escon supportportal pro 3.0 - Persistent Cross-Site Scripting

escon supportportal pro 3.0 - Persistent Cross-Site Scripting !/usr/bin/python ''' Author: loneferret of Offensive Security Product: ESCON SupportPortal Pro Version: 3.0 Vendor Site: http://www.e-supportportal.com Software Download: http://www.e-supportportal.com/download.html Timeline: 29 May...

ESCON SupportPortal Pro 3.0 Cross Site Scripting

!/usr/bin/python ''' Author: loneferret of Offensive Security Product: ESCON SupportPortal Pro Version: 3.0 Vendor Site: http://www.e-supportportal.com Software Download: http://www.e-supportportal.com/download.html Timeline: 29 May 2012: Vulnerability reported to CERT 30 May 2012: Response...

Newchemistry SQL Injection

|=----=----=----=----=----=--------=| | | | /\ /\ \ /\ /\ \ | | //\ /\ \ \L\ \ \ \ \ Turki$ hackers | | \ \ \ \ \ '\ \ \ | | \ \ \ \ \ \L\ \ \ \ \ \ | | \ \ \ / \ \ \ | | // // //// | | | | | |=----=----=----=----=----=--------=|...

i-doIT 0.9.9-4 LFI Vulnerability

Exploit for php platform in category web applications ------------------------------------------------------------------------ Software................i-doIT 0.9.9-4 Vulnerability...........Local File Inclusion Threat Level............Critical 4/5 Download................http://www.i-doit.org/...

Persistent, Covert Malware Causing Major Damage

LAS VEGAS–Security technology and practice have advanced quite a bit in the past few years, but one thing that has become clear is that whatever gains have been made are just not keeping pace with the innovation of attackers. The advances being made by malware authors and crimeware gangs are...

vBulletin v 2.3 .* SQL Injection Vulnerability

Exploit for unknown platform in category web applications ============================================== vBulletin v 2.3 . SQL Injection Vulnerability ============================================== Title: vbulletin Vulnerability versions 2.3 . - SQL injection. Author: Discovered by ROOTEGY Versio...

Palm Pre WebOS 1.1 - Remote File Access

Palm Pre WebOS 1.1 - Remote File Access I. Description The Palm Pre WebOS =1.1 suffers from a JavaScript injection attack that allows a malicious attacker to access any file on the mobile device. Palm has patched this vulnerability and all users are recommended to upgrade to WebOS version 1.2+...

Chance-i DiViS-Web DVR System ActiveX Control Heap Overflow PoC

Exploit for unknown platform in category dos / poc =============================================================== Chance-i DiViS-Web DVR System ActiveX Control Heap Overflow PoC =============================================================== Digital Security Research Group DSecRG Advisory...

Chance-i DiViS-Web DVR System - ActiveX Control Heap Overflow (PoC)

Chance-i DiViS-Web DVR System - ActiveX Control Heap Overflow PoC Digital Security Research Group DSecRG Advisory DSECRG-09-035 original advisory: http://dsecrg.com/pages/vul/DSECRG-09-035.html Application: Chance-i DiViS-Web DVR System ActiveX control Versions Affected: 3,0,0,7 Vendor URL:...

i-dreams Mailer 1.2 Final (admin.dat) File Disclosure Vulnerability

No description provided by source. --------------------------------------------------------- Portal Name: i-dreams Mailer Version : 1.2 Final Author : PouyaServer , [email protected] Website: http://Pouya-Server.ir --------------------------------------------------------- Xpl:...

foxmail 0day POC

No description provided by source. html body PAuthor:friddy QQ:568623 PResult:Program Crash BR A...

IBM AIX 5.3.0 - setlocale() Local Privilege Escalation

IBM AIX 5.3.0 - setlocale Local Privilege Escalation setlocale exploit for aix 5.2 CVE-2006-4254 [email protected] from os import execve bof="a"580+"bbbbccccdddd\x2f\xf2\x28\x2f" egg="\x60"2350 shellcode= by intropy caughq.org "\x7c\xa5\x2a\x79" xor. r5,r5,r5 "\x40\x82\xff\xfd" bnel...

Jetbox CMS 2.1 Email - 'FormMail.php' Input Validation

source: https://www.securityfocus.com/bid/23989/info Jetbox CMS is prone to an input-validation vulnerabilitiy because it fails to adequately sanitize user-supplied input. Attackers can exploit this issue to send spam email in the context of the application. Jetbox 2.1 is vulnerable; other versio...

FTP Explorer 1.0.1 Build 047 - Remote CPU Consumption (Denial of Service)

FTP Explorer 1.0.1 Build 047 - Remote CPU Consumption Denial of Service / FTP Explorer 1.0.1 Build 047 Remote DoS CPU consumption FTP Explorer is prone to a DoS after receiving a long PWD response leading to 100% CPU consumption. Have Fun! Coded by Marsu / include "winsock2.h" include "stdio.h"...

infinicart.txt

vendor site: http://www.ecommercemax.com/ product : infinicart bug: multiples injection sql & xss language : asp risk : high injection sql get: /infinicart-demo/browsegroup.asp?groupid=sql /infinicart-demo/addedtocart.asp?productid=sql /infinicart-demo/browsesubcat.asp?catid=sql...

GLSA-200608-08 : GnuPG: Integer overflow vulnerability

The remote host is affected by the vulnerability described in GLSA-200608-08 GnuPG: Integer overflow vulnerability Evgeny Legerov discovered a vulnerability in GnuPG that when certain packets are handled an integer overflow may occur. Impact : By sending a specially crafted email to a user runnin...

WBB-newthread.txt

======================================== Discovered By: CrAzY CrAcKeR Site:www.alshmokh.com I want to thank my friend:- nono225-mHOn-rageh-Lover Hacker-Breeeeh BoNym-Rootshill-LiNuXrOOt-Sw33t h4ck3r ======================================== Example:- /newthread.php?boardid=SQL...

WBB-showmods.txt

======================================== Discovered By: CrAzY CrAcKeR Site:www.alshmokh.com I want to thank my friend:- nono225-mHOn-rageh-Lover Hacker-Breeeeh BoNym-Rootshill-LiNuXrOOt-Sw33t h4ck3r ======================================== Example:- /showmods.php?boardid=SQL...

wbb221.txt

============================================== Discovered By: CrAzY CrAcKeR Site:www.alshmokh.com I want to thank my friend:- nono225-mHOn-rageh-Lover Hacker-Sw33t h4ck3r Breeeeh-BoNym-Rootshill-LiNuXrOOt-SauDiVirUs ============================================== Example:-...

CVE-2006-2591

Unspecified vulnerability in e107 before 0.7.5 has unknown impact and remote attack vectors related to an "emailing exploit"...