Lucene search
K

262 matches found

Binamuse
Binamuse
added 2015/01/28 12:39 a.m.661 views

CoreGraphics CCITT Memory Corruption - CVE-2014-4481

Apple CoreGraphics framework fails to validate the input when parsing CCITT group 3 encoded data resulting in a heap overflow condition. A small heap memory allocation can be overflowed with controlled data from the input resulting in arbitrary code execution in the context of Mobile Safari. Usin...

6.8CVSS6AI score0.0566EPSS
Exploits0
The Hacker News
The Hacker News
added 2015/01/23 12:3 a.m.15 views

Google reveals 3 Apple OS X Zero-day Vulnerabilities

After exposing three critical zero-day vulnerabilities in Microsoft's Windows operating systems, Google's Project Zero vulnerability research program has revealed the existence of three more zero-day vulnerabilities, but this time, on Apple's OS X platform. The team has published three zero-day...

7.5AI score
Exploits0
Packet Storm
Packet Storm
added 2014/10/26 12:0 a.m.24 views

WordPress Download Manager Arbitrary File Download

WordPress Download Manager Plugin - Arbitrary File Download CWE: CWE-98 Risk: High Author: Hugo Santiago dos Santos Contact: [email protected] Date: 25/10/2014 Vendor Homepage: https://wordpress.org/plugins/download-manager/ Tested on: Windows 7 and Gnu/Linux Google Dork:...

7.4AI score
Exploits0
seebug.org
seebug.org
added 2014/09/29 12:0 a.m.34 views

Joomla Mac Gallery 1.5 - Arbitrary File Download

No description provided by source. Exploit Title : Joomla Mac Gallery = 1.5 Arbitrary File Download Exploit Author : Claudio Viviani Vendor Homepage : https://www.apptha.com Software Link : https://www.apptha.com/downloadable/download/sample/sampleid/18 Dork Google: inurl:option=commacgallery Dat...

7.1AI score
Exploits0
Binamuse
Binamuse
added 2014/09/18 6:31 p.m.685 views

CoreGraphics Information Disclosure - CVE-2014-4378

This article explores the exploitability of MobileSafari on IOS 7.1.x. Using a crafted PDF file as an HTML image makes it possible to leak information about the memory layout to the browser Javascript interpreter. Apple CoreGraphics library fails to validate input when parsing the colorspace...

5.8CVSS7.9AI score0.04983EPSS
Exploits0
0day.today
0day.today
added 2014/09/12 12:0 a.m.29 views

Joomla Spider Form Maker <= 4.3 SQL Injection Vulnerability

Joomla Spider Form Maker versions 4.3 and below suffer from a remote SQL injection vulnerability. Exploit Title : Joomla Spider Form Maker = 4.3 SQLInjection Exploit Author : Claudio Viviani Vendor Homepage : http://web-dorado.com/ Software Link : http://web-dorado.com/products/joomla-form.html...

8.1AI score
Exploits0
Packet Storm
Packet Storm
added 2014/09/08 12:0 a.m.28 views

Joomla Spider Calendar 3.2.6 SQL Injection

!/usr/bin/env python Exploit Title : Joomla Spider Calendar = 3.2.6 SQL Injection Exploit Author : Claudio Viviani Vendor Homepage : http://web-dorado.com/ Software Link : http://extensions.joomla.org/extensions/calendars-a-events/events/events-calendars/22329 Dork Google:...

0.7AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.27 views

Total Commander 6.x - (unacev2.dll) Buffer Overflow PoC Exploit

No description provided by source. / -- /\ / Total Commander unacev2.dll Buffer Overflow PoC Exploit /\ by Darkeagle of Unl0ck Research Team / http://unl0ck.net /\ / when file will be created, try to open archive in TotalCmd and then unpack it ; /\ / -- / include string.h include stdio.h...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.51 views

Alt-N MDaemon WorldClient 13.0.3 - Multiple Vulnerabilities

No description provided by source. ====================================================================== Alt-N MDaemon's WorldClient Predictable Session ID Vulnerability ====================================================================== Software: Alt-N MDaemon v13.0.3 and prior versions...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.20 views

