CVE-2010-3711

libpurple in Pidgin before 2.7.4 does not properly validate the return value of the purplebase64decode function, which allows remote authenticated users to cause a denial of service NULL pointer dereference and application crash via a crafted message, related to the plugins for MSN, MySpaceIM,...

php168 5.0 job.php 信息泄漏漏洞

漏洞分析 看job.php 92行 elseif$job=="download" $rsdb=$db-getone"SELECT FROM $prearticle WHERE aid='$id'"; $fidDB=$db-getone"SELECT FROM $presort WHERE fid='$rsdbfid'"; if$fidDBadmin&&$lfjid $detail=explode",",$fidDBadmin; if inarray$lfjid,$detail $webadmin=1;...

Wordpress Plugin WP-Syntax <= 0.9.1 Remote Command Execution

No description provided by source. ====================================================================== Wordpress plugin WP-Syntax = 0.9.1 Remote Code Execution ====================================================================== This vulnerability was originally discovered by Raz0r on...

WordPress WP-Syntax 0.9.1 Command Execution

====================================================================== Wordpress plugin WP-Syntax $functions if isnull$functions continue; foreach$functions as $function $string = calluserfuncarray$function, array$string; return $string; ... Global variable testfilter is not defined, so...

Wordpress 2.7.0 admin remote code execution vulnerability-vulnerability warning-the black bar safety net

by Ryatpuretot mail: puretot at gmail dot com team: http://www.80vul.com date: 2008-12-18 Analysis: This vulnerability out in the background: wp-admin/post.php if currentusercan'editpost', $postID if $last = wpcheckpostlock $post-ID $lastuser = getuserdata $last ; $lastusername = $lastuser ?...

FREEze Greetings 1.0 - Remote Password Retrieve

\r\n\r\n", $argv0 and exit; $out = pregmatch'!^^ +$!sei', filegetcontents$argv1 . '/pwd.txt', $r && pregmatch'!^^||+||!sei', base64decode$r1, $pass ? sprintf"Password : %s", base64decode$pass1 : 'Exploitation failed'; printf" %s \r\n\r\n", $out; ? milw0rm.com 2008-11-17...

phpScheduleIt 1.2.10 - reserve.php Remote Code Execution

phpScheduleIt 1.2.10 - reserve.php Remote Code Execution settitletranslate"Processing $Class"; 53. $t-printHTMLHeader; 54. $t-startMain; 55. 56. processreservation$POST'fn'; 57. 58. else 59. $resinfo = getResInfo; 60. $t-settitle$resinfo'title'; 61. $t-printHTMLHeader; 62. $t-startMain; 63...

smartpub-exec.txt

Smart Publisher 1.0.1 disp.php Remote Code Execution Exploit Script : http://sourceforge.net/projects/smart-publisher/ Vuln Code In '/admin/op/disp.php'In Line '3' eval"$v=".base64decode$filedata.";"; - Vuln POC : /admin/op/disp.php?filedata=cGhwaW5mbygp = phpinfo Base64...

Smart Publisher 1.0.1 - 'filedata' Remote Code Execution

Smart Publisher 1.0.1 disp.php Remote Code Execution Exploit Script : http://sourceforge.net/projects/smart-publisher/ Vuln Code In '/admin/op/disp.php'In Line '3'...

Smart Publisher 1.0.1 - filedata Remote Code Execution

Smart Publisher 1.0.1 - filedata Remote Code Execution Smart Publisher 1.0.1 disp.php Remote Code Execution Exploit Script : http://sourceforge.net/projects/smart-publisher/ Vuln Code In '/adm...

revokebb-sql.txt

!/usr/bin/php -q -d shortopentag=on Thanks to rgod for the php code and Marty for the Love ------------------------------------------------------------- "; if $argc 126 $result.=" ."; else $result.=" ".$string$i; if strlendechexord$string$i==2 $exa.=" ".dechexord$string$i; else $exa.="...

RevokeBB Blind SQL Injection / Hash Extractor

!/usr/bin/php -q -d shortopentag=on ? echo " ------------------------------------------------------------- RevokeBB = 1.0 RC4 Blind SQL Injection / Hash Retrieve Exploit Site: http://www.revokesoft.net by BlackHawk [email protected] http://itablackhawk.altervista.org Thanks to rgod for the php...

RevokeBB <= 1.0 RC4 Blind SQL Injection / Hash Retrieve Exploit

Exploit for unknown platform in category web applications =============================================================== RevokeBB 126 $result.=" ."; else $result.=" ".$string$i; if strlendechexord$string$i==2 $exa.=" ".dechexord$string$i; else $exa.=" 0".dechexord$string$i; $cont++;if $cont==15...

CVE-2007-2171

Summary: CVE-2007-2171 is a stack-based overflow in the base64_decode function of Novell GroupWise WebAccess, specifically in GWINTER.exe, exploited via overly long Base64 content in an HTTP Basic Authentication request. Affected product/component: Novell GroupWise WebAccess (GWINTER.exe) prior t...

Novell Groupwise WebAccess GWINTER.EXE远程缓冲区溢出漏洞

Novell GroupWise是Novell基于WEB的应用服务程序。 Novell Groupwise WebAccess处理HTTP请求存在缓冲区溢出，远程攻击者可以利用漏洞以应用程序权限执行任意指令。 问题存在于监听TCP 7205和7211的GWINTER.exe进程中，在处理HTTP BASIC验证请求时，拷贝用户提供的BASE64数据到固定大小的堆栈缓冲区，发送至少336字节会由于调用有漏洞的base64decode调用而造成基于堆栈的缓冲区溢出，可以应用程序权限执行任意指令。 Novell Groupwise 7.0 Novell Groupwise 7.0.0 SP1...

PHP-Update &lt;= 2.7 (admin/uploads.php) Remote Code Execution Exploit

No description provided by source. !/usr/bin/perl rgod u fucking little piece of shit faggot. way to ruin a private exploit, scumbag use strict; use IO::Socket; use MIME::Base64; use Getopt::Std; my $app = "PHP-Update 2.7"; my $type = "Remote Code Execution"; my $author = "undefined1"; my $date =...