PCMAN FTP Server 2.0.7 DELETE Buffer Overflow

from ftplib import FTP print ''' Created: ScrR1pTK1dd13 Name: Greg Priest Mail: [email protected] Exploit Title: PCmanftpddeletecommandremotecodeexploitWin7x64HUNENG Date: 2016.10.31 Exploit Author: Greg Priest Version: Pcmanftpd 2.0.7 Tested on: Windows 7 Enterprise x64 HUN/ENG '''...

WordPress CodeCanyon Real3D FlipBook 2.18.8 File Deletion / Upload / XSS

1 Unauthenticated file/directory deletion Vulnerability exists in a file 'includes/process.php' where the user input eventually goes to PHP unlink or rmdir functions. We can give any file path or directory here. We can even delete the whole wordpress site. In my POC exploit, I'm just deleting the...

Upgrade to version 3.2.2 of apache commons-collections

quote This v3.2.2 release is a bugfix release, fixing several bugs present in the previous releases of the 3.2 branch. Additionally, this release provides a mitigation for a known remote code exploitation via the standard java object serialization mechanism. By default, serialization support for...

Upgrade to version 3.2.2 of apache commons-collections

quote This v3.2.2 release is a bugfix release, fixing several bugs present in the previous releases of the 3.2 branch. Additionally, this release provides a mitigation for a known remote code exploitation via the standard java object serialization mechanism. By default, serialization support for...

Upgrade to version 3.2.2 of apache commons-collections

quote This v3.2.2 release is a bugfix release, fixing several bugs present in the previous releases of the 3.2 branch. Additionally, this release provides a mitigation for a known remote code exploitation via the standard java object serialization mechanism. By default, serialization support for...

Upgrade to version 3.2.2 of apache commons-collections

quote This v3.2.2 release is a bugfix release, fixing several bugs present in the previous releases of the 3.2 branch. Additionally, this release provides a mitigation for a known remote code exploitation via the standard java object serialization mechanism. By default, serialization support for...

USBDriveby Device Can Install Backdoor, Override DNS Settings in Seconds

Samy Kamkar has a special talent for turning seemingly innocuous things into rather terrifying attack tools. First it was an inexpensive drone that Kamkar turned into a flying hacking platform with his Skyjack research, and now it’s a $20 USB microcontroller that Kamkar has loaded with code that...

Miscellaneous memory safety hazards (rv:7.0 / rv:1.9.2.23) — Mozilla

Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be...

Adobe Flash Player ActionScript DoABC Tag Integer Overflow (APSB11-12; CVE-2011-0618)

The Adobe Flash Player is a multimedia and application player that renders Shockwave Flash SWF files. A memory corruption vulnerability has been reported in Adobe Flash Player. The vulnerability is due to an integer overflow in the Adobe Flash Player when parsing specially crafted SWF files. A...

Adobe Shockwave Director PAMI Chunk Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Shockwave. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the code...

InTerra Blog Machine 1.70 Shell

====================================== InTerra Blog Machine Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 0 -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-1 + Discovered By : Inj3ct0r + Site : Inj3ct0r.com + support e-mail :...

libwmf -- embedded GD library Use-After-Free vulnerability

Secunia reports: A vulnerability has been reported in libwmf, which can be exploited by malicious people to cause a DoS Denial of Service or compromise an application using the library. The vulnerability is caused due to a use-after-free error within the embedded GD library, which can be exploite...

DDIVRT-2007-05 NetSupport Manager Client Buffer Overflow

Title ----- NetSupport Manager Client Buffer Overflow Severity -------- Medium Date Discovered --------------- 9/4/2007 Discovered By ------------- Digital Defense, Inc. Vulnerability Research Team Credit Given To: sxkeebler and r@b13$ http://www.digitaldefense.net/ Vulnerability Description...

X-Lite Missing Content-Type DOS PoC

No description provided by source. /main.cpp/ include stdio.h include string using namespace std; ifdef WIN32 include winsock2.h pragma commentlib, "ws232.lib" define close closesocket define writea,b,c senda, b, c, 0 define writetoa,b,c,d,e sendtoa, b, c, 0, d, e define reada,b,c recva, b, c, 0...

Campsite 2.6.1 - user.php?g_documentRoot Remote File Inclusion

Campsite 2.6.1 - user.php?gdocumentRoot Remote File Inclusion source: https://www.securityfocus.com/bid/23874/info Campsite is prone to multiple remote file-include vulnerabilities. Exploiting this issue allows remote attackers to execute code in the context of the webserver. This issue affects...

Links Management Application 1.0 - lcnt SQL Injection

Links Management Application 1.0 - lcnt SQL Injection !/usr/bin/perl Script Name: Links Management Application V1.0 lcnt Remote BLIND SQL Injection Exploit Coded by : ajann Author : ajann Contact : : S.Page : http://www.monitor-line.com $$ : $34.99 .. : ajann,Turkey use IO::Socket; if@ARGV : ";...

PHP Labs - .proFile File URI Cross-Site Scripting

PHP Labs - .proFile File URI Cross-Site Scripting source: https://www.securityfocus.com/bid/13282/info PHP Labs proFile is prone to a cross-site scripting vulnerability. As a result, attackers may embed hostile HTML and script code in a malicious link to the affected application. If the link is...

ImageMagick: Filename handling vulnerability

Background ImageMagick is a collection of tools and libraries for manipulating a wide variety of image formats. Description Tavis Ormandy of the Gentoo Linux Security Audit Team has identified a flaw in the handling of filenames by the ImageMagick utilities. Impact Successful exploitation may...

osCommerce 2.2 - Contact_us.php Cross-Site Scripting

osCommerce 2.2 - Contactus.php Cross-Site Scripting source: https://www.securityfocus.com/bid/12568/info A vulnerability is reported to exist in osCommerce that may allow a remote user to launch cross-site scripting attacks. This issue could permit a remote attacker to create a malicious URI link...

BitchX 1.0c19 - Local Privilege Escalation

// BitchX local-root by Sha0 version 1.0c19 e inferiores -todas- // este exploit se lo dedico a mi chica. // 0xC0000000-4-strlenargv1-1-strlenbuffer // 2052 to the ret include include include include char payload69; char sha0code = "\xeb\x16\x5b\x31\xc0" "\x50\x53\xb0\x0b\x89"...