muts

77 exploits Active since May 2003
CVE-2012-2576 METASPLOIT CRITICAL ruby WORKING POC
SolarWinds Backup Profiler < 5.1.2 - SQL Injection via LoginServlet loginName Parameter
SQL injection vulnerability in the LoginServlet page in SolarWinds Storage Manager before 5.1.2, SolarWinds Storage Profiler before 5.1.2, and SolarWinds Backup Profiler before 5.1.2 allows remote attackers to execute arbitrary SQL commands via the loginName field.
CVSS 9.8
CVE-2012-2577 EXPLOITDB javascript WORKING POC
SolarWinds Orion Network Performance Monitor < 10.3.1 - Cross-Site Scripting via SNMPD Configuration Fields
Multiple cross-site scripting (XSS) vulnerabilities in SolarWinds Orion Network Performance Monitor (NPM) before 10.3.1 allow remote attackers to inject arbitrary web script or HTML via the (1) syslocation, (2) syscontact, or (3) sysName field of an snmpd.conf file.
CVE-2004-1211 EXPLOITDB python WORKING POC
Mercury/32 4.01a - Authenticated Buffer Overflow via IMAP Command Arguments
Multiple buffer overflows in the IMAP service in Mercury/32 4.01a allow remote authenticated users to cause a denial of service (application crash) and possibly execute arbitrary code via long arguments to the (1) EXAMINE, (2) SUBSCRIBE, (3) STATUS, (4) APPEND, (5) CHECK, (6) CLOSE, (7) EXPUNGE, (8) FETCH, (9) RENAME, (10) DELETE, (11) LIST, (12) SEARCH, (13) CREATE, or (14) UNSUBSCRIBE commands.
CVE-2004-1211 EXPLOITDB cpp WORKING POC
Mercury/32 4.01a - Authenticated Buffer Overflow via IMAP Command Arguments
Multiple buffer overflows in the IMAP service in Mercury/32 4.01a allow remote authenticated users to cause a denial of service (application crash) and possibly execute arbitrary code via long arguments to the (1) EXAMINE, (2) SUBSCRIBE, (3) STATUS, (4) APPEND, (5) CHECK, (6) CLOSE, (7) EXPUNGE, (8) FETCH, (9) RENAME, (10) DELETE, (11) LIST, (12) SEARCH, (13) CREATE, or (14) UNSUBSCRIBE commands.
CVE-2012-2589 EXPLOITDB javascript WORKING POC
Rejected
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-4344. Reason: This candidate is a duplicate of CVE-2012-4344. Notes: All CVE users should reference CVE-2012-4344 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage
CVE-2012-2601 EXPLOITDB javascript WORKING POC
Ipswitch WhatsUp Gold 15.02 - SQL Injection
SQL injection vulnerability in WrVMwareHostList.asp in Ipswitch WhatsUp Gold 15.02 allows remote attackers to execute arbitrary SQL commands via the sGroupList parameter.
CVE-2012-2576 EXPLOITDB CRITICAL ruby WORKING POC
SolarWinds Backup Profiler < 5.1.2 - SQL Injection via LoginServlet loginName Parameter
SQL injection vulnerability in the LoginServlet page in SolarWinds Storage Manager before 5.1.2, SolarWinds Storage Profiler before 5.1.2, and SolarWinds Backup Profiler before 5.1.2 allows remote attackers to execute arbitrary SQL commands via the loginName field.
CVSS 9.8
CVE-2007-1910 EXPLOITDB text WRITEUP
Microsoft Word 2007 - Buffer Overflow via Crafted Document
Buffer overflow in wwlib.dll in Microsoft Word 2007 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted document, as demonstrated by file789-1.doc.
CVE-2012-4869 METASPLOIT ruby WORKING POC
FreePBX < 2.10 - Remote Code Execution via callmenum Parameter
The callme_startcall function in recordings/misc/callme_page.php in FreePBX 2.9, 2.10, and earlier allows remote attackers to execute arbitrary commands via the callmenum parameter in a c action.
CVE-2011-1865 METASPLOIT ruby WORKING POC
HP OpenView Storage Data Protector <6.20 - Buffer Overflow
Multiple stack-based buffer overflows in the inet service in HP OpenView Storage Data Protector 6.00 through 6.20 allow remote attackers to execute arbitrary code via a request containing crafted parameters.
CVE-2008-1697 METASPLOIT ruby WORKING POC
HP OpenView Network Node Manager <7.53-7.51 - Buffer Overflow
Stack-based buffer overflow in ovwparser.dll in HP OpenView Network Node Manager (OV NNM) 7.53, 7.51, and earlier allows remote attackers to execute arbitrary code via a long URI in an HTTP request processed by ovas.exe, as demonstrated by a certain topology/homeBaseView request. NOTE: some of these details are obtained from third party information.
