str0ke

106 exploits Active since May 1997
CVE-2005-1477 EXPLOITDB html WORKING POC
Firefox 1.0.3 - Remote Code Execution via Whitelisted Site XSS and Chrome Privilege Escalation
The install function in Firefox 1.0.3 allows remote web sites on the browser's whitelist, such as update.mozilla.org or addon.mozilla.org, to execute arbitrary Javascript with chrome privileges, leading to arbitrary code execution on the system when combined with vulnerabilities such as CVE-2005-1476, as demonstrated using a javascript: URL as the package icon and a cross-site scripting (XSS) attack on a vulnerable whitelist site.
CVE-2005-1988 EXPLOITDB html WORKING POC
Internet Explorer <6.0 - RCE
Unknown vulnerability in Internet Explorer 5.0, 5.5, and 6.0 allows remote attackers to execute arbitrary code via a web site or an HTML e-mail containing a crafted JPEG image that causes memory corruption, aka "JPEG Image Rendering Memory Corruption Vulnerability".
CVE-2005-1989 EXPLOITDB html WORKING POC
Internet Explorer <6.0 - Info Disclosure
Unknown vulnerability in Internet Explorer 5.0, 5.5, and 6.0 allows remote attackers to obtain information and possibly execute code when browsing from a web site to a web folder view using WebDAV, aka "Web Folder Behaviors Cross-Domain Vulnerability".
CVE-2006-0668 EXPLOITDB perl WORKING POC
PwsPHP 1.2.3 - SQL Injection via id Parameter
SQL injection vulnerability in index.php in PwsPHP 1.2.3 allows remote attackers to execute arbitrary SQL commands via the id parameter, possibly in message.php in the espace_membre module. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2005-0435 EXPLOITDB perl WORKING POC
AWStats 6.3 and 6.4 - Unauthenticated Arbitrary File Read via loadplugin and pluginmode Parameters
awstats.pl in AWStats 6.3 and 6.4 allows remote attackers to read server web logs by setting the loadplugin and pluginmode parameters to rawlog.
CVE-2008-6003 EXPLOITDB text WORKING POC
AJ Auction Pro Platinum 2 - SQL Injection
SQL injection vulnerability in sellers_othersitem.php in AJ Auction Pro Platinum 2 allows remote attackers to execute arbitrary SQL commands via the seller_id parameter.
CVE-2008-2215 EXPLOITDB text WORKING POC
Project-Based Calendaring System 0.7.1-1 - Path Traversal via Filename Parameter
Multiple directory traversal vulnerabilities in Project-Based Calendaring System (PBCS) 0.7.1-1 allow remote attackers to read arbitrary files via a .. (dot dot) in the filename parameter to (1) src/yopy_sync.php and (2) system-logger/print_logs.php.
CVE-2006-7127 EXPLOITDB text WORKING POC
JAF CMS 4.0 and 4.0 RC2 - Remote Code Execution via main_dir Parameter
Multiple PHP remote file inclusion vulnerabilities in JAF CMS 4.0 and 4.0 RC2 allow remote attackers to execute arbitrary PHP code via a URL in the main_dir parameter to (1) forum/main.php and (2) forum/headlines.php.
CVE-2007-5107 EXPLOITDB html WORKING POC
ask.com ask_toolbar < 4.0.2.53 - Stack-based Buffer Overflow via ShortFormat Property
Stack-based buffer overflow in the AskJeevesToolBar.SettingsPlugin.1 ActiveX control in askBar.dll in IAC Search & Media ask.com Ask Toolbar 4.0.2.53 and earlier allows remote attackers to execute arbitrary code via a long ShortFormat property value. NOTE: some of these details are obtained from third party information. NOTE: the researcher claims that this is the same as CVE-2007-5108, but there is insufficient detail for CVE-2007-5108 to be certain.
CVE-2006-6764 EXPLOITDB text WORKING POC
Keep It Simple Guest Book 5.1.1 - Remote File Inclusion Code Execution
PHP remote file inclusion vulnerability in authenticate.php in Keep It Simple Guest Book (KISGB), when executing PHP through CGI, allows remote attackers to execute arbitrary PHP code via a URL in the default_path_to_themes parameter.
CVE-2006-4594 EXPLOITDB text WORKING POC
PHP Advanced Transfer Manager <1.21 - RCE
Multiple PHP remote file inclusion vulnerabilities in PHP Advanced Transfer Manager (phpAtm) 1.21 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the include_location parameter in (1) confirm.php or (2) login.php. NOTE: the include_location parameter to index.php is already covered by CVE-2005-1681.
CVE-2006-4159 EXPLOITDB text WORKING POC
Chaussette < 080706 - Remote Code Execution via _BASE Parameter File Inclusion
Multiple PHP remote file inclusion vulnerabilities in Chaussette 080706 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the _BASE parameter to scripts in Classes/ including (1) Evenement.php, (2) Event.php, (3) Event_for_month.php, (4) Event_for_week.php, (5) My_Log.php, (6) My_Smarty.php, and possibly (7) Event_for_month_per_day.php.
