mr.pr0n

14 exploits Active since Oct 2011
CVE-2012-10053 EXPLOITDB CRITICAL ruby WORKING POC
Simple Web Server 2.2 rc2 - Buffer Overflow
Simple Web Server 2.2 rc2 contains a stack-based buffer overflow vulnerability in its handling of the Connection HTTP header. When a remote attacker sends an overly long string in this header, the server uses vsprintf() without proper bounds checking, leading to a buffer overflow on the stack. This flaw allows remote attackers to execute arbitrary code with the privileges of the web server process. The vulnerability is triggered before authentication.
CVE-2012-10053 EXPLOITDB CRITICAL perl WORKING POC
Simple Web Server 2.2 rc2 - Buffer Overflow
Simple Web Server 2.2 rc2 contains a stack-based buffer overflow vulnerability in its handling of the Connection HTTP header. When a remote attacker sends an overly long string in this header, the server uses vsprintf() without proper bounds checking, leading to a buffer overflow on the stack. This flaw allows remote attackers to execute arbitrary code with the privileges of the web server process. The vulnerability is triggered before authentication.
CVE-2012-10051 EXPLOITDB HIGH ruby WORKING POC
Photodex ProShow Producer <5.0.3256 - Buffer Overflow
Photodex ProShow Producer version 5.0.3256 contains a stack-based buffer overflow vulnerability in the handling of plugin load list files. When a specially crafted load file is placed in the installation directory, the application fails to properly validate its contents, leading to a buffer overflow when the file is parsed during startup. Exploitation requires local access to place the file and user interaction to launch the application.
CVE-2012-10053 METASPLOIT CRITICAL ruby WORKING POC
Simple Web Server 2.2 rc2 - Buffer Overflow
Simple Web Server 2.2 rc2 contains a stack-based buffer overflow vulnerability in its handling of the Connection HTTP header. When a remote attacker sends an overly long string in this header, the server uses vsprintf() without proper bounds checking, leading to a buffer overflow on the stack. This flaw allows remote attackers to execute arbitrary code with the privileges of the web server process. The vulnerability is triggered before authentication.
CVE-2012-10051 METASPLOIT HIGH ruby WORKING POC
Photodex ProShow Producer <5.0.3256 - Buffer Overflow
Photodex ProShow Producer version 5.0.3256 contains a stack-based buffer overflow vulnerability in the handling of plugin load list files. When a specially crafted load file is placed in the installation directory, the application fails to properly validate its contents, leading to a buffer overflow when the file is parsed during startup. Exploitation requires local access to place the file and user interaction to launch the application.
EIP-2026-119322 EXPLOITDB perl WORKING POC
Xitami Web Server 2.5b4 - Remote Buffer Overflow
CVE-2011-5166 EXPLOITDB perl WORKING POC
Elif Keir Knftp - Memory Corruption
Multiple stack-based buffer overflows in KnFTP 1.0.0 allow remote attackers to execute arbitrary code via a long string to the (1) USER, (2) PASS, (3) REIN, (4) QUIT, (5) PORT, (6) PASV, (7) TYPE, (8) STRU, (9) MODE, (10) RETR, (11) STOR, (12) APPE, (13) ALLO, (14) REST, (15) RNFR, (16) RNTO, (17) ABOR, (18) DELE, (19) CWD, (20) LIST, (21) NLST, (22) SITE, (23) STST, (24) HELP, (25) NOOP, (26) MKD, (27) RMD, (28) PWD, (29) CDUP, (30) STOU, (31) SNMT, (32) SYST, and (33) XPWD commands.
EIP-2026-117763 EXPLOITDB perl WORKING POC
Photodex ProShow Producer 5.0.3256 - Local Buffer Overflow
EIP-2026-117288 EXPLOITDB python WORKING POC
HTML Help Workshop 1.4 - Local Buffer Overflow (SEH)
EIP-2026-110046 EXPLOITDB text WRITEUP
OneFileCMS 1.1.5 - Local File Inclusion
EIP-2026-110045 EXPLOITDB perl WORKING POC
OneFileCMS 1.1.1 - Multiple Vulnerabilities
EIP-2026-110044 EXPLOITDB text WORKING POC
OneFileCMS 1.1.1 - 'onefilecms.php' Cross-Site Scripting
EIP-2026-105331 EXPLOITDB python WORKING POC
AVE.CMS 2.09 - 'index.php?module' Blind SQL Injection
CVE-2010-4967 EXPLOITDB perl WORKING POC
ATCOM Netvolution 2.5.6 - SQL Injection
SQL injection vulnerability in default.asp in ATCOM Netvolution 2.5.6 allows remote attackers to execute arbitrary SQL commands via the artID parameter.