snmp-brute NSE Script

Attempts to find an SNMP community string by brute force guessing. This script opens a sending socket and a sniffing pcap socket in parallel threads. The sending socket sends the SNMP probes with the community strings, while the pcap socket sniffs the network for an answer to the probes. If valid...

Clean CMS 1.5 (full_txt.php id) Blind SQL Injection Exploit

No description provided by source. Clean CMS 1.5 fulltxt.php id Blind SQL Injection Exploit url: http://www.4yoursite.nl/scriptcleancms.php Author: JosS mail: sys-projectathotmaildotcom site: http://hack0wn.com && spanish-hackers.com team: Spanish Hackers Team - SHT This was written for education...

Double free

Double free vulnerability in the kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows local users to gain privileges via a crafted application that makes system calls within multiple threads, aka "Windows Kernel Unhandled...

FreeBSD Ports: tcl, tcl-threads

The remote host is missing an update to the system as announced in the referenced advisory. VID a058d6fa-7325-11dc-ae10-0016179b2dd5 OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

FreeBSD Ports: ruby, ruby+pthreads, ruby+pthreads+oniguruma, ruby+oniguruma

The remote host is missing an update to the system as announced in the referenced advisory. VID 959d384d-6b59-11dd-9d79-001fc61c2a55 OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

FreeBSD Ports: tcl, tcl-threads

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Linux Kernel 2.4.x / 2.6.x uselib() Local Privilege Escalation Exploit

No description provided by source. / pwned.c - linux 2.4 and 2.6 sysuselib local root exploit. PRIVATE. it's not the best one, the ldt approach is definitively better. discovered may 2004. no longer private because lorian/cliph/ihaquer can lick my balls. c 2004 sd [email protected] requieres cca 1...

SmartPPC Pay Per Click Script - idDirectory Blind SQL Injection (2)

SmartPPC Pay Per Click Script - idDirectory Blind SQL Injection 2 !/usr/bin/perl -W SmartPPC Pay Per Click Script Blind SQL Injection Exploit File affected: directory.php $idDirectory Vulnerability: Hamtaro Exploit: ka0x ka0x@domlabs:$ ./smartppc.pl -u...

[SECURITY] Fedora 8 Update: glib2-2.14.6-2.fc8

GLib is the low-level core library that forms the basis for projects such as GTK+ and GNOME. It provides data structure handling for C, portability wrappers, and interfaces for such runtime functionality as an event loop, threads, dynamic loading, and an object system. This package provides versi...

CVE-2008-1323

Cross-site request forgery CSRF vulnerability in index.php in WoltLab Burning Board Lite wBB 2 Beta 1 allows remote attackers to delete threads as other users via the ThreadDelete action...

Cross site request forgery (csrf)

Multiple cross-site request forgery CSRF vulnerabilities in MyBB 1.2.11 and earlier allow remote attackers to 1 hijack the authentication of moderators or administrators for requests that delete threads via a domultideletethreads action to moderation.php and 2 hijack the authentication of arbitra...

CVE-2008-0788

Multiple cross-site request forgery CSRF vulnerabilities in MyBB 1.2.11 and earlier allow remote attackers to 1 hijack the authentication of moderators or administrators for requests that delete threads via a domultideletethreads action to moderation.php and 2 hijack the authentication of arbitra...

[SECURITY] Fedora 8 Update: glib2-2.14.6-1.fc8

GLib is the low-level core library that forms the basis for projects such as GTK+ and GNOME. It provides data structure handling for C, portability wrappers, and interfaces for such runtime functionality as an event loop, threads, dynamic loading, and an object system. This package provides versi...

CVE-2008-0472

Cross-site request forgery CSRF vulnerability in modcp.php in Woltlab Burning Board wBB 2.3.6 PL2 allows remote attackers to delete threads as moderators or administrators via a threaddel action...

CVE-2008-0472

The CVE-2008-0472 entry concerns Woltlab Burning Board (wBB) 2.3.6 PL2. The vulnerable component is modcp.php, where a cross-site request forgery (CSRF) can cause thread deletion by a moderator or administrator via a thread_del action. The exploit does not require authentication, aligning with th...

Sql injection

Multiple SQL injection vulnerabilities in MyBB 1.2.10 and earlier allow remote moderators and administrators to execute arbitrary SQL commands via 1 the mergepost parameter in a domergeposts action, 2 rid parameter in an allreports action, or 3 threads parameter in a domultimovethreads action to ...

CVE-2008-0383

Multiple SQL injection vulnerabilities in MyBB 1.2.10 and earlier allow remote moderators and administrators to execute arbitrary SQL commands via 1 the mergepost parameter in a domergeposts action, 2 rid parameter in an allreports action, or 3 threads parameter in a domultimovethreads action to ...

MyBB 1.2.11 Multiple XSRF Vulnerabilities

Founded: 18, January 2008 Founder: nbbn MyBB Version: 1.2.11 and lower Type: Multiple XSRF Vulnerabilities 1 Delete Threads XSRF Vulnerabilitie: html head /head body onLoad="javascript:document.formular.submit" form action="http://localhost/xampp/mybb/moderation.php" method="post" name="formular"...

mybb-xsrf.txt

Founded: 18, January 2008 Founder: nbbn MyBB Version: 1.2.11 and lower Type: Multiple XSRF Vulnerabilities 1 Delete Threads XSRF Vulnerabilitie: Poc: 1. Create a .html file and copy the code into it. 2. Upload the file and now send the link to an admin or moderator 3. Done 2 Delete PM's XSRF Vuln...

crystal-dos.txt

Application: Crystal Reports XI Release 2 Enterprise Tree Control Remote BoF/Dos www.businessobjects.com Versions: 11 Platforms: Windows XP Professional Bug: buffer-overflow Exploitation: remote Date: 2007-01-16 Author: shinnai e-mail: shinnaiatautisticidotorg web: http://shinnai.altervista.org 1...