Teknolist Okulistik 代码问题漏洞

Teknolist Okulistik is an online education platform owned by the Turkish company Teknolist. Versions of Teknolist Okulistik from 2012/02/20 onwards have code vulnerabilities related to server-side request forgery, which may lead to such attacks...

DAMN Hash Calculator 1.5.1 - Local Heap Overflow PoC

No description provided by source. !/usr/bin/python Exploit Title: DAMN Hash Calculator v1.5.1 Local Heap Overflow PoC Version: 1.5.1 Date: 2012-02-21 Author: Julien Ahrens Homepage: http://www.inshell.net Software Link: http://www.google.com Tested on: Windows XP SP3 Professional German Notes: O...

OTRS Email Message XSS Vulnerability (OSA-2012-02)

Open Ticket Request System OTRS is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

RabidHamster R4 Log Entry sprintf() Buffer Overflow

This module exploits a vulnerability found in RabidHamster R4's web server. By supplying a malformed HTTP request, it is possible to trigger a stack-based buffer overflow when generating a log, which may result in arbitrary code execution under the context of the user. This module requires...

Wolf CMS 0.7.5 Cross Site Scripting / SQL Injection

Exploit for php platform in category web applications Title: ====== Wolf CMS 0.7.5 Cross Site Scripting / SQL Injection Date: ===== 2012-02-27 Introduction: ============= Wolf CMS is a content management system and is Free Software published under the GNU General Public License v3. Wolf CMS is...

Yealink VOIP Phone Persistent Cross Site Scripting Vulnerability

Exploit for hardware platform in category web applications Title: Yealink VOIP Phone Persistent Cross Site Scripting Vulnerability Product: Yealink Easy VOIP Phone Homepage: http://www.yealink.com/ Impact: Medium Authentication: Required CVE: CVE-2012-1417 Found: 2012-02-21 Author: Narendra Shind...

SQL-Injection (Error-Patching) - Basic Lesson #1

Document Title: =============== SQL-Injection Error-Patching - Basic Lesson 1 References: =========== Download: http://www.vulnerability-lab.com/resources/videos/446.wmv View: http://www.youtube.com/watch?v=Yd6fu0X9epQ Release Date: ============= 2012-02-26 Vulnerability Laboratory ID VL-ID:...

CVE-2012-1001

creationtimestamp| type| source ---|---|--- 2012-02-22 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/36874 2012-02-22 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/36875 2024-02-26 08:11:26+00:00| seen| https://t.me/ctinow/193140...

almnzm 2.4 - Cross-Site Request Forgery (Add Admin)

Title: almnzm 2.4 Priv8 Almnzm 2.4 CSRF Exploit!! Add New Admin :D By: HaNniBaL KsA HK www.r00t-s3c.com UserName: PassWord: E-mail: ! -- NOTE!: The value id'z for admin privileges can be change in any site :D "down...

CVE-2012-1210

creationtimestamp| type| source ---|---|--- 2012-02-13 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/36766...

SuSE 11.1 Security Update : Mozilla XULrunner (SAT Patch Number 5764)

Mozilla XULrunner was updated to 1.9.2.26 security update, fixing security issues and bugs. The following security bugs have been fixed : - Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs...

Scientific Toolworks Understand 'wintab32.dll' DLL Loading Arbitrary Code Execution

The version of Scientific Toolworks Understand installed on the remote Windows host is earlier than 2.6 Build 600. As such, it insecurely looks in its current working directory when resolving DLL dependencies, such as for 'wintab32.dll'. Attackers may exploit this issue by placing a specially...

Google Service Reward #1 - ClickJacking Vulnerability

Document Title: =============== Google Service Reward 1 - ClickJacking Vulnerability References: =========== Download: http://www.vulnerability-lab.com/resources/videos/416.wmv View: http://www.youtube.com/watch?v=6N0YS9cTRHw Release Date: ============= 2012-02-06 Vulnerability Laboratory ID VL-I...

PHP 5.4SVN-2012-02-03 htmlspecialchars/entities Buffer Overflow

Exploit for php platform in category dos / poc From: cataphract Operating system: Any PHP version: 5.4SVN-2012-02-03 SVN Package: Reproducible crash Bug Type: Bug Bug description:Buffer overflow on htmlspecialchars/entities with $double=false Description: ------------ Long entities can cause a...

PHP 5.4SVN-2012-02-03 - htmlspecialchars/entities Buffer Overflow

From: cataphract Operating system: Any PHP version: 5.4SVN-2012-02-03 SVN Package: Reproducible crash Bug Type: Bug Bug description:Buffer overflow on htmlspecialchars/entities with $double=false Description: ------------ Long entities can cause a buffer overflow because the loop only guarantees ...

PHP 5.4SVN-2012-02-03 - htmlspecialcharsentities Buffer Overflow

PHP 5.4SVN-2012-02-03 - htmlspecialcharsentities Buffer Overflow From: cataphract Operating system: Any PHP version: 5.4SVN-2012-02-03 SVN Package: Reproducible crash Bug Type: Bug Bug description:Buffer overflow on htmlspecialchars/entities with $double=false Description: ------------ Long...

CVE-2012-1005

creationtimestamp| type| source ---|---|--- 2012-02-02 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/18451...

Fedora 16 : wireshark-1.6.5-1.fc16 (2012-0435)

The following vulnerabilities have been fixed. wnpa-sec-2012-01 Laurent Butti discovered that Wireshark failed to properly record sizes for many packet capture file formats. wnpa-sec-2012-02 Wireshark could dereference a NULL pointer and crash wnpa-sec-2012-03 The RLC dissector could overflow a...

Novell Netware XNFS.NLM NFS Rename Remote Code Execution

Exploit for novell platform in category dos / poc Application: Novell Netware XNFS.NLM NFS Rename Remote Code Execution Vulnerability Platforms: Novell Netware 6.5 SP8 Exploitation: Remote code execution CVE Number: Novell TID: 5117430 ZDI: ZDI-12-06 PRL: 2012-02 Author: Francis Provencher Protek...

Novell Netware - XNFS.NLM NFS Rename Remote Code Execution

Novell Netware - XNFS.NLM NFS Rename Remote Code Execution Application: Novell Netware XNFS.NLM NFS Rename Remote Code Execution Vulnerability Platforms: Novell Netware 6.5 SP8 Exploitation: Remote code execution CVE Number: Novell TID: 5117430 ZDI: ZDI-12-06 PRL: 2012-02 Author: Francis Provench...