) and possibly execute arbitrary code via a long message to TCP port 1071 or 1073, possibly due to a buffer overflow.
CVE-2005-2208 EXPLOITDB c WORKING POC
PrivaShare 1.1b - Denial of Service via Malformed Message
PrivaShare 1.1b allows remote attackers to cause a denial of service (crash) via a malformed message.
EIP-2026-116030 EXPLOITDB c++ WORKING POC
P2P Pro 1.0 - 'command' Denial of Service
EIP-2026-116156 EXPLOITDB perl WORKING POC
RBExplorer 1.0 - Hijacking Command Denial of Service
CVE-2005-3002 EXPLOITDB perl WORKING POC
MCCS 1.0 - Denial of Service
Multi-Computer Control System (MCCS) 1.0 allows remote attackers to cause a denial of service via a malformed UDP packet.
EIP-2026-114853 EXPLOITDB perl WORKING POC
Acunetix HTTP Sniffer - Denial of Service
EIP-2026-115175 EXPLOITDB perl WORKING POC
DzSoft PHP Editor 3.1.2.8 - Denial of Service
CVE-2005-1667 EXPLOITDB c++ WORKING POC
DataTrac Activity Console 1.1 - Denial of Service via Long HTTP GET Request
DataTrac Activity Console 1.1 allows remote attackers to cause a denial of service via a long HTTP GET request.
EIP-2026-115081 EXPLOITDB perl WORKING POC
COOL! Remote Control 1.12 - Remote Denial of Service
EIP-2026-114936 EXPLOITDB c++ WORKING POC
Ashley's Web Server - Denial of Service
CVE-2007-0704 EXPLOITDB text WORKING POC
Somery 0.4.6 - Remote File Inclusion via install.php skindir Parameter
PHP remote file inclusion vulnerability in install.php in Somery 0.4.6 allows remote attackers to execute arbitrary PHP code via a URL in the skindir parameter, a different vector than CVE-2006-4669. NOTE: the documentation says to remove install.php after installation.
CVE-2005-2323 EXPLOITDB perl WORKING POC
Class-1 Forum 0.23.2-0.24.4 - SQL Injection via Multiple Parameters
Multiple SQL injection vulnerabilities in Class-1 Forum 0.24.4 and 0.23.2, and Clever Copy with forums installed, allow remote attackers to modify SQL statements via the (1) id parameter to viewattach.php, (2) viewuser_id parameter to users.php, or the (3) id or (4) forum parameter to viewforum.php.
CVE-2005-1629 EXPLOITDB perl WORKING POC
Photopost PHP Pro - SQL Injection via Verifykey Parameter
SQL injection vulnerability in member.php for Photopost PHP Pro allows remote attackers to execute arbitrary SQL commands via the verifykey parameter.
CVE-2006-4750 EXPLOITDB text WRITEUP
openi-cms 1.0.1 - Remote File Inclusion via config[openi_dir] Parameter
PHP remote file inclusion vulnerability in openi-admin/base/fileloader.php in OPENi-CMS 1.0.1, and possibly earlier, allows remote attackers to execute arbitrary PHP code via a URL in the config[openi_dir] parameter.