RCblog <= 1.03 (post) Remote Command Execution Exploit

No description provided by source. !/usr/bin/perl $App : RCblog = 1.03 Remote Command Execution Exploit $Bug : http://tinyphp/index.php?post=../afile%00 $IHST: h4ckerz.com / hackerz.ir / coded & discovered By Hessam-x Hessamx -at- Hessamx.net use IO::Socket; use LWP::Simple; print...

MyBulletinBoard (MyBB) < 1.1.3 - Remote Code Execution Exploit

No description provided by source. !/usr/bin/perl Tue Jun 13 12:37:12 CEST 2006 [email protected] Exploit HOWTO - read this before flood my Inbox you bitch! - First you need to create the special user to do this use: ./mybibi.pl --host=http://www.example.com --dir=/mybb -1 this step needs a graph...

Limbo CMS <= 1.0.4.2 (ItemID) Remote Code Execution Exploit

No description provided by source. !/usr/bin/perl Limbo CMS = 1.0.4.2 ItemID Remote Code Execution Exploit Bug Discovered by: Coloss / Epsilon advance1atgmail.com http://coded.altervista.org/limbophp.pl /str0ke milw0rm.com use LWP::Simple; $serv = $ARGV0; $path = $ARGV1; $command = $ARGV2; $cmd =...

RedHat Linux 7.0 Roaring Penguin PPPoE Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2098/info Roaring Penguin Software's PPPoE is a freeware PPP over Ethernet client often used by ADSL subscribers running Linux or NetBSD. PPPoE contains a possibly remotely exploitable denial of service vulnerability in i...

Teamtek Universal FTP Server Multiple Commands Remote Denial of Service Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/21085/info Universal FTP Server is prone to multiple remote denial-of-service vulnerabilities because the application fails to handle exceptional conditions. An attacker can exploit these issues to crash the affected...

WorkforceROI Xpede 4.1/7.0 Weak Password Encryption Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/4344/info An issue has been reported in Xpede, which could lead to a compromise of user authentication information. Reportedly, Xpede cookies containing username and password data is stored using a weak encryption method...

Cacti <= 0.8.6d Remote Command Execution Exploit

No description provided by source. Note: This exploit contains backdoor shell code that is not located on this server. /str0ke !/usr/bin/perl Remote Command Execution Exploit for Cacti = 0.8.6d This exploit open a remote shell on the targets that uses Cacti TARGET HOST MUST BE A GNU/LINUX SERVER,...

IISPop 1.161/1.181 Remote Buffer Overflow Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/6183/info IISPop is vulnerable to a denial of service caused by a buffer overflow. By sending an unusually large amount of data to IISPop on TCP port 110, the application will terminate with an access violation. Arbitrary...

ActivePerl 5.x,Larry Wall Perl 5.x Duplication Operator Integer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/10380/info ActiveState Perl is reported to be prone to an integer overflow vulnerability. It is revealed through testing that other implementations are also vulnerable. The issue is reported to exist due to a lack of...

Novell eDirectory 8.8 SP5 (Post Auth) Remote BOF Exploit

No description provided by source. Exploit Title: Novell eDirectory 8.8 SP5 Post Auth Remote BOF Exploit 0day Date: 06/01/2010 Author: His0k4 & Simo36 Version: 8.8 SP5 Tested on: Windows xp sp3 Code : !usr\bin\perl use WWW::Mechanize; use HTTP::Cookies; use HTTP::Headers; $target=$ARGV0; if!$ARGV...

E-Mail Security Virtual Appliance (ESVA) Remote Execution

No description provided by source. Exploit Title: E-Mail Security Virtual Appliance ESVA Remote Execution. Date: 10 Aug 2012 Exploit Author: iJoo Vendor Homepage: http://www.esvacommunity.com/ Software Link: http://sourceforge.net/projects/esva-project/ Version: 2.0.6 ESVA E-Mail Security Virtual...

Novell GroupWise Messenger 2.0 - Client Buffer Overflow Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/29602/info Novell GroupWise Messenger is prone to two buffer-overflow vulnerabilities because it fails to adequately bounds-check user-supplied data before copying it to an insufficiently sized buffer. Attackers can explo...

phusion webserver 1.0 - Directory Traversal vulnerability (2)

No description provided by source. source: http://www.securityfocus.com/bid/4117/info Phusion Webserver is a commercial HTTP server that runs on Microsoft Windows 9x/NT/2000 operating systems. Phusion Webserver is prone to directory traversal attacks. It is possible to break out of wwwroot using...

Envolution <= 1.1.0 (topic) Remote SQL Injection Exploit

No description provided by source. !/usr/bin/perl use LWP::UserAgent; use HTTP::Cookies; if@ARGV 3 usage; exit; $site = $ARGV0; Site Target $path = $ARGV1; Path direktori envolution1-0-1 $usid = $ARGV2; member id $www = new LWP::UserAgent; $sql =...

PlaySMS <= 0.7 - SQL Injection Exploit

No description provided by source. !/usr/bin/perl PlaySMS version 0.7 and prior SQL Injection PoC Written by Noam Rathaus of Beyond Security Ltd. use IO::Socket; use strict; my $host = $ARGV0; my $remote = IO::Socket::INET-new Proto = tcp, PeerAddr = $host, PeerPort = 80 ; unless $remote die cann...

eZip Wizard 3.0 (.zip) SEH

No description provided by source. !/usr/bin/perl Software : eZip Wizard 3.0 .zip Author : Lincoln & corelanc0d3r Discovered by : fl0 fl0w Reference : http://www.exploit-db.com/exploits/8180 OS : Windows Tested on : XP SP3 En VirtualBox Type of vuln : SEH Greetz to : Corelan Security Team & fl0...

Tower Toppler 0.99.1 Display Variable Local Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7028/info It has been reported that a buffer overflow exists in Tower Toppler. A local user may be able to exploit this issue to execute code with the privileges of the toppler program. !/usr/bin/perl [email protected]...

gAlan 0.2.1 - Buffer Overflow 0day Exploit

No description provided by source. !/usr/bin/perl kpasa.pl AKA gAlan Buffer Overflow 0day Exploit Jeremy Brown [email protected]//jbrownsec.blogspot.com//krakowlabs.com 12.07.2009 From Static Analysis to 0day Exploit Originally a SecurityTubeCon Presentation, which I'm guessing was canceled...

Abe Timmerman zml.cgi File Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/3759/info zml.cgi is a perl script which can be used to support server side include directives under Apache. It recognizes a simple set of commands, and allows access to cgi parameters and environment variables. It can ru...

Lotus Domino Server 5.0.x Directory Traversal Vulnerability (1)

No description provided by source. source: http://www.securityfocus.com/bid/2173/info It is possible for a remote user to gain access to any known file residing on the Lotus Domino Server 5.0.6 and previous. A specially crafted HTTP request comprised of '.nsf' and '../' along with the known...