5988 matches found
Xcode OpenBase <= 9.1.5 (root file create) Local Root Exploit (OSX)
No description provided by source. !/usr/bin/perl http://www.digitalmunition.com written by kf kflistsatdigitalmunitiondotcom http://docs.info.apple.com/article.html?artnum=61798 This won't help ftp://www.openbase.com/pub/OpenBase10.0 This will Create a new file anywhere on the filesystem with...
Xcode OpenBase 9.1.5 (OSX) - Root File Create Privilege Escalation
Xcode OpenBase 9.1.5 OSX - Root File Create Privilege Escalation !/usr/bin/perl http://www.digitalmunition.com written by kf kflistsatdigitalmunitiondotcom http://docs.info.apple.com/article.html?artnum=61798 This won't help ftp://www.openbase.com/pub/OpenBase10.0 This will Create a new file...
Hastymail 1.x - IMAP SMTP Command Injection
Hastymail 1.x - IMAP SMTP Command Injection source: https://www.securityfocus.com/bid/20424/info Hastymail is prone to an IMAP / SMTP command-injection vulnerability because it fails to sufficiently sanitize user-supplied input. An authenticated malicious user could execute arbitrary IMAP / SMTP...
Hastymail 1.x - IMAP SMTP Command Injection
source: https://www.securityfocus.com/bid/20424/info Hastymail is prone to an IMAP / SMTP command-injection vulnerability because it fails to sufficiently sanitize user-supplied input. An authenticated malicious user could execute arbitrary IMAP / SMTP commands on the affected mail server...
Blog Pixel Motion 2.1.1 PHP Code Execution / Create Admin Exploit
No description provided by source. !/usr/bin/perl Affected.scr..: Blog Pixel Motion V2.1.1 Poc.ID........: 12060927 Type..........: PHP Code Execution stripslashes, SQL Injection urldecode Risk.level....: High Vendor.Status.: Unpatched Src.download..: www.pixelmotion.org/zip/blog2.1.zip...
Blog Pixel Motion 2.1.1 - PHP Code Execution Create Admin
Blog Pixel Motion 2.1.1 - PHP Code Execution Create Admin !/usr/bin/perl Affected.scr..: Blog Pixel Motion V2.1.1 Poc.ID........: 12060927 Type..........: PHP Code Execution stripslashes, SQL Injection urldecode Risk.level....: High Vendor.Status.: Unpatched Src.download..:...
Blog Pixel Motion 2.1.1 - PHP Code Execution / Create Admin
!/usr/bin/perl Affected.scr..: Blog Pixel Motion V2.1.1 Poc.ID........: 12060927 Type..........: PHP Code Execution stripslashes, SQL Injection urldecode Risk.level....: High Vendor.Status.: Unpatched Src.download..: www.pixelmotion.org/zip/blog2.1.zip Poc.link......:...
CVE-2006-4360
Cross-site scripting XSS vulnerability in E-commerce 4.7 for Drupal before file.module 1.37.2.4 20060812 allows remote authenticated users with the "create products" permission to inject arbitrary web script or HTML via unspecified vectors...
E-commerce Cross site scripting vulnerability
It is possible for a malicious user with the 'create products' permission to insert and execute XSS Cross Site Scripting, due to lack of validation on output. This may lead to administrator access if certain conditions are met. Learn more about XSS on Wikipedia. The create products permission is...
CVE-2006-3859
IBM Informix Dynamic Server IDS allows remote authenticated users to create and overwrite arbitrary files via the 1 LOTOFILE and 2 trltracefileset functions, and the 3 "SET DEBUG FILE" commands...
Oracle 10g - Alter Session Integer Overflow
Oracle 10g - Alter Session Integer Overflow source: https://www.securityfocus.com/bid/19201/info Oracle 10g is reportedly prone to a integer-overflow vulnerability because the application fails to allocate a large enough data type to accommodate user-supplied input before using it in a query. Thi...
CVE-2006-3764
Till Gerken phpPolls 1.0.3 allows remote attackers to create a new poll via a direct request to phpPollAdmin.php3 with the pollaction parameter set to create...
MyBulletinBoard (MyBB) 1.1.5 - 'CLIENT-IP' SQL Injection
!/usr/bin/php -q -d shortopentag=on ? echo "MyBulletinBoard MyBB = 1.1.5 'CLIENT-IP' SQL injection / create new admin exploit\n"; echo "by rgod [email protected]\n"; echo "site: http://retrogod.altervista.org\n"; echo "dork, version specific: "Powered By MyBB" "2006 MyBB Group"\n\n"; / works...
phpPolls 1.0.3 Administration ByPass
SOFTWARE: ========= phpPolls 1.0.3 DESCRIPTION: ============ dork: phpPolls view.php3 add to last path phpPollAdmin.php3?pollaction=create create a new poll Credits:AlpEren and tugr@ Site: http://www.ayyildiz.org http://www.ayyildiz-team.org Special thanx to...
WinGate IMAP Server Directory Traversal Vulnerabilities
The remote host appears to be running WinGate, a Windows application for managing and securing Internet access. The version of WinGate installed on the remote host fails to remove directory traversal sequences from the 'CREATE', 'SELECT', 'DELETE', 'RENAME', 'COPY', 'APPEND', and 'LIST' commands...
DeluxeBB <= 1.07 (cp.php) Create Admin Exploit
No description provided by source. !/usr/bin/perl DeluxeBB = 1.07 Create Admin Exploit www.h4ckerz.com / www.hackerz.ir / www.aria-security.net ./2006-6-25 Coded & Discovered By Hessam-x / Hessamx-at-Hessamx.net use IO::Socket; use LWP::UserAgent; use HTTP::Cookies; $host = $ARGV0; $uname = $ARGV...
MyBulletinBoard (MyBB) 1.1.3 - usercp.php Create Admin
MyBulletinBoard MyBB 1.1.3 - usercp.php Create Admin !/usr/bin/perl MyBulletinBoard MyBB new or die; $cookiejar = HTTP::Cookies-new; $xpl-cookiejar $cookiejar ; $res = $xpl-post$url.'member.php', Content = "action" = "dologin", "username" = "$uname", "password" = "$passwd", "submit" = "Login", ,;...
MyBulletinBoard (MyBB) 1.1.3 - 'usercp.php' Create Admin
!/usr/bin/perl MyBulletinBoard MyBB new or die; $cookiejar = HTTP::Cookies-new; $xpl-cookiejar $cookiejar ; $res = $xpl-post$url.'member.php', Content = "action" = "dologin", "username" = "$uname", "password" = "$passwd", "submit" = "Login", ,; if$cookiejar-asstring = /mybbuser=.?;/ print...
DeluxeBB 1.07 - Remote Create Admin
!/usr/bin/perl DeluxeBB new or die; $cookiejar = HTTP::Cookies-new; $xpl-cookiejar $cookiejar ; $res = $xpl-post$url.'misc.php', Content = "sub" = "login", "name" = "$uname", "password" = "$passwd", "submit" = "Log-in", "redirect" = "", "expiry" = "990090909", ,; if$cookiejar-asstring =...
CVE-2006-2660
Buffer consumption vulnerability in the tempnam function in PHP 5.1.4 and 4.x before 4.4.3 allows local users to bypass restrictions and create PHP files with fixed names in other directories via a pathname argument longer than MAXPATHLEN, which prevents a unique string from being appended to the...