Author : mr_me
Page 1 of 147 exploits
 |
Title | Author | Platform | Source | Description | Date |
|---|---|---|---|---|---|---|
|
Adobe Flash Player AVM Verification Logic Array Indexing Code Execution | mr_me | na | metasploit.com | This Metasploit module exploits a vulnerability in Adobe Flash Player versions 10.3.181.23 and earlier. This issue is caused by a failure in the ActionScript3 AVM2 verification logic. This results in unsafe JIT(Just-In-Time) code being executed. This is the same vulnerability that was used for attacks against Korean based organizations. Specifically, this issue occurs when indexing an array using an arbitrary value, memory can be referenced and later executed. Taking advantage of this issue does not rely on heap spraying as the vulnerability can also be used for information leakage. Currently this exploit works for IE6, IE7, IE8, Firefox 10.2 and likely several other browsers under multiple Windows platforms. This exploit bypasses ASLR/DEP and is very reliable. | June 20, 2012 |
|
|
Useresponse <= 1.0.2 Privilege Escalation & RCE Exploit | mr_me | php | exploit-db.com | !/usr/bin/python -------------------- | abuseresponse.py | -------------------- Useresponse <= 1.0.2 privilege escalation & remote code execution exploit vendor: USWebStyle (http://www.uswebstyle.com/) software: http://www.useresponse.com/ vulns found by bcoles (@_bclose) and m | June 15, 2012 |
|
|
Useresponse 1.0.2 Backdoor / CSRF / Code Execution | mr_me | na | Brendan Coles | Useresponse versions 1.0.2 and below suffer from a backdoor account, cross site request forgery, and code execution vulnerabilities. Full exploit provided. | June 15, 2012 |
|
|
XM Easy Personal FTP Server <= v5.30 Remote Format String Write4 Exploit | mr_me | windows | exploit-db.com | !/usr/bin/python XM Easy Personal FTP Server v <= 5.30 Remote Format String write4 Exploit exploit by: mr_me (@net__ninja/mr_me[at]corelan.be) Thanks to the Corelan Security Team Note: this is a poc only, and requires the following target environment: Windows Server 23k: - msvcr | June 14, 2012 |
|
|
XM Easy Personal FTP Server 5.30 Format String | mr_me | na | packetstormsecurity.org | XM Easy Personal FTP Server version 5.30 and below remote format string write4 exploit with a connect back shell. | June 14, 2012 |
|
|
Active Collab "chat module" 2.3.8 Remote PHP Code Injection | mr_me | na | metasploit.com | This Metasploit module exploits an arbitrary code injection vulnerability in the chat module that is part of Active Collab by abusing a preg_replace() using the /e modifier and its replacement string using double quotes. The vulnerable function can be found in activecollab/application/modules/chat/functions/html_to_text.php. | May 22, 2012 |
|
|
CyberLink Power2Go Stack Buffer Overflow | mr_me | na | modpr0be | This Metasploit module exploits a stack buffer overflow in CyberLink Power2Go version 8.x. The vulnerability is triggered when opening a malformed p2g file containing an overly long string in the 'name' attribute of the file element. This results in overwriting a structured exception handler record. | April 18, 2012 |
|
|
Open Conference/Journal/Harvester Systems <= 2.3.X Multiple RCE Vulnerabilities | mr_me | php | exploit-db.com | !/usr/bin/python Open Conference/Journal/Harvester Systems <= 2.3.X multiple remote code execution vulnerabilities vendor_________: Public Knowledge Project (pkp) -http://pkp.sfu.ca/ software link__: http://pkp.sfu.ca/download author_________: mr_me::rwx kru email__________: steve | December 23, 2011 |
|
|
Open Conference / Journal / Harvester Systems 2.3.x Code Execution | mr_me | na | packetstormsecurity.org | Open Conference Systems versions 2.3.4 and below, Open Journal Systems version 2.3.6 and below and Open Harvester Systems versions 2.3.1 and below remote code execution exploit. | December 23, 2011 |
|
|
Docebo LMS 4.0.4 SQL Injection / Code Execution | mr_me | na | packetstormsecurity.org | Remote exploit for Docebo LMS versions 4.0.4 and below that leverages a remote SQL injection vulnerability to inject a shell. | December 9, 2011 |
|
|
Docebo LMS <= v4.0.4 (messages) Remote Code Execution | mr_me | php | exploit-db.com | December 9, 2011 | |
|
|
Family Connections CMS 2.7.1 Remote Command Execution | mr_me | na | packetstormsecurity.org | Family Connections CMS versions 2.5.0 through 2.7.1 remote command execution exploit. | December 4, 2011 |
|
|
TugZip 3.5 Zip File Parsing Buffer Overflow | mr_me | na | Lincoln | This Metasploit module exploits a stack-based buffer overflow vulnerability in the latest version 3.5 of TugZip archiving utility. In order to trigger the vulnerability, an attacker must convince someone to load a specially crafted zip file with TugZip by double click or file open. By doing so, an attacker can execute arbitrary code as the victim user. | October 12, 2011 |
|
|
ScriptFTP 3.3 Remote Buffer Overflow | mr_me | na | TecR0c | AmmSoft's ScriptFTP client is susceptible to a remote buffer overflow vulnerability that is triggered when processing a sufficiently long filename during a FTP LIST command resulting in overwriting the exception handler. Social engineering of executing a specially crafted ftp file by double click will result in connecting to our malicious server and perform arbitrary code execution which allows the attacker to gain the same rights as the user running ScriptFTP. | October 10, 2011 |
|
|
Cogent Datahub <= v7.1.1.63 Remote Unicode Buffer Overflow Exploit | mr_me | windows | exploit-db.com | !/usr/bin/python Cogent Datahub <= v7.1.1.63 Remote Unicode Buffer Overflow Exploit tested on: - windows server 2003 - windows XP sp3 questions >> @net__ninja || @luigi_auriemma example usage: [mr_me@neptune cognet]$ ./cognet_overflow.py 192.168.114.130 --------------- | September 22, 2011 |