Collabtive 1.1 SQL Injection Vulnerability

Exploit for php platform in category web applications =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ || || || Advisory : Collabtive Sql Injection || || Affected Version : 1.1 || || Vendor : http://collabtive.o-dyn.de/index.php || || Risk : Medium || || CVE-ID : 2013-6872 || ||...

Atrax Kit Boasts Tor Connectivity, Bitcoin Extraction

Yet another commercial crimekit has been spotted making the rounds on the underground malware forums that uses the anonymity network Tor to stealthily communicate with its command and control servers. While it isn’t the first of its kind to use Tor, the kit, nicknamed Atrax, is cheap and comes wi...

binwalk

Binwalk v3 This is an updated version of the Binwalk firmware...

Kwok Information Server 2.7.3 / 2.8.4 SQL Injection

=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ || || || Advisory : Kwok Information Server Blind Sql Injection || || Affected Version : 2.7.3 & 2.8.4 || || Vendor : http://www.kwoksys.com/index.php || || Risk : Medium || || CVE-ID : 2013-5028 || || Tested on Platform : Windows...

FreeBSD : chromium -- multiple vulnerabilities (358133b5-c2b9-11e2-a738-00262d5ed8ee)

Google Chrome Releases reports : 235638 High CVE-2013-2837: Use-after-free in SVG. Credit to Slawomir Blazek. 235311 Medium CVE-2013-2838: Out-of-bounds read in v8. Credit to Christian Holler. 230176 High CVE-2013-2839: Bad cast in clipboard handling. Credit to Jon of MWR InfoSecurity. 230117 Hig...

VBulletin 5.0 all beta Automated SQL Injection and data extractor

This is automated injector to exploit and extract all data whatever we want from target website using Vbulletin 5.0 all beta with SQLi vulnerability.. Vulnerability Credit : 0x0a still there is no CVE or patch. On this moment vBulletin 5.0.0 beta 28 is the last version and it is affected with it...

WeBid 1.0.6 - SQL Injection

WeBid 1.0.6 - SQL Injection Exploit Title: WeBid 1.0.6 SQL Injection Vulnerability Google Dork: "Powered by WeBid" Date: 1/9/13 Exploit Author: Life Wasted Vendor Homepage: http://www.webidsupport.com/ Version: Tested on 1.0.6, but could affect other version Tested On: Linux, Windows Vulnerable...

Chrome Clickjacking Vulnerability Could Expose User Information on Google, Amazon

An apparent clickjacking, or UI redress vulnerability, in Google’s Chrome web browser could make it possible for attackers to glean users’ e-mail addresses, their first and last names and other information according to recent work done by an Italian researcher. Luca De Fulgentis, who writes about...

Joomla! Component com_enmasse 1.2.0.4 - SQL Injection

Joomla! Component comenmasse 1.2.0.4 - SQL Injection Exploit Title: Joomla comenmasse Remote Exploit Author: Daniel Barragan "D4NB4R" Español hola, este exploit afecta sitios de ecommerce por lo cual el exploit solo dara una muestra de la extraccion posible de datos, No me hago responsable del us...

Joomla! Component com_enmasse 1.2.0.4 - SQL Injection

Exploit Title: Joomla comenmasse Remote Exploit Author: Daniel Barragan "D4NB4R" Español hola, este exploit afecta sitios de ecommerce por lo cual el exploit solo dara una muestra de la extraccion posible de datos, No me hago responsable del uso que se le de. ya que es posible obtener lucro...

Joomla Component com_enmasse Remote Sql Injection Exploit

Exploit for php platform in category web applications Exploit Title: Joomla comenmasse Remote Exploit Author: Daniel Barragan "D4NB4R" Espaсol hola, este exploit afecta sitios de ecommerce por lo cual el exploit solo dara una muestra de la extraccion posible de datos, No me hago responsable del u...

Joomla Enmasse SQL Injection

Exploit Title: Joomla comenmasse Remote Exploit Author: Daniel Barragan "D4NB4R" Español hola, este exploit afecta sitios de ecommerce por lo cual el exploit solo dara una muestra de la extraccion posible de datos, No me hago responsable del uso que se le de. ya que es posible obtener lucro...

Homeland Security hacking into gaming consoles to obtain user data

Homeland Security hacking into gaming consoles to obtain user data The U.S. government has hired a California-based company to hack into video game consoles, such as Xbox 360 and PlayStation 3, to watch criminals, especially child predators, and learn how to collect evidence against them. The U.S...

Navy Hires Contractor to Data-Mine Gaming Consoles

The U.S. Navy recently hired an outside contractor, Obscure Technologies, to develop computer forensics tools capable of analyzing network traffic and stored data on gaming consoles. The contract, valued at $177,237.50, calls on Obscure Technologies to create hardware and software tools that can ...

Android Application Allows Remote Access – No Permissions Required

Mobile security researchers at the firm Viaforensics say they have created a malicious mobile application that requires the phone user to grant no permissions during installation, but could give remote attackers the ability to install and execute malicious code on mobile devices running the Andro...

Sqlninja 0.2.6 is now available

Sqlninja 0.2.6 is now available Sqlninja's goal is to exploit SQL injection vulnerabilities on web applications that use Microsoft SQL Server as back end. It is released under the GPLv3.There are a lot of other SQL injection tools out there but sqlninja, instead of extracting the data, focuses on...

Researchers To Demonstrate Tor Network Hijack Method

Researchers at the Hackers To Hackers Conference in Brazil will detail a method of hijacking the TOR anonymity network, potentially putting its users at risk, while The Tor Project accuses one of the researchers of irresponsible disclosure. The presentation combines work done by Eric Filiol of th...

Windows Gather Screen Spy

This module will incrementally take desktop screenshots from the host. This allows for screen spying which can be useful to determine if there is an active user on a machine, or to record the screen for later data extraction. Note: As of March, 2014, the VIEWCMD option has been removed in favor o...

Clipbucket 2.4 RC2 645 - SQL Injection

Clipbucket 2.4 RC2 645 - SQL Injection ------------------------------------------------------------------------ Software................Clipbucket 2.4 RC2 645 Vulnerability...........SQL Injection Threat Level............Critical 4/5 Download................http://www.clip-bucket.com/ Discovery...

Clipbucket 2.4 RC2 645 - SQL Injection

------------------------------------------------------------------------ Software................Clipbucket 2.4 RC2 645 Vulnerability...........SQL Injection Threat Level............Critical 4/5 Download................http://www.clip-bucket.com/ Discovery Date..........5/23/2011 Tested...