PHP 5.3.6 - 'shmop_read()' Integer Overflow Denial of Service

...

quickshare file share 1.2.1 - Directory Traversal (1)

!/usr/bin/python Exploit Title: QuickShare File Share 1.2.1 Directory Traversal Vulnerability Date: 02/03/2011 Author: modpr0be Software Link: http://www.quicksharehq.com/files/qfssetup.exe Vulnerable version: 1.2.1 Tested on: Windows XP SP3 VMware Player 3.1.3 build-324285 CVE : N/A...

Linux Kernel IGB Panic VLAN报文远程拒绝服务漏洞

Linux Kernel是开放源码操作系统Linux所使用的内核。 Linux Kernel在实现上存在漏洞，攻击者可利用此漏洞造成内核崩溃，拒绝服务合法用户。 此漏洞源于VLAN无过滤，无法处理位于0000000000000028的Kernel NULL指针引用。 Debian Linux 4.0 x Linux kernel 2.6.11.11 - 2.6.37 Ubuntu Linux 6.06 LTS amd64 - 8.04 LTS spar 厂商补丁： Linux ----- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载：...

Ubuntu Linux 'mountall' Local Privilege Escalation Vulnerability

Exploit for linux platform in category local exploits ================================================================ Ubuntu Linux 'mountall' Local Privilege Escalation Vulnerability ================================================================ !/bin/sh by fuzz. For Anux inc. ubuntu 10.04 ,...

Maian Gallery v2 Local File Download Vulnerability

Exploit for php platform in category web applications ================================================== Maian Gallery v2 Local File Download Vulnerability ================================================== !/usr/bin/python This vulnerability uses filegetcontents so we have some limitations, we...

Maian Gallery 2 - Local File Download

!/usr/bin/python This vulnerability uses filegetcontents so we have some limitations, we cant execute PHP and we cant read files that the web server will interpret such as PHP, conf etc tested on: Ubuntu Linux 2.6.32 with php v5.3.2 registerglobals = Off PRIVATE 0DAY - code by mrme Vulnerability...

Webkit Floating Point Datatype Remote Code Execution Vulnerability

Description WebKit is prone to a remote code-execution vulnerability. Successful exploits will allow an attacker to run arbitrary code in the context of the user running the application. Failed attacks will cause denial-of-service conditions. Versions prior to Safari 5.0.2 and Safari 4.1.2 are...

Spotify Version: 0.4.3.426 Disconnect Exploit

Exploit for windows platform in category dos / poc Exploit Title: Spotify Disconnect Exploit Author: pimpim - email protected Software Link: http://www.spotify.com/se/download/windows/ Version: 0.4.3.426 Platform / Tested on: Windows 7, Windows XP, Ubuntu linux using wine Category: dos Descriptio...

LightNEasy 3.2 admin account hijacking csrf vulnerability

Exploit for php platform in category web applications ========================================================= LightNEasy 3.2 admin account hijacking csrf vulnerability ========================================================= Author: pimpim Software Link:...

PHP Login Script v 2.3 SQL Injection vulnerability

Exploit for php platform in category web applications ================================================== PHP Login Script v 2.3 SQL Injection vulnerability ================================================== Exploit Title: PHP Login Script v 2.3 SQL Injection vulnerability. Date: 23/7 2010 Author:...

DDIVRT-2010-29 ALPHA Ethernet Adapter II Web-Manager 3.40.2 Authentication Bypass

Title ----- DDIVRT-2010-29 ALPHA Ethernet Adapter II Web-Manager 3.40.2 Authentication Bypass Severity -------- High Date Discovered --------------- April 30th, 2010 Discovered By ------------- Digital Defense, Inc. Vulnerability Research Team Credit: Edward Bullard, James Robertson and r@b13$...

Apache Foundation Hit by Targeted XSS Attack

Combining a cross-site scripting XSS vulnerability with a TinyURL redirect, hackers successfully broke into the infrastructure for the open-source Apache Foundation in what is being described as a “direct, targeted attack.” The hackers hit the server hosting the software that Apache.org uses to i...

CyberCMS SQL Injection

Exploit Title: CyberCMS Remote SQL Injection Vuln. Date: 26/11/2009 Author: hc0de | hc0de.blogspot.com Software Link: http://cyberfusion.ramx.org/cyber-cms Version: app version Tested on: Ubuntu Linux 9.04 CVE : PoC: +Target: http://server/faq.php?id=SQLCODE -MySQL Version: 5.0.37-community-nt...

CyberCMS - SQL Injection

CyberCMS - SQL Injection Exploit Title: CyberCMS Remote SQL Injection Vuln. Date: 26/11/2009 Author: hc0de | hc0de.blogspot.com Software Link: http://cyberfusion.ramx.org/cyber-cms Version: app version Tested on: Ubuntu Linux 9.04 CVE : PoC: +Target: http://server/faq.php?id=SQLCODE -MySQL Versio...

CyberCMS - SQL Injection

Exploit Title: CyberCMS Remote SQL Injection Vuln. Date: 26/11/2009 Author: hc0de | hc0de.blogspot.com Software Link: http://cyberfusion.ramx.org/cyber-cms Version: app version Tested on: Ubuntu Linux 9.04 CVE : PoC: +Target: http://server/faq.php?id=SQLCODE -MySQL Version: 5.0.37-community-nt...

Linux Kernel 'fasync_helper()' Local Privilege Escalation Vulnerability

Exploit for linux platform in category local exploits ======================================================================= Linux Kernel 'fasynchelper' Local Privilege Escalation Vulnerability ======================================================================= Credit: Tavis Ormandy...

ISC BIND 9 DNSSEC Bogus NXDOMAIN Response Remote Cache Poisoning Vulnerability

ISC BIND 9 is prone to a remote cache-poisoning vulnerability. An attacker may leverage this issue to manipulate cache data, potentially facilitating man-in-the-middle, site-impersonation, or denial-of-service attacks. Versions prior to the following are vulnerable: BIND 9.4.3-P5 BIND 9.5.2-P2 BI...

PHP 'session_save_path()' 'safe_mode' Restriction-Bypass Vulnerability

Exploit for unknown platform in category remote exploits ====================================================================== PHP 'sessionsavepath' 'safemode' Restriction-Bypass Vulnerability ====================================================================== Vulnerable: PHP PHP 5.3.1 PHP PH...

MySQL 'sql/sql_table.cc' CREATE TABLE Security Bypass Vulnerability

MySQL is prone to a security-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and gain access to table files created by other users, The following are vulnerable: MySQL 5.0.x through 5.0.88 MySQL 5.1.x through 5.1.41 MySQL 6.0 prior to 6.0.9-alpha...

Expat 2.0.1 UTF-8 Character XML Parsing Remote DOS Vulnerability

Exploit for unknown platform in category dos / poc ============================================================================== Expat 2.0.1 UTF-8 Character XML Parsing Remote Denial of Service Vulnerability ============================================================================== Title:...