Kimai 0.9.2.1306-3 - SQL Injection Vulnerability

No description provided by source. Exploit Title: Kimai 0.9.2.1306-3 SQLi Date: 05/20/2013 Exploit Author: drone @dronesec Vendor Homepage: http://www.kimai.org/ Software Link: https://downloads.sourceforge.net/project/kimai/0.9.x/kimai.0.9.2.1306-3.zip Version: 0.9.2.1306-3 Fixed in: source...

xWeblog 2.2 - (arsiv.asp tarih) SQL Injection Exploit

No description provided by source. !/usr/bin/env python -- coding:utf-8 -- ''' Title : xWeblog v2.2 arsiv.asp tarih SQL Injection Exploit .py Proof : http://img408.imageshack.us/img408/7624/sqlm.jpg Script Down. : http://www.aspdunyasi.com/goster.asp?id=19 Tested : Windows XP Professional sp3...

Symantec Web Gateway 5.0.3.18 LFI Remote ROOT RCE Exploit

No description provided by source. !/usr/bin/python ''' The original patch for the Symantec Web Gateway 5.0.2 LFI vulnerability removed the /tmp/networkScript file but left the entry in /etc/sudoers, allowing us to simply recreate the file and obtain a root shell using a different LFI...

Microsoft Internet Explorer 7.0 HTML Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/23178/info Microsoft Internet Explorer is prone to a denial-of-service vulnerability because the application fails to handle exceptional conditions. This issue is triggered when an attacker entices a victim user to visit ...

Honestech VHS to DVD <= 3.0.30 Deluxe Local Buffer Overflow (SEH)

No description provided by source. !/usr/bin/python Exploit Title: Honestech VHS to DVD = 3.0.30 Deluxe Local Buffer Overflow SEH Date: September 16, 2010 Author: Brennon Thomas [email protected] Software Link: n/a Version: = 3.0.30.0 Deluxe Tested on: Windows XP SP2/SP3 using Honestech VHS to...

Microsoft Active Directory LDAP Server Username Enumeration Weakness

No description provided by source. source: http://www.securityfocus.com/bid/32305/info Microsoft Active Directory is prone to a username-enumeration weakness because of a design error in the application when verifying user-supplied input. Attackers may exploit this weakness to discern valid...

Mediacoder 0.7.3.4672 - SEH Exploit

No description provided by source. !/usr/bin/python from sys import argv Title: Mediacoder v0.7.3.4672 SEH Exploit Author: Stoke from devilc0de crew http://hack2web.altervista.org http://devilc0de.altervista.org Tested on: Windows XP SP2 ita shell =...

Hewlett-Packard FTP Print Server <= 2.4.5 - Buffer Overflow (PoC)

No description provided by source. !/usr/bin/python import sys from ftplib import FTP print Hewlett-Packard FTP Print Server Version 2.4.5 Buffer Overflow POC print Copyright c Joxean Koret print if lensys.argv == 1: print Usage: %s target % sys.argv0 sys.exit0 target = sys.argv1 print + Running...

Insky CMS 006-0111 - Multiple Remote File Include Vulnerability

No description provided by source. !/usr/bin/env python coding: utf-8 import re from pocsuite.net import req from pocsuite.poc import Output, POCBase from pocsuite.utils import register class InskyCMSRemoteFileIncludePOCBase: vulID = '68005' version = '1' vulDate = '2006-06-25' author = ' '...

SPIP < 2.0.9 Arbitrary Copy All Passwords to XML File Remote Exploit

No description provided by source. !/usr/bin/env python SPIP - Content Management System 2.0.9 exploit http://www.securityfocus.com/bid/36008 Author : KernelPanik import urllib, urllib2 import cookielib import sys def sendrequesturlOpener, url, postdata=None: request = urllib2.Requesturl url =...

Firefly Media Server <= 0.2.4 - Remote Denial of Service Exploit

No description provided by source. !C:\python25\python25.exe Advisory : UPH-07-02 mt-dappd/Firefly media server remote DoS Discovered by nnp http://www.unprotectedhex.com import sys import socket import time if lensys.argv != 3: sys.exit-1 killmsg = GET /xml-rpc?method=stats HTTP/1.1\r\n...

JAKCMS <= 2.01 RC1 - Blind SQL Injection Exploit

No description provided by source. !/usr/bin/python jakCMS = v2.01 RC1 Blind SQL Injection Exploit Understanding: The parameters 'JAKCOOKIENAME' and 'JAKCOOKIEPASS' are parsed via cookies to the application and are unchecked for malicious characters. The contents of these variables are directly...

Core FTP Server Version 1.2, build 535, 32-bit - Crash Poc

D-Link DIR-652, DIR-835, DIR-855L, DGL-500, and DHP-1565 suffer from clear text storage of passwords, cross site scripting, and sensitive information disclosure vulnerabilities. !/usr/bin/python import socket,sys,time def Usage: print "Core FTP Server Version 1.2, build 535, 32-bit - Crash P.O.C....

enip-info NSE Script

This NSE script is used to send a EtherNet/IP packet to a remote device that has TCP 44818 open. The script will send a Request Identity Packet and once a response is received, it validates that it was a proper response to the command that was sent, and then will parse out the data. Information...

Than imagined more terror! OpenSSL“effort”vulnerability in-depth analysis-vulnerability warning-the black bar safety net

Author: yaoxi original source http://blog.wangzhan.360.cn/ Recently, OpenSSL broke this year's most serious security vulnerability in the hacker community is named“heart bleed”vulnerability. 3 6 0 site Guard security team of the vulnerability analysis, the vulnerability is not only related to htt...

Exploit for Out-of-bounds Read in Openssl

HeartBleed Tester & Exploit --------------------------- NB Ne...

TLS Heartbeat Proof Of Concept

!/usr/bin/env python Quick and dirty demonstration of CVE-2014-0160 by Jared Stafford [email protected] The author disclaims copyright to this source code. Modified by Csaba Fitzl for multiple SSL / TLS version support import sys import struct import socket import time import select import ...

Heartbleed Proof Of Concept

!/usr/bin/python Quick and dirty demonstration of CVE-2014-0160 by Jared Stafford [email protected] The author disclaims copyright to this source code. import sys import struct import socket import time import select import re from optparse import OptionParser options =...

OpenSSL TLS Heartbeat Extension - &#039;Heartbleed&#039; Memory Disclosure

!/usr/bin/python Quick and dirty demonstration of CVE-2014-0160 by Jared Stafford [email protected] The author disclaims copyright to this source code. import sys import struct import socket import time import select import re from optparse import OptionParser options =...

GOM Video Converter 1.1.0.60 Memory Corruption

!/usr/bin/python + Author: TUNISIAN CYBER + Exploit Title: GOM Video Converter 1.1.0.60 Memory Corruption PoC + Date: 22-03-2014 + Category: DoS/PoC + Tested on: WinXp/Windows 7 Pro + Vendor: http://converter.gomlab.com/ + Friendly Sites: na3il.com,th3-creative.com + Twitter: @TCYB3R print"" prin...