UK gov website being used to redirect to porn sites

TL;DR UK Government Environment Agency web site had an open redirect that was actively being used to redirect to various porn sites, including OnlyFans clone sites. Disclosure should have been easy but wasn’t, as the agency haven’t followed wider UK government policy on vulnerability disclosure...

SQLMAP-Web-GUI - Web GUI to drive near full functionality of SQLMAP

PHP Frontend to work with the SQLMAP JSON API Server sqlmapapi.py to allow for a Web GUI to drive near full functionality of SQLMAP! Here is a few quick videos to show that almost all of your usual SQLMAP command line functionality is still possible via this Web GUI. Demo against: Windows 2003...

Persistent Systems Client Automation - Command Injection Remote Code Execution (Metasploit)

Persistent Systems Client Automation - Command Injection Remote Code Execution Metasploit Exploit Title: Persistent Systems Client Automation PSCA, formerly HPCA or Radia Command Injection Remote Code Execution Vulnerability Date: 2014-10-01 Exploit Author: Ben Turner Vendor Homepage: Previosuly...

McAfee Data Loss Prevention Endpoint Privilege Escalation

/ Exploit Title - McAfee Data Loss Prevention Endpoint Arbitrary Write Privilege Escalation Date - 29th January 2015 Discovered by - Parvez Anwar @parvezghh Vendor Homepage - http://www.mcafee.com Tested Version - 9.3.200.23 Driver Version - 9.3.200.23 - hdlpctrl.sys Tested on OS - 32bit Windows ...

McAfee Data Loss Prevention Endpoint - Arbitrary Write Privilege Escalation

/ Exploit Title - McAfee Data Loss Prevention Endpoint Arbitrary Write Privilege Escalation Date - 29th January 2015 Discovered by - Parvez Anwar @parvezghh Vendor Homepage - http://www.mcafee.com Tested Version - 9.3.200.23 Driver Version - 9.3.200.23 - hdlpctrl.sys Tested on OS - 32bit Windows ...

HP Data Protector Client EXEC_CMD Remote Code Execution

No description provided by source. !/usr/bin/env python Exploit Title: HP Data Protector Client EXECCMD Remote Code Execution Vulnerability Date: 2012-12-06 Exploit Author: Ben Turner Vendor Homepage: www.hp.com Version: 6.11 & 6.20 Tested on: Windows 2003 Server SP2 en CVE: CVE-2011-0922 Notes:...

SlimFTPd <= 3.16 Remote Buffer Overflow Exploit

No description provided by source. / Written by redsand [email protected] Jul 22, 2005 Vulnerable: SlimFtpd v3.15 and v3.16 origional vuln found by: Usage: ./redslim 127.0.0.1 OS RET / include stdio.h include stdlib.h include string.h ifdef WIN include winsock2.h include windows.h // pragma lib...

Microsoft WINS Service <= 5.2.3790.4520 Memory Corruption

No description provided by source. Luigi Auriemma Application: Microsoft WINS service http://www.microsoft.com Versions: = 5.2.3790.4520 Platforms: Windows Bug: arbitrary memory corruption Exploitation: remote, versus server Date: found 21 Oct 2010 patched 10 May 2011 advisory 13 Sep 2011 Author:...

7-Technologies IGSS <= 9.00.00 b11063 - IGSSdataServer.exe Stack Overflow

No description provided by source. $Id: igss9igssdataserverlistall.rb 12639 2011-05-16 19:30:17Z sinn3r $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing...

Microsoft IIS ASP Multiple Extensions Security Bypass 5.x/6.x

No description provided by source. !/usr/bin/python Exploit Title: Exploit for Microsoft IIS ASP Multiple Extensions Security Bypass 5.x/6.x Date: 29 dec 2009 Author: Emanuele 'emgent' Gentili and Emanuele 'crossbower' Acri Software Link: N/A Version: IIS 5.x/6.x Tested on: Windows 2003 Server SP...

Ericom AccessNow Server Buffer Overflow

No description provided by source. This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 Msf::Exploit::Remote Rank = NormalRanking include Msf::Exploit::Remote::HttpClient def initializein...

BlazeDVD Pro player 6.1 - Stack Based Buffer Overflow (Direct Ret)

No description provided by source. !/usr/bin/perl BlazeDVD Pro player 6.1 Local stack based buffer overflow Author: PuN1sh3r Email: [email protected] Date: Mon Jul 15 03:01:37 EDT 2013 Vendor link: http://www.blazevideo.com/download.htmm Software Link:...

Microsoft IIS ASP - Stack Overflow Exploit (MS06-034)

No description provided by source. include stdio.h include windows.h / Microsoft IIS ASP Stack Overflow ExploitMS06-034 by cocoruderfrankruderathotmail.com,2006/7/13 page:http://ruder.cdut.net/default.asp successfully test on Windows 2000 Server SP4+IIS5.0, On Windows 2003 Server+IIS6.0,because t...

FuzeZip 1.0.0.131625 - SEH Buffer Overflow

No description provided by source. !/usr/bin/python Exploit Title: SEH BUFFER OVERFLOW IN FUZEZIP V.1.0 Date: 16.Apr.2013 Vulnerability reported Exploit Author: Josep Pi Rodriguez, Pedro Guillen Nunez , Miguel Angel de Castro Simon Organization: RealPentesting Vendor Homepage: http://fuzezip.com/...

TrendMicro Control Manger <= 5.5 CmdProcessor.exe - Stack Buffer Overflow

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core'...

HP OpenView NNM 7.5.1 - OVAS.exe SEH PRE AUTH Overflow Exploit

No description provided by source. !/usr/bin/python HP OpenView NNM 7.5.1 OVAS.EXE Pre Authentication SEH Overflow Tested on Windows 2003 Server SP1. Coded by Mati Aharoni muts..at..offensive-security.com http://www.offensive-security.com/0day/hp-nnm-ov.py.txt shameless plug This vulnerability wa...

CA Advantage Ingres 2.6 - Multiple Buffer Overflow Vulnerabilities PoC

No description provided by source. Exploit Title: Computer Associates Advantage Ingres 2.6 Multiple Buffer Overflow Vulnerabilities PoC Date: 2010-08-14 Author: fdisk @fdiskyou e-mail: fdiskyou at deniable.org Version: 2.6 Tested on: Windows 2003 Server SP1 en CVE: CVE-2007-3336 - CVE-2007-3338...

Ericom AccessNow Server - Remote Buffer Overflow (Metasploit)

This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Ericom AccessNow Server Buffer Overflow', 'Description' = %q This module exploits a stack based buffer overflow in Ericom AccessNow...

Ericom AccessNow Server Buffer Overflow

This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Ericom AccessNow Server Buffer Overflow', 'Description' = %q This module exploits a stack based buffer overflow in Ericom AccessNow...

Ericom AccessNow Server Buffer Overflow

This module exploits a stack based buffer overflow in Ericom AccessNow Server. The vulnerability is due to an insecure usage of vsprintf with user controlled data, which can be triggered with a malformed HTTP request. This module has been tested successfully with Ericom AccessNow Server 2.4.0.2 o...