rgod

471 exploits Active since Jul 2005
EIP-2026-118403 EXPLOITDB html WORKING POC
Dell IT Assistant - detectIESettingsForITA.ocx ActiveX Control
CVE-2008-4771 EXPLOITDB html WORKING POC
4xem VatCtrl Class - Stack-based Buffer Overflow via Url Property
Stack-based buffer overflow in VATDecoder.VatCtrl.1 ActiveX control in (1) 4xem VatCtrl Class (VATDecoder.dll 1.0.0.27 and 1.0.0.51), (2) D-Link MPEG4 SHM Audio Control (VAPGDecoder.dll 1.7.0.5), (3) Vivotek RTSP MPEG4 SP Control (RtspVapgDecoderNew.dll 2.0.0.39), and possibly other products, allows remote attackers to execute arbitrary code via a long Url property. NOTE: some of these details are obtained from third party information.
EIP-2026-118356 EXPLOITDB html WORKING POC
Chilkat Software FTP2 - ActiveX Component Remote Code Execution
EIP-2026-118359 EXPLOITDB ruby WORKING POC
Cisco Linksys PlayerPT - ActiveX Control Buffer Overflow (Metasploit)
EIP-2026-118405 EXPLOITDB ruby WORKING POC
Dell Webcam CrazyTalk - ActiveX BackImage (Metasploit)
EIP-2026-118375 EXPLOITDB ruby WORKING POC
Cogent DataHub - HTTP Server Buffer Overflow (Metasploit)
EIP-2026-118406 EXPLOITDB text WORKING POC
Dell Webcam Software Bundled - ActiveX Remote Buffer Overflow
CVE-2010-0219 EXPLOITDB text WORKING POC
Apache Axis2 - Remote Code Execution via Default Admin Credentials
Apache Axis2, as used in dswsbobje.war in SAP BusinessObjects Enterprise XI 3.2, CA ARCserve D2D r15, and other products, has a default password of axis2 for the admin account, which makes it easier for remote attackers to execute arbitrary code by uploading a crafted web service.
CVE-2008-0380 EXPLOITDB html WORKING POC
Digital Data Communications RtspVaPgCtrl ActiveX control 1.1.0.29 - Buffer Overflow via MP4Prefix Property
Buffer overflow in the Digital Data Communications RtspVaPgCtrl ActiveX control (RtspVapgDecoder.dll 1.1.0.29) allows remote attackers to execute arbitrary code via a long MP4Prefix property.
CVE-2007-6493 EXPLOITDB text WORKING POC
imesh < 7.1.0.37263 - Remote Code Execution via SetHandler Method
The IMWeb.IMWebControl.1 ActiveX control in IMWeb.dll 7.0.0.x, and possibly IMWebControl.dll, in iMesh 7.1.0.x and earlier allows remote attackers to execute arbitrary code via a certain argument to the SetHandler method.
CVE-2013-4812 EXPLOITDB ruby WORKING POC
HP Identity Driven Manager 4.0 - Remote Code Execution via UpdateCertificatesServlet File Upload
UpdateCertificatesServlet in the SNAC registration server in HP ProCurve Manager (PCM) 3.20 and 4.0, PCM+ 3.20 and 4.0, and Identity Driven Manager (IDM) 4.0 does not properly validate the fileName argument, which allows remote attackers to upload .jsp files and consequently execute arbitrary code via unspecified vectors, aka ZDI-CAN-1743.
CVE-2013-2367 EXPLOITDB ruby WORKING POC
HP SiteScope 11.20-11.21 - Remote Code Execution via SOAP
Multiple unspecified vulnerabilities in HP SiteScope 11.20 and 11.21, when SOAP is used, allow remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1678.
CVE-2008-4549 EXPLOITDB html WORKING POC
ImageShack Toolbar 4.5.7 - Arbitrary File Upload via BuildSlideShow Method
The ImageShack Toolbar ActiveX control (ImageShackToolbar.dll) in ImageShack Toolbar 4.5.7, possibly including 4.5.7.69, allows remote attackers to force the upload of arbitrary image files to the ImageShack site via a file: URI argument to the BuildSlideShow method.
