ASPThai.Net Guestbook <= 5.5 (Auth Bypass) SQL Injection Exploit

Exploit for unknown platform in category web applications ================================================================ ASPThai.Net Guestbook new or die; $cookiejar = HTTP::Cookies-new; $xpl-agent'g00ns'; $xpl-cookiejar$cookiejar; $res = $xpl-post $Server.'checkuser.asp', Content = 'txtUserNam...

CyberShop Ultimate E-commerce Script Cross Site Scripting

CyberShop Ultimate E-commerce Script Cross Site Scripting Hi all B3g0kathackermail.com Patriotic Hackers!!! http://www.patriotichack.org Special Thanx All Kurdish Hackers ----------------------------------- CyberShop Ultimate E-commerce Script Cross Site Scripting...

Xmame 0.102 (-lang) Local Buffer Overflow Exploit (c code)

Exploit for linux platform in category local exploits ========================================================== Xmame 0.102 -lang Local Buffer Overflow Exploit c code ========================================================== / Xmame 0.102 -lang Local Buffer Overflow Exploit Coded BY Qnix...

Microsoft IIS - HTTP Request Denial of Service (1)

/ Microsoft IIS 5.1 Remote D.o.S Exploit by Kozan Application: Microsoft IIS Internet Information Server Vendor: Microsoft - http://www.microsoft.com/ Discovered by: Inge Henriksen Exploit Coded by: Kozan Credits to ATmaCA, Inge Henriksen Web: www.spyinstructors.com Mail: [email protected]...

CVE-2005-3803

Cisco IP Phone 7920 (VoIP) 1.0(8) is affected by hard-coded public and private SNMP community strings that cannot be changed, enabling potential remote information disclosure. The issue is documented across NVD/Nessus and Cisco advisories, with a vendor alert suggesting that fixed SNMP communitie...

CVE-2005-3803

Cisco IP Phone VoIP 7920 1.08 contains certain hard-coded "fixed" public and private SNMP community strings that cannot be changed, which allows remote attackers to obtain sensitive information...

CVE-2005-3719

Hitachi IP5000 VOIP WIFI Phone 1.5.6 has a hard-coded administrator password of "0000", which allows attackers with physical access to obtain sensitive information and modify the phone's configuration...

CVE-2005-3716

The SNMP daemon in UTStarcom F1000 VOIP WIFI Phone s2.0 running VxWorks 5.5.1 with kernel WIND 2.6 has hard-coded public credentials that cannot be changed, which allows attackers to obtain sensitive information...

CVE-2005-3716

The SNMP daemon in UTStarcom F1000 VOIP WIFI Phone s2.0 running VxWorks 5.5.1 with kernel WIND 2.6 has hard-coded public credentials that cannot be changed, which allows attackers to obtain sensitive information...

CVE-2005-3716

CVE-2005-3716 affects UTStarcom F1000 VOIP WIFI Phone (s2.0, VxWorks 5.5.1, WIND 2.6). The SNMP daemon uses hard-coded public credentials that cannot be changed, enabling attackers to obtain sensitive information. No exploit details are provided in the documents, and the impact is reported as par...

CVE-2005-3719

Hitachi IP5000 VOIP WIFI Phone 1.5.6 has a hard-coded administrator password of "0000", which allows attackers with physical access to obtain sensitive information and modify the phone's configuration...

CVE-2005-3719

CVE-2005-3719 affects Hitachi IP5000 VOIP/WiFi Phone (firmware ~1.5.6). The issue stems from a hard-coded administrator password of “0000” that, combined with local access, allows an attacker to view sensitive information and modify configuration. Related documentation in JVNDB notes multiple vul...

FileZilla 2.2.15 - FTP Client Hard-Coded Cipher Key

// source: https://www.securityfocus.com/bid/14730/info FileZilla FTP client may allow local attackers to obtain user passwords and access remote servers. The application uses a hard-coded cipher key to decrypt the password, which is stored in an XML file or the Windows Registry. This can allow t...

FileZilla 2.2.15 - FTP Client Hard-Coded Cipher Key

FileZilla 2.2.15 - FTP Client Hard-Coded Cipher Key // source: https://www.securityfocus.com/bid/14730/info FileZilla FTP client may allow local attackers to obtain user passwords and access remote servers. The application uses a hard-coded cipher key to decrypt the password, which is stored in a...

VERITAS Backup Exec uses hard-coded authentication credentials

Overview The VERITAS Backup Exec Remote Agent uses hard-coded authentication credentials. An attacker with knowledge of these credentials could access arbitrary files on a vulnerable system. Description VERITAS Backup Exec Remote Agent is a data backup and recovery solution with support for...

CVE-2005-2026

Enterasys Vertical Horizon VH-2402S before firmware 2.05.05.09 has a hard-coded account and password for debugging, which allows remote attackers to gain privileges...

CVE-2005-2026

The CVE-2005-2026 entry concerns Enterasys Vertical Horizon VH-2402S. A firmware issue (before 2.05.05.09) exposes a hard-coded account and password used for debugging, enabling remote attackers to gain privileges. The available connected documents confirm the product and version range and the ro...

CVE-2005-2026

Enterasys Vertical Horizon VH-2402S before firmware 2.05.05.09 has a hard-coded account and password for debugging, which allows remote attackers to gain privileges...

Ultimate PHP Board 1.9.6 GOLD - users.dat Password Decryptor

Ultimate PHP Board 1.9.6 GOLD - users.dat Password Decryptor !/usr/bin/perl Passwords Decrypter for UPB $optf" || die "- Unable to open $optf: $!"; print RESULTS "Results for $opth\n","="x40,"\n\n"; for$in=0;$in/ && print RESULTS "Username: $1\n"; $page$in=m/...

CVE-2005-1867

Symantec Brightmail AntiSpam before 6.0.2 has a hard-coded database administrator password, which allows remote attackers to gain privileges...