Apache <= 2.0.52 HTTP GET request Denial of Service Exploit

No description provided by source. !/usr/bin/perl Based on - apache-squ1rt.c exploit. Original credit goes to Chintan Trivedi on the FullDisclosure mailing list: http://seclists.org/lists/fulldisclosure/2004/Nov/0022.html More info - http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0942...

ptunnel <= 0.72 Remote Denial of Service

No description provided by source. !/usr/bin/env python =============================================================================== Exploit Title: ptunnel = 0.72 Remote Denial of Service ICMP tunnel crash Date: January 2012 Exploit Author: st3n at sign funoverip dot net Vendor Homepage:...

Symantec AMS Intel Alert Handler Service Design Flaw

No description provided by source. // Remote command execution at System level without authentication // Advisory:https://www.foofus.net/?pageid=149 // Exploit Title: Symantec AMS Intel Alert Handler service Design Flaw // Date: 07/28/10 // Author: Spider // Software Link:...

MTools 3.9.x MFormat Privilege Escalation Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/9746/info It has been reported that mformat is prone to a privilege escalation vulnerability when installed as a setUID application. This issue is due to a design error allowing a user to create any arbitrary files as the...

SQL Injection in Orbit Open Ad Server

Advisory ID: HTB23208 Product: Orbit Open Ad Server Vendor: OrbitScripts, LLC Vulnerable Versions: 1.1.0 and probably prior Tested Version: 1.1.0 Advisory Publication: March 19, 2014 without technical details Vendor Notification: March 19, 2014 Vendor Patch: March 21, 2014 Public Disclosure: Apri...

Orbit Open Ad Server 1.1.0 SQL Injection Vulnerability

Orbit Open Ad Server version 1.1.0 suffers from a remote SQL injection vulnerability. Product: Orbit Open Ad Server Vendor: OrbitScripts, LLC Vulnerable Versions: 1.1.0 and probably prior Tested Version: 1.1.0 Advisory Publication: March 19, 2014 without technical details Vendor Notification: Mar...

SQL Injection in AdRotate

High-Tech Bridge Security Research Lab discovered vulnerability in AdRotate, which can be exploited to perform SQL Injection attacks. 1 SQL Injection in AdRotate: CVE-2014-1854 The vulnerability exists due to insufficient validation of "track" HTTP GET parameter passed to...

XAMPP 3.2.1跨站脚本漏洞

No description provided by source. Title : XAMPP 3.2.1 Cross Site Scripting Author : DevilScreaM Date : 15 January 2014 Category : Web Applications Vendor : http://sourceforge.net/projects/xampp Version : 3.2.1 Type : PHP Greetz : 0day-id.com | newbie-security.or.id | Borneo Security | Indonesian...

TP-Link TL-SC3171 IP Cameras - Multiple Vulnerabilities

Exploit for hardware platform in category web applications Multiple Vulnerabilities in TP-Link TL-SC3171 IP Cameras 1. Advisory Information Title: Multiple Vulnerabilities in TP-Link TL-SC3171 IP Cameras Advisory ID: CORE-2013-0618 Advisory URL:...

Cotonti 0.9.13 - SQL Injection

Advisory ID: HTB23164 Product: Cotonti Vendor: Cotonti Team Vulnerable Versions: 0.9.13 and probably prior Tested Version: 0.9.13 Vendor Notification: July 10, 2013 Vendor Patch: July 17, 2013 Public Disclosure: July 31, 2013 Vulnerability Type: SQL Injection CWE-89 CVE Reference: CVE-2013-4789...

Cotonti 0.9.13 SQL Injection

Advisory ID: HTB23164 Product: Cotonti Vendor: Cotonti Team Vulnerable Versions: 0.9.13 and probably prior Tested Version: 0.9.13 Vendor Notification: July 10, 2013 Vendor Patch: July 17, 2013 Public Disclosure: July 31, 2013 Vulnerability Type: SQL Injection CWE-89 CVE Reference: CVE-2013-4789...

WordPress Plugin Simply Poll 1.4.1 - Multiple Vulnerabilities

Exploit Title: WordPress Simply Poll Plugin 1.4.1 CSRF and stored XSS Google Dork: inurl:"/wp-content/plugins/simply-poll Date: 16.03.2013 Exploit Author: m3tamantra Vendor Homepage: http://wordpress.org/extend/plugins/simply-poll/ Software Link:...

Cross-Site Scripting (XSS) vulnerability in Quick.Cms and Quick.Cart

High-Tech Bridge Security Research Lab discovered XSS vulnerability in Quick.Cms and Quick.Cart - two products developed by OpenSolution team, which can be exploited to perform cross-site scripting attacks. 1. Cross-Site Scripting XSS vulnerability in Quick.Cms and Quick.Cart: CVE-2012-6430 The...

Android Kernel 2.6 Denial Of Service

Exploit Title: Android Kernel 2.6 Local DoS Date: 12/7/12 Author: G13 Twitter: @g13net Versions: Android 2.2, 2.3 Category: DoS android Vulnerability The Android OS is vulnerable to a local DoS when a filename with a length of 2048 or larger is attempted to be written to the sdcardvfat fs multipl...

Novell NetIQ Privileged User Manager 2.3.1 - ldapagnt.dll ldapagnt_eval() Perl Code Evaluation Remote Code Execution

Novell NetIQ Privileged User Manager 2.3.1 - ldapagnt.dll ldapagnteval Perl Code Evaluation Remote Code Execution Novell NetIQ Privileged User Manager 2.3.1 ldapagnt.dll ldapagnteval Perl Code Evaluation RCE pre auth/SYSTEM Tested against: Microsoft Windows 2003 r2 sp2 download url:...

ptunnel 0.72 - Remote Denial of Service

ptunnel 0.72 - Remote Denial of Service !/usr/bin/env python =============================================================================== Exploit Title: ptunnel ' % sys.argv0 target remotehost = sys.argv1 ptunnel.h typedef struct uint32t magic, // magic number, used to identify ptunnel packets...

httpdx 1.5.4 - HTTP Server Remote Denial of Service

!/usr/bin/perl -w ====================================================================== Exploit Title: httpdx v1.5.4 Remote HTTP Server DoS using wildcards Date: 18 July 2012 Exploit Author: st3n at sign funoverip dot net Vendor Homepage: http://httpdx.sourceforge.net Download link:...

ptunnel 0.72 - Remote Denial of Service

!/usr/bin/env python =============================================================================== Exploit Title: ptunnel ' % sys.argv0 target remotehost = sys.argv1 ptunnel.h typedef struct uint32t magic, // magic number, used to identify ptunnel packets. dstip, // destination IP and port used...

Apple QuickTime - QuickTime.util.QTByteObject Initialization Security Checks Bypass

/ c SECURITY EXPLORATIONS 2012 poland / / http://www.security-explorations.com / / Apple QuickTime Java extensions / / quicktime.util.QTByteObject initialization security checks bypass / In order to test the POC code for the reported Issue 22, manually add Vuln22Setup.class and Vuln22Setup$1.clas...

Apple QuickTime - QuickTime.util.QTByteObject Initialization Security Checks Bypass

Apple QuickTime - QuickTime.util.QTByteObject Initialization Security Checks Bypass / c SECURITY EXPLORATIONS 2012 poland / / http://www.security-explorations.com / / Apple QuickTime Java extensions / / quicktime.util.QTByteObject initialization security checks bypass / In order to test the POC...