3751 matches found
Open-Realty 2.5.6 Local File Inclusion
Exploit Title: Open-Realty v2.5.6 Local File Inclusion Vulnerability Date: 06/10/2012 Author: L0n3ly-H34rT Contact: [email protected] My Site: http://se3c.blogspot.com/ Vendor Link: http://www.open-realty.org/ Software Link: http://www.open-realty.org/release/open-realty2.5.6.zip Version:...
phpMyChat Plus 1.94 RC1 LFI / XSS / RFI / SQL Injection
Exploit Title: phpMyChat Plus v1.94 RC1 Multiple Remote Vulnerabilities Date: 04/10/2012 Author: L0n3ly-H34rT Contact: [email protected] My Site: http://se3c.blogspot.com/ Vendor Link: http://sourceforge.net/projects/phpmychat/ Software Link:...
MaxForum 2.0.0 Local File Inclusion
Exploit Title: MaxForum v2.0.0 Local File Inclusion Vulnerability Date: 25/09/2012 Author: L0n3ly-H34rT Contact: [email protected] My Site: http://se3c.blogspot.com/ Vendor Link: http://www.max4dev.com/demo/ar/ Software Link:...
Arb Blog 0.1 CSRF Vulnerability
Exploit for php platform in category web applications Exploit Title: Arb Blog 0.1 CSRF Vulnerability Author: Mr.731MY Vendor or Software Link: http://www.dev-arb.com/uploads/Files/dev-arb.com1341094517.ZIP Version: 0.1 Category:: WebApp Google dork: intext:All Right Resrved For Dev-Arb.com And...
Apple iOS MobileSafari LibTIFF Buffer Overflow
This module exploits a buffer overflow in the version of libtiff shipped with firmware versions 1.00, 1.01, 1.02, and 1.1.1 of the Apple iPhone. iPhones which have not had the BSD tools installed will need to use a special payload. This module requires Metasploit: https://metasploit.com/download...
Support4Arabs Pages 2.0 SQL Injection
Exploit Title: Support4Arabs Pages v2.0 Remote SQL Error Based Injection Vulnerability Date: 04/9/2012 Author: L0n3ly-H34rT Contact: [email protected] My Site: http://se3c.blogspot.com/ Vendor Link: http://www.support4arabs.com/ Software Link:...
KingCmsSQL injection plus+code execution-vulnerability warning-the black bar safety net
Detailed description: function kcpageLoad if KCMAGICQUOTESGPC $GET=kcstripslashesarray$GET; $POST=kcstripslashesarray$POST; $COOKIE=kcstripslashesarray$COOKIE; $array=array'PHPSELF','SCRIPTURI','QUERYSTRING','PATHINFO','PATHTRANSLATED'; foreach$array as $val ifisset$SERVER$val...
Islamnt <= Remote Blind SQL Injection Exploit
Exploit for php platform in category web applications Query"select $val from styles where idstyle='$styledefault'"; FetchO$seltemp; $this-temp = $rowtemp-$val; $this-temp = stripslashes$this-temp; / print "\n+------------------------------------------------------------+"; print "\n| Islamnt =...
Mandriva Update for file MDVSA-2012:035 (file)
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Magic Web Systems - SQL Injection Vulnerability
Exploit for php platform in category web applications 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 x...
Magic Web Systems SQL Injection
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 x Official Website: http://www.1337day.com 0 1 x...
phpPaleo - Local File Inclusion
phpPaleo - Local File Inclusion 'phpPaleo' Local File Inclusion CVE-2012-1671 Mark Stanislav - [email protected] I. DESCRIPTION --------------------------------------- A vulnerability exists in index.php for language handling that allows for local file inclusion using a null-byte attack on...
phpMoneyBooks 1.0.2 Local File Inclusion
'phpMoneyBooks' Local File Inclusion CVE-2012-1669 Mark Stanislav - [email protected] I. DESCRIPTION --------------------------------------- A vulnerability exists in index.php for module handling that allows for local file inclusion using a null-byte attack on the 'module' GET parameter...
CVE-2011-3056
Google Chrome before 17.0.963.83 allows remote attackers to bypass the Same Origin Policy via vectors involving a "magic iframe."...
CVE-2011-3056
Google Chrome before 17.0.963.83 allows remote attackers to bypass the Same Origin Policy via vectors involving a "magic iframe."...
CVE-2011-3056
Google Chrome before 17.0.963.83 allows remote attackers to bypass the Same Origin Policy via vectors involving a "magic iframe."...
CVE-2011-3056
Google Chrome before 17.0.963.83 allows remote attackers to bypass the Same Origin Policy via vectors involving a "magic iframe."...
CVE-2011-3056
CVE-2011-3056 affects Google Chrome prior to 17.0.963.83, where a cross-origin policy bypass is possible via a vector involving a “magic iframe.” The underlying issue is a Same Origin Policy bypass in the browser’s handling of iframes, enabling partial confidentiality/integrity exposure. The publ...
CVE-2011-3056
Removed by vendor...
PYSEC-2012-24
The RAR file parser in ClamAV 0.96.4, Rising Antivirus 22.83.00.03, Quick Heal aka Cat QuickHeal 11.00, G Data AntiVirus 21, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Command Antivirus 5.2.11.5, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Emsisoft Anti-Malware 5.1.0....