rgod

471 exploits Active since Jul 2005
EIP-2026-118375 EXPLOITDB ruby WORKING POC
Cogent DataHub - HTTP Server Buffer Overflow (Metasploit)
CVE-2010-0219 EXPLOITDB text WORKING POC
Apache Axis2 - Remote Code Execution via Default Admin Credentials
Apache Axis2, as used in dswsbobje.war in SAP BusinessObjects Enterprise XI 3.2, CA ARCserve D2D r15, and other products, has a default password of axis2 for the admin account, which makes it easier for remote attackers to execute arbitrary code by uploading a crafted web service.
EIP-2026-118356 EXPLOITDB html WORKING POC
Chilkat Software FTP2 - ActiveX Component Remote Code Execution
EIP-2026-118617 EXPLOITDB text WRITEUP
Google Talk - 'gtalk://' Deprecated URI Handler Injection
EIP-2026-118359 EXPLOITDB ruby WORKING POC
Cisco Linksys PlayerPT - ActiveX Control Buffer Overflow (Metasploit)
EIP-2026-118269 EXPLOITDB html WORKING POC
AOL IWinAmpActiveX Class - 'ConvertFile()' Remote Buffer Overflow
EIP-2026-118270 EXPLOITDB ruby WORKING POC
AOL Radio AmpX - ActiveX Control 'ConvertFile()' Remote Buffer Overflow (Metasploit)
CVE-2007-3536 EXPLOITDB html WORKING POC
AMX NetLinx VNC ActiveX Control - Buffer Overflow via Long Host, Password, or LogFile Property Values
Multiple buffer overflows in the AMX NetLinx VNC (AmxVnc) ActiveX control in AmxVnc.dll 1.0.13.0 allow remote attackers to execute arbitrary code via long (1) Host, (2) Password, or (3) LogFile property values.
CVE-2012-3811 EXPLOITDB ruby WORKING POC
Avaya IP Office Customer Call Reporter 7.0-7.0.5.8 & 8.0-8.0.9.13 - RCE via Wallboard ImageUpload.ashx
Unrestricted file upload vulnerability in ImageUpload.ashx in the Wallboard application in Avaya IP Office Customer Call Reporter 7.0 before 7.0.5.8 Q1 2012 Maintenance Release and 8.0 before 8.0.9.13 Q1 2012 Maintenance Release allows remote attackers to execute arbitrary code by uploading an executable file and then accessing it via a direct request.
EIP-2026-118219 EXPLOITDB text WORKING POC
2X Client for RDP 10.1.1204 - ClientSystem Class ActiveX Control Download and Execute
CVE-2011-2657 EXPLOITDB ruby WORKING POC
Novell ZENworks Configuration Management 10.2-11 SP1 - Remote Code Execution via LaunchHelp ActiveX Path Traversal
Directory traversal vulnerability in the LaunchProcess function in the LaunchHelp.HelpLauncher.1 ActiveX control in LaunchHelp.dll in AdminStudio in Novell ZENworks Configuration Management (ZCM) 10.2, 10.3, and 11 SP1 allows remote attackers to execute arbitrary commands via a pathname in the first argument.
CVE-2016-0854 EXPLOITDB CRITICAL ruby WORKING POC
Advantech WebAccess <8.1 - File Upload
Unrestricted file upload vulnerability in the uploadImageCommon function in the UploadAjaxAction script in the WebAccess Dashboard Viewer in Advantech WebAccess before 8.1 allows remote attackers to write to files of arbitrary types via unspecified vectors.
CVSS 9.8
CVE-2012-1065 EXPLOITDB text WORKING POC
2X ApplicationServer 10.1 Build 1224 - Arbitrary File Write via TuxSystem ActiveX ExportSettings Method
Insecure method vulnerability in TuxScripting.dll in the TuxSystem ActiveX control in 2X ApplicationServer 10.1 Build 1224 allows remote attackers to create or overwrite arbitrary files via the ExportSettings method.
CVE-2007-1709 EXPLOITDB php WORKING POC
PHP 5.2.1 - Buffer Overflow in phpDOC Extension via Long Argument String
Buffer overflow in the confirm_phpdoc_compiled function in the phpDOC extension (PECL phpDOC) in PHP 5.2.1 allows context-dependent attackers to execute arbitrary code via a long argument string.
