eXPert PDF Editor 7.0.880.0 Crash Exploit

!/usr/bin/perl Title : eXPert PDF Batch Creator v7 Denial of Service Exploit Author : KedAns-Dz E-mail : [email protected] Home : HMD/AM 30008/04300 - Algeria -00213555248701 Twitter page : twitter.com/kedans platform : Windows Impact : Blocked 'vsbatch2pdf.exe' When Generate Tested on : Windows ...

eXPert PDF Batch Creator 7.0.880.0 - Denial of Service

source: https://www.securityfocus.com/bid/47040/info eXPert PDF is prone to a denial-of-service vulnerability. Attackers can exploit this issue to cause the application to crash, denying service to legitimate users. eXPert PDF 7.0.880.0 is vulnerable; other versions may also be affected...

Apple Webkit Root HTMLBRElement Style Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple's Webkit Library. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within how the...

Design/Logic Flaw

Untrusted search path vulnerability in Microsoft Internet Explorer 8 might allow local users to gain privileges via a Trojan horse IEShims.dll in the current working directory, as demonstrated by a Desktop directory that contains an HTML file, aka "Internet Explorer Insecure Library Loading...

WinMerge Insecure Library Loading Vulnerability

A vulnerability has been discovered in WinMerge,which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the application loading libraries in an insecure manner. Libraries list called is as follows: • mfc71enu.dll • mfc71loc.dll This can be...

Oracle Java IE Browser Plugin docbase Parameter Stack Buffer Overflow (CVE-2010-3552)

Java Technology is a programming platform which aims to provide a system for developing and deploying cross-platform applications. A remote attacker could exploit this issue by convincing a user to open a maliciously crafted HTML file with Internet Explorer, which will allow execution of arbitrar...

CS Cart 1.3.3 Cross Site Scripting

Exploit Title: CS CART 1.3.3 INSTALL.PHP XSS Date: 2010-09-08 Author: LogicGate Software Link: http://cs-cart.smartcode.com/ Version: 1.3.3 Tested on: N/A CVE : N/A If "install.php" was not removed after installation simply make an html file with the following code and replace by the PATH to...

Mozilla Foundation Security Advisory 2010-52

Mozilla Foundation Security Advisory 2010-52 Title: Windows XP DLL loading vulnerability Impact: Critical Announced: September 7, 2010 Reporter: Haifei Li, Acros Security Products: Firefox, Thunderbird, SeaMonkey Fixed in: Firefox 3.6.9 Firefox 3.5.12 Thunderbird 3.1.3 Thunderbird 3.0.7 SeaMonkey...

CS-Cart 1.3.3 - 'install.php' Cross-Site Scripting

Exploit Title: CS CART 1.3.3 INSTALL.PHP XSS Date: 2010-09-08 Author: LogicGate Software Link: http://cs-cart.smartcode.com/ Version: 1.3.3 Tested on: N/A CVE : N/A If "install.php" was not removed after installation simply make an html file with the following code and replace by the PATH to...

CS-Cart 1.3.3 - install.php Cross-Site Scripting

CS-Cart 1.3.3 - install.php Cross-Site Scripting Exploit Title: CS CART 1.3.3 INSTALL.PHP XSS Date: 2010-09-08 Author: LogicGate Software Link: http://cs-cart.smartcode.com/ Version: 1.3.3 Tested on: N/A CVE : N/A If "install.php" was not removed after installation simply make an html file with t...

Windows XP DLL loading vulnerability — Mozilla

Security researcher Haifei Li of FortiGuard Labs reported that Firefox could be used to load a malicious code library that had been planted on a victim's computer. Firefox attempts to load dwmapi.dll upon startup as part of its platform detection, so on systems that don't have this library, such ...

Update Protection against Microsoft Internet Explorer Parent Style Uninitialized Memory Corruption Vulnerability (MS10-053)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. A remote attacker could exploit this issue by convincing a user to open a maliciously crafted HTML file with Internet Explorer, which will cause the browser to crash and may allow execution of arbitrary comman...

BarCodeWiz Barcode 3.29 Buffer Overflow

BarCodeWiz Barcode ActiveX Control 3.29 BoF SEH Bug found: 24th July 2010 Author: loneferret Software: http://www.barcodewiz.com/ Nods to exploit-db.com Vulnerable file BarCodeWiz.dll LoadProperties method Tested on: Windows XP Professional SP3 with Internet Explorer 6 Needs adjustment for Intern...

Barcodewiz BarCode ActiveX 3.29 - Denial of Service (PoC)

BarCodeWiz Barcode ActiveX Control 3.29 PoC SEH Bug found: 24th July 2010 Found by: loneferret Software: http://www.barcodewiz.com/ Nods to exploit-db.com Vulnerable file BarCodeWiz.dll LoadProperties method Tested on: Windows XP Professional SP3 & Windows XP Home SP3 Internet Explorer 6 & Intern...

Hua-speed online trading platform oday-vulnerability warning-the black bar safety net

Hua-speed online trading platform oday program: China speed online trading platform Vulnerability description:upload, storm library google keywords: inurl:listbuy. asp? class1 EXP test: Copy the code save it as html file html head meta http-equiv="Content-Type" content="text/html; charset=gb2312"...

BBSGood Forum program indexlabel. asp and labelsave. the asp page has SQL injection vulnerability-vulnerability warning-the black bar safety net

BBSGOOD is domestic first using the cache technology Forum, BBSGOOD posts and list home can generate a static HTML file. Vulnerability analysis: In the file indexlabel. asp: sql="select top 1 Admin,UserName,Password from BBSGoodAdmin where UserName='"&Request. Cookiesbbsinfo&"adminuser"&"' "...

Havij 1.10 Cross Site Scripting

Exploit Title: Havij Persistent XSS =v1.10 Date: 15/6/2010 Author: hexon Software Link: http://itsecteam.com/files/Havij%201.10.rar Version: 1.10 and below Tested on: Windows XP Service Pack 2 Professional, Windows 7 Code : htttp://site.com/file.php?param=XSS Code Havij Persistent XSS =v1.10 By :...

Havij 1.10 - Persistent Cross-Site Scripting

Exploit Title: Havij Persistent XSS =v1.10 Date: 15/6/2010 Author: hexon Version: 1.10 and below Tested on: Windows XP Service Pack 2 Professional, Windows 7 Code : htttp://site.com/file.php?param=XSS Code Havij Persistent XSS =v1.10 By : Hkhexon [email protected] ------------- Vulnerability...

Internet Explorer Windows Help and Support Center Remote Code Execution (CVE-2010-1885)

The Help and Support Center HSC is a feature in Windows that provides help on a variety of topics. HSC enables users to learn about Windows features, download and install software updates, get assistance from Microsoft and so forth. A remote attacker could exploit this issue by convincing a user ...

QtWeb 3.3 - Remote Crash (Denial of Service)

QtWeb 3.3 - Remote Crash Denial of Service Title:QtWeb 3.3 Remote DoS/Crash Exploit Software Link:http://www.qtweb.net/downloads/QtWeb-setup.exe Portable: http://www.qtweb.net/downloads/QtWeb.exe Version: 3.3 Platform:Windows | \ / | | | | | | | | / \ \ / / | | | | '| | | | | | | | | / | || | | |...