5286 matches found
Libretto CMS 2.2.2 Shell Upload
Exploit Title : LibrettoCMS 2.2.2 Malicious File Upload Date : 14 June 2013 Exploit Author : CWH Underground Site : www.2600.in.th Vendor Homepage : http://libretto.artwebonline.com/ Software Link : http://jaist.dl.sourceforge.net/project/librettocms/librettoCMSv.2.2.2.zip Version : 2.2.2 Tested ...
LibrettoCMS 2.2.2 - Arbitrary File Upload
LibrettoCMS 2.2.2 - Arbitrary File Upload Exploit Title : LibrettoCMS 2.2.2 Malicious File Upload Date : 14 June 2013 Exploit Author : CWH Underground Site : www.2600.in.th Vendor Homepage : http://libretto.artwebonline.com/ Software Link :...
rfi
This plugin finds remote file inclusion vulnerabilities. Three configurable parameters exist: listenaddress listenport usew3afsite There are two ways of running this plugin, the most common one is to use w3afs site w3af.sf.net as the URL to include. This is convenient and requires zero...
OPPO sub-nginx parses can be scored permissions-bug warning-the black bar safety net
Brief description: OPPO sub-Station, nginx parses are scored permissions. The vulnerability risk is very large,it is easy to behackersthe use of Gift OK I can only say that this is really the idea. Detailed description: Upload address:...
Incomplete blacklist vulnerability - ownCloud
Incomplete blacklist vulnerability in ownCloud before 5.0.6 allows authenticated remote attackers to execute arbitrary PHP code by uploading a crafted file and accessing an uploaded PHP file. Note: Successful exploitation requires that the /data/ directory is stored inside the webroot and a...
Server: Incomplete blacklist vulnerability
Incomplete blacklist vulnerability in ownCloud before 5.0.6 allows authenticated remote attackers to execute arbitrary PHP code by uploading a crafted file and accessing an uploaded PHP file. Note: Successful exploitation requires that the /data/ directory is stored inside the webroot and a...
phpMyAdmin 3.5.8 / 4.0.0-RC2 Code Execution / LFI / Overwrite
waraxe-2013-SA103 - Multiple Vulnerabilities in phpMyAdmin =============================================================================== Author: Janek Vind "waraxe" Date: 25. April 2013 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-103.html Description of vulnerable software:...
MinaliC Webserver 2.0.0 Buffer Overflow Vulnerability
MinaliC Webserver version 2.0.0 buffer overflow exploit that binds a shell to port 4444. Works on Windows Server 2003 SP3 only. !/usr/bin/env python Title : MinaliC Webserver 2.0.0 Post Method Remote Command Execution Works for Windows Server 2003 sp2 Only Date: 12 Apr 2013 Exploit Author: Antoni...
MinaliC Webserver 2.0.0 Buffer Overflow
!/usr/bin/env python Title : MinaliC Webserver 2.0.0 Post Method Remote Command Execution Works for Windows Server 2003 sp2 Only Date: 12 Apr 2013 Exploit Author: Antonius - http://www.cr0security.com - http://www.codewall-security.com Thanks : http://www.offensive-security.com ,...
CVE-2013-1497
Unspecified vulnerability in the Oracle COREid Access component in Oracle Fusion Middleware 10.1.4.3.0 allows remote attackers to affect integrity via unknown vectors related to WebGate - WebServer plugin...
Buffer overflow
Unspecified vulnerability in the Oracle COREid Access component in Oracle Fusion Middleware 10.1.4.3.0 allows remote attackers to affect integrity via unknown vectors related to WebGate - WebServer plugin...
CVE-2013-1497
Unspecified vulnerability in the Oracle COREid Access component in Oracle Fusion Middleware 10.1.4.3.0 allows remote attackers to affect integrity via unknown vectors related to WebGate - WebServer plugin...
CVE-2013-1497
CVE-2013-1497 affects Oracle Fusion Middleware 10.1.4.3.0’s Oracle COREid Access component, specifically the WebGate-WebServer plugin, with remote integrity impact via unspecified vectors. The NVD entry cites a network-access vulnerability (CVSS v2 base 4.3, MEDIUM) but does not detail exploit ve...
MinaliC Host Header Handling Remote Buffer Overflow Vulnerability
MinaliC Webserver is prone to a buffer overflow vulnerability. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
MinaliC Webserver 2.0.0 - Buffer Overflow
Remote command execution by triggering a buffer overflow in the GET request. import socket import struct 74 bytes calc.exe from http://code.google.com/p/win-exec-calc-shellcode/ shellcode = "\x31\xd2\x52\x68\x63\x61\x6c\x63\x89\xe6\x52\x56\x64\x8b\x72" +...
MinaliC Webserver 2.0.0 Buffer Overflow
!/usr/bin/env python Exploit Title: MinaliC Webserver buffer overflow Date: 12 Apr 2013 Exploit Author: superkojiman - http://www.techorganic.com Vendor Homepage: http://minalic.sourceforge.net/ Version: MinaliC Webserver 2.0.0 Tested on: Windows XP Pro SP2, English Description: Remote command...
MinaliC WebServer 2.0.0 - Remote Buffer Overflow
MinaliC WebServer 2.0.0 - Remote Buffer Overflow !/usr/bin/env python Exploit Title: MinaliC Webserver buffer overflow Date: 12 Apr 2013 Exploit Author: superkojiman - http://www.techorganic.com Vendor Homepage: http://minalic.sourceforge.net/ Version: MinaliC Webserver 2.0.0 Tested on: Windows X...
MinaliC WebServer 2.0.0 - Remote Buffer Overflow
!/usr/bin/env python Exploit Title: MinaliC Webserver buffer overflow Date: 12 Apr 2013 Exploit Author: superkojiman - http://www.techorganic.com Vendor Homepage: http://minalic.sourceforge.net/ Version: MinaliC Webserver 2.0.0 Tested on: Windows XP Pro SP2, English Description: Remote command...
EasyPHP Webserver <= 12.1 Multiple Vulnerabilities - Active Check
EasyPHP Webserver is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EasyPHP WebServer v.(all) <= Multiple Vulnerabilities
EasyPHP is Suffer from : + Auth Bypass + Remote Shell Injection / Remote Code Execute The Bug in EasyPHP WebServer Manager found because the PORTAL of Administration doesn't protected ! so just when you found the Admin-Portal - you can bypass the auth directly and remote attacker can get some...