UBBCentral UBB.Threads 6.0 - editpost.php SQL Injection

UBBCentral UBB.Threads 6.0 - editpost.php SQL Injection source: https://www.securityfocus.com/bid/12784/info It is reported that UBB.threads is prone to an SQL injection vulnerability. The SQL injection vulnerability is reported to affect the 'editpost.php' script. UBB.threads 6.0 is reported pro...

OpenBSD 2.0 < 3.6 - TCP Timestamp Remote Denial of Service

define BSDSOURCE include include include include include include include include include include include / edited by /str0ke ! milw0rm.com to compile under linux / ifndef TCPOPTLEN define TCPOPTLEN 12 endif define UMASK 0xffff define TIMESTAMP 0x7b000000 // 123 in hex - change it, this will...

Linux Kernel 2.6.x - SYS_EPoll_Wait Local Integer Overflow Local Privilege Escalation (1)

Linux Kernel 2.6.x - SYSEPollWait Local Integer Overflow Local Privilege Escalation 1 / EDB Note: Updated exploit can be found here; https://www.exploit-db.com/exploits/25203/ source: https://www.securityfocus.com/bid/12763/info A Local integer overflow vulnerability affects the Linux kernel. Thi...

paNews 2.0b4 Remote Admin Creation SQL Injection Exploit

Exploit for unknown platform in category web applications ======================================================== paNews 2.0b4 Remote Admin Creation SQL Injection Exploit ======================================================== / paNews v2.0b4 silePNEWSxpl This exploit utilize SQL injection for...

MS Windows XP/2003 Remote Denial of Service Exploit

Exploit for unknown platform in category dos / poc =================================================== MS Windows XP/2003 Remote Denial of Service Exploit =================================================== / Added Line 1 - BSDSOURCE!!!! /str0ke / define BSDSOURCE include include include include...

PHP mcNews <= 1.3 (skinfile) Remote File Include Vulnerability

Exploit for unknown platform in category web applications ============================================================== PHP mcNews = 1.3 skinfile Remote File Include Vulnerability ============================================================== Example: if registerglobals=on and allowurlfopen=on:...

CA License Server - &#039;GETCONFIG&#039; Remote Buffer Overflow

/ Computer-Associates, License Service Stack Overflow Homepage: ca.com Affected version: v1.61 and below in eTrust, Unicenter, BrightStor, etc.. Patched version: hotfix Link: ca.com Date: 04 March 2005 Application Risk: Tsunami Internet Risk: High Dicovery Credits: Barnaby Jack eeye.com Exploit...

auraCMS 1.5 - Multiple Cross-Site Scripting Vulnerabilities

auraCMS 1.5 Multiple Cross-Site Scripting Vulnerabilities. Webapps exploit for php platform source: http://www.securityfocus.com/bid/12708/info auraCMS is affected by multiple cross-site scripting vulnerabilities. These issues exist because the application fails to properly sanitize user-supplied...

eXeem 0.21 Local Password Disclosure Exploit (asm)

Exploit for unknown platform in category local exploits ================================================== eXeem 0.21 Local Password Disclosure Exploit asm ================================================== ;Nothing Special other than the program doesnt encode the proxy info. .386 .model flat,...

phpWebSite-0.10.0_exploit

oooo...oooo.oooooooo8.ooooooooooo .8888o..88.888........88..888..88 .88.888o88..888oooooo.....888 .88...8888.........888....888 o88o....88.o88oooo888....o888o Network security team nst.e-nex.com Title: phpWebSite = v0.10.0 Bug found by: nst Date: 24.02.2005 Web: phpwebsite.appstate.edu...

AWStats 5.7 &lt; 6.2 - Multiple Remote

/ AWStats v5.7 - v6.2 sileAWSxpl This exploit utilize three methods for exploiter the vulnerability found on AWStats software. an user can execute remote code on vulnerable machine, with httpd privileges. References: www.securityfocus.org/bid/12543 coded by: Silentium of Anacron Group Italy date:...

Savant Web Server 3.1 Remote BoF (French Win OS support)

Exploit for unknown platform in category remote exploits ======================================================== Savant Web Server 3.1 Remote BoF French Win OS support ======================================================== Savant web server Buffer Overflow Exploit Discovered by : Mati Aharoni...

GNU a2ps - Anything to PostScript Not SUID Local Overflow

/ Not added to Local Non Poc section /str0ke / include include include // by lizard / lizstyleatgmail.com // greets go to slider/trog for helpin me // not suid by default ; define VULNTHING "/usr/bin/a2ps" define DEFRET 0xbffffffa - strlensc - strlenVULNTHING define xnullbitch 1100 //im not a asm...

Exim 4.43 - &#039;auth_spa_server()&#039; Remote

/ ecl-eximspa.c Yuri Gushin Howdy : This is pretty straightforward, an exploit for the recently discovered vulnerability in Exim's all versions prior to and including 4.43 SPA authentication code - spabase64tobits will overflow a fixed-size buffer since there's no decent boundary checks before it...

Siteman <= 1.1.10 Remote Administrative Account Addition Exploit

Exploit for unknown platform in category web applications ================================================================ Siteman use Digest::MD5 qwmd5 md5hex md5base64; use IO::Socket; use strict; ./siteman.pl / vulnerable.host my $Path = shift; my $Host = shift; my $Username = shift; my...

God Admin Injection Vulnerability in Siteman 1.0.x

God Admin Injection Vulnerability in Siteman 1.0.x, Discovered by PersianHacker.NET Security Team by amironline452 amironline452 hotmail com http://www.PersianHacker.NET http://www.amironline452.tk Siteman is a Content Management System CMS that is so easy to install and use, that a person who ha...

UnixWare 7.1.4 UnixWare 7.1.3 UnixWare 7.1.1 : chroot A known exploit can break a chroot prison.

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SCO Security Advisory Subject: UnixWare 7.1.4 UnixWare 7.1.3 UnixWare 7.1.1 : chroot A known exploit can break a chroot prison. Advisory number: SCOSA-2005.2 Issue date: 2005 January 14 Cross reference: sr887824 fz528555 erg712509 CAN-2004-1124 1...

Breed <= patch #1 zero-length Remote Crash Exploit

Exploit for unknown platform in category dos / poc ================================================== Breed include include include ifdef WIN32 include / Header file used for manage errors in Windows It support socket and errno too this header replace the previous sockerrX.h / include include voi...

phpBB &lt; 2.0.10 - &#039;Santy.A Worm&#039; &#039;highlight&#039; Arbitrary File Upload

Santy.A - phpBB 3; open IN, $0 or exit; my $self = join '', ; close IN; unlink $0; while!GrabURL'http://www.google.com/advancedsearch' if$generation 3 PayLoad ; else exit; $self = s/my $generation = \d+;/'my $generation = ' . $1 + 1 . ';'/e; my $selfFileName = 'm1ho2of'; my $markStr =...

Possible local root vulnerability in Roxio Toast on Mac OS X

Possible local root vulnerability in Roxio Toast on Mac OS X By fintler [email protected] Summary: There is a format string bug in the binary /Library/Application Support/Roxio/TDIXSupport. It is installed suid root by default and may be exploited by finding the offset and overwriting the stack...