r0ut3r

35 exploits Active since Jun 2006
CVE-2006-6598 EXPLOITDB perl WORKING POC
TorrentFlux <2.2 - Path Traversal
Directory traversal vulnerability in viewnfo.php in (1) TorrentFlux before 2.2 and (2) torrentflux-b4rt before 2.1-b4rt-972 allows remote authenticated users to read arbitrary files via .. (dot dot) sequences in the path parameter, a different vector than CVE-2006-6328.
CVE-2006-6329 EXPLOITDB text WORKING POC
TorrentFlux 2.2 - RCE
index.php for TorrentFlux 2.2 allows remote attackers to delete files by specifying the target filename in the delfile parameter.
CVE-2006-6328 EXPLOITDB text WORKING POC
TorrentFlux 2.2 - Path Traversal
Directory traversal vulnerability in index.php for TorrentFlux 2.2 allows remote attackers to create or overwrite arbitrary files via sequences in the alias_file parameter.
CVE-2007-0504 EXPLOITDB perl WORKING POC
Vote! Pro 4.0 - Code Injection
Eval injection vulnerability in poll_frame.php in Vote! Pro 4.0, and possibly other scripts, allows remote attackers to execute arbitrary code via the poll_id parameter, which is supplied to an eval function call, a different vulnerability type than CVE-2005-4632.
CVE-2006-2383 EXPLOITDB text WORKING POC
Microsoft Internet Explorer <6 - RCE
Unspecified vulnerability in Microsoft Internet Explorer 5.01 SP4 and 6 SP1 and earlier allows remote attackers to execute arbitrary code via "unexpected data" related to "parameter validation" in the DXImageTransform.Microsoft.Light ActiveX control, which causes Internet Explorer to crash in a way that enables the code execution.
CVE-2008-4726 EXPLOITDB perl WORKING POC
Goodtechsystems Goodtech SSH - Memory Corruption
Stack-based buffer overflow in the SFTP subsystem in GoodTech SSH 6.4 allows remote authenticated users to execute arbitrary code via a long string to the (1) open (aka SSH_FXP_OPEN), (2) unlink, (3) opendir, and other unspecified parameters.
CVE-2008-3583 EXPLOITDB c WORKING POC
IntelliTamper 2.07 - RCE
Buffer overflow in the HTML parser in IntelliTamper 2.07 allows remote attackers to execute arbitrary code via a long URL in the SRC attribute of an IMG element. NOTE: this might be related to CVE-2008-3360. NOTE: it was later reported that 2.08 Beta 4 is also affected.
CVE-2008-3360 EXPLOITDB c WORKING POC
IntelliTamper 2.0.7 - RCE
Stack-based buffer overflow in the HTML parser in IntelliTamper 2.0.7 allows remote attackers to execute arbitrary code via a long URL in the HREF attribute of an A element, a different vulnerability than CVE-2006-2494.
CVE-2008-6899 EXPLOITDB perl WORKING POC
Freesshd - Memory Corruption
Multiple buffer overflows in freeSSHd 1.2.1 allow remote authenticated users to cause a denial of service (crash) and execute arbitrary code via a long (1) open, (2) unlink, (3) mkdir, (4) rmdir, or (5) stat SFTP command.
CVE-2008-5735 EXPLOITDB python WORKING POC
CoolPlayer <2.19 - Buffer Overflow
Stack-based buffer overflow in skin.c in CoolPlayer 2.17 through 2.19 allows remote attackers to execute arbitrary code via a large PlaylistSkin value in a skin file.
CVE-2008-5735 EXPLOITDB c++ WORKING POC
CoolPlayer <2.19 - Buffer Overflow
Stack-based buffer overflow in skin.c in CoolPlayer 2.17 through 2.19 allows remote attackers to execute arbitrary code via a large PlaylistSkin value in a skin file.
CVE-2008-5492 EXPLOITDB html WORKING POC
VeryDOC PDF Viewer OCX Control <2.0.0.1 - Buffer Overflow
Heap-based buffer overflow in the PDFVIEW.PdfviewCtrl.1 ActiveX control in pdfview.ocx 2.0.0.1 in VeryDOC PDF Viewer OCX Control allows remote attackers to execute arbitrary code via a long first argument to the OpenPDF method. NOTE: some of these details are obtained from third party information.
