Invision Power Board <= 2.1.4 (Register Users) Denial of Service Exploit

No description provided by source. !/usr/bin/perl use IO::Socket; | | | \ | | |/ IPB Register Multiple Users Denial of Service Doesn't Work on forums using Code Confirmation Created By SkOd SED security Team http://www.sed-team.be [email protected] ISRAEL print q Invision Power Board Multiple Use...

AKoff MIDI Player 1.00 - Buffer Overflow Exploit

No description provided by source. !/usr/bin/perl AKoff MIDI Player 1.00 Buffer Overflow Exploit By cr4wl3r cr4wl3r\x40linuxmail\x2Eorg gr33tz: str0ke, opt!x hacker, xoron, EA ngel, zvtral, Hmei7, mywisdom, cyberlog, irvian, and all my friend thanks: milw0rm, darkc0de, exploit-db, inj3ct0r,...

Cisco CBOS 2.x Broadband Operating System TCP/IP Stack Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/4815/info Cisco Broadband Operating System CBOS is the operating system used on Cisco 600 series routers. When the CBOS TCP/IP stack is forced to process a high number of unusually large packets, it will consume all memor...

KTP Computer Customer Database CMS 1.0 - Local File Inclusion Vulnerability

No description provided by source. !/usr/bin/perl -w ====================================== KTPCCD Local File Inclusion Exploit ====================================== ,--^----------,--------,-----,-------^--, | ||||||||| --------' | O .. CWH Underground Hacking Team...

Oracle 9i/10g DBMS_METADATA.GET_DDL - SQL Injection Exploit (2)

No description provided by source. !/usr/bin/perl Remote Oracle DBMSMETADATA.GETDDL exploit 9i/10g - Version 2 - New evil cursor injection tip! - No create procedure privileg needed! - See: http://www.databasesecurity.com/ Cursor Injection Grant or revoke dba permission to unprivileged user Teste...

Endymion MailMan 3.0..x Remote Arbitrary Command Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2063/info A vulnerability exists in 3.x versions of Endymion MailMan Webmail prior to release 3.0.26. The widely-used Perl script provides a web-email interface. Affected versions make insecure use of the perl open...

vqSoft vqServer 1.4.49 DoS Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1610/info vqServer 1.4.49 is subject to a buffer overflow. If a GET request is sent to the server containing 65 000 characters the server will stop responding. A reboot is required in order to gain normal functionality...

MailEnable Professional/Enterprise <= 2.37 Denial of Service Exploit

No description provided by source. !/usr/bin/perl maildisable-v7.pl Mail Enable Professional/Enterprise v2.32-7 win32 by mu-b - Wed Feb 14 2007 - Tested on: Mail Enable Professional v2.37 win32 use Getopt::Std; getopts't:', %arg; use Socket; use MIME::Base64; my $target; if defined$arg't' $target...

AWStats < 6.4 (referer) Remote Command Execution Exploit

No description provided by source. !/usr/bin/perl AWStats 6.4 command execution exploit based on http://www.idefense.com/application/poi/display?id=290&type=vulnerabilities coded by 1dt.w0lf 11.08.2005 RST/GHC http://rst.void.ru http://ghc.ru Note Exploitation will not occur until the stats page...

xmlrpc.php Library <= 1.3.0 - Remote Command Execute Exploit (3)

No description provided by source. !/usr/bin/perl -w XML-RPC Remote Command Execution Exploit By Mike Rifone This works on da phpxmlrpc, and da PEAR XMLRPC too! All you need is to put the url to the server and u get shell Dis is my first exploit but hey it works :D Mike@Rifone use LWP::UserAgent;...

Flip <= 3.0 - Remote Password Hash Disclosure Exploit

No description provided by source. !/usr/bin/perl use strict; use IO::Socket; my $app = Flip = 3.0; my $type = Passwords Hash Disclosure; my $author = undefined1; my $vendor = http://sourceforge.net/projects/flipsource; banner; my $server = shift || usage; my $port = shift || usage; if$server =...

TPTEST <= 3.1.7 Stack Buffer Overflow PoC

No description provided by source. !/usr/local/bin/perl TPTEST = 3.1.7 maby also 5.0.2? tptest.sourceforge.net stackbased buffer overflow poc in server client can also be exploit author: ffwd use IO::Socket;$host,$port=@ARGV; $rem=IO::Socket::INET-newProto=tcp,PeerAddr=$host,PeerPort=$port;...

EasyPublish 3.0 'read' Parameter Multiple SQL Injection and Cross-Site Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/30307/info EasyPublish is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied data. The issues include SQL-injection and cross-site scripting vulnerabilities...

PunBB version <= 1.2.2 - Authentication Bypass Exploit

No description provided by source. !/usr/bin/perl use IO::Socket; PunBB version = 1.2.2 auth bypass exploit ------------------------------------------------- About vuln: lets look file /include/functions.php code start function checkcookie&$punuser ... if isset$COOKIE$cookiename...

Greg Matthews Classifieds.cgi 1.0 Hidden Variable Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2019/info Classifieds.cgi is a perl script part of the classifieds package by Greg Matthews which provides simple classified ads to web sites. Due to improper input validation it can be used to execute any command on the...

Novell GroupWise Messenger 2.0 - Client Buffer Overflow Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/29602/info Novell GroupWise Messenger is prone to two buffer-overflow vulnerabilities because it fails to adequately bounds-check user-supplied data before copying it to an insufficiently sized buffer. Attackers can explo...

Kloxo Remote Root Exploit

Kloxo remote root exploit that leverages a blind SQL injection and injects a perl connect back shell /bin/sh with root privilege. !/usr/bin/perl Title: Kloxo remote root exploit Author: Simo Ben youssef Contact: SimoatMorxploitcom Coded: 28 January 2014 Published: 26 February 2014 MorXploit...

[CGE] Cisco Global Exploiter

Cisco Global Exploiter CGE, is an advanced, simple and fast security testing tool/ exploit engine, that is able to exploit 14 vulnerabilities in disparate Cisco switches and routers. CGE is command-line driven perl script which has a simple and easy to use front-end. CGE can exploit the following...

WordPress Plugin Global Flash Gallery - &#039;swfupload.php&#039; Arbitrary File Upload

source: https://www.securityfocus.com/bid/65060/info The Global Flash Gallery plugin for WordPress is prone to a vulnerability that lets attackers upload arbitrary files. The issue occurs because it fails to properly validate file extensions before uploading them. An attacker may leverage this...

[Beast-Check] SSL/TLS BEAST Vulnerability Check

A small perl script that checks a target server whether it is prone to BEAST vulnerability via target preferred cipher. It assumes no workaround i.e. EMPTY FRAGMENT applied in target server. Some sources said this workaround was disabled by default for compatibility reasons. This may be the reaso...