blake

59 exploits Active since Jun 2007
CVE-2008-1914 EXPLOITDB python WORKING POC
BigAnt IM Server <2.2 - Buffer Overflow
Stack-based buffer overflow in the AntServer module (AntServer.exe) in BigAnt IM Server in BigAnt Messenger 2.2 allows remote attackers to execute arbitrary code via a long URI in a request to TCP port 6080. NOTE: some of these details are obtained from third party information.
CVE-2012-6559 EXPLOITDB text WORKING POC
FreeNAC 3.02 - Cross-Site Scripting via Multiple Parameters
Multiple cross-site scripting (XSS) vulnerabilities in FreeNAC 3.02 allow remote attackers to inject arbitrary web script or HTML via the (1) comment, (2) mac, (3) graphtype, (4) name, or (5) type parameter to stats.php; or (6) comment parameter to deviceadd.php.
CVE-2010-20121 EXPLOITDB CRITICAL ruby WORKING POC
EasyFTP Server <= 1.7.0.11 - Unauthenticated Stack-based Buffer Overflow via CWD Command
EasyFTP Server versions up to 1.7.0.11 contain a stack-based buffer overflow vulnerability in the FTP command parser. When processing the CWD (Change Working Directory) command, the server fails to properly validate the length of the input string, allowing attackers to overwrite memory on the stack. This flaw enables remote code execution without authentication, as EasyFTP allows anonymous access by default. The vulnerability was resolved in version 1.7.0.12, after which the product was renamed “UplusFtp.”
CVSS 9.8
EIP-2026-119095 EXPLOITDB html WORKING POC
RSP MP3 Player OCX 3.2 - ActiveX Buffer Overflow
EIP-2026-119094 EXPLOITDB html WORKING POC
RSP MP3 Player - OCX ActiveX Buffer Overflow HeapSpray
CVE-2007-4566 EXPLOITDB python WORKING POC
Alpha Centauri Software SIDVault <2.0f - RCE
Multiple buffer overflows in the login mechanism in sidvault in Alpha Centauri Software SIDVault LDAP Server before 2.0f allow remote attackers to execute arbitrary code via crafted LDAP packets, as demonstrated by a long dc entry in an LDAP bind.
CVE-2008-6898 EXPLOITDB html WORKING POC
SaschArt SasCam Webcam Server 2.6.5 - Buffer Overflow via XHTTP Module Get Method
Buffer overflow in the XHTTP Module 4.1.0.0 in the ActiveX control for SaschArt SasCam Webcam Server 2.6.5 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a long argument to the Get method and other unspecified methods.
CVE-2007-4566 EXPLOITDB python WORKING POC
Alpha Centauri Software SIDVault <2.0f - RCE
Multiple buffer overflows in the login mechanism in sidvault in Alpha Centauri Software SIDVault LDAP Server before 2.0f allow remote attackers to execute arbitrary code via crafted LDAP packets, as demonstrated by a long dc entry in an LDAP bind.
EIP-2026-119087 EXPLOITDB html WORKING POC
Registry OCX 1.5 - ActiveX Buffer Overflow
EIP-2026-119124 EXPLOITDB ruby WORKING POC
Serenity Audio Player 3.2.3 - '.m3u' Remote Buffer Overflow (Metasploit)
EIP-2026-118766 EXPLOITDB html WORKING POC
McKesson - ActiveX File/Environmental Variable Enumeration
CVE-2011-5166 EXPLOITDB python WORKING POC
KnFTP 1.0.0 - Remote Code Execution via Multiple Stack-Based Buffer Overflows
Multiple stack-based buffer overflows in KnFTP 1.0.0 allow remote attackers to execute arbitrary code via a long string to the (1) USER, (2) PASS, (3) REIN, (4) QUIT, (5) PORT, (6) PASV, (7) TYPE, (8) STRU, (9) MODE, (10) RETR, (11) STOR, (12) APPE, (13) ALLO, (14) REST, (15) RNFR, (16) RNTO, (17) ABOR, (18) DELE, (19) CWD, (20) LIST, (21) NLST, (22) SITE, (23) STST, (24) HELP, (25) NOOP, (26) MKD, (27) RMD, (28) PWD, (29) CDUP, (30) STOU, (31) SNMT, (32) SYST, and (33) XPWD commands.
EIP-2026-118715 EXPLOITDB python WORKING POC
Kolibri+ Web Server 2 - GET Remote Overwrite (SEH)
CVE-2013-2817 EXPLOITDB html WORKING POC
Mitsubishi Electric Automation MC-WorX Suite 8.02 - RCE
An ActiveX control in IcoLaunch.dll in Mitsubishi Electric Automation MC-WorX Suite 8.02 allows user-assisted remote attackers to execute arbitrary programs via a crafted HTML document in conjunction with a Login Client button click.
EIP-2026-118675 EXPLOITDB html WORKING POC
Image22 ActiveX 1.1.1 - Remote Buffer Overflow
EIP-2026-118684 EXPLOITDB html WORKING POC
Indusoft Thin Client 7.1 - ActiveX Buffer Overflow
EIP-2026-118566 EXPLOITDB python WORKING POC
Freefloat FTP Server - Remote Buffer Overflow (DEP Bypass)
CVE-2010-4142 EXPLOITDB python WORKING POC
DATAC RealWin <= 2.0 Build 6.1.8.10 - Stack-Based Buffer Overflow via Long SCPC Packet
Multiple stack-based buffer overflows in DATAC RealWin 2.0 Build 6.1.8.10 and earlier allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long (1) SCPC_INITIALIZE, (2) SCPC_INITIALIZE_RF, or (3) SCPC_TXTEVENT packet. NOTE: it was later reported that 1.06 is also affected by one of these requests.
CVE-2010-2701 EXPLOITDB html WORKING POC
FathFTP ActiveX control <1.7 - Buffer Overflow
Multiple buffer overflows in the FathFTP ActiveX control 1.7 allow remote attackers to execute arbitrary code via (1) the GetFromURL member or (2) a long argument to the RasIsConnected method.
EIP-2026-118536 EXPLOITDB html WORKING POC
FathFTP 1.8 - 'FileExists Method' ActiveX Buffer Overflow (SEH)
EIP-2026-118236 EXPLOITDB python WORKING POC
Ada Image Server 0.6.7 - 'imgsrv.exe' Remote Buffer Overflow
EIP-2026-118247 EXPLOITDB html WORKING POC
Aladdin Knowledge Systems Ltd. PrivAgent - ActiveX Control Overflow
EIP-2026-118142 EXPLOITDB ruby WORKING POC
WM Downloader 3.0.0.9 - Local Buffer Overflow (Metasploit)
CVE-2009-4660 EXPLOITDB python WORKING POC
BigAnt IM Server 2.50 - Buffer Overflow
Stack-based buffer overflow in the AntServer Module (AntServer.exe) in BigAnt IM Server 2.50 allows remote attackers to execute arbitrary code via a long GET request to TCP port 6660.
EIP-2026-118215 EXPLOITDB ruby WORKING POC
(Gabriel's FTP Server) Open & Compact FTPd 1.2 - Buffer Overflow (Metasploit)