1197 matches found
Exodus 0.10 - URI Handler Arbitrary Parameter Injection (2)
testfile echo Dim wshShell testfile echo Set wshShell = CreateObject"WScript.Shell" testfile echo wshShell.Run"cmd /c start calc" testfile echo ^ testfile nc -L -s 192.168.0.1 -p 5222 -vv click me click me milw0rm.com 2008-11-20...
Microsoft XML Core Services传输编码跨域信息泄露漏洞(MS08-069)
BUGTRAQ ID: 32204 CVECAN ID: CVE-2008-4033 Microsoft XML Core Services(MSXML)允许使用JScript、VBScript和Visual Studio 6.0的用户开发基于XML的应用,以与其他遵循XML 1.0标准的应用程序交互操作。 Microsoft XML Core Services处理传输编码头的方式中存在一个信息泄露漏洞。如果用户浏览包含特制内容的网站或打开特制HTML电子邮件,此漏洞可能允许读取另一个Internet Explorer域中的网页的数据。 Microsoft XML Core Servic...
Hummingbird Deployment Wizard 2008 Registry Values Creation/Change
No description provided by source. ------------------------------------------------------------------------------------ Hummingbird Deployment Wizard 2008 DeployRun.dll Registry Values Creation/Change url: http://www.hummingbird.com Author: shinnai mail: shinnaiatautisticidotorg site:...
Hummingbird Deployment Wizard 2008 - Registry Values CreationChange
Hummingbird Deployment Wizard 2008 - Registry Values CreationChange ------------------------------------------------------------------------------------ Hummingbird Deployment Wizard 2008 DeployRun.dll Registry Values Creation/Change url: http://www.hummingbird.com Author: shinnai mail:...
Hummingbird Deployment Wizard 2008 ActiveX File Execution(2)
No description provided by source. -------------------------------------------------------------------------------- Hummingbird Deployment Wizard 2008 DeployRun.dll Arbitrary File Execution2 url: http://www.hummingbird.com Author: shinnai mail: shinnaiatautisticidotorg site: http://www.shinnai.ne...
Autodesk DWF Viewer Control / LiveUpdate Module Remote Exploit
Exploit for unknown platform in category remote exploits ============================================================== Autodesk DWF Viewer Control / LiveUpdate Module Remote Exploit ============================================================== !-- Autodesk DWF Viewer Control / LiveUpdate Module...
Autodesk DWF Viewer Control LiveUpdate Module - Remote Code Execution
Autodesk DWF Viewer Control LiveUpdate Module - Remote Code Execution !-- Autodesk DWF Viewer Control / LiveUpdate Module remote code execution exploit by Nine:Situations:Group::bruiser site: http://retrogod.altervista.org/ tested against IE6 tested software: Revit Architecture 2009 sp2 Autodesk...
Autodesk DWF Viewer Control / LiveUpdate Module - Remote Code Execution
!-- Autodesk DWF Viewer Control / LiveUpdate Module remote code execution exploit by Nine:Situations:Group::bruiser site: http://retrogod.altervista.org/ tested against IE6 tested software: Revit Architecture 2009 sp2 Autodesk Design Review 2009 which also comes with Revit dll settings both: RegK...
CVE-2008-1093
Acresso InstallShield Update Agent does not properly verify the authenticity of Rule Scripts obtained from GetRules.asp web pages on FLEXnet Connect servers, which allows remote man-in-the-middle attackers to execute arbitrary VBScript code via Trojan horse Rules...
Design/Logic Flaw
Acresso InstallShield Update Agent does not properly verify the authenticity of Rule Scripts obtained from GetRules.asp web pages on FLEXnet Connect servers, which allows remote man-in-the-middle attackers to execute arbitrary VBScript code via Trojan horse Rules...
CVE-2008-1093
Acresso InstallShield Update Agent does not properly verify the authenticity of Rule Scripts obtained from GetRules.asp web pages on FLEXnet Connect servers, which allows remote man-in-the-middle attackers to execute arbitrary VBScript code via Trojan horse Rules...
adobe9-dos.txt
arg1="acroie:///DoS" target.src = arg1...
MS Windows (HTA) Script Execution Exploit (MS05-016)
No description provided by source. / Changed date in db to place it on the main page instead of it being bumped off /str0ke / /++ MS05-016 POC Made By ZwelL [email protected] 2005.4.13 All information from : http://www.securityfocus.net/archive/1/395563/2005-04-10/2005-04-16/0 You need make a .hta...
ppmate-dospoc.txt
arg1=String10000, "A" target.StartURLarg1...
Black Ice Software Inc Barcode SDK (BITiff.ocx) Remote BOF Exploit (2)
No description provided by source. Black Ice Software Inc Barcode SDK BITiff.ocx Remote Buffer Overflow url: http://www.blackice.com File : BITiff.ocx Ver. : 10.9.3.0 CLSID: 2324B5B7-D3EF-464C-BB35-06EFF8F11EB3 Mark.: RegKey Safe for Script: True RegKey Safe for Init: True...
QuickerSite 1.8.5 Multiple Remote Vulnerabilities
No description provided by source. www.BugReport.ir AmnPardaz Security Research Team Title: QuickerSite Multiple Vulnerabilities Vendor: www.quickersite.com Vulnerable Version: 1.8.5 Exploit: Available Impact: High Fix: N/A Original Advisory: http://bugreport.ir/index.php?/39 1. Description:...
quicksite-multi.txt
www.BugReport.ir AmnPardaz Security Research Team Title: QuickerSite Multiple Vulnerabilities Vendor: www.quickersite.com Vulnerable Version: 1.8.5 Exploit: Available Impact: High Fix: N/A Original Advisory: http://bugreport.ir/index.php?/39 1. Description: QuickerSite is a Content Management...
QuickerSite 1.8.5 - Multiple Vulnerabilities
QuickerSite 1.8.5 - Multiple Vulnerabilities www.BugReport.ir AmnPardaz Security Research Team Title: QuickerSite Multiple Vulnerabilities Vendor: www.quickersite.com Vulnerable Version: 1.8.5 Exploit: Available Impact: High Fix: N/A Original Advisory: http://bugreport.ir/index.php?/39 1...
ibiz-insecure.txt
-------------------------------------------------------------------- IBiz E-Banking Integrator V2 ActiveX Edition Insecure Method Author: shinnai mail: shinnaiatautisticidotorg site: http://shinnai.altervista.org This was written for educational purpose. Use it at your own risk. Author will be no...
Code injection
The 1 VBScript VBScript.dll and 2 JScript JScript.dll scripting engines 5.1 and 5.6, as used in Microsoft Windows 2000 SP4, XP SP2, and Server 2003 SP1 and SP2, do not properly decode script, which allows remote attackers to execute arbitrary code via unknown vectors...