mxBB Module FAQ & RULES 2.0.0 - Remote File Inclusion Exploit

No description provided by source. !/usr/bin/php -q -d shortopentag=on ? print ' mxBB Module MX Faq & Rules = 2.0.0 faq.php Remote File Include Exploit Vendor: http://www.mx-system.com/modules/mxpafiledb/dload.php?action=download&fileid=371 Bug found and Exploit by bd0rk from SOH-Crew Website1:...

iBill Management Script Weak Hard-Coded Password Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/3476/info iBill is an Internet billing company that provides secure payment processing for e-commerce. A vulnerability exists in iBill's CGI password management script called ibillpm.pl. The default password is the client...

FileZilla 2.2.15 FTP Client Hard-Coded Cipher Key Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/14730/info FileZilla FTP client may allow local attackers to obtain user passwords and access remote servers. The application uses a hard-coded cipher key to decrypt the password, which is stored in an XML file or the...

Siemens Simatic S7-300 PLC Remote Memory Viewer

No description provided by source. Exploit Title: Siemens Simatic S7 300 Remote Memory Viewer Backdoor Date: 7-13-2012 Exploit Author: Dillon Beresford Vendor Homepage: http://www.siemens.com/ Tested on: Siemens Simatic S7-1200 PLC CVE : None require 'msf/core' class Metasploit3 Msf::Auxiliary...

TP-Link IP Cameras Firmware 1.6.18P12 - Multiple Vulnerabilities

No description provided by source. Core Security - Corelabs Advisory http://corelabs.coresecurity.com TP-Link IP Cameras Multiple Vulnerabilities 1. Advisory Information Title: TP-Link IP Cameras Multiple Vulnerabilities Advisory ID: CORE-2013-0318 Advisory URL:...

Cisco IOS 12.3(18) FTP Server - Remote Exploit (attached to gdb)

No description provided by source. / Cisco IOS FTP server remote exploit by Andy Davis 2008 Cisco Advisory ID: cisco-sa-20070509-iosftp - May 2007 Specific hard-coded addresses for IOS 12.318 on a 2621XM router Removes the requirement to authenticate and escalates to level 15 To protect the...

Centrinity FirstClass 5.50/5.77/7.0/7.1 - HTTP Server Long Version Field Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8793/info A problem has been reported in the handling of overly long HTTP version string data by Centrinity FirstClass. Because of this, it may be possible for an attacker deny service to legitimate users of a vulnerable...

MailEnable 1.8 - Remote Format String Denial of Service Exploit

No description provided by source. See-security Technologies ltd. http://www.see-security.com MailEnable 1.8 Format String DoS exploit Discovered by Mati Aharoni Coded by tal zeltzer import sys import time import socket def PrintLogo: print...

CFME: Default salt value in miq-password.rb

lib/util/miq-password.rb in Red Hat CloudForms 3.0 Management Engine CFME before 5.2.4.2 uses a hard-coded salt, which makes it easier for remote attackers to guess passwords via a brute force attack...

[Onapsis Security Advisories] Multiple Hard-coded Usernames in SAP Components

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Onapsis Security Advisories:Multiple Hard-coded Usernames CWE-798 have been found and patched in a variety of SAP components. Summaries of the advisories with links to full versions follow: 1. ONAPSIS-2014-011-SAP Project System Structures and...

Morpho Itemiser 3 Hard-Coded Credential

OVERVIEW Independent researchers Billy Rios and Terry McCorkle have identified hard-coded credentials in the Morpho Itemiser 3. Morpho has not produced a patch, update, or new version that mitigates this vulnerability. This vulnerability could be exploited remotely. AFFECTED PRODUCTS The followin...

PT-2014-16: Privilege Gaining in Siemens SIMATIC WinCC

The specialists of the Positive Research center have detected a Privilege Gaining vulnerability in SIMATIC WinCC. A hard coded encryption key could allow privilege escalation in the WinCC Project administration application if its network communication on port 1030/tcp of a legitimate user can be...

ZyXEL Wireless N300 NetUSB Router NBG-419N devices contain multiple vulnerabilities

Overview ZyXEL Wireless N300 NetUSB Router NBG-419N running firmware version 1.00BFQ.6C0, and possibly earlier versions, is susceptible to multiple vulnerabilities. Other device models that use similar firmware may also be vulnerable. Description ZyXEL Wireless N300 NetUSB Router NBG-419N running...

Jenkins HP Application Automation Tools Plugin Password Encryption Security Weakness

The remote host is using the Jenkins HP Application Automation tools plugin. Nessus was able to remotely access one or more unprotected files in the Jenkins build system and decrypt the HP Application Lifecycle Management password. These passwords are currently encrypted with a known, hard-coded...

OpenCart 1.5.6.1 SQL Injection

Exploit Title : OpenCart log'getEbayItemId - Product ID: '.$productid; $qry = $this-db-query"SELECT ebayitemid FROM " . DBPREFIX . "ebaylisting WHERE productid = '".$productid."' AND status = '1' LIMIT 1"; .............. Function is called on many locations and paramter is passed without santize...

GNUPanel 0.3.5_R4 - Multiple Vulnerabilities

GNUPanel 0.3.5R4 - Multiple Vulnerabilities Exploit Title :GNUpanel 0.3.5R4 - Multiple Vulnerabilities Vendor Homepage :http://wp.geeklab.com.ar/gl-en/gnupanel/ GNUPanel Version :0.3.5R4 Server :Centos 6.4 Exploit Author :Necmettin COSKUN =@babayarisi Blog :http://www.ncoskun.com...

GNUpanel 0.3.5_R4 Cross Site Request Forgery / Cross Site Scripting

Exploit Title :GNUpanel 0.3.5R4 - Multiple Vulnerabilities Vendor Homepage :http://wp.geeklab.com.ar/gl-en/gnupanel/ GNUPanel Version :0.3.5R4 Server :Centos 6.4 Exploit Author :Necmettin COSKUN =@babayarisi Blog :http://www.ncoskun.com http://www.grisapka.org Discovery date :03/11/2014 CVE :N/A...

NETGEAR Hard-coded Telnet Unlock Credentials

The remote NETGEAR device has a hard-coded set of credentials that can be sent in a specially encoded packet in order to unlock the telnet service and allow remote logins as the root user. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid72831; scriptversion"1.6";...

ZTE ZXV10 W300 Wireless Router Hard-coded Password

Nessus was able to login to the remote device using a known hard-coded password prepended with a portion of the device's MAC address obtained from an SNMP request for the admin account. Attackers can exploit this vulnerability to gain full control of the device. TRUSTED...

Synology DiskStation Manager VPN module hard-coded password vulnerability

Overview Synology DiskStation Manager VPN module contains a hard-coded password which cannot be changed. Description Synology DiskStation Manager 4.3-3810 update 1 and possibly earlier versions contain a VPN server module which contains a hard-coded password which cannot be changed. According to...