CVE-2010-4625

MyBB aka MyBulletinBoard before 1.4.12 does not properly handle a configuration with a visible forum that contains hidden threads, which allows remote attackers to obtain sensitive information by reading the Latest Threads block of the Portal Page...

Metasploit Web Crawler

This auxiliary module is a modular web crawler, to be used in conjunction with wmap someday or standalone. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework Web Crawler. Author: Efrain Torres et at metasploit.com 2010...

Savant Web Server 3.1 - Remote Overflow (Metasploit)

$Id: savant31overflow.rb 10546 2010-10-04 20:53:51Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

RarCrack 0.2 - 'Filename init() .bss' (PoC)

The software can be downloaded here: http://rarcrack.sourceforge.net/ Author: stoke Date: 2010-09-20 Download: http://rarcrack.sourceforge.net/ Tested on: Backtrack 4 Site: http://devilcode.it | http://hack2web.altervista.org Special greetz to: nex, for reassure me when i sayed "WHY EIP IT'S NOT...

PYSEC-2010-33

ZServer in Zope 2.10.x before 2.10.12 and 2.11.x before 2.11.7 allows remote attackers to cause a denial of service crash of worker threads via vectors that trigger uncaught exceptions...

Code injection

ZServer in Zope 2.10.x before 2.10.12 and 2.11.x before 2.11.7 allows remote attackers to cause a denial of service crash of worker threads via vectors that trigger uncaught exceptions...

Google's New Priority Inbox Hits a Snag

The buzz this morning isn’t Google’s Buzz, but its new Priority Inbox feature for the company’s Web based Gmail messaging service. The new feature allows heavy e-mail users to filter out and prioritize important messages. But the search giant has already hit a snag in releasing it to the public...

Microsoft Windows Kernel Threads Creation Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel. An attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete compromise of affected computers...

UBBCentral UBB.Threads 6.0 - Remote File Inclusion

UBBCentral UBB.Threads 6.0 - Remote File Inclusion ..:::::::::.. ..:::aad8888888baa:::.. .::::d:?88888888888?::8b::::. .:::d8888:?88888888??a888888b:::. .:::d8888888a8888888aa8888888888b:::. ::::dP::::::::Dz-GhostTeam:::::::Yb:::: ::::dP:::::::::Y888888888P:::::::::Yb::::...

Monkey Web Server Denial Of Service

census ID: census-2009-0004 URL: http://census-labs.com/news/2009/12/14/monkey-httpd/ CVE ID: Pending Affected Products: Monkey web server versions ≤ 0.9.2. Class: Improper Input Validation CWE-20, Incorrect Calculation CWE-682 Remote: Yes Discovered by: Patroklos Argyroudis We have discovered a...

Monkey HTTPd improper input validation vulnerability

census ID: census-2009-0004 URL: http://census-labs.com/news/2009/12/14/monkey-httpd/ CVE ID: Pending Affected Products: Monkey web server versions ? 0.9.2. Class: Improper Input Validation CWE-20, Incorrect Calculation CWE-682 Remote: Yes Discovered by: Patroklos Argyroudis We have discovered a...

PHP "multipart/form-data" Denial of Service Exploit (Python)

Exploit for unknown platform in category web applications ============================================================ PHP "multipart/form-data" Denial of Service Exploit Python ============================================================ !/usr/bin/python -- coding: utf-8 -- Author: Eren Turkay ,...

Savant 3.1 Web Server Overflow

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 /Savant/3.1/ include Msf::Exploit::Remote::HttpClient def initializeinfo = superupdateinfoinfo, 'Name' = 'Savant 3.1 Web Server...

PHP - MultiPart Form-Data Denial of Service (PoC)

!/usr/bin/python PHP MultiPart Form-Data Denial of Service proof of concept, 23-10-2009 Bogdan Calin [email protected] import httplib, urllib, sys, string, threading from string import replace from urlparse import urlparse def usage: print "" print " PHP MultiPart Form-Data Denial of Service...

Microsoft Windows Server 2003 win32k.sys DoS Vulnerability

This host is running Windows Server 2003 operating system and is prone to Denial of Service vulnerability. OpenVAS Vulnerability Test $Id: gbmswin2k3dosvuln.nasl 5363 2017-02-20 13:07:22Z cfi $ Microsoft Windows Server 2003 win32k.sys DoS Vulnerability Authors: Nikita MR Copyright: Copyright c 20...

Design/Logic Flaw

The Personal Sticky Threads addon 1.0.3c for vBulletin allows remote authenticated users to read the title, author, and pages of an arbitrary thread by toggling a personal sticky...

CVE-2008-6754

The Personal Sticky Threads addon 1.0.3c for vBulletin allows remote authenticated users to read the title, author, and pages of an arbitrary thread by toggling a personal sticky...

CVE-2008-6754

The Personal Sticky Threads addon 1.0.3c for vBulletin allows remote authenticated users to read the title, author, and pages of an arbitrary thread by toggling a personal sticky...

CVE-2008-6754

The CVE-2008-6754 vulnerability affects the Personal Sticky Threads addon 1.0.3c for vBulletin. Remote authenticated users can disclose information from arbitrary threads (title, author, and pages) by toggling a personal sticky, indicating an information disclosure flaw in the addon’s handling of...

Fedora Core 9 FEDORA-2009-2688 (glib2)

The remote host is missing an update to glib2 announced via advisory FEDORA-2009-2688. OpenVAS Vulnerability Test $Id: fcore20092688.nasl 6624 2017-07-10 06:11:55Z cfischer $ Description: Auto-generated from advisory FEDORA-2009-2688 glib2 Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft...