Total Video Player 1.3.1 (Settings.ini) - SEH Buffer Overflow Vulnerability

Usage Info To Exploit: - Replace Settings.ini file in program folder e.g., "C:\Program Files\Total Video Player" - Start Application !/usr/bin/perl my $buffsize = 5000; sets buffer size for consistent sized payload my $header = "Support Groups\r\nVideo="; start of ini file my $footer =...

ALLPlayer 5.7 - '.m3u' UNICODE Buffer Overflow (SEH)

!/usr/bin/perl Exploit Title: ALLPlayer 5.7 .m3u - SEH Buffer Overflow Unicode Date: 11-23-2013 Exploit Author: Mike Czumak Tv3rn1x -- @SecuritySift Vulnerable Software: ALLPlayer 5.7 Software Link: http://www.allplayer.org/download/allplayer Version: 5.7 Tested On: Windows XP SP3 and Windows 7 P...

Sophos Web Protection Appliance Multiple Vulnerabilities

The Sophos Web Protection application running on the remote host is affected by multiple vulnerabilities : - A remote command execution vulnerability exists in the /opt/ws/bin/sblistpack Perl script due to improper sanitization of user-supplied input when the 'action' parameter is set to 'continu...

Broadkam PJ871 - Authentication Bypass

Broadkam PJ871 - Authentication Bypass !/usr/bin/perl d3c0der use HTTP::Request; use LWP::UserAgent; print "= Target : "; $ip=; chomp $ip; print "= new password : "; $npass=; chomp $npass; if $ip ! /^http:/ $ip = 'http://' . $ip; if $ip ! //$/ $ip = $ip . '/'; print "\n"; print "-attacking , plz...

Seowonintech Remote Root Exploit

Remote root exploit for all Seowonintech devices. !/usr/bin/perl + Seowonintech all device remote root exploit v2 ===================================================== author: | email: Todor Donev latin | todor dot donev Òîäîð Äîíåâ cyrillic | @googlemail.com...

ircd-hybrid 8.0.5 - Denial of Service

ircd-hybrid 8.0.5 - Denial of Service !/usr/bin/perl ircd-hybrid remote denial of service exploit for CVE-2013-0238 quick and dirty h4x by kingcope tested against ircd-hybrid-8.0.5 centos6 please modify below in case of buggy code. enjoy! use Socket; srandtime; $exploitingnick = "hybExpl"...

StarVedia IPCamera IC502w IC502w+ v020313 - 'Username'/Password Disclosure

!/usr/bin/perl + StarVedia IPCamera IC502w IC502w+ v020313 remote bypass username/password disclosure exploit Author: Todor Donev Email: todor.donev at gmail dot com Type: Hardware Thanks to Tsvetelina Emirska the best friend in my life and all my other friends for the help and support which give...

Subrion CMS v2.3.x <= (FU/dDB) Multiple Vulnerabilities

This is a critical bug/zero-day found in Subrion CMS v2.3.x , the attacker can get all dump' backups with use PERL script , and the attacker can upload remote sh3ll/file .gif . This is private exploit. You can buy it at https://0day.today...

CVE-2009-2899

The monitor perl script in the Sybase database plug-in in SpringSource Hyperic HQ before 4.3 allows local users to obtain the database password by listing the process and its arguments...

Default credentials

The monitor perl script in the Sybase database plug-in in SpringSource Hyperic HQ before 4.3 allows local users to obtain the database password by listing the process and its arguments...

CVE-2009-2899

The monitor perl script in the Sybase database plug-in in SpringSource Hyperic HQ before 4.3 allows local users to obtain the database password by listing the process and its arguments...

MySQL Remote Preauth User Enumeration Zeroday

No description provided by source. MySQL User Account Enumeration Utility When an attacker authenticates using an incorrect password with the old authentication mechanism from mysql 4.x and below to a mysql 5.x server the mysql server will respond with a different message than Access Denied, what...

jsupload.cgi.pl 0.6.4 Directory Traversal

------------------------------------------------------------------------------------------------------------- Directory traversal vulnerabilities in jsupload.cgi.pl version 0.6.4 and before 29 November 2012 Sean de Regge seanderegge gmail.com...

Perl script jsupload.cgi.pl 0.6.4 Directory Traversal

jsupload.cgi.pl versions 0.6.4 and below suffer from a directory traversal vulnerability. ------------------------------------------------------------------------------------------------------------- Directory traversal vulnerabilities in jsupload.cgi.pl version 0.6.4 and before 29 November 2012...

Snort Multiple HTTP Bypass <= 2.9.3.1 Exploit

Snort® is an open source network intrusion prevention and detection system IDS/IPS developed by Sourcefire. Combining the benefits of signature, protocol, and anomaly-based inspection, Snort is the most widely deployed IDS/IPS technology worldwide. With millions of downloads and nearly 400,000...

MPC &#40;Media Player Classic&#41; WebServer Multiple Vulnerabilities

========================================================================================== MPC Media Player Classic WebServer Multiple Vulnerabilities ==========================================================================================...

MPC (Media Player Classic) XSS / Denial Of Service

========================================================================================== MPC Media Player Classic WebServer Multiple Vulnerabilities ==========================================================================================...

Joomla! Component com_kunena - search SQL Injection

Joomla! Component comkunena - search SQL Injection !/usr/bin/perl Exploit title: Joomla Component comkunena SQL Injection exploit Google Dork: inurl:index.php?option=comkunena& Exploit Author: D35m0nd142 Screenshot : http://imageshack.us/f/155/comkunena2.png/ Vendor HomePage: http://www.joomla.or...

Arctic Torrent 1.2.3 - Memory Corruption (Denial of Service)

Arctic Torrent 1.2.3 - Memory Corruption Denial of Service !/usr/bin/perl Arctic Torrent 1.2.3 Vendor URI: http://int64.org/projects/arctic-torrent/ Vendor Description: A minimal BitTorrent client. It wont have all the pretty features that other torrent apps have, but focuses on low memory and cp...

Arctic Torrent 1.2.3 <= Remote Memory Corruption

Exploit for windows platform in category dos / poc !/usr/bin/perl Arctic Torrent 1.2.3 Vendor URI: http://int64.org/projects/arctic-torrent/ Vendor Description: A minimal BitTorrent client. It wont have all the pretty features that other torrent apps have, but focuses on low memory and cpu usage...