Sitracker SIT File Upload

This module combines two separate issues within Support Incident Tracker = 3.65 application to upload arbitrary data and thus execute a shell. The two issues exist in ftpuploadfile.php. Vulnerability Type: File Upload For the exploit source code contact DSquare Security sales team...

Typo3 FD

type a short description of the vulnerability here Vulnerability Type: File Disclosure For the exploit source code contact DSquare Security sales team...

Panasonic China website hacked and Redirected

Panasonic China website hacked and Redirected Latest notification by DarkDevilz Crew to THN , They hack Panasonic's China websites and Redirect users to a Black color Deface Page as shown. "3spi0n" named Hacker from team take responsibility to perform this Hack. Hacker compromise the URL : , and...

Book Review: IPhone Applications Tune-up

Book Review: IPhone Applications Tune-up Packt recently published a new book- IPhone Applications Tune-up. The book is of course about programming for the iPhone. But there is one chapter on maintainability that is far broader applicability than just the iPhone. This review was written by Wes...

Hacker will release full Norton Antivirus code on Tuesday

Hacker will release full Norton Antivirus code on Tuesday A hacker with code name of 'Yama Tough' announce via Twitter that on Tuesday he will leak the full source code for Symantec Corp's flagship Norton Antivirus software which is 1,7Gb src. Last week Yama Tough has released fragments of source...

Hackers leak the Source Code for Symantec Product

Hackers leak the Source Code for Symantec Product A group calling itself the Lords of Dharmaraja posted an Adobe document online Wednesday that it claimed was a glimpse of the source code for the internet security software. But Symantec spokesman Cris Paden said "no source code was disclosed" in...

Lighttpd Proof of Concept code for CVE-2011-4362

No description provided by source. 29 of November 2011 was the date of public disclosure interesting vulnerability in lighttpd server. Xi Wang discovered that modauth for this server does not propely decode characters from the extended ASCII table. The vulnerable code is below: "src/httpauth.c:67...

Tiki Wiki CMS Groupware 8.1 - 'show_errors' HTML Injection

source: https://www.securityfocus.com/bid/51128/info Tiki Wiki CMS Groupware is prone to an HTML-injection vulnerability because the application fails to properly sanitize user-supplied input. Successful exploits will allow attacker-supplied HTML and script code to run in the context of the...

CVE-2011-4766

The Site Editor aka SiteBuilder feature in Parallels Plesk Small Business Panel 10.2.0 allows remote attackers to obtain ASP source code via a direct request to wysiwyg/fckconfig.js. NOTE: CVE disputes this issue because ASP is only used in a JavaScript comment...

CVE-2011-4766

The Site Editor aka SiteBuilder feature in Parallels Plesk Small Business Panel 10.2.0 allows remote attackers to obtain ASP source code via a direct request to wysiwyg/fckconfig.js. NOTE: CVE disputes this issue because ASP is only used in a JavaScript comment...

CVE-2011-4766

The CVE-2011-4766 entry concerns Parallels Plesk Small Business Panel 10.2.0, specifically the Site Editor/SiteBuilder and the file wysiwyg/fckconfig.js. The claim is that remote attackers could obtain ASP source code via direct access to that file; however, multiple sources note this is disputed...

Source Code of Crypo.com Available to Download !

Source Code of Crypo.com Available to Download ! The Source Code of Crypo.com , One of the Famous Free Online Encryption Service is now available to download form a File sharing website. This Script will encrypt your messages using a strong encryption algorithm, and then your information will be...

Source Code of Crypo.com Available to Download !

Source Code of Crypo.com Available to Download ! The Source Code of Crypo.com , One of the Famous Free Online Encryption Service is now available to download form a File sharing website. This Script will encrypt your messages using a strong encryption algorithm, and then your information will be...

EXCMS suspected then storm Backdoor-vulnerability warning-the black bar safety net

One day encounter Excms of the system, The Official Website http://www. excms. cn/ In GG search excms vulnerability found http://www.myhack58.com/Article/html/3/62/2011/28871.htm Analysis the author is clearly in possession of back door vulnerabilities. Download source code analysis, it is clear ...

QuesCom Qportal User 5.10.014 Source Disclosure

Discussion - DcLabs Security Research Group advises about the following vulnerabilityies: Software - QuesCom Qportal User Vendor Product Description - No vendor product description - Site: http://www.quescom.com/ Advisory Timeline - 12/01/2011 - First Contact requesting security department...

SMF 2.0.1 - SQL Injection Privilege Escalation

SMF 2.0.1 - SQL Injection Privilege Escalation !/usr/bin/python -- coding: iso-8859-15 -- Exploit Title: Smf = 2.0.1 Sql injection Vulnerability Author: The:Paradox Disclosure date: 06/12/2011 Software Link: http://download.simplemachines.org/ , http://www.php.net/releases/ Smf = 2.0.1 Sql...

FreeBSD - 'ftpd / ProFTPd' Remote Command Execution

/ KCOPE2011 - x86/amd64 bsd ftpd remote root exploit KINGCOPE CONFIDENTIAL - SOURCE MATERIALS This is unpublished proprietary source code of KINGCOPE Security. C COPYRIGHT KINGCOPE Security, 2011 All Rights Reserved bug found by Kingcope thanks to noone except alex whose damn down tested against:...

CrySyS Duqu Detector Open source Toolkit Released

CrySyS Duqu Detector Open source Toolkit Released Two weeks ago Researchers at the Laboratory of Cryptography and System Security CrySyS in Hungary confirmed the existence of the zero-day vulnerability in the Windows kernel, according to security researchers tracking the Stuxnet-like...

PHP Photo Album 0.4.1.16 - Multiple Disclosure Vulnerabilities

PHP Photo Album 0.4.1.16 - Multiple Disclosure Vulnerabilities ---------------------------------------------------------------- PHP Photo Album = 0.4.1.16 Multiple Disclosure Vulnerabilities ---------------------------------------------------------------- Exploit Title: PHP Photo Album = 0.4.1.16...

PHP Photo Album 0.4.1.16 - Multiple Disclosure Vulnerabilities

---------------------------------------------------------------- PHP Photo Album = 0.4.1.16 Multiple Disclosure Vulnerabilities ---------------------------------------------------------------- Exploit Title: PHP Photo Album = 0.4.1.16 Multiple Disclosure Vulnerabilities Google Dork:...