titon

5 exploits Active since Apr 2007
CVE-2007-4220 EXPLOITDB perl WORKING POC
Motorola Timbuktu Pro <8.6.5 - Path Traversal
Directory traversal vulnerability in Motorola Timbuktu Pro before 8.6.5 for Windows allows remote attackers to create or delete arbitrary files via a .. (dot dot) in a Send request, probably related to the (1) Send and (2) Exchange services.
CVE-2008-1117 EXPLOITDB perl WORKING POC
Timbuktu Pro 8.6.5 - Path Traversal and Arbitrary File Write via Notes Feature
Directory traversal vulnerability in the Notes (aka Flash Notes or instant messages) feature in tb2ftp.dll in Timbuktu Pro 8.6.5 for Windows, and possibly 8.7 for Mac OS X, allows remote attackers to upload files to arbitrary locations via a destination filename with a \ (backslash) character followed by ../ (dot dot slash) sequences. NOTE: this can be leveraged for code execution by writing to a Startup folder. NOTE: this issue reportedly exists because of an incomplete fix for CVE-2007-4220.
CVE-2008-0457 EXPLOITDB html WORKING POC
Symantec Backup Exec System Recovery Manager 7.0/7.0.1 - Unauthenticated RCE via JSP Upload
Unrestricted file upload vulnerability in the FileUpload class running on the Symantec LiveState Apache Tomcat server, as used by Symantec Backup Exec System Recovery Manager 7.0 and 7.0.1, allows remote attackers to upload and execute arbitrary JSP files via unknown vectors.
CVE-2007-1819 EXPLOITDB perl WORKING POC
HP Mercury Quality Center 9.0 - Stack-Based Buffer Overflow via SPIDERLib.Loader ActiveX ProgColor Property
Stack-based buffer overflow in the SPIDERLib.Loader ActiveX control (Spider90.ocx) 9.1.0.4353 in TestDirector (TD) for Mercury Quality Center 9.0 before Patch 12.1, and 8.2 SP1 before Patch 32, allows remote attackers to execute arbitrary code via a long ProgColor property.
CVE-2008-0457 EXPLOITDB html WORKING POC
Symantec Backup Exec System Recovery Manager 7.0/7.0.1 - Unauthenticated RCE via JSP Upload
Unrestricted file upload vulnerability in the FileUpload class running on the Symantec LiveState Apache Tomcat server, as used by Symantec Backup Exec System Recovery Manager 7.0 and 7.0.1, allows remote attackers to upload and execute arbitrary JSP files via unknown vectors.