CVE-2007-3548 EXPLOITDB c WORKING POC
W3filer - Buffer Overflow
Stack-based buffer overflow in W3Filer 2.1.3 allows remote FTP servers to cause a denial of service (application hang or crash) and possibly execute arbitrary code by sending a large banner to a client that is sending a file.
CVE-2008-5282 EXPLOITDB perl WORKING POC
W3C Amaya Web Browser 10.0.1 - Buffer Overflow
Multiple stack-based buffer overflows in W3C Amaya Web Browser 10.0.1 allow remote attackers to execute arbitrary code via (1) a link with a long HREF attribute, and (2) a DIV tag with a long id attribute.
CVE-2008-5282 EXPLOITDB perl WORKING POC
W3C Amaya Web Browser 10.0.1 - Buffer Overflow
Multiple stack-based buffer overflows in W3C Amaya Web Browser 10.0.1 allow remote attackers to execute arbitrary code via (1) a link with a long HREF attribute, and (2) a DIV tag with a long id attribute.
CVE-2007-1014 EXPLOITDB c WORKING POC
VicFTPS <5.0 - Buffer Overflow
Stack-based buffer overflow in VicFTPS before 5.0 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long CWD command.
CVE-2008-5492 EXPLOITDB text WORKING POC
VeryDOC PDF Viewer OCX Control <2.0.0.1 - Buffer Overflow
Heap-based buffer overflow in the PDFVIEW.PdfviewCtrl.1 ActiveX control in pdfview.ocx 2.0.0.1 in VeryDOC PDF Viewer OCX Control allows remote attackers to execute arbitrary code via a long first argument to the OpenPDF method. NOTE: some of these details are obtained from third party information.
CVE-2007-4033 EXPLOITDB php WORKING POC
t1lib 5.1.1 - Buffer Overflow
Buffer overflow in the intT1_EnvGetCompletePath function in lib/t1lib/t1env.c in t1lib 5.1.1 allows context-dependent attackers to execute arbitrary code via a long FileName parameter. NOTE: this issue was originally reported to be in the imagepsloadfont function in php_gd2.dll in the gd (PHP_GD2) extension in PHP 5.2.3.
CVE-2008-3209 EXPLOITDB html WORKING POC
Black Ice Document Imaging SDK 10.95 - Buffer Overflow
Heap-based buffer overflow in the OpenGifFile function in BiGif.dll in Black Ice Document Imaging SDK 10.95 allows remote attackers to execute arbitrary code via a long string argument to the GetNumberOfImagesInGifFile method in the BIImgFrm Control ActiveX control in biimgfrm.ocx. NOTE: some of these details are obtained from third party information.
CVE-2007-1040 EXPLOITDB perl WORKING POC
Xpression News 1.0.1 - Path Traversal
Directory traversal vulnerability in archives.php in Xpression News (X-News) 1.0.1 allows remote attackers to include arbitrary files or obtain sensitive information via a .. (dot dot) in the xnews-template parameter.
EIP-2026-113144 EXPLOITDB bash WORKING POC
Vote! Pro 4.0 - Multiple PHP Code Execution Vulnerabilities
CVE-2007-0535 EXPLOITDB perl WORKING POC
Vote! Pro 4.0 - Code Injection
Multiple eval injection vulnerabilities in Vote! Pro 4.0, and possibly earlier, allow remote attackers to execute arbitrary code via requests to unspecified PHP scripts with the poll_id parameter, which is supplied to eval function calls, a different set of vectors than CVE-2007-0504. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2006-6604 EXPLOITDB perl WORKING POC
TorrentFlux 2.2 - Path Traversal
Directory traversal vulnerability in downloaddetails.php in TorrentFlux 2.2 allows remote authenticated users to read arbitrary files via .. (dot dot) sequences in the alias parameter, a different vector than CVE-2006-6328.
CVE-2006-6330 EXPLOITDB text WORKING POC
TorrentFlux 2.2 - Command Injection
index.php for TorrentFlux 2.2 allows remote registered users to execute arbitrary commands via shell metacharacters in the kill parameter.
CVE-2006-6599 EXPLOITDB perl WORKING POC
TorrentFlux 2.2 - Command Injection
maketorrent.php in TorrentFlux 2.2 allows remote authenticated users to execute arbitrary commands via shell metacharacters (";" semicolon) in the announce parameter.