Internet Explorer 8-11, IIS, CScript.exe/WScript.exe VBScript - CRegExp..Execute Use of Uninitialize

A specially crafted script can cause the VBScript engine to access data before initializing it. An attacker that is able to run such a script in any application that embeds the VBScript engine may be able to control execution flow and execute arbitrary code. This includes all versions of Microsof...

Microsoft Internet Explorer 8/9/10/11 / IIS / CScript.exe/WScript.exe VBScript - CRegExp..Execute Use of Uninitialized Memory (MS14-080/MS14-084)

!-- Source: http://blog.skylined.nl/20161107001.html Synopsis A specially crafted script can cause the VBScript engine to access data before initializing it. An attacker that is able to run such a script in any application that embeds the VBScript engine may be able to control execution flow and...

Rejetto HTTP File Server 2.3.x Remote Code Execution

!/usr/bin/python Exploit Title: HttpFileServer 2.3.x Remote Command Execution Google Dork: intext:"httpfileserver 2.3" Date: 04-01-2016 Remote: Yes Exploit Author: Avinash Kumar Thapa aka "-Acid" Vendor Homepage: http://rejetto.com/ Software Link: http://sourceforge.net/projects/hfs/ Version: 2.3...

Find Windows Admin Tools over WMI if IIS installed (win)

If IIS installed, find Windows Admin Tools over WMI: arp.exe, at.exe, atsvc.exe, cacls.exe, cmd.exe, cscript.exe, debug.exe, edit.com, edlin.exe, ftp.exe, finger.exe, ipconfig.exe, net.exe, netsh.exe, netstat.exe, nslookup.exe, ping.exe, poledit.exe, posix.exe, qbasic.exe, rcp.exe, rdisk.exe,...