Slooze PHP Web Photo Album 0.2.7 - Command Execution Vulnerability

No description provided by source. 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ /'\ \ /\ \ \ \ /'\ 0 0 \ \ /\ /\ \ \ \ /\ \ \ /\ /\ \ \ \ \ \ \ / 1 1 \ \ \ \\ \ \ /\ \...

AdaptCMS_Lite_1.5 2009-07-07

No description provided by source. =========================================================================== Topic : AdaptCMSLite1.5 2009-07-07 Bug type : change admin user,passwd & add new admin user exploit Download :...

Xoops 2.5.4 - Blind SQL Injection

No description provided by source. ------------------------------------------ Xoops 2.5.4 Blind SQL Injection ------------------------------------------ Dork: Powered by XOOPS 2.5.4 Download: http://sourceforge.net/projects/xoops/ Date: 10/12/2011 Author: blkhtc0rp Mail: blkhtc0rpatyahoodotcom...

Flip <= 3.0 - Remote Password Hash Disclosure Exploit

No description provided by source. !/usr/bin/perl use strict; use IO::Socket; my $app = Flip = 3.0; my $type = Passwords Hash Disclosure; my $author = undefined1; my $vendor = http://sourceforge.net/projects/flipsource; banner; my $server = shift || usage; my $port = shift || usage; if$server =...

Shadows Rising RPG <= 0.0.5b Remote File Include Vulnerabilities

No description provided by source. !/usr/bin/env python coding: utf-8 from pocsuite.net import req from pocsuite.poc import POCBase, Output from pocsuite.utils import register class TestPOCPOCBase: vulID = '63868' ssvid version = '1.0' author = '皮皮' vulDate = '2006-08-23' createDate = '2015-12-24...

PHPcounter <= 1.3.2 (defs.php l) Local File Inclusion Vulnerability

No description provided by source. :::::::-. ... ::::::. :::. ;;, ';, ;; ;;;;;;;, ;;; ' . ' $$, $$$$ $$$ $$$ Y$c$$ 888,o8P'88 .d888 888 Y88 MMMMP YmmMMMM MMM YM Discovered by dun \ dunatstrcpy.pl PHPcounter = 1.3.2 Local File Inclusion Vulnerability Script: A multi-account real time web-site...

TrueCrypt Warns Software 'Not Secure,' Development Shut Down

Is it a hoax, or the end of the line for TrueCrypt? At the moment, there is little more than speculation as to the appearance today of an ominous note greeting visitors to the TrueCrypt page at SourceForge. The text warns that the open source encryption software is not secure and informs users th...

Jasper Server 5.5 Session Fixation

Session Fixation / Hijacking on JasperServer + Date: 09/05/2014 + Risk: High + CWE number: CWE-384 + Author: Felipe Andrian Peixoto + Vendor Homepage: http://www.jaspersoft.com/ + Software Download : http://sourceforge.net/projects/jasperserver/ + Contact: [email protected] + Tested on:...

InfraRecorder 0.53 - Memory Corruption (Denial of Service)

InfraRecorder 0.53 - Memory Corruption Denial of Service Exploit Title: InfraRecorder Memory Corruption Exploit DOS Author: sajith version: version 0.53 vulnerable app link: http://sourceforge.net/projects/infrarecorder/files/InfraRecorder/0.53/ir053.exe/download Tested in windows Xp sp3,english...

InfraRecorder 0.53 - Memory Corruption (Denial of Service)

Exploit Title: InfraRecorder Memory Corruption Exploit DOS Author: sajith version: version 0.53 vulnerable app link: http://sourceforge.net/projects/infrarecorder/files/InfraRecorder/0.53/ir053.exe/download Tested in windows Xp sp3,english rawinput"hit enter to fuzz" print "poc by sajith shetty"...

