CUPS Server <= 1.1 (Get Request) Denial of Service Exploit

Exploit for linux platform in category dos / poc ========================================================== CUPS Server include include include include char EVIL = "\x2e\x2e\x5c\x2e\x2e"; void usagechar argv0 fprintfstdout, "cups/1.x server freeze and remote cpu usage fuckup\n"; fprintfstdout,...

mybb.pl.txt

!/usr/bin/perl -w SQL Injection Exploit for MyBulletinBoard MyBB .?/ && print "+ User ID is: $1\n"; print "- Unable to retrieve User ID\n" if!$1; $page = m/.?/ && print "+ MD5 hash of password is: $1\n"; print "- Unable to retrieve hash of password\n" if!$1;...

Privilege escalation in Nortel Contivity VPN Client V05_01.030

Summary: Privilege escalation in Nortel Contivity VPN Client V0501.030 http://www.nortel.com Details: The Contivity VPN Client is a Windows application that lets you define and store connection information for accessing your corporate network through a Contivity Secure IP Services Gateway. When t...

NukeETXSS.txt

NukeET 'codigo' variable cross site scripting vendor url:http://www.truzone.org advisore:http://lostmon.blogspot.com/2005/05/ nukeet-codigo-variable-cross-site.html Vendor confirmed : yes exploit available: yes NukeET Contains a flaw too that allows a remote cross site scripting attack.This flaw...

ag231SQL.txt

There is an SQL Injection in Advanced Guestbook 2.3.1 For Example: http://www.yourdomain.com/yourguestbookdirectory/index.php?entry=' or http://www.yourdomain.com/yourguestbookdirectory/index.php?entry=%27 Yours, SpyHat...

Atomic Photo Album apa_phpinclude.inc.php apa_module_basedir Parameter Remote File Inclusion

The remote host is running Atomic Photo Album, a free, PHP-based photo gallery. The installed version of Atomic Photo Album allows remote attackers to control the 'apamodulebasedir' variable used when including PHP code in the 'apaphpinclude.inc.php' script. By leveraging this flaw, an attacker m...

просмотр файлов в Web-Portal-System 0.7.0

Здравствуйте, зараза. обнаружил уязвимость в Web-Portal-System 0.7.0 в скрипте wpsshop.cgi параметр art позволяет просматривать произвольные файлы на сервере Exploit: wpsshop.cgi?action=showartikel&cat=kategorie1&art=../../../../../../../../etc/passwd Пример:...

wms_poc.pl.txt

SoftiaCom MailServer v2.0 - Denial Of Service Software: wMailServer Corporation: SoftiaCom Software Version: v1.0 v2.0 is the same... Vulnerability: Denial of Service ------------------------------------------ BACKGROUND SoftiaCom design and build software utilities in communication and network...

CVE-2004-2210

Technical details about CVE-2004-2210 are not publicly available in the provided Connected documents. Monitor for updates from vendors and security advisories.

ASPNukeSQL080.txt

!/usr/bin/perl -w SQL Injection Exploit for ASPNuke = 0.80 This exploit retrieve the username of the administrator of the board and his password crypted in SHA256 Related advisory: http://www.securityfocus.com/archive/1/403479/30/0/threaded Discovered and Coded by Alberto Trivero use LWP::Simple;...

MercuryBoard 1.1.4 - SQL Injection

!/usr/bin/perl MercuryBoard 4.1 sql injection exploit by RST/GHC note: you need first register on forum for get id and login after what logout from forum and run exploit note2: edit timestamp in sources if exploit not work ; coded by 1dt.w0lf RST/GHC - http://rst.void.ru , http://ghc.ru use...

Ultimate PHP Board 1.81.9 - Multiple Cross-Site Scripting Vulnerabilities

Ultimate PHP Board 1.81.9 - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/13971/info Ultimate PHP Board is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied inpu...

Bitrix Site Manager 4.0.5 - Remote File Inclusion

Author : Don Tukulesto [email protected] + Date : November 13, 2009 + Homepage : http://www.indonesiancoder.com + Vendor : http://www.bitrixsoft.com/ + Method : Remote File Inclusion + Location : INDONESIA Notes : I know this is an old bugs, but i just write this exploit under perl module...

AIX 5.2 paginit Local Root Exploit

Exploit for aix platform in category local exploits ================================== AIX 5.2 paginit Local Root Exploit ================================== / IBM AIX paginit root exploit I just wanted to play with PowerPC Tested on 5.2 intropy intropy caughq.org / include include include include...

Calendarix Multiple Vulnerabilities (SQLi, XSS)

The remote host is running Calendarix, a PHP-based calendar system. The remote version of this software is prone to a remote file include vulnerability as well as multiple cross-site scripting, and SQL injection vulnerabilities. Successful exploitation could result in execution of arbitrary PHP...

ServersCheck 5.9/5.10 - Directory Traversal

source: https://www.securityfocus.com/bid/13810/info ServersCheck is affected by a directory traversal vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to disclose arbitrary files on an affected computer...

Maxwebportal 1.36 - Password.asp Change Password (3) (Perl)

Maxwebportal 1.36 - Password.asp Change Password 3 Perl !/usr/bin/perl T r a p - S e t U n d e r g r o u n d H a c k i n g T e a m EXPLOIT FOR - MAX Portal All Versions Exploit By : A l p h a P r o g r a m m e r Sirus-v ; E-Mail : [email protected] This Xpl Change Admin's Pass in This...

Maxwebportal 1.36 - Password.asp Change Password (1) (HTML)

Maxwebportal 1.36 - Password.asp Change Password 1 HTML -----------------Code Start-----Version 1.35 and older-------------- pass1: pass2: Id: Member Key: -----------------End------------------- Version 1.36, 2.0, 20050418 Next: -----------------Code Start-----Version 1.36, 2.0, 20050418...

Maxwebportal &lt;= 1.36 password.asp Change Password Exploit (3 - perl)

No description provided by source. !/usr/bin/perl T r a p - S e t U n d e r g r o u n d H a c k i n g T e a m EXPLOIT FOR - MAX Portal All Versions Exploit By : A l p h a P r o g r a m m e r Sirus-v ; E-Mail : [email protected] This Xpl Change Admin's Pass in This Portal !! Discovered by:...

Spread The Word - Multiple Cross-Site Scripting Vulnerabilities

Spread The Word - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/13733/info Spread The Word is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacke...