208 matches found
HP Data Protector Arbitrary Remote Command Execution
""" HP Data Protector Arbitrary Remote Command Execution This script allows to execute a command with an arbitrary number of arguments. The trick calls 'perl.exe' interpreter installed with HP Data Protector inside the directory installpath/bin/. The main goal of the script is to bypass the...
IBM SPSS SamplePower c1sizer ActiveX Control Vulnerability
Added: 06/09/2013 CVE: CVE-2012-5946 BID: 59559 OSVDB: 92845 Background SPSS Statistical Package for the Social Sciences is a computer application that provides statistical analysis of data. It allows for in-depth data access and preparation, analytical reporting, graphics and modelling...
IBM SPSS SamplePower c1sizer ActiveX Control Vulnerability
Added: 06/09/2013 CVE: CVE-2012-5946 BID: 59559 OSVDB: 92845 Background SPSS Statistical Package for the Social Sciences is a computer application that provides statistical analysis of data. It allows for in-depth data access and preparation, analytical reporting, graphics and modelling...
Log1 CMS - 'writeInfo()' PHP Code Injection (Metasploit)
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 "Log1 CMS writeInf...
HP Data Protector 6 EXEC_CMD Remote Code Execution
This exploit abuses a vulnerability in the HP Data Protector service. This flaw allows an unauthenticated attacker to take advantage of the EXECCMD command and traverse back to /bin/sh, this allows arbitrary remote code execution under the context of root. This module requires Metasploit:...
Iconics GENESIS32 Integer overflow version 9.21.201.01
Exploit for windows platform in category remote exploits $Id: iconicsgenbroker.rb 13197 2011-07-17 15:01:46Z sinn3r $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information o...
CMS Made Simple <= 1.9.4.1 Arbitrary Remote File Upload
Exploit for php platform in category web applications !/usr/bin/perl sub logo print STDERR Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : 1337day.com 0 1 + Support e-mail : submitat1337day.com 1 0 0 1 1 0 I'm KedAns-Dz member from Inj3ct0r Team 1 1 0...
CMS Made Simple 1.9.4.1 Shell Upload
!/usr/bin/perl sub logo print STDERR Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : 1337day.com 0 1 + Support e-mail : submitat1337day.com 1 0 0 1 1 0 I'm KedAns-Dz member from Inj3ct0r Team 1 1 0...
Comunidades.net SQL Injection / Shell Upload
$ Exploit Title : Comunidades.net Multi Vulnerability $ Date : 29-06-2010 $ Author : MasterGipy $ Email : mastergipy at gmail.com $ Bug : SQL Injection & Arbitrary Remote File Upload $ Site : http://comunidades.net/ $ Google Dork : n/a = Blogs - Comunidades.net = SQL Injection $ Exploit:...
BlackBerry Desktop Manager Intellisync ActiveX Control Arbitrary Remote Code Execution
The version of the Lotus Notes Intellisync component 'lnsresobject.dll' included with the BlackBerry Desktop Software installation on the remote host reportedly contains an unspecified error that can be exploited to execute arbitrary code. If an attacker can trick a user on the affected host into...
CVE-2009-1365
Unspecified vulnerability in Adobe Flash Media Server FMS before 3.0.4 and 3.5.x before 3.5.2, as used in Flash Media Interactive Server and Flash Media Streaming Server, allows remote attackers to execute arbitrary remote procedures within an ActionScript file on the server via RPC requests...
GLSA-200901-01 : NDISwrapper: Arbitrary remote code execution
The remote host is affected by the vulnerability described in GLSA-200901-01 NDISwrapper: Arbitrary remote code execution Anders Kaseorg reported multiple buffer overflows related to long ESSIDs. Impact : A physically proximate attacker could send packets over a wireless network that might lead t...
openfire -- multiple vulnerabilities
Core Security Technologies reports: Multiple cross-site scripting vulnerabilities have been found which may lead to arbitrary remote code execution on the server running the application due to unauthorized upload of Java plugin code...
ThePortal 2.2 Arbitrary Remote File Upload Exploit
No description provided by source. web apps theportal2 v2.2 Auth bypass file upload -------------------- Author: siurek22 -------------------- You need curl to run it -------------------- Code: -------------------- upload.php ?php $file=$POST'url'; $fel=explode"\n", $file; $ile=count$fel;...
ThePortal 2.2 Arbitrary Remote File Upload Exploit
Exploit for unknown platform in category web applications ================================================== ThePortal 2.2 Arbitrary Remote File Upload Exploit ================================================== theportal2 v2.2 Auth bypass file upload -------------------- You need curl to run it...
K&S Shopsysteme Arbitrary Remote File Upload Vulnerability
No description provided by source. Script Name: Shopsysteme new version oscommerce Download: http://www.shopsystem-forum.de/productinfo.php?cPath=22&productsid=43 299 euro : Author: mNt File Upload Bug Google Dork: intext:Powered by K&S Media Concept - Shopsysteme Powered by K&S Media Concept -...
CuteNews aj-fork - path Remote File Inclusion
CuteNews aj-fork - path Remote File Inclusion source: https://www.securityfocus.com/bid/32141/info CuteNews aj-fork is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote file...
CuteNews aj-fork - 'path' Remote File Inclusion
source: https://www.securityfocus.com/bid/32141/info CuteNews aj-fork is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote file containing malicious PHP code and execute it in t...
bcoos 1.0.13 - common.php Remote File Inclusion
bcoos 1.0.13 - common.php Remote File Inclusion source: https://www.securityfocus.com/bid/31929/info The 'bcoos' program is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote fil...
Gentoo Security Advisory GLSA 200711-24 (mozilla-thunderbird mozilla-thunderbird-bin)
The remote host is missing updates announced in advisory GLSA 200711-24. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...