CVE-2017-1000405

A flaw was found in the patches used to fix the 'dirtycow' vulnerability CVE-2016-5195. An attacker, able to run local code, can exploit a race condition in transparent huge pages to modify usually read-only huge pages. Mitigation Disabling the use of zero page: It is possible to prevent the zero...

Linux Kernel ping Denial Of Service

Source: https://raw.githubusercontent.com/danieljiang0415/androidkernelcrashpoc/master/panic.c include include include include static int sockfd = 0; static struct sockaddrin addr = 0; void fuzzvoid param while1 addr.sinfamily = 0;//rand%42; printf"sinfamily1 = %08lx\n", addr.sinfamily;...

Django.views.static.serve url跳转漏洞（CVE-2017-7234）

来源：同程安全应急响应中心 作者：Nearg1e@YSRC 来自 @Phithon 的一个漏洞。 问题出现在：django.views.static.serve函数上。该函数可以用来指定web站点的静态文件目录。如: python urlpatterns = urlr'^admin/', admin.site.urls, urlr'^staticp/?P.$', serve, 'documentroot': os.path.joinsettings.BASEDIR, 'staticpath'...

CVE-2017-5398

Memory safety bugs were reported in Thunderbird 45.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox 52, Firefox ESR 45.8, Thunderbird 52, and Thunderbir...

Microsoft Windows 8.1 (x64) RGNOBJ Integer Overflow

include include include include include include include HANDLE hWorker, hManager; BYTE bits; //dt nt!EPROCESS UniqueProcessID ActiveProcessLinks Token typedef struct DWORD UniqueProcessIdOffset; DWORD TokenOffset; VersionSpecificConfig; VersionSpecificConfig gConfig = 0x2e0, 0x348 ; //win 8.1 voi...

Shutter 0.93.1 - Code Execution

Shutter 0.93.1 - Code Execution Exploit Title: Shutter user-assisted remote code execution Date: 2016-12-26 Software Link: http://shutter-project.org/ Version: 0.93.1 Tested on: Ubuntu, Debian Exploit Author: Prajith P Website: http://prajith.in/ Author Mail: [email protected] CVE: CVE-2016-10081 1...

Nidesoft MP3 Converter 2.6.18 - Local Buffer Overflow (SEH)

Nidesoft MP3 Converter 2.6.18 - Local Buffer Overflow SEH !python Exploit title: MP3 converter v 2.6.18 License code SEH exploit Date: 2016-12-15 Vendor homepage: http://www.nidesoft.com/mp3-converter.html Download: http://www.nidesoft.com/downloads/mp3-converter.exe Tested on: Win7 SP1 Author:...

Discuz! source\function\function_discuzcode.php 存储型xss漏洞

No description provided by source...

KesionIMall存储xss

简要描述： 官方demo: http://imall.kesion.com/ 详细说明： demo 测试。 注册会员。 wooyuntest/123456 提交订单。 在地址出填写xss palyload。如图 然后到会员中心查看买到的商品。 xss触发。 漏洞证明：...

Anchor CMS 0.9.2 Header Injection Vulnerability

Anchor CMS versions 0.9.2 and below suffer from a header injection vulnerability. Anchor CMS = 0.9.2 Current Version header injection in anchor/models/comment.php $headers = 'MIME-Version: 1.0' . "\r\n"; $headers .= 'Content-type: text/html; charset=utf-8' . "\r\n"; $headers .= 'From:...

Solarwinds 10.4.0.10 TFTP DoS

No description provided by source. Exploit Title: Solarwinds TFTP DOS Date: 5-21-2010 Author: Nullthreat Software Link: http://www.solarwinds.com/products/freetools/freetftpserver.aspx Version: 10.4.0.10 Tested on: Windows XP SP3 Code : !/usr/bin/perl SolarWinds TFTP Server 10.4.0.10 Remote DoS...

LightBlog 8.4.1.1 - Remote Code Execution Exploit

No description provided by source. !/usr/bin/php -q -d shortopentag=on ? echo LightBlog 8.4.1.1 Remote Code Execution Exploit by BlackHawk [email protected] http://itablackhawk.altervista.org Thanks to rgod for the php code and Marty for the Love ; if $argc3 echo Usage: php .$argv0. Host Path...

N`CMS 1.1E Pre-Auth Local File Inclusion Remote Code Exploit

No description provided by source. !/usr/bin/python INFORMATION Exploit Title: NCMS 1.1E Pre-Auth Local File Inclusion Remote Code Exploit Date: 11/3/2011 Software link: http://bit.ly/eJAyw5 Tested on: Linux bt Version: 1.1E PHP.ini Settings: gpcmagicquotes = Off Note: The web application was luc...

QuickTalk 1.2 - Multiple Vulnerabilities (Source Code Disclosure)

No description provided by source...

phpBB <= 2.0.15 Register Multiple Users Denial of Service (c code)

No description provided by source...

Computer Associates Products Message Engine RPC Server Multiple Buffer Overflow Vulnerabilities (2)

No description provided by source. source: http://www.securityfocus.com/bid/20365/info Multiple Computer Associates products are prone to multiple buffer-overflow vulnerabilities because the applications using an affected library fail to properly bounds-check user-supplied input before copying it...

SAMEDIA LandShop 0.6.3 ls.php Multiple Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/15709/info Landshop is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitatio...

YepYep MTFTPD 0.2/0.3 - Remote CWD Argument Format String Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/12947/info mtftpd is reported prone to a remote format string vulnerability. Reports indicate that this issue may be exploited by a remote authenticated attacker to execute arbitrary code in the context of the vulnerable...

JForum Cross Site Request Forgery

Version : All Vulnerability : Cross-site request forgery Problem type : remote CVE ID : CVE-2013-7209 Jforum Admin module, modify user permissions module exists crsf Vulnerability,use the following code into jforum forum posts, as long as this administrators is opened this post, the permissions o...

phpcms post_click injection 0day exploit code-exploit warning-the black bar safety net

Someone released a phpcmsv9 of 0day,feel free to write one using the code,wherein the injected code has two forms: 问题 函数 \phpcms\modules\poster\index.php public function posterclick $id = isset$GET'id' ? intval$GET'id' : 0; $r = $this-db-getonearray'id'=$id; if ! isarray$r && empty$r return false...