CVE-2007-0763 EXPLOITDB php WORKING POC
F3Site 2.1 - Cross-Site Scripting via News Comment Autor Field
Cross-site scripting (XSS) vulnerability in the news comment functionality in F3Site 2.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the Autor field.
CVE-2005-0511 METASPLOIT ruby WORKING POC
vBulletin <= 3.0.6 - Remote Code Execution via Template Parameter
misc.php for vBulletin 3.0.6 and earlier, when "Add Template Name in HTML Comments" is enabled, allows remote attackers to execute arbitrary PHP code via nested variables in the template parameter.
CVE-2005-2612 METASPLOIT ruby WORKING POC
WordPress <1.5.1.3 - Code Injection
Direct code injection vulnerability in WordPress 1.5.1.3 and earlier allows remote attackers to execute arbitrary PHP code via the cache_lastpostdate[server] cookie.
CVE-2007-3147 EXPLOITDB html WORKING POC
Yahoo! Messenger - Buffer Overflow in Webcam Upload ActiveX Control
Buffer overflow in the Yahoo! Webcam Upload ActiveX control in ywcupl.dll 2.0.1.4 for Yahoo! Messenger 8.1.0.249 allows remote attackers to execute arbitrary code via a long server property value to the send method. NOTE: some of these details are obtained from third party information.
CVE-2005-0185 EXPLOITDB c++ WORKING POC
NodeManager Professional 2.00 - Remote Code Execution via Long OCTET-STRING in LinkDown-Trap Packet
Stack-based buffer overflow in NodeManager Professional 2.00 allows remote attackers to execute arbitrary commands via a LinkDown-Trap packet that contains a long OCTET-STRING in the Trap variable-bindings field.
CVE-2004-1172 EXPLOITDB c WORKING POC
Veritas Backup Exec 8.x-9.x - Stack-Based Buffer Overflow via Long Hostname in Agent Browser Registration
Stack-based buffer overflow in the Agent Browser in Veritas Backup Exec 8.x before 8.60.3878 Hotfix 68, and 9.x before 9.1.4691 Hotfix 40, allows remote attackers to execute arbitrary code via a registration request with a long hostname.
CVE-2005-1476 EXPLOITDB html WORKING POC
Firefox < 1.0.3 - Remote Code Execution via IFRAME Navigation
Firefox 1.0.3 allows remote attackers to execute arbitrary Javascript in other domains by using an IFRAME and causing the browser to navigate to a previous javascript: URL, which can lead to arbitrary code execution when combined with CVE-2005-1477.
CVE-2005-1990 EXPLOITDB html WORKING POC
Microsoft IE - Denial of Service
Internet Explorer 5.0, 5.5, and 6.0 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a web page with embedded CLSIDs that reference certain COM objects that are not ActiveX controls, including (1) devenum.dll, (2) diactfrm.dll, (3) wmm2filt.dll, (4) fsusd.dll, (5) dmdskmgr.dll, (6) browsewm.dll, (7) browseui.dll, (8) shell32.dll, (9) mshtml.dll, (10) inetcfg.dll, (11) infosoft.dll, (12) query.dll, (13) syncui.dll, (14) clbcatex.dll, (15) clbcatq.dll, (16) comsvcs.dll, and (17) msconf.dll, which causes memory corruption, aka "COM Object Instantiation Memory Corruption Vulnerability," a different vulnerability than CVE-2005-2087.
CVE-2006-5745 EXPLOITDB html WORKING POC
Microsoft XML Core Services 4.0 - RCE
Unspecified vulnerability in the setRequestHeader method in the XMLHTTP (XML HTTP) ActiveX Control 4.0 in Microsoft XML Core Services 4.0 on Windows, when accessed by Internet Explorer, allows remote attackers to execute arbitrary code via crafted arguments that lead to memory corruption, a different vulnerability than CVE-2006-4685. NOTE: some of these details are obtained from third party information.
EIP-2026-118805 EXPLOITDB html WORKING POC
Microsoft Internet Explorer - Remote Code Execution
CVE-2006-6758 EXPLOITDB perl WORKING POC
Http Explorer 1.02 - Path Traversal
Directory traversal vulnerability in Http explorer 1.02 allows remote attackers to read arbitrary files via a .. (dot dot) sequence in the URI.
CVE-2005-1654 EXPLOITDB text WORKING POC
Hosting Controller < 6.1 Hotfix 1.9 - Unauthenticated Arbitrary User Registration via Direct Request
Hosting Controller 6.1 Hotfix 1.9 and earlier allows remote attackers to register arbitrary users via a direct request to addsubsite.asp with the loginname and password parameters set.
CVE-2007-5108 EXPLOITDB html WORKING POC
Ask.com Toolbar - Unspecified Remote Vulnerability
Unspecified vulnerability in IAC Search & Media ask.com toolbar has unknown impact and remote attack vectors. NOTE: this information is based upon a vague advisory by a vulnerability information sales organization that does not coordinate with vendors or release actionable advisories. A CVE has been assigned for tracking purposes, but duplicates with other CVEs are difficult to determine. NOTE: this might be the same issue as CVE-2007-5107.