phpmsql-local.txt

/ if!functionexists'msqlconnect' die'mSQL extension is not available'; $ret = "\xA3\x3D\x92\x7C"; shell32.dll -CALL EBP WindowsXP $shellcode= "\xbd\xdb\xc6\x38\x8f\xd9\xc9\xd9\x74\x24\xf4\x58\x31\xc9" . "\xb1\x51\x83\xc0\x04\x31\x68\x0e\x03\xb3\xc8\xda\x7a\xbf"...

PHP 5.2.3 - 'snmpget()' object id Local Buffer Overflow (EDI)

http://milw0rm.com/exploits/4204 317 Bytes , Windows Command Shell Bind TCP Inline , Architecture x86 , Windows TinyXP - vm. GET /script.php HTTP/1.1\n telnet 192.168.2.32 4444 Microsoft Windows XP Version 5.1.2600 C Copyright 1985-2001 Microsoft Corp. C:\apache / if !extensionloaded"snmp" die"sn...

[Full-disclosure] EZPhotoSales 1.9.3 Multiple Vulnerabilities

http://www.airscanner.com/security/07080601ezphotosales.htm Airscanner Mobile Security Advisory 07080601: EZPhotoSales 1.9.3 Multiple Vulnerabilities Product: EZPhotoSales 1.9.3 and below Platform: Windows IIS or Apache with PHP Requirements: Windows IIS or Apache with PHP Credits: Seth Fogie...

EZPhotoSales 1.9.3 Multiple Vulnerabilities

http://www.airscanner.com/security/07080601ezphotosales.htm Airscanner Mobile Security Advisory 07080601: EZPhotoSales 1.9.3 Multiple Vulnerabilities Product: EZPhotoSales 1.9.3 and below Platform: Windows IIS or Apache with PHP Requirements: Windows IIS or Apache with PHP Credits: Seth Fogie...

CVE-2007-3384: XSS in Tomcat cookies example

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2007-3384: XSS in Tomcat cookies example Severity: Low Cross-site scripting Vendor: The Apache Software Foundation Versions Affected: 3.3 to 3.3.2 Description: When reporting error messages, Tomcat does not filter user supplied data before display...

PHP 5.2.3 glob() Remote DoS Exploit

?php //PHP 5.2.3 glob Remote DoS Exploit //author: shinnai //mail: shinnaiatautisticidotorg //site: http://shinnai.altervista.org //Tested on xp sp2, worked both from the cli EIP overwrite and on apache Denial of Service //Bug discovered with "Footzo" thanks to rgod. //To download Footzo:...

Mitridat Form Processor Pro XSS

Greetings, I have discovered cross-site scripting vulnerability in Mitridat's Form Processor Pro. http://www.mitridat.com/ http://www.mitridat.com/products-form-processor-pro.html Form Mail: Email Form Processor Pro™ - process all forms on your website Form Mail: Email Form Processor Pro is the...

PHP 5.2.3 Win32std - win_shell_execute Safe Mode Disable Functions Bypass

PHP 5.2.3 Win32std - winshellexecute Safe Mode Disable Functions Bypass milw0rm.com 2007-07-24...

PHP 5.2.3 win32std ext. safe_mode/disable_functions Protections Bypass

No description provided by source. ?php //PHP 5.2.3 win32std extension safemode and disablefunctions protections bypass //author: shinnai //mail: shinnaiatautisticidotorg //site: http://shinnai.altervista.org //Tested on xp Pro sp2 full patched, worked both from the cli and on apache //Thanks to...

PHP 5.2.3 win32std ext. safe_mode/disable_functions Protections Bypass

Exploit for unknown platform in category local exploits ====================================================================== PHP 5.2.3 win32std ext. safemode/disablefunctions Protections Bypass ====================================================================== 0day.today 2018-01-04...

Entertainment CMS - Local File Inclusion / Remote Command Execution

!/usr/bin/perl Entertainment CMS Remote Command Execution Exploit Download: http://rapidshare.com/files/39640099/enter-cms.rar Exploit: http://site.com/path/custom.php?pagename=Local File Inclusion; Example: http://multimedia.mydlstore.net/custom.php?pagename=teeeeeeeeeeee RST WAS MOVED TO...

CentOS 3 / 4 : httpd (CESA-2007:0662)

Updated Apache httpd packages that correct a security issue are now available for Red Hat Enterprise Linux 3 and 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Apache HTTP Server is a popular Web server. The Apache HTTP Server did not...

RHEL 3 / 4 : httpd (RHSA-2007:0662)

Updated Apache httpd packages that correct a security issue are now available for Red Hat Enterprise Linux 3 and 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Apache HTTP Server is a popular Web server. The Apache HTTP Server did not...

PHP 5.2.3 glob() Denial of Service Exploit

No description provided by source. ?php //PHP 5.2.3 glob Remote DoS Exploit //author: shinnai //mail: shinnaiatautisticidotorg //site: http://shinnai.altervista.org //Tested on xp sp2, worked both from the cli EIP overwrite and on apache Denial of Service...

PHP 5.2.3 glob() Denial of Service Exploit

Exploit for multiple platform in category dos / poc ========================================== PHP 5.2.3 glob Denial of Service Exploit ========================================== 0day.today 2018-04-09...

PHP 5.2.3 bz2 com_print_typeinfo() Denial of Service Exploit

No description provided by source. ?php //PHP 5.2.3 bz2 comprinttypeinfo Remote DoS Exploit //author: shinnai //mail: shinnaiatautisticidotorg //site: http://shinnai.altervista.org //Tested on xp sp2, worked both from the cli and on apache //Bug discovered with "Footzo" thanks to rgod. //...

apache_modjk_overflow.rb.txt

require 'msf/core' module Msf class Exploits::Windows::Http::ApacheModJK 'Apache modjk 1.2.20 Buffer Overflow', 'Description' = %q This is a stack overflow exploit for modjk 1.2.20. Should work on any Win32 OS. , 'Author' = 'Nicob ', 'Version' = '$Revision: 4961 $', 'License' = MSFLICENSE,...

Apache Tomcat Connector (mod_jk) Remote Exploit (exec-shield)

Exploit for linux platform in category remote exploits ============================================================= Apache Tomcat Connector modjk Remote Exploit exec-shield ============================================================= / Fedora Core 5,6 exec-shield based Apache Tomcat Connector...

CVE-2005-4857

CVE-2005-4857 affects eZ publish multiple versions (3.5 before 3.5.7, 3.6 before 3.6.5, 3.7 before 3.7.3, and 3.8 before 20051128). The vulnerability allows remote authenticated users to cause a denial of service by sending a request to content/advancedsearch.php with an empty SearchContentClassI...

CVE-2007-3571

The Apache Web Server as used in Novell NetWare 6.5 and GroupWise allows remote attackers to obtain sensitive information via a certain directive to Apache that causes the HTTP-Header response to be modified, which may reveal the server's internal IP address...