Exploit for OS Command Injection in Atom Electron

CVE-2018-1000006-DEMO The Demo for CVE-2018-1000006 Analysis Electron v1.8.2-beta.4 远程命令执行漏洞—【CVE-2018-1000006】 POC 可以直接使用 elecrce\elecrce-win32-x64\elecrce.exe 也可以自己打包成exe应用,生成有漏洞的版本应用，以版本1.7.8为例： electron-packager ./test elecrce --win --out ./elecrce --arch=x64 --version=0.0.1...

Exploit for Use After Free in Debian Debian_Linux

CVE-2016-9079 A demo exploit of CVE-2016-907...

万户OA /UploadServlet 任意文件上传漏洞

任意文件上传 url: /UploadServlet 最后上传的文件路径就是: uploadFolder/path/fileId.substring0, 6/fileId，path和fileId两个参数可控，所以可以上传任意文件了 官方demo演示:...

kppw最新版任意用户登录

简要描述： 只需要用户名和用户id即可实现任意用户登录 详细说明： 问题出在 lib/inc/kekecoreclass.php function inituser 第981行 elseif $COOKIE 'kekeautologin' $loginInfo = unserialize $COOKIE 'kekeautologin' ; $pwdInfo = explode '|', base64decode $loginInfo 2 ; $uInfo = kekezu::gettabledata '', 'witkeyspace', " username='$pwdInfo2' an...

Ypninc Realty Classifieds Cross Site Scripting

Author: Andrea Bocchetti Homepage : http://www.geekit.it Software Info Name : Ypninc Realty Classifieds Vendor : http://fsbo.ypninc.com/ x Xss local news local news field is potentially exploitable XSS Demo exploit : http://fsbo.ypninc.com/localnews.php Author: Andrea Bocchetti Homepage :...

Spaceacre - SQL Injection Cross-Site Scripting HTML Injection

Spaceacre - SQL Injection Cross-Site Scripting HTML Injection ========================================================= Spaceacre SQL/XSS/HTML Injection Vulnerabilities ========================================================= Name: Spaceacre SQL/XSS/HTML Injection Vulnerabilities Vendor:...

Joomla Facile Forms Cross Site Scripting

Joomla Component comfacileforms Cross Site Scripting Vulnerabilities Author : Pyske Greetz : Fl0riX , M-K-A , F0RTS3V3N , 3KB3R ,system-Hacker ,HeroTurK ,fireofdevil and ALL Cyber-Warrior Name : comfacileforms Bug Type : Cross Site Scripting Infection : Yönetici ve User cookiekleri calinabilir. B...

Joomla Component com_trabalhe_conosco Cross Site Scripting Vulnerabilities

No description provided by source. ------------------- header data start ------------------- Joomla Component comtrabalheconosco Cross Site Scripting Vulnerabilities Author : Pyske Name : comtrabalheconosco Home : www.cyber-warrior.org Greetz : Fl0riX , M-K-A , F0RTS3V3N , 3KB3R ,BARCOD3 and ALL...

plxAutoReminder 3.7 - 'id' SQL Injection

plx Autoreminder v3.7 id R-Sql Ýnj ---------------------------------------------------------- Discovered By: ZoRLu msn: [email protected] Date: 04.01.09 Home: z0rlu.blogspot.com / www.experl.com N0T: YALNIZLIK, YiTiRDi ANLAMINI YALNIZLIGIMDA : EN ONEMLi N0T: demolarI hackleyen top olsun top i...

DELTAScripts PHP Classifieds 7.5 - Authentication Bypass

DELTAScripts PHP Classifieds 7.5 - Authentication Bypass deltascripts phpclassifieds Remote Auth Bypass Vulnerability ---------------------------------------------------------- Discovered By: ZoRLu Date: 06.11.2008 Home: www.z0rlu.blogspot.com contact: [email protected] N0T: YALNIZLIK, YiTiRDi...

phpwebgallery-sql.txt

---------------------------------------------------------------- Script : PhpWebGallery 1.3.4 Type : Vulnerabilities blind sql injection Author : Stack Google Dork : inurl:"picture.php?cat=" "Powered by PhpWebGallery 1.3.4" ---------------------------------------------------------------- Download...

PhpWebGallery 1.3.4 (cat) Blind SQL Injection Vulnerability

No description provided by source. ---------------------------------------------------------------- Script : PhpWebGallery 1.3.4 Type : Vulnerabilities blind sql injection Author : Stack Google Dork : inurl:"picture.php?cat=" "Powered by PhpWebGallery 1.3.4"...

PHPWebGallery 1.3.4 - Blind SQL Injection (1)

PHPWebGallery 1.3.4 - Blind SQL Injection 1 ---------------------------------------------------------------- Script : PhpWebGallery 1.3.4 Type : Vulnerabilities blind sql injection Author : Stack Google Dork : inurl:"picture.php?cat=" "Powered by PhpWebGallery 1.3.4"...

Six Step IE Remote Compromise Cache Attack

Six Step IE Remote Compromise Cache Attack tested OS:WinXp Microsoft Internet Explorer v6.Sp1; up-to-date on 2003/10/30 Overview A six step cache attack has been found which allows for remote compromise of systems running Internet Explorer merely by viewing a webpage. This attack is possible part...