1086 matches found
Abe Timmerman zml.cgi File Disclosure Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/3759/info zml.cgi is a perl script which can be used to support server side include directives under Apache. It recognizes a simple set of commands, and allows access to cgi parameters and environment variables. It can ru...
Simple DNS Plus <= 5.0/4.1 - Remote Denial of Service Exploit
No description provided by source. !/usr/bin/perl Simple DNS Plus 5.0/4.1 remote Denial of Service exploit usage: sdns-dos.pl dns server dns source port num of packets Exploit written by Exodus. http://www.blackhat.org.il use IO::Socket; if@ARGV 3 printsdns-dos.pl dns server dns source port num o...
eStara Softphone <= 3.0.1.46 (SIP) Remote Buffer Overflow Exploit (2)
No description provided by source. !/usr/bin/perl -s damn-hippie.pl by kokanin google estara, it shows sip stuff and a hippie Remote estara softphone exploit, executable version info = 3.0.1.2 kokanin did the research, metasploit.com did the encoded bindshell on tcp/5060 Lets face it, most users...
Apache Tomcat Remote Exploit (PUT Request) and Account Scanner
No description provided by source. ISOWAREZ RELEASE By KINGCOPE - YEAR 2012 -== Apache Tomcat Remote Exploit and Account Scanner ==- the modified pnscan scanner utility scans a range of IPs to find open apache tomcat servers by trying the following login access combinations: tomcat:tomcat...
Asterisk 'asterisk-addons' 1.2.7/1.4.3 CDR_ADDON_MYSQL Module SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/26095/info Asterisk 'asterisk-addons' package is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an...
Picture Rating 1.0 - Blind SQL Injection Exploit
No description provided by source. !/usr/bin/perl -- Picture Rating 1.0 Blind SQL Injection Exploit -- -Info/Instructions- After running this perl script, you will have admin details therefore you will be able to login to the admin area at http://site.com/control/ ok once you have logged in has...
Firebird 1.0 - Remote Pre-Authentication Database Name Buffer Overrun Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/10446/info Firebird is reported prone to a remote buffer-overrun vulnerability. The issue occurs because the application fails to perform sufficient boundary checks when the database server is handling database names. A...
CesarFTP 0.99 g Remote CWD Denial of Service Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/7950/info A vulnerability has been reported for CesarFTP. Reportedly, an attacker may crash a target server by supplying excessive data as the argument to the 'CWD' command. This may result in the server hanging,...
AnalogX SimpleServer:WWW <= 1.05 Denial of Service Exploit
No description provided by source. !/usr/bin/perl use IO::Socket; if @ARGV 2 print \n ::: ---------------------------------------------- :::\n; print ::: AnalogX SimpleServer WWW 1.05 Dos Exploit :::\n; print ::: :::\n; print ::: Advisory : http://www.ussrback.com/labs45.html :::\n; print ::: By ...
SWSoft ASPSeek 1.0 s.cgi Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/2492/info A buffer overflow in ASPSeek versions 1.0.0 through to 1.0.3 allows for arbitrary code execution with the privileges of the web server. The vulnerable script is s.cgi and the buffer overflow can be accessed by...
Simple Machines Forum 1.1.3 - Remote Blind SQL Injection Exploit
No description provided by source. !/usr/bin/perl Written By Michael Brooks contact: th3dotr00katgmaildotcom SMF 1.1.3 Extremely fast Blind SQL Injection Exploit! -Binary Search -Multi-Threaded -NO benchmark's Two SQL Injection flaws. Works with magicquotesgpc=On or Off. Total Bypass of SMF's SQL...
Lizardware CMS <= 0.6.0 - Blind SQL Injection Exploit
漏洞类型: 输入验证错误 漏洞文件: /administrator/index.php 漏洞成因: 在index.php 中,未对用户输入进行过滤从而导致注入 参考: http://www.securityfocus.com/bid/32898/solution !/usr/bin/perl -w Lizardware CMS = 0.6.0 Blind SQL Injection Exploit by athos - stakerathotmaildotit http://sourceforge.net/projects/lizardwarecms/ use strict; use...
SPECTral Personal SMTP Server <= 0.4.2 - Denial of Service Exploit
No description provided by source. !/usr/bin/perl use IO::Socket; Small config If service not DoSeD try to increase this value. Number of trys for DoS. $trys = 10; Quantity signs for atack. $buf = 200000; if @ARGV 1 print \n /\n; print DoS - SPECTral Personal SMTP Server = 0.4.2 b 338 \n; print...
BlueZone Malformed .zft file Local Denial of Service
No description provided by source. !/usr/bin/perl -w Exploit Title: BlueZone Desktop Malformed .zft ffeil Local Denial of Service Date: 24-10-11 Author: Iolo Morganwg Version: BlueZone Secure FTP v5.2C1 Build 1469 Download:...
EQdkp <= 1.3.2 (listmembers.php rank) Remote SQL Injection Exploit
No description provided by source. !/usr/bin/perl -w EQdkp = 1.3.2 SQL Injection Exploit Discovered by: Silentz Payload: Admin Username & Hash Retrieval Website: http://www.w4ck1ng.com Vulnerable Code listmembers.php: $sql = 'SELECT m., m.memberearned-m.memberspent+m.memberadjustment AS...
RCblog <= 1.03 (post) Remote Command Execution Exploit
No description provided by source. !/usr/bin/perl $App : RCblog = 1.03 Remote Command Execution Exploit $Bug : http://tinyphp/index.php?post=../afile%00 $IHST: h4ckerz.com / hackerz.ir / coded & discovered By Hessam-x Hessamx -at- Hessamx.net use IO::Socket; use LWP::Simple; print...
Tower Toppler 0.99.1 Display Variable Local Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/7028/info It has been reported that a buffer overflow exists in Tower Toppler. A local user may be able to exploit this issue to execute code with the privileges of the toppler program. !/usr/bin/perl [email protected]...
CompleteFTP 3.3.0 - Remote Memory Consumption DoS
No description provided by source. !/usr/bin/perl Title: CompleteFTP v3.3.0 - Remote Memory Consumption DoS Author: Jonathan Salwan submit!shell-storm.org Web: http://www.shell-storm.org 60 sec for satured 2Go RAM use IO::Socket; print \nxCompleteFTP v3.3.0 - Remote Memory Consumption DoS\n; if...
Terminal Server Client .rdp Denial of Service
No description provided by source. !/usr/bin/perl Exploit Title: Terminal Server Client .rdp Dos Date: 2011-02-01 Author: D3V!L FUCKER Software Link: sudo apt-get install tsclient ^^ Version: All Version Tested on: ubuntu 10.10 press to open then chois the T-T34M.rdp file then connect ^^ C0d3d By...
ClipShare 2.6 - Remote User Password Change Exploit
No description provided by source. !/usr/bin/perl -w priv8 Pr0metheuS Exploit Name: Clipshare Remote User Password Change Exploit Version Script: Clipshare 2.6 Dork: Powered by Clipshare EnjoY print -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-; print \nClipshare 2.6 Remote User Passord Change...