Realtek-HD-Audio-Control-Panel-2.1.3.2

App. has classic buffer overflow vulnerability it can be triggered by passing a too long argument as a startup parameter. Shellcode can by run via classic ret overwrite or SEH Handler overwrite filepath = "C:\ShellCode\RTHDCPL 2.1.3.2 - Exploit.bin" f = openfilepath, "wb" f.write'A'4...

ealtek-Audio-Control-Panel-1.0.1.65

App. has classic buffer overflow vulnerability it can be triggered by passing a too long argument as a startup parameter. Shellcode can by run via classic ret overwrite or SEH Handler overwrite filepath = "C:\ShellCode\RTLCPL 1.1.1.6 - Exploit.bin" f = openfilepath, "wb" f.write'BraniX'...

CVE-2014-9438

Cross-site request forgery CSRF vulnerability in the Moderator Control Panel in vBulletin 4.2.2 allows remote attackers to hijack the authentication of administrators for requests that 1 ban a user via the username parameter in a dobanuser action to modcp/banning.php or 2 unban a user, 3 modify...

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in the Moderator Control Panel in vBulletin 4.2.2 allows remote attackers to hijack the authentication of administrators for requests that 1 ban a user via the username parameter in a dobanuser action to modcp/banning.php or 2 unban a user, 3 modify...

CVE-2014-9438

CVE-2014-9438 is a CSRF vulnerability in the vBulletin 4.2.2 Moderator Control Panel. The issue allows an attacker to hijack an administrator’s session to perform actions such as banning/unbanning users, modifying user profiles, and approving or editing posts/topics via the modcp interface (e.g.,...

CVE-2014-9438

Cross-site request forgery CSRF vulnerability in the Moderator Control Panel in vBulletin 4.2.2 allows remote attackers to hijack the authentication of administrators for requests that 1 ban a user via the username parameter in a dobanuser action to modcp/banning.php or 2 unban a user, 3 modify...

vBulletin 4.2.2 Moderator Control Panel 4.2.2 CSRF Vulnerability

Exploit for php platform in category web applications This is private exploit. You can buy it at https://0day.today...

vBulletin Moderator Control Panel 4.2.2 CSRF

Exploit Title: vBulletin Moderator Control Panel CSRF Google Dork: "Powered by vBulletin® Version 4.2.2" Date: 16-12-2014 Exploit Author: Tomescu Daniel http://daniel-tomescu.com https://rstforums.com/forum Vendor Homepage: http://www.vbulletin.com/en/vb4-features/ Software Link: Premium Version:...

CVE-2014-9303

EntryPass N5200 Active Network Control Panel allows remote attackers to read device memory and obtain the administrator username and password via a URL starting with an ASCII character o through z or A through D, different vectors than CVE-2014-8868...

Default credentials

EntryPass N5200 Active Network Control Panel does not properly restrict access, which allows remote attackers to obtain the administrator username and password, and possibly other sensitive information, via a request to /4...

CVE-2014-9303

EntryPass N5200 Active Network Control Panel allows remote attackers to read device memory and obtain the administrator username and password via a URL starting with an ASCII character o through z or A through D, different vectors than CVE-2014-8868...

CVE-2014-8868

EntryPass N5200 Active Network Control Panel does not properly restrict access, which allows remote attackers to obtain the administrator username and password, and possibly other sensitive information, via a request to /4...

CVE-2014-9303

Affected product: EntryPass N5200 Active Network Control Panel. CVE-2014-9303 describes a remote information-disclosure flaw where an attacker can read device memory and extract the administrator username and password via a crafted URL starting with certain ASCII characters (o–z or A–D), differin...

CVE-2014-8868

CVE-2014-8868 concerns the EntryPass N5200 Active Network Control Panel. The affected component is the web interface for the N5200, where access is not properly restricted, enabling remote attackers to obtain the administrator username and password and potentially other sensitive data via a reque...

EntryPass N5200 - Credentials Exposure

EntryPass N5200 - Credentials Exposure Advisory: EntryPass N5200 Credentials Disclosure EntryPass N5200 Active Network Control Panels allow the unauthenticated downloading of information that includes the current administrative username and password. Details ======= Product: EntryPass N5200 Activ...

[RT-SA-2014-011] EntryPass N5200 Credentials Disclosure

Advisory: EntryPass N5200 Credentials Disclosure EntryPass N5200 Active Network Control Panels allow the unauthenticated downloading of information that includes the current administrative username and password. Details ======= Product: EntryPass N5200 Active Network Control Panel Affected...

TP-Link TL-WR740N - Denial of Service

TP-Link TL-WR740N Wireless Router MitM httpd Denial Of Service Vendor: TP-LINK Technologies Co., Ltd. Product web page: http://www.tp-link.us Affected version: - Firmware version: 3.17.0 Build 140520 Rel.75075n Released: 5/20/2014 - Firmware version: 3.16.6 Build 130529 Rel.47286n Released:...

SEO Control Panel 3.6.0 - Authenticated SQL Injection

No description provided by source. Exploit Title: Seo Control Panel 3.6.0 Authenticated Sql Injection Date: 10/10/2014 Exploit Author: Tiago Carvalho [email protected] or [email protected] Vendor Homepage: www.seopanel.in Software Link: http://www.seopanel.in/spdownload/ Version: Se...

CVE-2014-2531

SQL injection vulnerability in xhr.php in InterWorx Web Control Panel aka InterWorx Hosting Control Panel and InterWorx-CP before 5.0.14 build 577 allows remote authenticated users to execute arbitrary SQL commands via the i parameter in a search action to the 1 NodeWorx , 2 SiteWorx, or 3...

Sql injection

SQL injection vulnerability in xhr.php in InterWorx Web Control Panel aka InterWorx Hosting Control Panel and InterWorx-CP before 5.0.14 build 577 allows remote authenticated users to execute arbitrary SQL commands via the i parameter in a search action to the 1 NodeWorx , 2 SiteWorx, or 3...