WFTPD Server 3.30 - Multiple Vulnerabilities

WFTPD Server 3.30 - Multiple Vulnerabilities include include include include include define ALOCtip,n tipmallocsizeoftipn define POCNAME "WFTPD 3.30 Multiple remote vulnerabilities0day" define AUTHOR "fl0 fl0w" typedef int i32; typedef char i8; typedef short i16; enum True=1, False=0, Error=-1 ;...

PhotoFiltre Studio X .tif file local buffer overflow

Exploit for windows platform in category local exploits ==================================================== PhotoFiltre Studio X .tif file local buffer overflow ==================================================== include define fisier FILE define ALOCtip,n tipmallocsizeoftipn define VER "10.3.0...

Easyzip 2000 v3.5 (.zip) 0day stack buffer overflow PoC exploit

Exploit for windows platform in category local exploits =============================================================== Easyzip 2000 v3.5 .zip 0day stack buffer overflow PoC exploit =============================================================== ?php / Easyzip 2000 v3.5 .zip 0day stack buffer...

VariCAD 2010-2.05 EN - Local Buffer Overflow

/ Exploit Title: VariCAD 2010-2.05 EN Local buffer overflow : Date: 15 March 2010 Author: n00b Realname: carl cope Software Link: http://www.varicad.com/en/home/ Version: All versions are affected. Tested on: Windows xp sp3,Vista sp2,Linux unbuntu CVE : if exists...

Energizer DUO USB Battery Charger Software Backdoor (credentialed check)

The remote Windows host includes an install of the Energizer DUO software, likely included with a Energizer DUO USB battery charger to allow a user to view the battery charging status. The installed version of this software includes the Arugizer backdoor Arucer.dll, which is reported to have been...

CVE-2010-0393

The cupsGetlang function, as used by lppasswd.c in lppasswd in CUPS 1.2.2, 1.3.7, 1.3.9, and 1.4.1, relies on an environment variable to determine the file that provides localized message strings, which allows local users to gain privileges via a file that contains crafted localization data with...

Directory traversal

Directory traversal vulnerability in Apache Tomcat 5.5.0 through 5.5.28 and 6.0.0 through 6.0.20 allows remote attackers to create or overwrite arbitrary files via a .. dot dot in an entry in a WAR file, as demonstrated by a ../../bin/catalina.bat entry...

MS Internet Explorer vbDevKit.dll ActiveX Control Multti Remote Code

Exploit for unknown platform in category remote exploits ============================================================================== MS Internet Explorer vbDevKit.dll ActiveX Control Multti Remote Code Execution ==============================================================================...

CVE-2009-4489

header.c in Cherokee before 0.99.32 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to modify a window's title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an escape sequence for a terminal...

CVE-2009-4453

Insecure method vulnerability in SoftCab Sound Converter ActiveX control sndConverter.ocx 1.2 allows remote attackers to create or overwrite arbitrary files via the SaveFormat method. NOTE: some of these details are obtained from third party information...

CVE-2009-4453

Insecure method vulnerability in SoftCab Sound Converter ActiveX control sndConverter.ocx 1.2 allows remote attackers to create or overwrite arbitrary files via the SaveFormat method. NOTE: some of these details are obtained from third party information...

MvMmall vulnerability analysis-vulnerability warning-the black bar safety net

Author: Sobiny Through the analysis. This program session in the recording mode by include/session. class. php file. This file mvmsession class view source print? 0 1. function handler 0 2. sessionmodulename’user’; 0 3. sessionsetsavehandler 0 4. array’mvmsession’, ’open’, 0 5...

Authentication bypass+file manipulation in Sitecore Staging Mod 5.4.0

Exploit for unknown platform in category web applications ============================================================================ Authentication bypass and file manipulation in Sitecore Staging Module 5.4.0 ============================================================================ SEC...

Authentication bypass and file manipulation in Sitecore Staging Module 5.4.0

No description provided by source. SEC Consult Security Advisory 20091217-0 ========================================================================== title: Authentication bypass and file manipulation in Sitecore Staging Module products: Sitecore Staging Module vulnerable version: Sitecore Stagi...

SEC Consult SA-20091217-0 :: Authentication bypass and file manipulation in Sitecore Staging Module

SEC Consult Security Advisory 20091217-0 ========================================================================== title: Authentication bypass and file manipulation in Sitecore Staging Module products: Sitecore Staging Module vulnerable version: Sitecore Staging Module = 5.4.0 rev.080625 fixed...

Sitecore Staging Module 5.4.0 - Authentication Bypass File Manipulation

Sitecore Staging Module 5.4.0 - Authentication Bypass File Manipulation SEC Consult Security Advisory ========================================================================== title: Authentication bypass and file manipulation in Sitecore Staging Module products: Sitecore Staging Module vulnerab...

Sitecore Staging Module Authentication Bypass

SEC Consult Security Advisory ========================================================================== title: Authentication bypass and file manipulation in Sitecore Staging Module products: Sitecore Staging Module vulnerable version: Sitecore Staging Module = 5.4.0 rev.080625 fixed version:...

Sitecore Staging Module 5.4.0 - Authentication Bypass / File Manipulation

SEC Consult Security Advisory ========================================================================== title: Authentication bypass and file manipulation in Sitecore Staging Module products: Sitecore Staging Module vulnerable version: Sitecore Staging Module = 5.4.0 rev.080625 fixed version:...

Bundled infection ideas implemented-vulnerability warning-the black bar safety net

This is the written bundle of infection, scribbled ideas recorded, originally wanted to write a detailed tutorial, but see the current situation is a complete no. Made a bundle ， the effect is quite good is not difficult slightly recording ...learned this ideas of your own then do also not...

Design/Logic Flaw

Argument injection vulnerability in the sendmail implementation of the Mail::Send method Mail/sendmail.php in the Mail package 1.1.14 for PEAR allows remote attackers to read and write arbitrary files via a crafted $from parameter, a different vector than CVE-2009-4111...