rgod

471 exploits Active since Jul 2005
CVE-2008-0399 EXPLOITDB html WORKING POC
Toshiba Surveillix - Remote Code Execution via Long Arguments to SetPort or SetIpAddress Methods
Multiple buffer overflows in Toshiba Surveillance (Surveillix) RecordSend ActiveX control (MeIpCamX.DLL 1.0.0.4) allow remote attackers to execute arbitrary code via long arguments to the (1) SetPort and (2) SetIpAddress methods.
CVE-2011-2217 EXPLOITDB ruby WORKING POC
Tom Sawyer GET Extension Factory <5.5.2.237 - Memory Corruption
Certain ActiveX controls in (1) tsgetxu71ex552.dll and (2) tsgetx71ex552.dll in Tom Sawyer GET Extension Factory 5.5.2.237, as used in VI Client (aka VMware Infrastructure Client) 2.0.2 before Build 230598 and 2.5 before Build 204931 in VMware Infrastructure 3, do not properly handle attempted initialization within Internet Explorer, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted HTML document.
CVE-2007-4740 EXPLOITDB html WORKING POC
Telecom Italy Alice Messenger - Unauthenticated Registry Manipulation via HPRevolutionRegistryManager ActiveX Control
The HPRevolutionRegistryManager ActiveX control in Hp.Revolution.RegistryManager.dll 1 in Telecom Italy Alice Messenger allows remote attackers to create registry keys and values via the arguments to the WriteRegistry method.
EIP-2026-119219 EXPLOITDB html WORKING POC
Toshiba Surveillance Surveillix DVR 'MeIpCamX.dll' 1.0 - ActiveX Control Buffer Overflow
CVE-2014-9265 EXPLOITDB html WORKING POC
Samsung SmartViewer - Buffer Overflow
Stack-based buffer overflow in the BackupToAvi method in the CNC_Ctrl ActiveX control in Samsung SmartViewer allows remote attackers to execute arbitrary code via unspecified vectors.
EIP-2026-119125 EXPLOITDB text WORKING POC
ServersCheck 5.9/5.10 - Directory Traversal
CVE-2015-2284 EXPLOITDB ruby WORKING POC
SolarWinds Firewall Security Manager < 6.6.5 - Remote Code Execution via Client Session Handling
userlogin.jsp in SolarWinds Firewall Security Manager (FSM) before 6.6.5 HotFix1 allows remote attackers to gain privileges and execute arbitrary code via unspecified vectors, related to client session handling.
CVE-2012-4876 EXPLOITDB ruby WORKING POC
TRENDnet SecurView TV-IP121WN - Buffer Overflow
Stack-based buffer overflow in the UltraMJCam ActiveX Control in TRENDnet SecurView TV-IP121WN Wireless Internet Camera allows remote attackers to execute arbitrary code via a long string to the OpenFileDlg method.
EIP-2026-119132 EXPLOITDB ruby WORKING POC
SIEMENS Solid Edge ST4 SEListCtrlX - ActiveX Remote Code Execution (Metasploit)
CVE-2012-5896 EXPLOITDB text WORKING POC
Quest InTrust < 10.4.0.853 - Remote Code Execution via Annotation Objects ActiveX Control
The Annotation Objects Extension ActiveX control in AnnotateX.dll in Quest InTrust 10.4.0.853 and earlier does not properly implement the Add method, which allows remote attackers to execute arbitrary code via a memory address in the first argument, related to an "uninitialized pointer."
CVE-2012-5897 EXPLOITDB text WORKING POC
Quest InTrust < 10.4.0.853 - Arbitrary File Write via ARDoc ActiveX SaveToFile Method
The (1) SimpleTree and (2) ReportTree classes in the ARDoc ActiveX control (ARDoc.dll) in Quest InTrust 10.4.0.853 and earlier do not properly implement the SaveToFile method, which allows remote attackers to write or overwrite arbitrary files via the bstrFileName argument.
EIP-2026-119063 EXPLOITDB text WORKING POC
Quest Toad for Oracle Explain Plan Display ActiveX Control - 'QExplain2.dll 6.6.1.1115' Remote File Creation / Overwrite
CVE-2012-5896 EXPLOITDB ruby WORKING POC
Quest InTrust < 10.4.0.853 - Remote Code Execution via Annotation Objects ActiveX Control
The Annotation Objects Extension ActiveX control in AnnotateX.dll in Quest InTrust 10.4.0.853 and earlier does not properly implement the Add method, which allows remote attackers to execute arbitrary code via a memory address in the first argument, related to an "uninitialized pointer."
