1393 matches found
ecoCMS 18.4.2010 'admin.php' Cross Site Scripting Vulnerability
No description provided by source. !/usr/bin/env python coding: utf-8 from pocsuite.net import req from pocsuite.poc import POCBase, Output from pocsuite.utils import register from urlparse import urljoin class TestPOCPOCBase: vulID = 'SSV-87089' vul ID version = '1' author = 'fenghh' vulDate =...
Microsoft IIS 4.0 ISAPI Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/1911/info The ASP ISAPI file parser does not properly execute certain malformed ASP files that contain scripts with the LANGUAGE parameter containing a buffer of over 2200 characters and have the RUNAT value set as...
Joomla Component com_ops SQL Injection Vulnerability
No description provided by source. Title : Joomla Component comops SQL Injection Vulnerability Author: DevilZ TM Data : 2010-04-02 InformatioN Title : Joomla Component comops SQL Injection Vulnerability Author : DevilZ TM By D3v1l Homepage : http://www.DEVILZTM.com Email : [email protected]...
Firefox 3.6 (XML parser) Memory Corruption PoC/DoS
No description provided by source. Firefox 3.6XML parsermemory corruption PoC/Dos by d3b4g From tiny islands of maldivies Tested: version 3.6 Tested on windows XP SP3 20-01-2010 This same bug was in early version of firfox,found by Wojciech Pawlikowski This is just a update. This vulnerability...
IrfanView 4.33 DJVU Image Processing Heap Overflow
No description provided by source. Application: IrfanView DJVU Image Processing Heap Overflow Version: The vulnerability is confirmed in version 4.33. Other versions may also be affected Plateform: Windows Exploitation: Remote code execution Secunia Number: SA49176 PRL: 2012-23 Author: Francis...
VWD-CMS - CSRF Vulnerability
No description provided by source. ''' | / |/ \ /\ | | | | \ | \ / | | | | / \ | | | | | | | |/| | | | |/ /\ | | | | | | | | || / \ || | | | || ||// \/|/ Title : VWD-CMS CSRF Vulnerability Affected Version : VWD-CMS version 2.1 Discovery : www.abysssec.com Vendor : http://www.vwd-cms.com/ Demo...
Linux kernel 2.2 Predictable TCP Initial Sequence Number Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/670/info A vulnerability in the Linux kernel allows remote users to guess the initial sequence number of TCP sessions. This can be used to create spoofed TCP sessions bypassing some types of IP based access controls. The...
MercurySteam Scrapland Game Server 1.0 - Remote Denial of Service Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/12680/info Scrapland game server is reported prone to various denial of service vulnerabilities. These issues present themselves because the application fails to handle exceptional conditions. It is reported that the game...
Adobe Flash Player < 10.1.53 .64 Action Script Type Confusion Exploit (DEP+ASLR bypass)
No description provided by source. Source: http://www.abysssec.com/blog/2011/04/exploiting-adobe-flash-player-on-windows-7/ Adobe Flash player Action script type confusion exploit DEP+ASLR bypass advisory text : Here is another reliable windows 7 exploit . the main method used for exploitation is...
HP Data Protector 6.11 Remote Buffer Overflow + DEP Bypass
No description provided by source. !/usr/bin/python HP Data Protector 6.11 Remote Buffer Overflow Tested on Windows 2003 R2 + DEP Enabled Authors: muts & dookie Reference: http://www.exploit-db.com/exploits/17458/ Reference:...
Adobe Flash Player <= 10.0.22 and AIR - 'intf_count' Integer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/35907/info Adobe Flash Player and Adobe AIR are prone to an integer-overflow vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the application. Failed attacks may cause a...
LibTiff 3.x Multiple Denial of Service Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/17730/info LibTIFF is affected by multiple denial-of-service vulnerabilities. An attacker can exploit these vulnerabilities to cause a denial of service in applications using the affected library...
NetWin DNews 5.3 Server Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/1172/info DNews News Server is a CGI application that gives access to auser's NNTP server over the web. There are many unchecked buffers in the program, some of which can be exploited directly from any browser. Supplying ...
Xunlei XPPlayer <= 5.9.14.1246 ActiveX Remote Exec 0day PoC
No description provided by source. Author: superli Version: = 5.9.14.1246 Tested on: xpsp3 ie6 Greeting to Xunlei Security Center guys,your guys still not yet release patch or new version to fix the vunl which also can attack Xunlei KanKan Playerhttp://dl.xunlei.com/xmp.html. I exposed this vunl...
Joomla Component com_packages SQL Injection Vulnerability
No description provided by source. + Title : Joomla Component compackages SQL Injection Vulnerability + Author: Kernel Security Group + Data : 2010-05-19 !! + Title : Joomla Component compackages SQL Injection Vulnerability + Author : Kernel Security Group By D3v1l.blackhat + Homepage :...
FreeType TTF File Remote Denial of Service Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/18329/info FreeType is prone to a denial-of-service vulnerability. This issue is due to a flaw in the library that causes a NULL-pointer dereference. This issue allows remote attackers to crash applications that use the...
Wireshark 1.2.1 - GSM A RR Dissector packet.c Unspecified Remote DoS
No description provided by source. source: http://www.securityfocus.com/bid/36408/info Wireshark is prone to multiple denial-of-service vulnerabilities. Exploiting these issues may allow attackers to crash the application and deny service to legitimate users. These issues affect Wireshark 0.99.6...
ProFTPD <= 1.2.9 rc2 (ASCII File) Remote Root Exploit
No description provided by source. ProFTPd remote root exploit solareclipse at phreedom dot org GPG key ID: E36B11B7 http://www.exploit-db.com/sploits/12262006-proftpd-not-pro-enough.tar.gz milw0rm.com 2003-10-15...
CMScout (XSS/HTML Injection) Multiple Vulnerabilities
No description provided by source. ======================================================================= CMScout XSS/HTML Injection Multiple Vulnerabilities =======================================================================...
Winamp 5.5.8 (in_mod plugin) Stack Overflow Exploit (SEH)
No description provided by source. !/usr/bin/python finally got time to finish what I started... Winamp 5.5.8.2985 inmod plugin Stack Overflow SEH WINDOWS XP SP3 EN Fully Patched Bug found by http://www.exploit-db.com/exploits/15248/ POC and Exploit by fdisk @fdiskyou e-mail: fdiskyou at...