CVE-2007-3294 EXPLOITDB php WORKING POC
PHP Tidy Extension - Buffer Overflow via tidy_parse_string or tidy_repair_string
Multiple buffer overflows in libtidy, as used in the Tidy extension for PHP 5.2.3 and possibly other products, allow context-dependent attackers to execute arbitrary code via (1) a long second argument to the tidy_parse_string function or (2) an unspecified vector to the tidy_repair_string function. NOTE: this might only be an issue in environments where vsnprintf is implemented as a wrapper for vsprintf.
CVE-2007-1413 EXPLOITDB php WORKING POC
PHP < 5.2.3 - Buffer Overflow in SNMP Extension via snmpget Function
Buffer overflow in the snmpget function in the snmp extension in PHP 5.2.3 and earlier, including PHP 4.4.6 and probably other PHP 4 versions, allows context-dependent attackers to execute arbitrary code via a long value in the third argument (object id).
CVE-2007-1413 EXPLOITDB php WORKING POC
PHP < 5.2.3 - Buffer Overflow in SNMP Extension via snmpget Function
Buffer overflow in the snmpget function in the snmp extension in PHP 5.2.3 and earlier, including PHP 4.4.6 and probably other PHP 4 versions, allows context-dependent attackers to execute arbitrary code via a long value in the third argument (object id).
CVE-2007-1475 EXPLOITDB php WORKING POC
PHP < 4.4.6 - Buffer Overflow in Interbase Extension ibase_connect and ibase_pconnect Functions
Multiple buffer overflows in the (1) ibase_connect and (2) ibase_pconnect functions in the interbase extension in PHP 4.4.6 and earlier allow context-dependent attackers to execute arbitrary code via a long argument.
CVE-2007-1411 EXPLOITDB php WORKING POC
PHP < 4.4.6 - Buffer Overflow via mssql_connect and mssql_pconnect Functions
Buffer overflow in PHP 4.4.6 and earlier, and unspecified PHP 5 versions, allows local and possibly remote attackers to execute arbitrary code via long server name arguments to the (1) mssql_connect and (2) mssql_pconnect functions.
CVE-2007-1401 EXPLOITDB php WORKING POC
PHP < 5.0.0 - Buffer Overflow in CrackLib crack_opendict Function
Buffer overflow in the crack extension (CrackLib), as bundled with PHP 4.4.6 and other versions before 5.0.0, might allow local users to gain privileges via a long argument to the crack_opendict function.
CVE-2011-3011 EXPLOITDB ruby WORKING POC
CA ARCserve D2D r15 - Exposure of Sensitive Information via Session Handling
BaseServiceImpl.class in CA ARCserve D2D r15 does not properly handle sessions, which allows remote attackers to obtain credentials, and consequently execute arbitrary commands, via unspecified vectors.
CVE-2013-5447 EXPLOITDB ruby WORKING POC
IBM Forms Viewer <4.0.0.3, <8.0.1.1 - Buffer Overflow
Stack-based buffer overflow in IBM Forms Viewer 4.x before 4.0.0.3 and 8.x before 8.0.1.1 allows remote attackers to execute arbitrary code via an XFDL form with a long fontname value.
CVE-2007-6457 EXPLOITDB php WORKING POC
SurgeMail 38k4 - Denial of Service via Long Host Header
Stack-based buffer overflow in the webmail feature in SurgeMail 38k4 allows remote attackers to cause a denial of service (crash) via a long Host header.
CVE-2012-2052 EXPLOITDB php WORKING POC
Adobe Photoshop CS5 12.x-12.0.4 and CS5.1 12.1.x-12.1.0 - Remote Code Execution via U3D Library Collada Asset Element
Stack-based buffer overflow in the U3D.8BI library plugin in Adobe Photoshop CS5 12.x before 12.0.5 and CS5.1 12.1.x before 12.1.1 allows remote attackers to execute arbitrary code via a long Collada asset element in a DAE file, as demonstrated by the cameraYFov value in the contributor comments element.
EIP-2026-116242 EXPLOITDB text WORKING POC
SIEMENS Solid Edge ST4/ST5 SEListCtrlX - ActiveX SetItemReadOnly Arbitrary Memory Rewrite Remote Code Execution