Postfix Admin 'functions.inc.php' SQL注入漏洞

BUGTRAQ ID: 66455 CVECAN ID: CVE-2014-2655 Postfix是Unix类操作系统中所使用的邮件传输代理。 用于程序没有在SQL查询前充分过滤用户提供的数据，允许攻击者危及应用程序，访问或修改数据，或利用底层数据库中潜在的漏洞。 0 Postfix Admin Postfix Admin 2.3.5 Postfix Admin Postfix Admin 2.3.4 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： http://sourceforge.net/projects/postfixadmin/...

TigerVNC &quot;ZRLE_DECODE()&quot;缓冲区溢出漏洞

CVE ID：CVE-2014-0011 TigerVNC是一种先进的VNC的实现。 由于"ZRLEDECODE"功能common/rfb/zrleDecode.h存在边界错误，攻击者可以利用漏洞导致缓冲区溢出。 0 TigerVNC 1.x TigerVNC 1.3.1版本以修复此漏洞，建议用户下载使用： http://sourceforge.net/projects/tigervnc/...

PhpSiteManager 1.1.1 Cross Site Scripting

Exploit Title: PhpSiteManager 1.1.1 Cross site scripting Date: 2014 18 March Author: Dr.3v1l Vendor Homepage: http://sourceforge.net/projects/bakari Download : http://filewatcher.com/m/phpSMv1.1.2.tgz.338496-0.html Version : 1.1.1 Tested on: Windows Category: webapps Google Dork: intext:"Powered ...

Bigace 2.7.5 LFI / XSS / SQL Injection

Exploit Title: Bigace 2.7.5 Blind Sql Injection Bigace 2.7.5 Cross site scripting Bigace 2.7.5 Local File Inclusion Date: 2014 18 March Author: Dr.3v1l Vendor Homepage: http://sourceforge.net/projects/bigace/files/bigace2.7.5.zip Version : 2.7.5 Tested on: Windows Category: webapps Google Dork:...

MicroP 0.1.1.1600 - &#039;.mppl&#039; Local Stack Buffer Overflow

!/usr/bin/env ruby Exploit Title:MicroP.mppl Local Stack Based Buffer Overflow Author:Necmettin COSKUN = twitter.com/babayarisi Blog : http://www.ncoskun.com http://www.grisapka.org Vendor :http://sourceforge.net/projects/microp/ Software...

MicroP 0.1.1.1600 - .mppl Local Stack Buffer Overflow

MicroP 0.1.1.1600 - .mppl Local Stack Buffer Overflow !/usr/bin/env ruby Exploit Title:MicroP.mppl Local Stack Based Buffer Overflow Author:Necmettin COSKUN = twitter.com/babayarisi Blog : http://www.ncoskun.com http://www.grisapka.org Vendor :http://sourceforge.net/projects/microp/ Software...

MicroP 0.1.1.1600 Buffer Overflow

!/usr/bin/env ruby Exploit Title:MicroP.mppl Local Stack Based Buffer Overflow Author:Necmettin COSKUN = twitter.com/babayarisi Blog : http://www.ncoskun.com http://www.grisapka.org Vendor :http://sourceforge.net/projects/microp/ Software...

PHP Ticket System Beta 1 - get_all_created_by_user.php?id SQL Injection

PHP Ticket System Beta 1 - getallcreatedbyuser.php?id SQL Injection ============================================================== Title ...| PHP Ticket System SQL Injection Version .| BETA1.zip Date ....| 27.02.2014 Found ...| HauntIT Blog Home ....|...

doorGets 6.0 Cross Site Scripting

============================================================== Title ...| doorGets 6.0 Multiple vulnerabilities Version .| doorGets 6.0 Date ....| 27.02.2014 Found ...| HauntIT Blog Home ....| http://sourceforge.net ==============================================================...

PHP Ticket System Beta 1 - &#039;get_all_created_by_user.php?id&#039; SQL Injection

============================================================== Title ...| PHP Ticket System SQL Injection Version .| BETA1.zip Date ....| 27.02.2014 Found ...| HauntIT Blog Home ....| http://sourceforge.net/projects/phpticketsystem/ ==============================================================...