Nortel Contact Recording Centralized Archive version 6.5.1 EyrAPIConfiguration web service getSubKeys() remote SQL injection exploit.
27b12eef97e781f64f7591895d2eaea4644f23580af43939185669da95e9c35c
Embarcadero ER/Studio XE2 Server Portal Tom Sawyer's default GET extension active-x control suffers from a remote code execution vulnerability.
a3dc3fcf45b92326f26568939ecf5eef117cc6fff591f24725b29fca5935e142
This Metasploit module exploits an information disclosure vulnerability in the CA Arcserve D2D r15 web server. The information disclosure can be triggered by sending a specially crafted RPC request to the homepage servlet. This causes CA Arcserve to disclosure the username and password in cleartext used for authentication. This username and password pair are Windows credentials with Administrator access.
7c8e30e3bf5a9fd18f843efebdc225b819266ca4ca82d428c51238a4afa9d1c6
CA ARCserve D2D r15 GWT RPC request authentication bypass, credential disclosure, and command execution exploit.
ba437467db2d0ae23ae1583f986c67fb9286a047550ea40e3d8174f579d96061
Dell IT Assistant detectIESettingsForITA.ocx Active-X control readRegVal() remote registry dump exploit.
972fe47b27217c4fe43b9ab5056484e368ca06d298659a3290fa514440134e4e
WebSVN version 2.3.2 suffers from a remote command injection vulnerability due to an improper escaping of metacharacters in exec().
3d71e294f43a329b86bfe387487039af66e0febf9f453059a607db635ff99824
This Metasploit module exploits a vulnerability in Real Networks Arcade Game's ActiveX control. The "exec" function found in InstallerDlg.dll (v2.6.0.445) allows remote attackers to run arbitrary commands on the victim machine.
8e0b21948326bf7dcfead8b16e89ae5430d77ad38d73a587297aaf84585e210b
RealNetworks RealGames StubbyUtil.ShellCtl.1 active-x control InstallerDlg.dll version 2.6.0.445 suffers from remote command and code execution vulnerabilities.
bef5ff39600c8ed4480d55ae5f8b546151b62229b78838293a97d7a48c18a089
HP Photo Creative version 2.x audio.Record.1 active-x control remote stack based buffer overflow proof of concept exploit.
b40f5d91faa7207d4ba5b1f0d38e4f40264160d22c13257e58a51dba29630ecb
Chilkat Software FTP2 ActiveX component (ChilkatFtp2.DLL version 2.6.1.1) remote code execution proof of concept exploit.
1be60aacf90140597a4d6917a51a0c31334daed2001fe839a5375afa0481c9f3
Microsoft Windows Fax Services Cover Page Editor (.cov) memory corruption exploit.
38392677c85a82b9969b7d0008e18d2146a9d58995622384260f9a6004234ec8
This Metasploit module exploits a stack-based buffer overflow in AOL IWinAmpActiveX class (AmpX.dll) version 2.4.0.6 installed via AOL Radio website. By setting an overly long value to 'ConvertFile()', an attacker can overrun a buffer and execute arbitrary code.
b255bff048b696b83be33b74127329a23af7e1d356d9b41e180802e9add63785
AOL IWinAmpActiveX Class ConvertFile() remote overflow exploit for Internet Explorer versions 6 and 7 that leverages AmpX.dll version 2.4.0.6. Old unreleased exploit from the rgod archive.
a87724d13c90191ac2aa44040cfd28b63ab9f526cdd557bc96e6c9a805782485
D-Link MPEG4 SHM Audio Control remote overflow exploit that makes use of VAPGDecoder.dll version 1.7.0.5.
3155a104305a8783639733d34e284568fe9b92635193881c099dff3599f43c26
Microsoft DirectSpeechSynthesis module remote buffer overflow exploit that makes use of XVoice.dll version 4.0.4.3303.
7718f8446822b64a7c81ea9b0388ff3cdb8304d505ab0e6503dff8ede1143bdb
ImageShack Toolbar version 4.5.7 FileUploader class insecure method proof of concept exploit.
00d868858565241dd37da4195ce062c98b6b7264a20be4df86f24e004f8495c6
Digital Data Communications RtspVaPgCtrl Class remote buffer overflow exploit that makes use of RtspVapgDecoder.dll version 1.1.0.29.
af015133b5fb852204dcbe8a9e537fb0c262cb3e6f6a5107a22e3410079835b1
RTS Sentry Digital Surveillance buffer overflow exploit that makes use of CamPanel.dll version 2.1.0.2.
a107188cb89bc1cffd2b55b52f95827b328468e2f2ac2e5e5b9117e0368872c5
NUVICO DVR NVDV4 / PdvrAtl module with PdvrAtl.DLL version 1.0.1.25 remote heap overflow exploit for Internet Explorer 7 on Windows XP SP2.
9ee68690af569f2155d52e1d0bea6ce85186e02b540a9a4924aeebc6c338d350
Docebo versions 3.5.02 and below SQL injection exploit that makes use of lib.regset.php.
d5128df2988a271ca9ff69c11ac5b41342bc66c604855efb747764d4465690cc
iMesh versions 7.1.0.x and below IMWebControl Class remote heap exploit that takes advantage of IMWeb.dll 7.0.0.x.
bda7d1cdc934e1f0e4484e108927329c7550e60068d4168673d120bed0940cf7
SurgeMail version 38k4 webmail Host header denial of service exploit.
49a73d329f08f1ae216aa0a1afcac1586fb07eb9337bcfd4563e094053c43add
RaidenHTTPD version 2.0.19 ulang command execution proof of concept exploit.
673b614fe243897edcb2b2bdcbd71a1f52312222617148de6b1adb3a887a63ac
GOM Player version 2.1.6.3499 remote overflow exploit that makes use of GomWeb3.dll version 1.0.0.12. Spawns calc.exe.
906d927f7281a8d6b9f463de5a38983fe8e053fcbf3c0fe5cc7a02137c97ef19
CyberLink PowerDVD CLAVSetting module arbitrary remote rewrite denial of service exploit.
dc99ac5c0ba7789ad4c2e98c65ba7f59a828327c71d0b166f22e8d6ecd713169