fb1h2s

12 exploits Active since Jun 2011
CVE-2014-0160 NOMISEC HIGH
OpenSSL <1.0.1g - Info Disclosure
The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by reading private keys, related to d1_both.c and t1_lib.c, aka the Heartbleed bug.
CVSS 7.5
EIP-2026-118657 EXPLOITDB python WORKING POC
httpdx 1.5 - 'MKD' Directory Traversal
EIP-2026-118503 EXPLOITDB ruby WORKING POC
EFS Easy Chat Server - Universal Buffer Overflow (SEH) (Metasploit)
EIP-2026-117935 EXPLOITDB ruby WORKING POC
Soritong 1.0 - Universal Buffer Overflow (SEH) (Metasploit)
EIP-2026-117767 EXPLOITDB php WORKING POC
PHP 5.3.4 Win Com Module - Com_sink
CVE-2011-1249 EXPLOITDB c WORKING POC
Microsoft Windows 2003 Server - Access Control
The Ancillary Function Driver (AFD) in afd.sys in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly validate user-mode input, which allows local users to gain privileges via a crafted application, aka "Ancillary Function Driver Elevation of Privilege Vulnerability."
EIP-2026-115095 EXPLOITDB text WORKING POC
Core Impact 7.5 - Denial of Service
EIP-2026-114911 EXPLOITDB perl WORKING POC
Apache 2.2 (Windows) - Local Denial of Service
EIP-2026-113003 EXPLOITDB text WRITEUP
vBulletin 4.0.x 4.1.3 - 'messagegroupid' SQL Injection
EIP-2026-104682 EXPLOITDB text WORKING POC
vBulletin (Cyb - Advanced Forum Statistics) - 'misc.php' Denial of Service
EIP-2026-104142 EXPLOITDB text WRITEUP
ZKSoftware 'ZK5000' - Remote Information Disclosure
EIP-2026-101499 EXPLOITDB text WRITEUP
ZKSoftware Biometric Attendence Managnmnet Hardware[MIPS] 2 - Improper Authentication