CVE-2006-5156 METASPLOIT ruby WORKING POC
McAfee ePolicy Orchestrator < 3.5.0.720 and ProtectionPilot < 1.1.1.126 - Remote Code Execution via Long Source Header
Buffer overflow in McAfee ePolicy Orchestrator before 3.5.0.720 and ProtectionPilot before 1.1.1.126 allows remote attackers to execute arbitrary code via a request to /spipe/pkg/ with a long source header.
CVE-2012-2962 METASPLOIT ruby WORKING POC
Plixer Scrutinizer <9.5.2 - SQL Injection
SQL injection vulnerability in d4d/statusFilter.php in Plixer Scrutinizer (aka Dell SonicWALL Scrutinizer) before 9.5.2 allows remote authenticated users to execute arbitrary SQL commands via the q parameter.
CVE-2004-1626 METASPLOIT ruby WORKING POC
Ability Server 2.34 - Remote Code Execution via Long STOR Command
Buffer overflow in Ability Server 2.34, and possibly other versions, allows remote attackers to execute arbitrary code via a long STOR command.
CVE-2012-0297 METASPLOIT ruby WORKING POC
Symantec Web Gateway < 5.0.3 - Remote Code Execution via Management GUI Script Access
The management GUI in Symantec Web Gateway 5.0.x before 5.0.3 does not properly restrict access to application scripts, which allows remote attackers to execute arbitrary code by (1) injecting crafted data or (2) including crafted data.
CVE-2012-2953 METASPLOIT ruby WORKING POC
Symantec Web Gateway <5.0.3.18 - RCE
The management console in Symantec Web Gateway 5.0.x before 5.0.3.18 allows remote attackers to execute arbitrary commands via crafted input to application scripts.
CVE-2006-5156 EXPLOITDB ruby WORKING POC
McAfee ePolicy Orchestrator < 3.5.0.720 and ProtectionPilot < 1.1.1.126 - Remote Code Execution via Long Source Header
Buffer overflow in McAfee ePolicy Orchestrator before 3.5.0.720 and ProtectionPilot before 1.1.1.126 allows remote attackers to execute arbitrary code via a request to /spipe/pkg/ with a long source header.
CVE-2012-2602 EXPLOITDB javascript WORKING POC
SolarWinds Orion NPM <10.3.1 - CSRF
Multiple cross-site request forgery (CSRF) vulnerabilities in SolarWinds Orion Network Performance Monitor (NPM) before 10.3.1 allow remote attackers to hijack the authentication of administrators for requests that (1) create user accounts via CreateUserStepContainer actions to Admin/Accounts/Add/OrionAccount.aspx or (2) modify account privileges via a ynAdminRights action to Admin/Accounts/EditAccount.aspx.
CVE-2012-2955 EXPLOITDB python WORKING POC
IBM Lotus Protector for Mail Security 2.1-2.8 XSS via Query String
Multiple cross-site scripting (XSS) vulnerabilities in the administrative user interface in IBM Lotus Protector for Mail Security 2.1, 2.5, 2.5.1, and 2.8 and IBM ISS Proventia Network Mail Security System allow remote attackers to inject arbitrary web script or HTML via the query string.
CVE-2012-2576 EXPLOITDB CRITICAL python WORKING POC
SolarWinds Backup Profiler < 5.1.2 - SQL Injection via LoginServlet loginName Parameter
SQL injection vulnerability in the LoginServlet page in SolarWinds Storage Manager before 5.1.2, SolarWinds Storage Profiler before 5.1.2, and SolarWinds Backup Profiler before 5.1.2 allows remote attackers to execute arbitrary SQL commands via the loginName field.
CVSS 9.8
CVE-2004-1638 EXPLOITDB python WORKING POC
MailCarrier 2.51 - Buffer Overflow via EHLO Command
Buffer overflow in MailCarrier 2.51 allows remote attackers to execute arbitrary code via a long (1) EHLO and possibly (2) HELO command.
CVE-2008-1610 EXPLOITDB python WORKING POC
TallSoft Quick TFTP Server Pro 2.1 - Buffer Overflow
Stack-based buffer overflow in TallSoft Quick TFTP Server Pro 2.1 allows remote attackers to cause a denial of service or execute arbitrary code via a long mode field in a read or write request.
EIP-2026-119215 EXPLOITDB python WORKING POC
TFTP Server 1.4 - Remote Buffer Overflow (2)
CVE-2008-1611 EXPLOITDB python WORKING POC
TFTP Server SP 1.4 - Buffer Overflow
Stack-based buffer overflow in TFTP Server SP 1.4 for Windows allows remote attackers to cause a denial of service or execute arbitrary code via a long filename in a read or write request.
CVE-2003-0264 EXPLOITDB python WORKING POC
SLMail 5.1.0.4420 - Buffer Overflow
Multiple buffer overflows in SLMail 5.1.0.4420 allows remote attackers to execute arbitrary code via (1) a long EHLO argument to slmail.exe, (2) a long XTRN argument to slmail.exe, (3) a long string to POPPASSWD, or (4) a long password to the POP3 server.