NaviCOPA Web Server Remote Buffer Overflow and Source Code Information Disclosure Vulnerabilities

NaviCOPA Web Server is prone to a remote buffer-overflow vulnerability and an information-disclosure vulnerability because the application fails to properly bounds-check or validate user-supplied input. Successful exploits of the buffer-overflow issue may lead to the execution of arbitrary code i...

Linux Kernel 2.x sock_sendpage() Local Root Exploit (Android Edition)

No description provided by source. Source for exploiting CVE-2009-2692 on Android; Hole is closed in Android kernels released August 2009 or later. orig: http://zenthought.org/content/file/android-root-2009-08-16-source back: http://milw0rm.com/sploits/android-root-20090816.tar.gz...

TGS CMS 0.x SQL Injection / XSS / Disclosure

| | | / | | / | | | \ / | | | / / | |/ \ / / |/ | |/| | | ' \ / | / / | | alertdocument.cookie The Risk: By exploiting this vulnerability, an attacker can inject malicious code in the script and can stole cookies. Fix the vulnerability: Encode output...

TGS CMS 0.x (XSS/SQL/FD) Multiple Remote Vulnerabilities

Exploit for unknown platform in category web applications ======================================================== TGS CMS 0.x XSS/SQL/FD Multiple Remote Vulnerabilities ======================================================== TGS CMS Cross Site Scripting,SQL injection,Blind SQL/XPath...

Directory traversal

Directory traversal vulnerability in index.php in MiniGal b13 aka MG2 allows remote attackers to read the source code of .php files, and possibly the content of other files, via a .. dot dot in the list parameter...

CVE-2008-6933

Directory traversal vulnerability in index.php in MiniGal b13 aka MG2 allows remote attackers to read the source code of .php files, and possibly the content of other files, via a .. dot dot in the list parameter...

Perl$hop e-commerce Script Trust Boundary Input Parameter Injection

Exploit for cgi platform in category web applications =================================================================== Perl$hop e-commerce Script Trust Boundary Input Parameter Injection =================================================================== A while back I was playing around with...

Oracle Java execCommand (Win32)

This module will create a java class which enables the execution of OS commands. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle Java execCommand Win32', 'Description' = %q This module...

Tor 'relay.c' DNS Spoofing Vulnerability - July09 (Linux)

This host is installed with Tor and is prone to DNS Spoofing vulnerability. OpenVAS Vulnerability Test $Id: gbtordnsspoofingvulnjul09lin.nasl 4892 2016-12-30 15:39:07Z teissa $ Tor 'relay.c' DNS Spoofing Vulnerability - July09 Linux Authors: Sharath S Copyright: Copyright c 2009 Greenbone Network...

Vopak Local File Inclusion

============================================================== ===================¦¦¦¦TeamQuarantine¦¦¦¦=================== =====================¦¦¦¦ 7-15-2009 ¦¦¦¦==================== ============¦¦¦¦[email protected]¦¦¦¦============= ===============¦¦¦¦ Author: St00pidMnky...

To quickly locate website source code-bug warning-the black bar safety net

In practice we often face such a dilemma: we felt that the target site uses a set of open source code, but by the webmasters of the pages of the modified obliterate the ability to directly access this source The name of the dominant logo. This our hack is obviously unfavorable, we may in order to...

MySQL <= 5.0.45 COM_CREATE_DB Format String PoC (auth)

No description provided by source. MySQL tested: Version 5.0.45 on CentOS Linux Format String Vulnerability MySQL General Available GA Release is vulnerable. Latest MySQL Version is not vulnerable since the bug if ifdef'ed off. from mysql-5.0.75 source mysql-5.0.75.tar.gz in the file...

MySQL <= 5.0.45 post auth format string vulnerability

MySQL tested: Version 5.0.45 on CentOS Linux Format String Vulnerability MySQL General Available GA Release is vulnerable. Latest MySQL Version is not vulnerable since the bug if ifdef'ed off. from mysql-5.0.75 source mysql-5.0.75.tar.gz in the file libmysqld/sqlparse.cc this source code is also...

MySQL 5.0.45 - (Authenticated) COM_CREATE_DB Format String (PoC)

MySQL tested: Version 5.0.45 on CentOS Linux Format String Vulnerability MySQL General Available GA Release is vulnerable. Latest MySQL Version is not vulnerable since the bug if ifdef'ed off. from mysql-5.0.75 source mysql-5.0.75.tar.gz in the file libmysqld/sqlparse.cc this source code is also...

MySQL <= 5.0.45 COM_CREATE_DB Format String PoC (auth)

Exploit for multiple platform in category dos / poc ====================================================== MySQL = 4.0.0 are affected. function prototype: writeTHD thd, enumenumservercommand command, const char format, ... function call: writethd, command, packet; on line 2084: case COMCREATEDB: ...

Sun Java System Web Server ::$DATA Extension Request JSP Resource Disclosure

The remote Sun Java System Web Server or an older version, such as Sun ONE Web Server or iPlanet reveals the source code of '.jsp' files when an attacker appends '::$DATA' to the request. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid39618; scriptversion"1.10";...

Sun One WebServer source code disclosure

It's possible to obtains page source code via alternate NTFS streams http://server/hello.jsp::$DATA...

NameLess the back door of technical analysis full-contact-vulnerability warning-the black bar safety net

NameLess's name should be heard of it, estimated there are quite a lot of people used it, personally think that this back door is very classic, we'll simply look at about it description: there is only one DLL file, usually do not start in the mouth,can be a reverse connection back door program...

CVE-2009-2301

The radware AppWall Web Application Firewall WAF 1.0.2.6, with Gateway 4.6.0.2, allows remote attackers to read source code via a direct request to 1 funcs.inc, 2 defines.inc, or 3 msg.inc in Management/...

CVE-2009-2301

The CVE-2009-2301 entry concerns the Radware AppWall Web Application Firewall (WAF) version 1.0.2.6 with Gateway 4.6.0.2. The vulnerability allows remote attackers to read source code by directly requesting one of three files (Management/.)(funcs.inc, defines.inc, msg.inc). The underlying issue i...