CVE-2013-4811 EXPLOITDB ruby WORKING POC
HP Identity Driven Manager 4.0 - Remote Code Execution via SNAC UpdateDomainControllerServlet
UpdateDomainControllerServlet in the SNAC registration server in HP ProCurve Manager (PCM) 3.20 and 4.0, PCM+ 3.20 and 4.0, and Identity Driven Manager (IDM) 4.0 does not properly validate the adCert argument, which allows remote attackers to upload .jsp files and consequently execute arbitrary code via unspecified vectors, aka ZDI-CAN-1743.
CVE-2013-4837 EXPLOITDB ruby WORKING POC
HP LoadRunner < 11.52 - Remote Code Execution in Virtual User Generator
Unspecified vulnerability in Virtual User Generator in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1832.
EIP-2026-118648 EXPLOITDB html WORKING POC
HP Photo Creative 2.x audio.Record.1 - ActiveX Control Remote Stack Buffer Overflow
CVE-2007-6493 EXPLOITDB html WORKING POC
imesh < 7.1.0.37263 - Remote Code Execution via SetHandler Method
The IMWeb.IMWebControl.1 ActiveX control in IMWeb.dll 7.0.0.x, and possibly IMWebControl.dll, in iMesh 7.1.0.x and earlier allows remote attackers to execute arbitrary code via a certain argument to the SetHandler method.
EIP-2026-118617 EXPLOITDB text WRITEUP
Google Talk - 'gtalk://' Deprecated URI Handler Injection
EIP-2026-118644 EXPLOITDB ruby WORKING POC
HP Application Lifecycle Management - 'XGO.ocx' ActiveX 'SetShapeNodeType()' Remote Code Execution (Metasploit)
CVE-2012-5201 EXPLOITDB ruby WORKING POC
HP Intelligent Management Center < 5.1 - Remote Code Execution
Unspecified vulnerability in HP Intelligent Management Center (iMC) and Intelligent Management Center for Automated Network Manager (ANM) before 5.2 E0401 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1611.
CVE-2007-5779 EXPLOITDB html WORKING POC
GOM Player 2.1.6.3499 - Buffer Overflow via GomWeb Control OpenUrl Method
Buffer overflow in the GomManager (GomWeb Control) ActiveX control in GomWeb3.dll 1.0.0.12 in Gretech Online Movie Player (GOM Player) 2.1.6.3499 allows remote attackers to execute arbitrary code via a long argument to the OpenUrl method.
CVE-2012-0874 EXPLOITDB text WORKING POC
JBoss EAP < 5.2.0 - Unauthenticated Remote Code Execution via JMX/EJB Invoker
The (1) JMXInvokerHAServlet and (2) EJBInvokerHAServlet invoker servlets in JBoss Enterprise Application Platform (EAP) before 5.2.0, Web Platform (EWP) before 5.2.0, BRMS Platform before 5.3.1, and SOA Platform before 5.3.1 do not require authentication by default in certain profiles, which might allow remote attackers to invoke MBean methods and execute arbitrary code via unspecified vectors. NOTE: this issue can only be exploited when the interceptor is not properly configured with a "second layer of authentication," or when used in conjunction with other vulnerabilities that bypass this second layer.
CVE-2011-5227 EXPLOITDB ruby WORKING POC
Enterasys NetSight < 4.1.0.79 - Remote Code Execution via Long PRIO Field in Syslog Message
Stack-based buffer overflow in the Syslog service (nssyslogd.exe) in Enterasys Network Management Suite (NMS) before 4.1.0.80 allows remote attackers to execute arbitrary code via a long PRIO field in a message to UDP port 514.
CVE-2013-4822 EXPLOITDB ruby WORKING POC
HP IMC and IMC Branch Intelligent Management System Software Module - Remote Code Execution
Unspecified vulnerability in HP Intelligent Management Center (iMC) and HP IMC Branch Intelligent Management System Software Module (aka BIMS) allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1606.
EIP-2026-118592 EXPLOITDB php WORKING POC
FTPDMIN 0.96 (Windows XP SP3) - 'RNFR' Remote Buffer Overflow