Exploitdb Exploits

CVE-2009-1257 EXPLOITDB perl VERIFIED

Magic Iso Maker - Memory Corruption

Heap-based buffer overflow in Magic ISO Maker 5.5 build 0274 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted CCD file.

by SkD

View

CVE-2009-1260 EXPLOITDB perl VERIFIED

Ezbsystems Ultraiso < 9.3.3 - Memory Corruption

Multiple stack-based buffer overflows in UltraISO 9.3.3.2685 and earlier allow remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted (1) CCD or (2) IMG file.

by SkD

View

CVE-2009-1259 EXPLOITDB perl VERIFIED

Insanevisions Adaptbb - SQL Injection

SQL injection vulnerability in inc/bb/topic.php in Insane Visions AdaptBB 1.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the topic_id parameter in a topic action to index.php.

by StAkeR

View

CVE-2008-5457 EXPLOITDB perl VERIFIED

BEA Product Suite - Info Disclosure

Unspecified vulnerability in the Oracle BEA WebLogic Server Plugins for Apache, Sun and IIS web servers component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, and 7.0 SP7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

by Guido Landi

View

CVE-2009-1508 EXPLOITDB perl VERIFIED

Keir Davis X-forum - SQL Injection

SQL injection vulnerability in the xforum_validateUser function in Common.php in X-Forum 0.6.2 allows remote attackers to execute arbitrary SQL commands, as demonstrated via the cookie_username parameter to Configure.php.

by Osirys

View

EIP-2026-116210 EXPLOITDB perl VERIFIED

Sami HTTP Server 2.x - 'HEAD' Remote Denial of Service

by Jonathan Salwan

View

CVE-2009-1512 EXPLOITDB perl VERIFIED

Keir Davis X-forum - Code Injection

Static code injection vulnerability in X-Forum 0.6.2 allows remote authenticated administrators to inject arbitrary PHP code into Config.php via the adminEMail parameter to SaveConfig.php.

by Osirys

View

EIP-2026-117789 EXPLOITDB perl VERIFIED

PowerCHM 5.7 - 'hhp' Local Buffer Overflow

by LiquidWorm

View

CVE-2008-6899 EXPLOITDB perl VERIFIED

Freesshd - Memory Corruption

Multiple buffer overflows in freeSSHd 1.2.1 allow remote authenticated users to cause a denial of service (crash) and execute arbitrary code via a long (1) open, (2) unlink, (3) mkdir, (4) rmdir, or (5) stat SFTP command.

by r0ut3r

View

EIP-2026-109676 EXPLOITDB perl VERIFIED

My Simple Forum 7.1 - Remote Command Execution

by Osirys

View

EIP-2026-110626 EXPLOITDB perl VERIFIED

PhotoStand 1.2.0 - Remote Command Execution

by Osirys

View

EIP-2026-118683 EXPLOITDB perl VERIFIED

IncrediMail 5.86 - Cross-Site Scripting Script Execution

by Bui Quang Minh

View

EIP-2026-117784 EXPLOITDB perl VERIFIED

POP Peeper 3.4.0.0 - '.html' Universal Overwrite (SEH)

by Stack

View

EIP-2026-117783 EXPLOITDB perl VERIFIED

POP Peeper 3.4.0.0 - '.eml' Universal Overwrite (SEH)

by Stack

View

CVE-2009-1063 EXPLOITDB perl VERIFIED

Brother Soft Exescope - Memory Corruption

Buffer overflow in eXeScope 6.50 allows user-assisted remote attackers to execute arbitrary code via a crafted executable (.exe) file.

by Koshi

View

CVE-2009-2310 EXPLOITDB perl VERIFIED

Extensible-BioLawCom CMS <0.2.0 - SQL Injection

SQL injection vulnerability in include/get_read.php in Extensible-BioLawCom CMS (X-BLC) 0.2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the section parameter.

by dun

View

CVE-2009-2311 EXPLOITDB perl VERIFIED

rGallery 1.2.3 - SQL Injection

SQL injection vulnerability in the rGallery plugin 1.2.3 for WoltLab Burning Board (WBB3) allows remote attackers to execute arbitrary SQL commands via the userID parameter in the RGalleryUserGallery page to index.php, a different vector than CVE-2008-4627.

by Invisibility

View

EIP-2026-112540 EXPLOITDB perl VERIFIED

Syzygy CMS 0.3 - Local File Inclusion / SQL Injection

by Osirys

View

CVE-2009-2309 EXPLOITDB perl VERIFIED

Codice CMS 2 - SQL Injection

SQL injection vulnerability in index.php in Codice CMS 2 allows remote attackers to execute arbitrary SQL commands via the tag parameter.

by darkjoker

View

EIP-2026-116950 EXPLOITDB perl VERIFIED

Chasys Media Player - '.lst Playlist' Local Buffer Overflow

by zAx

View

CVE-2009-20007 EXPLOITDB CRITICAL perl VERIFIED

Talkative IRC v0.4.4.16 - Buffer Overflow

Talkative IRC v0.4.4.16 is vulnerable to a stack-based buffer overflow when processing specially crafted response strings sent to a connected client. An attacker can exploit this flaw by sending an overly long message that overflows a fixed-length buffer, potentially leading to arbitrary code execution in the context of the vulnerable process. This vulnerability is exploitable remotely and does not require authentication.

by LiquidWorm

View

CVE-2009-1031 EXPLOITDB perl VERIFIED

Solarwinds Serv-u File Server - Path Traversal

Directory traversal vulnerability in the FTP server in Rhino Software Serv-U File Server 7.0.0.1 through 7.4.0.1 allows remote attackers to create arbitrary directories via a \.. (backslash dot dot) in an MKD request.

by Jonathan Salwan

View

CVE-2009-1040 EXPLOITDB perl VERIFIED

Winasm Studio - Memory Corruption

Buffer overflow in WinAsm Studio 5.1.5.0 allows user-assisted remote attackers to execute arbitrary code via a crafted project (.wap) file.

by Stack

View

CVE-2009-1045 EXPLOITDB perl VERIFIED

Videolan Vlc Media Player - Improper Input Validation

requests/status.xml in VLC 0.9.8a allows remote attackers to cause a denial of service (stack consumption and crash) via a long input argument in an in_play action.

by TheLeader

View

CVE-2009-0967 EXPLOITDB perl VERIFIED

Solarwinds Serv-u File Server - Resource Management Error

The FTP server in Serv-U 7.0.0.1 through 7.4.0.1 allows remote authenticated users to cause a denial of service (service hang) via a large number of SMNT commands without an argument.

by Jonathan Salwan

View