1086 matches found
Pcshey Portal 'kategori.asp' SQL Injection Vulnerability
No description provided by source. !/usr/bin/perl Coded By U238 Discovered By U238 mail : setuid.noexec0x1athotmail.com From : Türkiye / Erzincan Thnx : TheBekiR - ZeberuS - Fahn - ka0x - Deep Power - Marco Almeida Gretz: http://bilisimMimarileri.com : http://bilgiguvenligi.gov.tr Mesut Timur &...
Golden FTP Server <= 2.02b Remote Buffer Overflow Exploit
No description provided by source. !/usr/bin/perl -w Barabas - www.whitehat.co.il - cheers to muts and all peeps at WH. XPSP2 goldenftpserver sploit - bind 4444 use strict; use Net::FTP; my $payload=\x41x260; $payload .=\x65\x82\xa5\x7c;jmpesp $payload .=\x90x32;not really necessary...blah...
Virtual Store Open 3.0 Acess SQL Injection
No description provided by source. !/usr/bin/perl Script Name: Virtual Store Open = 3.0 Link1 : http://www.virtuastore.com.br/shopping.asp?link=ShoppingVirtuaStore Link2 : http://www.virtuastore2010.com.br/ Link3 Yahoo Group : http://br.groups.yahoo.com/group/virtuastore/ Bug: Acess Sql Injection...
Endymion MailMan 3.0..x Remote Arbitrary Command Execution Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/2063/info A vulnerability exists in 3.x versions of Endymion MailMan Webmail prior to release 3.0.26. The widely-used Perl script provides a web-email interface. Affected versions make insecure use of the perl open...
Eznet 3.5.0 - Remote Stack Overflow Universal Exploit
No description provided by source. !/usr/bin/perl -w COROMPUTER Crpt universal eZ v3.3 v3.5 remote exploit by kralor Crpt ---------------------------------------------------------------------------------------- versions tested & not vulnerables: v3.0 v3.1 v3.2 versions tested & vulnerables: v3.3...
Mailtraq 2.1 .0.1302 User Password Encoding Weakness
No description provided by source. source: http://www.securityfocus.com/bid/7923/info It has been reported that Mailtraq does not securely store passwords. Because of this, an attacker may have an increased chance at gaining access to clear text passwords. !/usr/bin/perl $Password = $ARGV0; print...
Multiple BSD Distributions 'gdtoa/misc.c' Memory Corruption Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/35510/info Multiple BSD distributions are prone to a memory-corruption vulnerability because the software fails to properly bounds-check data used as an array index. Attackers may exploit this issue to execute arbitrary...
Asterisk 'asterisk-addons' 1.2.7/1.4.3 CDR_ADDON_MYSQL Module SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/26095/info Asterisk 'asterisk-addons' package is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an...
Cisco Aironet AP1x00 Malformed HTTP GET Denial of Service Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/8290/info Cisco Aironet AP1x00 series devices are prone to a denial of service vulnerability upon receipt of a malformed HTTP GET request. Such a request will cause the device to reload. !/usr/bin/perl Cisco Global...
Borland Interbase <= 7.x Remote Exploit
No description provided by source. !/usr/bin/perl Priv8security com remote exploit for Borland Interbase 7.1 SP 2 and lower Public Version!!! Bug found by Aviram Jenik www.securiteam.com unixfocus 5AP0P0UCUO.html wsxz@localhost buffer$ perl priv8ibserverb.pl -h localhost -t 0 -= Priv8security.com...
CoolPlayer+ Portable 2.19.4 - Local Buffer Overflow
No description provided by source. !/usr/bin/perl Exploit Title: CoolPlayer+ Portable v2.19.4 - Local Buffer Overflow Date: 11-15-2013 Exploit Author: Mike Czumak Tv3rn1x -- @SecuritySift Vulnerable Software: CoolPlayer+ Portable v2.19.4 Software Link:...
zawhttpd <= 0.8.23 (GET) Remote Buffer Overflow DoS
No description provided by source. !/usr/bin/perl zawhttpd Buffer Overflow Exploit by Kamil 'K3' Sienicki use IO::Socket; use strict; my$socket = ; if$socket = IO::Socket::INET-new PeerAddr = $ARGV0, PeerPort = $ARGV1, Proto = TCP print Attempting to kill zawhttpd at $ARGV0:$ARGV1 ...; print...
Klinza Professional CMS <= 5.0.1 (show_hlp.php) File Include Exploit
No description provided by source. !/usr/bin/perl ::::::::: :::::::::: ::: ::: ::::::::::: ::: :+: :+: :+: :+: :+: :+: :+: +:+ +:+ +:+ +:+ +:+ +:+ +:+ ++ +:+ +++:++ ++ +:+ ++ ++ ++ ++ ++ ++ ++ ++ ++ + + + +++ + + ::::::::::: :::::::::: ::: :::: :::: :+: :+: :+: :+: +:+:+: :+:+:+ +:+ +:+ +:+ +:+ +...
Brewthology 0.1 - SQL Injection Exploit
No description provided by source. Brewthology 0.1 SQL Injection Exploit By cr4wl3r http://bastardlabs.info Script: http://sourceforge.net/projects/brewthology/files/brewthology/v0.1%20public%20beta/ Demo: http://bastardlabs.info/demo/brewthology.png Tested: Win 7 Bugs found in beerxml.php if...
CGIScript.NET csMailto Hidden Form Field Remote Command Execution Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/4579/info CGIScript.NET csMailto is a Perl script designed to support multiple mailto: forms. A vulnerability has been reported in some versions of this script. Reportedly, configuration values used by the script are...
Xitami Web Server <= 5.0 - Remote Denial of Service Exploit
No description provided by source. !/usr/bin/perl Xitami HTTP Server = v5.0 Remote Denial of Service. ------------------------------------------------------------------------------ The vulnerability is caused due to an error with HEAD request and multi-socket This can be exploited to crash the HT...
Kloxo Remote Root Exploit
Kloxo remote root exploit that leverages a blind SQL injection and injects a perl connect back shell /bin/sh with root privilege. !/usr/bin/perl Title: Kloxo remote root exploit Author: Simo Ben youssef Contact: SimoatMorxploitcom Coded: 28 January 2014 Published: 26 February 2014 MorXploit...
[CGE] Cisco Global Exploiter
Cisco Global Exploiter CGE, is an advanced, simple and fast security testing tool/ exploit engine, that is able to exploit 14 vulnerabilities in disparate Cisco switches and routers. CGE is command-line driven perl script which has a simple and easy to use front-end. CGE can exploit the following...
WordPress Plugin Global Flash Gallery - 'swfupload.php' Arbitrary File Upload
source: https://www.securityfocus.com/bid/65060/info The Global Flash Gallery plugin for WordPress is prone to a vulnerability that lets attackers upload arbitrary files. The issue occurs because it fails to properly validate file extensions before uploading them. An attacker may leverage this...
[Beast-Check] SSL/TLS BEAST Vulnerability Check
A small perl script that checks a target server whether it is prone to BEAST vulnerability via target preferred cipher. It assumes no workaround i.e. EMPTY FRAGMENT applied in target server. Some sources said this workaround was disabled by default for compatibility reasons. This may be the reaso...