Cometchat Application - Multiple Vulnerabilities

Exploit-DB Note 20-02-2013: A security patch appears to have been released to address the issue: http://www.cometchat.com/blog/cometchat-critical-security-update/ Info: All Cometchat Application Multiple Vulnerabilities Cometchat is a application which can be used in many site for example phpFox,...

Cometchat - Multiple Vulnerabilities

Cometchat - Multiple Vulnerabilities / / / \ / / / / / / / / / / / // / / / / / / // / // / / / / | // / / / / / // / / / // / /,// /////,// ///// , / // Cometchat chat Application All Version Multiple Vulnerabilities Cometchat is a chat application which in use Vbulletin,Xenforo,SMF,MyBB...

IRIS Citations Management Tool - (Authenticated) Remote Command Execution

Here is a bug that I finally found time to write about :- https://infosecabsurdity.wordpress.com/2013/02/09/iris-citations-management-tool-post-auth-remote-command-execution/ The attached contains my mini framework, exploit and screenshot. Cheers! aeon I Read It Somewhere IRIS = v1.3 post auth...

CVE-2013-1408

creationtimestamp| type| source ---|---|--- 2013-02-06 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/38297...

CMS snews SQL injection and fix-vulnerability warning-the black bar safety net

Title: CMS snews SQL Injection Vulnerability Author: By onestree Download address : http://snewscms.com/ Test platform : ubuntu 12.10 / win 7 Keywords: inurl:"tanyakan pada rumput yang bergoyang" SQL poc: http://www.2cto.com /snews/snews. php? act=shownews&id=SQL Example...

CMS snews - SQL Injection

CMS snews - SQL Injection / | / \ / / \ / /\ \ / / \ | \ / \ \ | | | | /\ /\ / /|| /\ | | || \ \ / / / / / Exploit Title : CMS snews SQL Injection Vulnerability Author : By onestree Software Link : http://snewscms.com/ tested : ubuntu 12.10 / win 7 Dork : inurl:"tanyakan pada rumput yang...

phpShop 2.0 - SQL Injection

phpShop 2.0 - SQL Injection Exploit Title : phpshop 2.0 SQL Injection Vulnerability Author : By onestree Software Link : http://code.google.com/p/phpshop/downloads/list tested : windows 7 / ubuntu Dork : inurl:"tanyakan pada rumput yang bergoyang" SQLi p0c: ==================...

phpShop 2.0 - SQL Injection

Exploit Title : phpshop 2.0 SQL Injection Vulnerability Author : By onestree Software Link : http://code.google.com/p/phpshop/downloads/list tested : windows 7 / ubuntu Dork : inurl:"tanyakan pada rumput yang bergoyang" SQLi p0c: ================== http://localhost/phpshop...

BlazeDVD 6.1 PLF Exploit DEP/ASLR Bypass

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'BlazeDVD 6.1 PLF...

MyBB AwayList Plugin - 'index.php?id' SQL Injection

Exploit Title: AwayList MyBB plugin SQLi 0day Exploit Author: RedHat Team Vect0r Software Link: http://mods.mybb.com/view/awaylist Tested on: Windows & Linux. Vulnerable code : simpleselect // 245 "awaylist", '', "id = '" . $mybb-input'id' . "'" // 246 ; // 247 $item = $db-fetcharray$query; // 24...

dotProject <= 2.1.6 Local File Include Vulnerability

dotProject is prone to a local file-include vulnerability because it fails to sufficiently sanitize user-supplied input. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

Narcissus RCE Vulnerability (Nov 2012) - Active Check

Narcissus is prone to a vulnerability that lets attackers execute arbitrary code. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if descriptio...

Xivo 1.2 - Arbitrary File Download

Xivo 1.2 - Arbitrary File Download Xivo 1.2 Arbitrary File Download under root privileges =============================================================== Date: 6/11/2012 Exploit Author: Mr.Un1k0d3r Vendor Homepage: https://wiki.xivo.fr Software Link:...

Aladdin Knowledge System Ltd - &#039;PrivAgent.ocx&#039; ChooseFilePath Buffer Overflow

//Messagebox jsle var MessageBox = unescape '%ue9be%uac66%udb2b%ud9c2%u2474%u58f4%uc931%u3fb1%uc083%u3104%u1070%u7003%u0b10'+ '%u7593%u50c0%uf285%u9233%u2907%u2d89%u0459%u5a8a%ua6e8%u2ad8%u4c07%ucea8%u149c'+ '%u655d%ub8dc%u4fd6%uf619%udaf0%u51aa%uf500%u83b2%u7e62%u6020%u0b47%u54fc%u5f0c'+...

ManageEngine Security Manager Plus <= 5.5 build 5505 Multiple Vulnerabilities - Active Check

ManageEngine Security Manager Plus is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2012-4528

creationtimestamp| type| source ---|---|--- 2012-10-17 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/37949...

Cartweaver <= 3.0 LFI Vulnerability - Active Check

Cartweaver is prone to a local file inclusion LFI vulnerability. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

NCMedia Sound Editor Pro 7.5.1 - Local Overflow (SEH + DEP Bypass)

!/usr/bin/python --------------------------------------------------------------------------- Exploit: NCMedia Sound Editor Pro v7.5.1 SEH&DEP Author: b33f - http://www.fuzzysecurity.com/ OS: Windows 7 Pro SP1 probably universal across 32-bit POC - Julien Ahrens XP SP3:...

phptax 0.8 - Remote Code Execution

phptax 0.8 - Remote Code Execution ----------------------------------------------------- phptax 0.8 Vendor information: "PhpTax is free software to do your U.S. income taxes. Tested under Unix environment. The program generates .pdfs that can be printed and sent to the IRS. See homepage for detai...

phptax 0.8 - Remote Code Execution

----------------------------------------------------- phptax 0.8 Vendor information: "PhpTax is free software to do your U.S. income taxes. Tested under Unix environment. The program generates .pdfs that can be printed and sent to the IRS. See homepage for details and screenshot." Vendor URI:...