Eznet 3.5.0 - Remote Stack Overflow and Denial of Service Exploit

No description provided by source. !/usr/bin/perl -w Stack Overflow in eZnet.exe - Remote Exploit Will download a trojan from any address which you provide on the target system, then will execute the trojan. For this exploit I have tried several strategies to increase reliability and performance:...

Pserv 2.0 User-Agent HTTP Header Buffer Overflow Vulnerability (1)

No description provided by source. source: http://www.securityfocus.com/bid/6286/info A buffer overflow vulnerability has been reported in Pserv. The buffer overflow condition is due to the way Pserv handles data streams from remote connections. An attacker can exploit this vulnerability by issui...

LPRNG html2ps 1.0 - Remote Command Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/6079/info A vulnerability has been discovered in the html2ps filter which is included in the lprng print system. It has been reported that it is possible for a remote attacker to execute arbitrary commands. The attacker...

BlazeDVD Pro player 6.1 - Stack Based Buffer Overflow (Direct Ret)

No description provided by source. !/usr/bin/perl BlazeDVD Pro player 6.1 Local stack based buffer overflow Author: PuN1sh3r Email: [email protected] Date: Mon Jul 15 03:01:37 EDT 2013 Vendor link: http://www.blazevideo.com/download.htmm Software Link:...

LHA 1.x Multiple extract_one Buffer Overflow Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/10354/info LHA has been reported prone to multiple vulnerabilities that may allow a malicious archive to execute arbitrary code or corrupt arbitrary files when the archive is operated on. These issues are triggered in the...

MS Windows GDI+ - Proof of Concept (MS08-052) (2)

No description provided by source. ------------------------------------------------------------------------------------------------------------ Operating System: XP SP2 Gdiplus.dll Version: 5.1.3102.2180 Credit: John Smith, Evil Fingers GIF Template Reference:...

Sports Clubs Web Panel 0.0.1 - Remote Game Delete Exploit

No description provided by source. !/usr/bin/perl -W Sports Clubs Web Panel 0.0.1 Remote Game Delete Exploit File affected: include/draw-delete.php id Vuln Code: 06: $did = $GET'id'; 08: mysqlqueryDELETE FROM draw WHERE did='$did'; by ka0x ka0x01 at gmail dot com D.O.M Labs - Security Researchers...

Softek MailMarshal 4,Trend Micro ScanMail 1.0 SMTP Attachment Protection Bypass

No description provided by source. source: http://www.securityfocus.com/bid/3097/info At least two SMTP gateway products have been identified which contain flaws in the handling of restricted filetypes as attachments. An attacker can insert extraneous characters in the filename extension of a...

Joomla Component n-forms 1.01 - Blind SQL Injection Exploit

No description provided by source. !/usr/bin/perl use LWP::UserAgent; use Getopt::Long; if!$ARGV1 print \n; print \n; print Mambot Component n-forms Blind SQL Injection Exploit \n; print Author:The Moorish :D \n; print Greetz:Team-dz,His0k4,x.CJP.x,Kader11000,c02,piRAte DIgitAL\n; print...

ZipScan 2.2c SEH

No description provided by source. !/usr/bin/perl Software : ZipScan 2.2c .zip Bug found by : Lincoln Author : Lincoln & corelanc0d3r OS : Windows Tested on : XP SP3 En VirtualBox Type of vuln : SEH Greetz to : Corelan Security Team...

CGIScript.NET csMailto Hidden Form Field Remote Command Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/4579/info CGIScript.NET csMailto is a Perl script designed to support multiple mailto: forms. A vulnerability has been reported in some versions of this script. Reportedly, configuration values used by the script are...

P2GChinchilla HTTP Server 1.1.1 - Denial of Service Exploit

No description provided by source. !/usr/bin/perl File Name :P2GChinchillaTM HTTP Server Vuln : Remote Denial Of Service Exploit Auther : Zer0 Thunder Msn : [email protected] ==------ Exploit Title: P2GChinchillaTM HTTP Server 1.1.1 Remote Denial Of Service Exploit Date: 22/01/2010...

Hughes Technologies DSL_Vdns 1.0 - Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2700/info It is possible for a remote user to cause a denial of service on a host running DSLVdns. Submitting data to port 6070 and closing the connection before the request is fulfilled, will cause DSLVdns to enter a...

IISPop 1.161/1.181 Remote Buffer Overflow Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/6183/info IISPop is vulnerable to a denial of service caused by a buffer overflow. By sending an unusually large amount of data to IISPop on TCP port 110, the application will terminate with an access violation. Arbitrary...

BlogPHP 2 - (id) XSS / Remote SQL Injection Exploit

No description provided by source. !/usr/bin/perl BlogPHP V.2 Multiple Remote Vulnerabilities SQL Injection Exploit/XSS AUTHOR : IRCRASH Discovered by : Dr.Crash Exploited By : Dr.Crash IRCRASH Team Members : Dr.Crash - Malc0de - R3d.w0rm Script Download :...

Hanso Player 1.3.0 - (.m3u) Denial of Service Vulnerability

No description provided by source. Exploit Title: Hanso Player Version 1.3.0 .m3u DoS Date: 10/02/2010 Author: xsploited security Software Link: http://www.hansotools.com/downloads/hanso-player-setup.exe Version: 1.3.0 Tested on: Windows XP Pro SP3 CVE : N/A EAX 00000001 ECX 80567B8E EDX EDD619A0...

Pcshey Portal 'kategori.asp' SQL Injection Vulnerability

No description provided by source. !/usr/bin/perl Coded By U238 Discovered By U238 mail : setuid.noexec0x1athotmail.com From : Türkiye / Erzincan Thnx : TheBekiR - ZeberuS - Fahn - ka0x - Deep Power - Marco Almeida Gretz: http://bilisimMimarileri.com : http://bilgiguvenligi.gov.tr Mesut Timur &...

WorkforceROI Xpede 4.1/7.0 Weak Password Encryption Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/4344/info An issue has been reported in Xpede, which could lead to a compromise of user authentication information. Reportedly, Xpede cookies containing username and password data is stored using a weak encryption method...

PHPSelect Submit-A-Link HTML Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/17348/info Submit-A-Link is prone to an HTML-injection vulnerability. The script fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script code woul...

Free WMA MP3 Converter 1.1 - (.wav) Local Buffer Overflow

No description provided by source. !/usr/bin/perl Free WMA MP3 Converter v1.1 .wav Local Buffer Overflow seh Vendor: http://www.eusing.com/ Discovered by: KriPpLer http://www.x-sploited.com/ Tested on: Windows XP Pro SP2. Description: FREE WMA MP3 converter v1.1 Local Buffer Overflow Exploit SEH...