RobotStats 1.0 - HTML Injection

Title : RobotStats v1.0 HTML Injection Vulnerability Author : ZoRLu / [email protected] / [email protected] Home : http://milw00rm.com / its online Twitter : https://twitter.com/milw00rm or @milw00rm Date : 22.11.2014 Demo : http://alpesoiseaux.free.fr/robotstats/ Download :...

Joomla! Mac Gallery Component Arbitrary File Download Vulnerability

Joomla! Mac Gallery Component is prone to arbitrary file download vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Provide the right artifact: Windows NT EPATHOBJ Local Ring0 Exploit-vulnerability warning-the black bar safety net

This is a 2 0 1 3 year 6 month released the windows nt kernel local mention of the right to 0day Vulnerability CVE-2 0 1 3-3 6 6 0, but soon Microsoft will in the 2 0 1 3 year 7 month The Update Patch fixes this vulnerability; this vulnerability relates to the version of windows there is XP, Vist...

NRPE 2.15 Remote Command Execution

!/usr/bin/python Exploit Title : NRPE http://www.abcompcons.com/files/nrpeclient.py pyOpenSSL Library required http://pyopenssl.sourceforge.net/ root@localhost pip-python install pyOpenSSL NRPE = 2.15 Remote Command Execution Vulnerability Release date: 17.04.2014 Discovered by: Dawid Golunski...

Baidu Spark Browser Denial of Service Vulnerability -01 (Aug 2014) - Windows

Baidu Spark Browser is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

PwnPi - A Pen Test Drop Box distro for the Raspberry Pi

PwnPi is a Linux-based penetration testing dropbox distribution for the Raspberry Pi. It currently has 200+ network security tools pre-installed to aid the penetration tester. It is built a stripped down version of the Debian Wheezy image from the Raspberry Pi foundation's website and uses Openbo...

Microsoft Organization Chart 2 - Remote Code Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/31059/info Microsoft Organization Chart is prone to a remote code-execution vulnerability because of a memory-access violation. Remote attackers can exploit this issue by enticing victims into opening a maliciously crafte...

Audio File Library 0.2.6 - (libaudiofile) 'msadpcm.c' WAV File Processing Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/33066/info Audio File Library 'libaudiofile' is prone to a heap-based buffer-overflow vulnerability because it fails to properly bounds-check user-supplied data. An attacker can exploit this issue to execute arbitrary...

Microsoft Windows Tracing Registry Key ACL Privilege Escalation Vulnerability

No description provided by source. Source: http://www.securityfocus.com/bid/42269/info Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successful exploits will result in the comple...

Xion Player 1.0.125 Stack Buffer Overflow Exploit

No description provided by source. !/usr/bin/python Title: Xion 1.0.125 Stack Buffer Overflow Date: August 13, 2010 Author: corelanc0d3r and dijital1 Grtz to dijital1 : I had a lot of fun working with you on this one ! : Grtz to dookie2000ca : Original Advisory:...

Duhok Forum 1.0 script Cross Site Scripting Vulnerability

No description provided by source. ======================================================================================== | Title : Duhok Forum 1.0 script Cross Site Scripting Vulnerability | Author : indoushka | email : [email protected] | Home : www.iq-ty.com $ | Dork : duhokFrm 1.0 $ |...

Subdreamer 3.0.1 - CMS upload Vulnerability

No description provided by source. ======================================================================================== | Title : Subdreamer.v3.0.1 cms upload Vulnerability | Author : indoushka | email : [email protected] | Home : www.h4kz.com | Web Site : | Dork : Website powered by...

Valve Software Source Engine - Format String Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/36061/info Source Engine is prone to a format-string vulnerability because it fails to properly sanitize user-supplied input before passing it as the format specifier to a formatted-printing function. An attacker may...

Windows XP SP3 English MessageBoxA Shellcode - 87 bytes

No description provided by source. / Title: Windows XP SP3 English MessageBoxA Shellcode 87 bytes Date: August 20, 2010 Author: Glafkos Charalambous glafkos@astalavistadotcom Tested on: Windows XP SP3 En Thanks: ishtus Greetz: Astalavista, OffSEC, Exploit-DB Exploit-DB Notes: Tested under Windows...

Audio Workstation 6.4.2.4.3 pls Buffer Overflow

No description provided by source. $Id: audiowkstnpls.rb 10477 2010-09-25 11:59:02Z mc $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

Kolibri <= 2.0 - HTTP Server HEAD Buffer Overflow

No description provided by source. $Id: kolibrihttp.rb 10887 2011-08-03 12:19:19Z mrme $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

Western Digital Arkeia Remote Code Execution (msf module)

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ Exploit-DB Note: a...

Barracuda Networks Spam & Virus Firewall <= 4.1.1.021 Remote Configuration Retrieval

No description provided by source. !/bin/bash Exploit by ShadowHatesYou [email protected] The resulting output is an SQL dump containing the Barracuda's configuration, which includes goodies such as: The administrative password for the BSFsystempassword MTA LDAP passwordsmtaldapadvancedpasswor...

Internet Explorer 'winhlp32.exe' 'MsgBox()' Remote Code Execution Vulnerability

No description provided by source. Microsoft Internet Explorer is prone to a remote code execution vulnerability. Source iSEC Security Research: http://isec.pl/vulnerabilities10.html Attackers can exploit this issue to execute arbitrary code in the context of the user running the application...

Easy~Ftp Server 1.7.0.2 - Post-Authentication BoF (PoC)

No description provided by source. !/usr/bin/python Title: EasyFtp Server v1.7.0.2 Post-Authentication BoF PoC From: The eh?-Team || The Great White Fuzz we're not sure yet Found by: loneferret Hat's off to dookie2000ca Date Found: 13/02/2010 Developer contacted: 14/02/2010 Software link:...