str0ke

106 exploits Active since May 1997
EIP-2026-107299 EXPLOITDB text SUSPICIOUS
FubarForum 1.6 - Authentication Bypass Change User Password
CVE-2006-4113 EXPLOITDB text WORKING POC
PHP <4.2 - Remote Code Execution
PHP remote file inclusion vulnerability in genpage-cgi.php in Brian Fraval hitweb 4.2 and possibly earlier versions allows remote attackers to execute arbitrary PHP code via the REP_INC parameter.
CVE-2006-2896 EXPLOITDB html WORKING POC
FunkBoard CF0.71 - Unauthenticated Arbitrary Password Change via Profile Edit UID Parameter
profile.php in FunkBoard CF0.71 allows remote attackers to change arbitrary passwords via a modified uid hidden form field in an Edit Profile action.
CVE-2007-0764 EXPLOITDB php WORKING POC
F3Site <= 2.1 - Authenticated Arbitrary PHP File Upload via uplf Parameter
Unrestricted file upload vulnerability in F3Site 2.1 and earlier allows remote authenticated administrators to upload and execute arbitrary PHP scripts via GIF86 header in a file in the uplf parameter, which can be later accessed via a relative pathname in the dir parameter in adm.php.
CVE-2005-2327 EXPLOITDB text WORKING POC
e107 <= 0.617 - Cross-Site Scripting via Nested URL BBCode Tags
Cross-site scripting (XSS) vulnerability in e107 0.617 and earlier allows remote attackers to inject arbitrary web script or HTML via nested [url] BBCode tags.
EIP-2026-106586 EXPLOITDB perl WORKING POC
Drupal < 5.1 - Post Comments Remote Command Execution
EIP-2026-106585 EXPLOITDB perl WORKING POC
Drupal < 4.7.6 - Post Comments Remote Command Execution
CVE-2008-1696 EXPLOITDB text WORKING POC
DaZPHPNews 0.1-1 - Path Traversal via makepost.php prefixdir Parameter
Directory traversal vulnerability in makepost.php in DaZPHPNews 0.1-1, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the prefixdir parameter.
CVE-2006-4216 EXPLOITDB text WORKING POC
Rejected
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-4159. Reason: This candidate is a duplicate of CVE-2006-4159. Notes: All CVE users should reference CVE-2006-4159 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage
CVE-2008-6004 EXPLOITDB text WORKING POC
AJ Auction Pro Platinum 2 - Cross-Site Scripting via search.php product parameter
Cross-site scripting (XSS) vulnerability in search.php in AJ Auction Pro Platinum 2 allows remote attackers to inject arbitrary web script or HTML via the product parameter.
CVE-2006-2685 EXPLOITDB text WORKING POC
Basic Analysis and Security Engine <= 1.2.4 - Remote Code Execution via BASE_path Parameter
PHP remote file inclusion vulnerability in Basic Analysis and Security Engine (BASE) 1.2.4 and earlier, with register_globals enabled, allows remote attackers to execute arbitrary PHP code via a URL in the BASE_path parameter to (1) base_qry_common.php, (2) base_stat_common.php, and (3) includes/base_include.inc.php.
CVE-2007-1986 EXPLOITDB text WORKING POC
barnraiser AROUNDMe 0.7.7 - Remote File Inclusion via Language Path Parameter
Multiple PHP remote file inclusion vulnerabilities in barnraiser AROUNDMe 0.7.7 allow remote attackers to execute arbitrary PHP code via a URL in the (1) language_path_core parameter to inc/core_profile.header.php, the (2) template_path_core parameter to template/barnraiser_01/maint_contact_view.tpl.php, and the (3) template_path parameter to template/barnraiser_01/default.tpl.php. NOTE: this issue might overlap CVE-2006-5533.
CVE-2006-2505 EXPLOITDB text WORKING POC
Oracle Database Server 10g Release 2 - SQL Injection
Oracle Database Server 10g Release 2 allows local users to execute arbitrary SQL queries via a reference to a malicious package in the TYPE_NAME argument in the (1) GET_DOMAIN_INDEX_TABLES or (2) GET_V2_DOMAIN_INDEX_TABLES function in the DBMS_EXPORT_EXTENSION package.
CVE-2005-0439 EXPLOITDB c WORKING POC
ELOG - Buffer Overflow via Long Attachment Filename
Buffer overflow in the decode_post function in ELOG before 2.5.7 allows remote attackers to execute arbitrary code via attachments with long file names.
EIP-2026-103820 EXPLOITDB text WORKING POC
vim 6.3 < 6.3.082 - 'modlines' Local Command Execution
CVE-2000-0218 EXPLOITDB c WORKING POC
Caldera OpenLinux - Local Buffer Overflow in mount/umount via Long Relative Pathname
Buffer overflow in Linux mount and umount allows local users to gain root privileges via a long relative pathname.
CVE-2006-0734 EXPLOITDB perl WORKING POC
Half-Life CSTRIKE Dedicated Server < 1.6_linux - Authenticated Denial of Service via Backslash in Connection String
The SV_CheckForDuplicateNames function in Valve Software Half-Life CSTRIKE Dedicated Server 1.6 and earlier allows remote authenticated users to cause a denial of service (infinite loop and daemon hang) via a backslash character at the end of a connection string to UDP port 27015.
EIP-2026-103558 EXPLOITDB html WORKING POC
Mozilla Firefox 1.0.7 (Mozilla 1.7.12) - Denial of Service
CVE-2006-1206 EXPLOITDB perl WORKING POC
Matt Johnston Dropbear SSH server <0.47 - DoS
Matt Johnston Dropbear SSH server 0.47 and earlier, as used in embedded Linux devices and on general-purpose operating systems, allows remote attackers to cause a denial of service (connection slot exhaustion) via a large number of connection attempts that exceeds the MAX_UNAUTH_CLIENTS defined value of 30.
CVE-2006-5295 EXPLOITDB perl WORKING POC
ClamAV < 0.88.5 - Denial of Service via Crafted CHM File
Unspecified vulnerability in ClamAV before 0.88.5 allows remote attackers to cause a denial of service (scanning service crash) via a crafted Compressed HTML Help (CHM) file that causes ClamAV to "read an invalid memory location."
EIP-2026-103411 EXPLOITDB html WORKING POC
Apple Safari (webkit) (iPhone/OSX/Windows) - Remote Denial of Service
CVE-2010-0788 EXPLOITDB bash WORKING POC
ncpfs 2.2.6 - Symlink Attack via ncpmount and ncpumount
ncpfs 2.2.6 allows local users to cause a denial of service, obtain sensitive information, or possibly gain privileges via symlink attacks involving the (1) ncpmount and (2) ncpumount programs.
CVE-2005-1019 EXPLOITDB c WORKING POC
Aeon 0.2a - Buffer Overflow via HOME Environment Variable
Buffer overflow in the getConfig function in Aeon 0.2a and earlier allows local users to gain privileges via a long HOME environment variable.
CVE-2005-0256 EXPLOITDB c WORKING POC
wu-ftpd 2.6.1-2.6.2 - Denial of Service via Glob Pattern Recursion
The wu_fnmatch function in wu_fnmatch.c in wu-ftpd 2.6.1 and 2.6.2 allows remote attackers to cause a denial of service (CPU exhaustion by recursion) via a glob pattern with a large number of * (wildcard) characters, as demonstrated using the dir command.
CVE-2005-1289 EXPLOITDB perl WORKING POC
e-cart 2004 1.1 - Remote Command Execution via Shell Metacharacters in art Parameter
index.cgi in E-Cart 2004 1.1 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) art and possibly (2) cat parameters.