boecke

7 exploits Active since Oct 2006
CVE-2007-4441 EXPLOITDB php WORKING POC
PHP < 5.2.0 - Buffer Overflow in win32std Extension via win_browse_file Function
Buffer overflow in php_win32std.dll in the win32std extension for PHP 5.2.0 and earlier allows context-dependent attackers to execute arbitrary code via a long string in the filename argument to the win_browse_file function.
CVE-2007-4586 EXPLOITDB php WORKING POC
PHP < 5.2.0 - Buffer Overflow in iisfunc Extension via Long String Argument
Multiple buffer overflows in php_iisfunc.dll in the iisfunc extension for PHP 5.2.0 and earlier allow context-dependent attackers to execute arbitrary code, probably during Unicode conversion, as demonstrated by a long string in the first argument to the iis_getservicestate function, related to the ServiceId argument to the (1) fnStartService, (2) fnGetServiceState, (3) fnStopService, and possibly other functions.
CVE-2006-5728 EXPLOITDB perl WORKING POC
XM Easy Personal FTP Server <= 5.2.1 - Authenticated Denial of Service via NLST Command
XM Easy Personal FTP Server 5.2.1 and earlier allows remote authenticated users to cause a denial of service via a long argument to the NLST command, possibly involving the -al flags.
CVE-2007-5082 EXPLOITDB perl WORKING POC
BrightStor Hierarchical Storage Manager - Remote Code Execution via CsAgent Service Command
Multiple stack-based buffer overflows in Computer Associates (CA) BrightStor Hierarchical Storage Manager (HSM) before r11.6 allow remote attackers to execute arbitrary code via unspecified CsAgent service commands with certain opcodes, related to missing validation of a length parameter.
EIP-2026-111300 EXPLOITDB text WORKING POC
Piwik 1357 2009-08-02 - Arbitrary File Upload / Code Execution
CVE-2006-5312 EXPLOITDB text WORKING POC
Ajax Shoutbox < 0.0.5 - Remote File Inclusion via phpbb_root_path Parameter
PHP remote file inclusion vulnerability in shoutbox.php in the Ajax Shoutbox 0.0.5 and earlier module for phpBB allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
CVE-2006-7147 EXPLOITDB text WRITEUP
phpBB Import Tools Mod 0.1.4 - Remote Code Execution via phpbb_root_path Parameter
PHP remote file inclusion vulnerability in includes/functions_mod_user.php in phpBB Import Tools Mod 0.1.4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.