spiceworks 5.3.75941 - Stored XSS and post-auth SQL Injection

No description provided by source. Product: SpiceWorks Version: 5.3.75941 Vendor Site: http://www.spiceworks.com/community/ Software Download Link: http://www.spiceworks.com/download/?utmsource=comm-secondary-link&utmmedium=website&utmcampaign=homepage Installer Filename: Spiceworks.exe MD5:...

DotDefender <= 3.8-5 No Authentication Remote Code Execution Through XSS

No description provided by source. / DotDefender = 3.8-5 No Authentication Remote Code Execution Through XSS Tested on DotDefender 3.8-5 On Ubuntu Server 9.10 64-bit with Firefox 3.6.3 Paul Hand aka rAWjAW AT offsec.com Original Post-Authentication Remote Command Execution Vulnerability:...

McAfee ePO 4.6.6 - Multiple Vulnerabilities

No description provided by source. Classification: NON SENSITIVE INFORMATION RELEASABLE TO THE PUBLIC Multiple vulnerabilities in McAfee ePO 4.6.6 Affected Product: McAfee ePO 4.6.6 Build 176 & potentially earlier versions Timeline: 08 June 2013 - Vulnerability found 12 June 2013 - Vendor informe...

Easy Ftp Server 1.7.0.2 - MKD Remote Post-Authentication BoF Exploit

No description provided by source. include stdio.h include stdlib.h include string.h include sys/socket.h include netinet/in.h // // EasyFtp Server v1.7.0.2 MKD Remote Post-Authentication BoF Exploit // 11470x90c.c // // Date: 24/03/2010 // Author: x90c x90c.org // // Discovered by: loneferret //...

Easy Ftp Server 1.7.0.2 - Post-Authentication BoF

No description provided by source. !/usr/bin/python Title: EasyFtp Server v1.7.0.2 Post-Authentication BoF Original Author: dookie2000ca || Windows XP SP3 Professional Author: b33f - Ruben Boonen Windows XP Home SP1 Software link:...

RapidWareX 2.0.1 - (WebUI) CSRF Exploit

No description provided by source. RapidWareX v2.0.1 WebUI CSRF Exploit Author: l3D Sites: http://xraysecurity.blogspot.com, http://nullbyte.org.il IRC: irc://irc.nix.co.il Email: [email protected] RapidWareX v2.0.1 WebUI is prone to a post-authentication CSRF vulnerability, which allows the...

op5 Monitoring 5.4.2 - (VM Applicance) Multiple Vulnerabilities

No description provided by source. Author: loneferret of Offensive Security Product: op5 Monitoring VM appliance Version: 5.4.2 Vendor Site: http://www.op5.com/ Software Download: http://www.op5.com/get-op5-monitor/get-started/ Software Description: op5 is a market leading developer of Open Sourc...

UPlusFTP Server 1.7.1.01 - HTTP Remote Buffer Overflow (Post Auth)

No description provided by source. !/usr/bin/python import socket,sys,base64 print +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ UPlusFTP Server v1.7.1.01 HTTP Remote BoF Exploit PoC Discovered by : Karn...

EvolutionX Multiple Remote Buffer Overflow Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/9631/info The FTP server that is distributed with EvolutionX has been reported prone to multiple buffer overflow vulnerabilities. The first of these vulnerabilities exists post-authentication, and is due to a lack of...

eDisplay Personal FTP server 1.0.0 - Multiple Post-Authentication Crash SEH (PoC)

No description provided by source. Title: eDisplay Personal FTP server 1.0.0 Multiple Post-Authentication Crash PoC From: The eh?-Team || The Great White Fuzz we're not sure yet Found by: loneferret Hat's off to dookie2000ca Disvovery date: 16/03/2010 Software link:...

Easy~Ftp Server 1.7.0.2 - Post-Authentication BoF

No description provided by source. !/usr/bin/python Title: EasyFtp Server v1.7.0.2 Post-Authentication BoF From: The eh?-Team || The Great White Fuzz we're not sure yet Author: dookie2000ca Date: 14/02/2010 Found by: loneferret Date Found: 13/02/2010 Software link:...

Easy~Ftp Server 1.7.0.2 - Post-Authentication BoF (PoC)

No description provided by source. !/usr/bin/python Title: EasyFtp Server v1.7.0.2 Post-Authentication BoF PoC From: The eh?-Team || The Great White Fuzz we're not sure yet Found by: loneferret Hat's off to dookie2000ca Date Found: 13/02/2010 Developer contacted: 14/02/2010 Software link:...

CMS Made Simple contains multiple cross-site scripting vulnerabilities

Overview CMS Made Simple contains multiple cross-site scripting vulnerabilities Description CWE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' - CVE-2014-0334The files: cmsmadesimple/admin/addgroup.php on line 107 contains a post-authentication reflected XS...

Metasploit Modules Available for Seven Open Source Packages

Open source projects with anywhere between 100,000 and 1 million downloads are pretty sizable endeavors, and with the code open for scrutiny, you would think bugs would be found and some sort of disclosure process would be in place. If a spate of recently discovered issues in seven popular softwa...

PCMAN FTP Server Post-Authentication STOR Command Buffer Overflow

This Metasploit module exploits a buffer overflow vulnerability found in the STOR command of the PCMAN FTP version 2.07 server when the "/../" parameters are also sent to the server. Please note authentication is required in order to trigger the vulnerability. The overflowing string will also be...

Imperva SecureSphere Operations Manager Command Execution Vulnerability

Imperva SecureSphere Operations Manager version 9.0.0.5 Enterprise Edition suffers from path disclosure, command execution, and arbitrary file upload vulnerabilities. Tittle: Imperva SecureSphere Operations Manager - Command Execution Post Authentication & Minor issues Risk: High Date: 27.May.201...

Novell NetIQ Privileged User Manager 2.3.1 - auth.dll pa_modify_accounts() Remote Code Execution

Novell NetIQ Privileged User Manager 2.3.1 - auth.dll pamodifyaccounts Remote Code Execution Novell NetIQ Privileged User Manager 2.3.1 auth.dll pamodifyaccounts Remote Code Execution pre auth / SYSTEM privileges Tested against: Microsoft Windows 2003 r2 sp2 download url:...

openssh: post-authentication resource exhaustion bug via GSSAPI

The sshgssapiparseename function in gss-serv.c in OpenSSH 5.8 and earlier, when gssapi-with-mic authentication is enabled, allows remote authenticated users to cause a denial of service memory consumption via a large value in a certain length field. NOTE: there may be limited scenarios in which...

Sysax Multi Server 5.57 Directory Traversal

!/usr/bin/python Title: Sysax Multi Server = 5.57 Directory Traversal Tool Post Auth Author: Craig Freyman @cd1zz Tested on: XP SP3 32bit and Server 2003 SP2 32bit Date Discovered: March 27, 2012 Vendor Contacted: March 29, 2012 Vendor Response: April 3, 2012 Vendor Fixed: Currently working on fi...

Sysax <= 5.57 Directory Traversal

Exploit for windows platform in category remote exploits !/usr/bin/python Title: Sysax Multi Server = 5.57 Directory Traversal Tool Post Auth Author: Craig Freyman @cd1zz Tested on: XP SP3 32bit and Server 2003 SP2 32bit Date Discovered: March 27, 2012 Vendor Contacted: March 29, 2012 Vendor...