patrick

78 exploits Active since Sep 1999
EIP-2026-113767 EXPLOITDB ruby WORKING POC
WordPress Plugin Foxypress - 'Uploadify.php' Arbitrary Code Execution (Metasploit)
CVE-2005-2733 EXPLOITDB ruby WORKING POC
Simple PHP Blog - RCE
upload_img_cgi.php in Simple PHP Blog (SPHPBlog) does not properly restrict file extensions of uploaded files, which could allow remote attackers to execute arbitrary code.
CVE-2000-0322 EXPLOITDB ruby WORKING POC
Red Hat Piranha - Command Injection
The passwd.php3 CGI script in the Red Hat Piranha Virtual Server Package allows local users to execute arbitrary commands via shell metacharacters.
CVE-2005-2086 EXPLOITDB ruby WORKING POC
phpBB <2.0.15 - RCE
PHP remote file inclusion vulnerability in viewtopic.php in phpBB 2.0.15 and earlier allows remote attackers to execute arbitrary PHP code.
EIP-2026-109217 EXPLOITDB ruby WORKING POC
Lotus Mail Encryption Server 2.1.0.1 (Protector for Mail) - Local File Inclusion / Remote Code Execution (Metasploit)
CVE-2008-3922 EXPLOITDB ruby WORKING POC
AWStats Totals <1.14 - RCE
awstatstotals.php in AWStats Totals 1.0 through 1.14 allows remote attackers to execute arbitrary code via PHP sequences in the sort parameter, which is used by the multisort function when dynamically creating an anonymous PHP function.
EIP-2026-104208 EXPLOITDB ruby WORKING POC
ContentKeeper Web Appliance < 125.10 - Command Execution (Metasploit)
CVE-2004-1389 EXPLOITDB ruby WORKING POC
Veritas NetBackup - RCE
Unknown vulnerability in the Veritas NetBackup Administrative Assistant interface for NetBackup BusinesServer 3.4, 3.4.1, and 4.5, DataCenter 3.4, 3.4.1, and 4.5, Enterprise Server 5.1, and NetBackup Server 5.0 and 5.1, allows attackers to execute arbitrary commands via the bpjava-susvc process, possibly related to the call-back feature.
CVE-2005-0838 EXPLOITDB text WRITEUP
Icecast - Buffer Overflow
Multiple buffer overflows in the XSL parser for IceCast 2.20 may allow attackers to cause a denial of service and possibly execute arbitrary code via (1) a long test value in an xsl:when tag, (2) a long test value in an xsl:if tag, or (3) a long select value in an xsl:value-of tag.
CVE-2001-0311 EXPLOITDB ruby WORKING POC
HP OmniBackII <A.03.50 - Privilege Escalation
Vulnerability in OmniBackII A.03.50 in HP 11.x and earlier allows attackers to gain unauthorized access to an OmniBack client.
CVE-2001-0311 EXPLOITDB ruby WORKING POC
HP OmniBackII <A.03.50 - Privilege Escalation
Vulnerability in OmniBackII A.03.50 in HP 11.x and earlier allows attackers to gain unauthorized access to an OmniBack client.
CVE-2007-4560 EXPLOITDB ruby WORKING POC
ClamAV <0.91.2 - RCE
clamav-milter in ClamAV before 0.91.2, when run in black hole mode, allows remote attackers to execute arbitrary commands via shell metacharacters that are used in a certain popen call, involving the "recipient field of sendmail."
CVE-2009-2936 EXPLOITDB ruby WORKING POC
Varnish - Authentication Bypass
The Command Line Interface (aka Server CLI or administration interface) in the master process in the reverse proxy server in Varnish before 2.1.0 does not require authentication for commands received through a TCP port, which allows remote attackers to (1) execute arbitrary code via a vcl.inline directive that provides a VCL configuration file containing inline C code; (2) change the ownership of the master process via param.set, stop, and start directives; (3) read the initial line of an arbitrary file via a vcl.load directive; or (4) conduct cross-site request forgery (CSRF) attacks that leverage a victim's location on a trusted network and improper input validation of directives. NOTE: the vendor disputes this report, saying that it is "fundamentally misguided and pointless.
CVE-2000-0284 EXPLOITDB ruby WORKING POC
University OF Washington Imap - Buffer Overflow
Buffer overflow in University of Washington imapd version 4.7 allows users with a valid account to execute commands via LIST or other commands.
CVE-2000-0284 EXPLOITDB ruby WORKING POC
University OF Washington Imap - Buffer Overflow
Buffer overflow in University of Washington imapd version 4.7 allows users with a valid account to execute commands via LIST or other commands.
CVE-2006-2447 EXPLOITDB ruby WORKING POC
SpamAssassin <3.1.3 - RCE
SpamAssassin before 3.1.3, when running with vpopmail and the paranoid (-P) switch, allows remote attackers to execute arbitrary commands via a crafted message that is not properly handled when invoking spamd with the virtual pop username.
CVE-2005-1099 EXPLOITDB ruby WORKING POC
Greylisting daemon <1.4 - Buffer Overflow
Multiple buffer overflows in the HandleChild function in server.c in Greylisting daemon (GLD) 1.3 and 1.4, when GLD is listening on a network interface, allow remote attackers to execute arbitrary code.
CVE-2001-0414 EXPLOITDB ruby WORKING POC
Dave Mills Ntpd < 4.0.99k - Buffer Overflow
Buffer overflow in ntpd ntp daemon 4.0.99k and earlier (aka xntpd and xntp3) allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long readvar argument.
CVE-2005-1099 EXPLOITDB ruby WORKING POC
Greylisting daemon <1.4 - Buffer Overflow
Multiple buffer overflows in the HandleChild function in server.c in Greylisting daemon (GLD) 1.3 and 1.4, when GLD is listening on a network interface, allow remote attackers to execute arbitrary code.
CVE-2007-4560 EXPLOITDB ruby WORKING POC
ClamAV <0.91.2 - RCE
clamav-milter in ClamAV before 0.91.2, when run in black hole mode, allows remote attackers to execute arbitrary commands via shell metacharacters that are used in a certain popen call, involving the "recipient field of sendmail."
CVE-2001-0414 EXPLOITDB ruby WORKING POC
Dave Mills Ntpd < 4.0.99k - Buffer Overflow
Buffer overflow in ntpd ntp daemon 4.0.99k and earlier (aka xntpd and xntp3) allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long readvar argument.
CVE-2007-1435 EXPLOITDB ruby WORKING POC
D-link Tftp Server - Buffer Overflow
Buffer overflow in D-Link TFTP Server 1.0 allows remote attackers to cause a denial of service (crash) via a long (1) GET or (2) PUT request, which triggers memory corruption. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-1999-1053 EXPLOITDB ruby WORKING POC
Apache <1.3.9 - RCE
guestbook.pl cleanses user-inserted SSI commands by removing text between "<!--" and "-->" separators, which allows remote attackers to execute arbitrary commands when guestbook.pl is run on Apache 1.3.9 and possibly other versions, since Apache allows other closing sequences besides "-->".
CVE-2006-2237 EXPLOITDB ruby WORKING POC
AWStats <6.5 - RCE
The web interface for AWStats 6.4 and 6.5, when statistics updates are enabled, allows remote attackers to execute arbitrary code via shell metacharacters in the migrate parameter.
CVE-2006-2237 EXPLOITDB ruby WORKING POC
AWStats <6.5 - RCE
The web interface for AWStats 6.4 and 6.5, when statistics updates are enabled, allows remote attackers to execute arbitrary code via shell metacharacters in the migrate parameter.