CVE-2011-5167 EXPLOITDB html WORKING POC
Oracle Hyperion Strategic Finance < 12.0 - Remote Code Execution via ActiveX SetDevNames
Heap-based buffer overflow in the SetDevNames method of the Tidestone Formula One ActiveX control (TTF16.ocx) 6.3.5 Build 1 in Oracle Hyperion Strategic Finance 12.x and possibly earlier allows remote attackers to execute arbitrary code via a long string to the DriverName parameter.
CVE-2007-2814 EXPLOITDB php WORKING POC
Pegasus ImagN' ActiveX control 4.00.041 - Buffer Overflow
Multiple stack-based buffer overflows in the Pegasus ImagN' ActiveX control (IMW32O40.OCX) 4.00.041 allow remote attackers to execute arbitrary code via (1) a long FileName parameter, or unspecified vectors involving the (2) BeginReport, (3) CreatePictureExA, (4) DefineImage, (5) DefineImageEx, (6) DefineImageFox, (7) CopyBufToClipExA, (8) LoadEx, (9) LoadFox, and other functions.
EIP-2026-119133 EXPLOITDB text WORKING POC
SIEMENS Solid Edge ST4/ST5 WebPartHelper - ActiveX RFMSsvs!JShellExecuteEx Remote Code Execution
EIP-2026-119064 EXPLOITDB text WORKING POC
Quest vWorkspace 7.5 Connection Broker Client - ActiveX Control 'pnllmcli.dll 7.5.304.547' SaveMiniLaunchFile() Method Remote File Creation / Overwrite
CVE-2008-4548 EXPLOITDB html WORKING POC
Rtssentry - Memory Corruption
Stack-based buffer overflow in the PTZCamPanelCtrl ActiveX control (CamPanel.dll) in RTS Sentry 2.1.0.2 allows remote attackers to execute arbitrary code via a long second argument to the ConnectServer method.
CVE-2007-4607 EXPLOITDB html WORKING POC
Quiksoft EasyMail SMTP Object <6.0.1 - Buffer Overflow
Buffer overflow in the EasyMailSMTPObj ActiveX control in emsmtp.dll 6.0.1 in the Quiksoft EasyMail SMTP Object, as used in Postcast Server Pro 3.0.61 and other products, allows remote attackers to execute arbitrary code via a long argument to the SubmitToExpress method, a different vulnerability than CVE-2007-1029. NOTE: this may have been fixed in version 6.0.3.15.
EIP-2026-119009 EXPLOITDB text WORKING POC
Oracle Business Transaction Management Server 12.1.0.2.7 FlashTunnelService - Remote File Deletion
CVE-2013-3763 EXPLOITDB ruby WORKING POC
Oracle Endeca Server - Info Disclosure
Unspecified vulnerability in the Oracle Endeca Server component in Oracle Fusion Middleware 7.4.0 and 7.5.1.1 allows remote authenticated users to affect confidentiality and integrity via unknown vectors, a different vulnerability than CVE-2013-3764.
CVE-2014-2424 EXPLOITDB ruby WORKING POC
Oracle Fusion Middleware 11.1.1.7.0 - Privilege Escalation
Unspecified vulnerability in the Oracle Event Processing component in Oracle Fusion Middleware 11.1.1.7.0 allows remote authenticated users to affect integrity via vectors related to CEP system.
CVE-2013-1559 EXPLOITDB ruby WORKING POC
Oracle Fusion Middleware 10.1.3.5.1 and 11.1.1.6.0 - Authenticated Denial of Service in Content Server
Unspecified vulnerability in the Oracle WebCenter Content component in Oracle Fusion Middleware 10.1.3.5.1 and 11.1.1.6.0 allows remote authenticated users to affect availability via unknown vectors related to Content Server.
CVE-2007-6453 EXPLOITDB WORKING POC
RaidenHTTPD 2.0.19 - Path Traversal
Directory traversal vulnerability in raidenhttpd-admin/workspace.php in RaidenHTTPD 2.0.19, when the WebAdmin function is enabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the ulang parameter.
CVE-2006-4723 EXPLOITDB php WORKING POC
raidenhttpd 1.1.49 - Remote File Inclusion via SoftParserFileXml Parameter
PHP remote file inclusion vulnerability in raidenhttpd-admin/slice/check.php in RaidenHTTPD 1.1.49, when register_globals and WebAdmin is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the SoftParserFileXml parameter.