Rumpus 5.1 - Local Privilege Escalation / Remote FTP LIST PoC Exploit

No description provided by source. !/usr/bin/ruby Copyright c Lance M. Havok lmh at info-pull.com Kevin Finisterre kflists at digitalmunition.com Proof of concept for issues described in MOAB-18-01-2007. require 'net/ftp' require 'socket' bugselected = ARGV0 || 0.toi targethost = ARGV1 || localho...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.22 views

Attachmate Reflection Standard Suite 2008 activex buffer overflow

No description provided by source. Exploit Title: Attachmate Reflection Standard Suite 2008 activex buffer overflow Date: Mar 11, 2010 found Author: Rad L. Sneak JB Software Link: http://www.attachmate.com/Evals/ruo2/eval-form.htm Version: 13.0 & 14.0 Tested on: WinXP SP3 & Win7 64bit CVE : None...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.19 views

Avlc Forum (vlc_forum.php id) - Remote SQL Injection Vulnerability

No description provided by source. ==================================================================== Avlc Forum vlcforum.php id Remote SQL Injection Vulnerability ==================================================================== ,--^----------,--------,-----,-------^--, | ||||||||| --------...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.19 views

ListMail 112 - Command Execution

No description provided by source. !/usr/bin/perl -w Listmail v112 by P.M.Systems / PoC Exploit Listmail is a powerful, hands-free mailing list manager which is exploitable due to an insecure open call. This exploit will attempt to bind a shell at port 60179/fido by using inetd. Code to spawn an...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.19 views

Joomla com_foobla_suggestions (idea_id) 1.5.11 - SQL Injection Vulnerability

No description provided by source. ----------------------------------------------------------------------------------------- joomla component comfooblasuggestions ideaid SQL Injection Vulnerability ----------------------------------------------------------------------------------------- Author :...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.31 views

Pointter PHP Micro-Blogging Social Network Unauthorized Privilege Escalation

No description provided by source. 'Pointter PHP Micro-Blogging Social Network' Unauthorized Privilege Escalation CVE-2010-4333 Mark Stanislav - [email protected] I. DESCRIPTION --------------------------------------- A vulnerability exists in the 'Pointter PHP Micro-Blogging Social Networ...

7.5CVSS0.6AI score0.07119EPSS
Exploits6
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.15 views

Crush FTP 5 'APPE' command Remote JVM BSOD PoC Exploit

No description provided by source. Exploit Title: Crush FTP 5 'APPE' command Remote BSOD Poc Exploit Date: 06/09/2011 Author: BSOD Digital Fabien DROMAS Mail: [email protected] Test: OS: Windows 7 Versions: 5.7.096 Link: https://www.crushftp.com/early5/CrushFTP5PC.zip !/usr/bin/env python...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.11 views

SureThing CD Labeler (m3u/pls) - Unicode Stack Overflow PoC Exploit

No description provided by source. / surethingcdlabelerbofpoc.c SureThing cd labeler m3u/pls - unicode stack overflow PoC exploit Found by: Ruben Alejandro - chap0 Author: Steven Seeley - mrme http://net-ninja.net/ Greetz to: Corelan Security Team...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.22 views

RhinoSoft Serv-U FTP Server 3/4/5 MDTM Command Time Argument Buffer Overflow Vulnerability (2)

No description provided by source. source: http://www.securityfocus.com/bid/9751/info Serv-U FTP Server has been reported prone to a remote stack based buffer overflow vulnerability when handling time zone arguments passed to the MDTM FTP command. The problem exists due to insufficient bounds...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.24 views

KnFTPd 1.0.0 'FEAT' DoS PoC-Exploit

No description provided by source. !/usr/bin/perl Advisory: KnFTPd 1.0.0 'FEAT' DoS PoC-Exploit Author: Stefan Schurtz Affected Software: Successfully tested on KnFTPd 1.0.0 Vendor URL: http://knftp.sourceforge.net/ Vendor Status: informed CVE-ID: - PoC-Version: 1.0 use strict; use Net::FTP; my...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.13 views

Chaton <= 1.5.2 - Local File Include Vulnerability

No description provided by source. + Chaton = 1.5.2 Local File Include Vulnerability + Discovered By: cr4wl3r + Download: Donwload: http://easy-script.com/scripts-dl/chaton-1.5.2.zip + Greetz: opt!x hacker, xoron, cyberlog, mywisdom, irvian, EA ngel, bL4Ck3n91n3, xharu, zvtral, and all my friend ...

7.1AI score
Exploits0
Rows per page
Query Builder