Eznet v3.5.0 and below remote stack overflow exploit which includes shell code that downloads and runs an executable from a web server.
764cf4e0bf5f01b4ed6cff73b4071a15737bdaddab4b8c634e3fcbdaa9e41918
Eznet v3.5.0 and below contains a stack overflow in eZnet.exe which can be exploited in a GET request to SwEzModule.dll.
f6257c897987cc1e3d11a346e0c9313375ab796a397fcf72b2e85cc15cd1b584
eZphotoshare has multiple overflow vulnerabilities that allow remote code execution from a heap corruption in ntdll.dll and the ability to overwrite important saved values via vulnerable code in mfc42.dll.
b12e004365a61fc7f59fbe522739cc9cd0248db2cc93c71f0a27f7a07e9476f2
IA WebMail Server v3.1 and below (iaregdll.dll version 1.0.0.5) remote exploit in perl. Tested against Windows XP Home SP1 and Windows 2000 Pro SP4. Included shellcode downloads netcat and spawns a shell.
46b9847fb05761825572db77b563585c6c829d08fe1ddd7ba09ddacbc98ff73b
IA WebMail Server versions 3.1 and below from True North Software are vulnerable to a stack-based buffer overflow via its HTTP GET request header. This overflow can lead to a denial of service and remote code execution.
4ee7d2ce7cd21185e891a868872e9582aff0036983de46858eed8983a8b50341
OmniCon WinShadow version 2.0 exploit that makes use of a buffer overflow in the client handling of hostnames in host files.
86813402c8fb4dfc3ce919ffaaa3d42a89d9a501b49144029fa04d5764e3e764
Generic Windows XP URL download and execute shellcode.
a34c8afa73948e9a867355665d03c33149372aaa3f3bfd06d5782544de061ed0
Minihttpserver 1.x Host Engine is susceptible to a directory traversal attack and has a login parsing flaw that allows a remote attacker to gain administrative privileges.
c3811137432dca7f6b3480030b9e97885c8de1ef80de534902b0ea664f882952
WAM! FTP Server version 1.0.4.0 for Windows is susceptible to a directory traversal that allows a remote attacker to break out of the restricted root and download any file on the system.
2e6731198e30d3571d5619bf3047d785bb7909b2bc3946b3f18ad6bc1e61d654
EF Commander versions 3.54 and below are vulnerable to various buffer overflows that can allow for remote arbitrary code execution.
4b6a103daedde0838356670bb130997652d09b35383a7ead54a7b31c2bb79a60
Simple Windows XP shellcode for command execution.
7fede52a4ac15b3ba497f67cea81a03a018ab5ff550446329d9c39fb97250393
Simple shellcode that allows command execution on Microsoft Windows platforms.
a5a6d5c1a064493d07a7279f0875d3e18e7199ccc79e6c56780408cd1ef3e18c
The TurboFTP client version 3.85 Build 304 is vulnerable to a buffer overflow attack from a malicious FTP server that can result in a denial of service and possibly remote command execution.
f666e3f6258f9bbb643fec3e3b0a1981eba0a2e3fab1c7aec152a14da0621a2d
Proof of concept exploit for IglooFTP PRO 3.8 and possibly earlier versions. This package suffers from multiple client side vulnerabilities including the banner, username, password, and account SMTP parameters.
012f188e05c0cd48ca2d55347c1fef1243732b738b287ec3f6b9007ffa7a13f5
IglooFTP PRO 3.8 and possibly earlier versions suffers from multiple client side vulnerabilities including the banner, username, password, and account SMTP parameters. Related proof of concept exploit here.
be6ba59a065b4bbfe9a8f5feb2cda1345218b4d6b7fbaca76ce60f31f06aaf3d
P-News versions 1.6 is vulnerable to a privilege escalation attack by allowing a remote attacker to populate strings with the | used for delimiting data stored about the account.
03e639c42ea8d778ec18f23eea9b43452efd029c4da46aeeeead26e57884221b
Poster version.two, the PHP news posting system, suffers from a vulnerability in the index.php file that allows a user to edit their account. Since the user is allowed to change the embedded information in the code, they can achieve privilege escalation to an administrative level.
dc71044533eb04ee5b535377f6bf7916a5d9ffba89345827b2c427c81a5b49dc