snipe Gallery Script - SQL Injection

Exploit Title: snipe gallery Script Sql Injection Date: 26/06/2010 Author: dev!l ghost Email: awsatlivedotit Site : www.h00forall.com Script url: http://sourceforge.net/projects/snipegallery/ Version: 3.1.5 Tested on: Windows CVE : ::::::::::::::::::::::::: =================Exploit===============...

PHP Planner Cross Site Scripting / SQL Injection

================================== phpplanner XSS / SQL Vulnerability ================================== Script: php planner Date: 12-06-2010 Author: anT!-Tr0J4n My Home : www.Dev-PoinT.com Software Link:http://phpplanner.sourceforge.net/ Tested on: Win7/Linux DorK :...

phpplanner XSS / SQL Vulnerability

Exploit for php platform in category web applications ================================== phpplanner XSS / SQL Vulnerability ================================== Script: php planner Date: 12-06-2010 Author: anT!-Tr0J4n My Home : www.Dev-PoinT.com Software Link:http://phpplanner.sourceforge.net/ Test...

Yamamah 1.0 SQL Injection / Source Disclosure

Exploit Title: Yamamah Mullti Vulnerability Date: 9-06-2010 Author: anT!-Tr0J4n My Home : www.Dev-PoinT.com Software Link:http://www.yamamah.org Version: 1.00 Tested on: Win7/Linux DorK : N / A ========== Exploit By anT!-Tr0J4n============ =======Yamamah source code disclosure Vulnerability...

Yamamah Vulnerability (news) SQL Injection / disclosure Vulnerability

Exploit for php platform in category web applications ===================================================================== Yamamah Vulnerability news SQL Injection / disclosure Vulnerability ===================================================================== Exploit Title: Yamamah Mullti...

WebSudo should be disabled in devmode

When confluence is started in dev mode, websudo should be disabled...

Unfixed XSS vulnerability at dev-ice.com

Security researcher internet, has submitted on 23/05/2010 a cross-site-scripting XSS vulnerability affecting dev-ice.com, which at the time of submission ranked 0 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 06/07/2010. It is currently...

CPA Lead Script SQL Injection

In The Name Of Allah The Mercifull Tybe: SQL Injection Vulnerabilities Vendor: www.v-eva.com + Software: CPA Lead Script + author: R3d-D3v!L + TEAM: ArAB!AN !NFORMAT!ON SeCuR!TY ----4.!.5 ? contact: Xathotmail.co.jp - ? Date: 14.Jan.2010 ? T!ME: 05:15 am GMT ? Home: © Offensive Security ?...

Press Release Script - 'page.php?id' SQL Injection

In The Name Of Allah The Mercifull Tybe: SQL Injection Vulnerabilities Vendor: www.v-eva.com + Software: Press Release Script + author: R3d-D3v!L + TEAM: ArAB!AN !NFORMAT!ON SeCuR!TY ----4.!.5 ? contact: Xathotmail.co.jp - ? Date: 14.Jan.2010 ? T!ME: 05:15 am GMT ? Home: © Offensive Security ?...

Test if Audio Server installed and list access rights of /dev/audio

Test if Audio Server is installed and list access rights of /dev/audio. This Script tests if the following Audio-Servers are installed: esound, paudio, pulseaudio, artsd, phonon. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are...

DZCP (deV!L_z Clanportal) 1.5.3 - Multiple Vulnerabilities

DZCP deV!Lz Clanportal 1.5.3 - Multiple Vulnerabilities ======================================================================================== | Title : deV!Lz Clanportal V1.5 Mullti Vulnerability | Author : indoushka | email : [email protected] | Home : www.iqs3cur1ty.com/vb | Script : CMS...

deV!L'z Clanportal 1.5 Remote File Inclusion

======================================================================================== | Title : deV!Lz Clanportal V1.5 Mullti Vulnerability | Author : indoushka | email : [email protected] | Home : www.iqs3cur1ty.com/vb | Script : CMS © 2005 - 2010 by deV!Lz Clanportal - supported by...

deV!L`z Clanportal V1.5 Mullti Vulnerability

Exploit for php platform in category web applications ============================================ deV!Lz Clanportal V1.5 Mullti Vulnerability ============================================ ======================================================================================== | Title : deV!Lz...

DZCP (deV!L`z Clanportal) 1.5.3 - Multiple Vulnerabilities

======================================================================================== | Title : deV!Lz Clanportal V1.5 Mullti Vulnerability | Author : indoushka | email : [email protected] | Home : www.iqs3cur1ty.com/vb | Script : CMS © 2005 - 2010 by deV!Lz Clanportal - supported by...

PHP 6.0 Dev - 'str_transliterate()' Local Buffer Overflow (NX + ASLR Bypass)

whoami whoami nt authority\system / errorreporting0; $bases = $GET'poss'; $basee = $GET'pose'; $offs = $GET'offs'; $offe = $GET'offe'; ifinigetbool'unicode.semantics' $buff = strrepeat"\u4141", 32; $tbp = "\u2650\u6EE5"; // 6EE52650 ADDRESS TO BE PATCHED BY WPM $ptw = "\u2FE0\u6EE5"; // 6EE52FE0...

PHP str_transliterate()函数Unicode字符远程溢出漏洞

BUGTRAQ ID: 39185 PHP是广泛使用的通用目的脚本语言，特别适合于Web开发，可嵌入到HTML中。 远程攻击者可以通过向PHP的strtransliterate函数提交超长的Unicode字符串请求触发缓冲区溢出，导致执行任意代码。成功利用这个漏洞要求配置中打开了unicode.semantics。 PHP 6.0 dev 厂商补丁： PHP --- 目前厂商还没有提供补丁或者升级程序，我们建议使用此软件的用户随时关注厂商的主页以获取最新版本： http://www.php.net view sourceprint??php errorreporting0; PHP 6....

PHP 6.0 Dev str_transliterate() Buffer Overflow

Exploit Title: PHP 6.0 Dev strtransliterate 0Day Buffer Overflow Exploit Date: 2010-04-04 Author: Pr0T3cT10n Software Link: http://downloads.sourceforge.net/project/wampserver/WampServer%202%20-%20Extensions/PHP/WampServer2-PHP6.0dev.exe?usemirror=garr Version: 6.0 Dev Tested on: WIN XP HEB SP3...

RedHat Update for brltty RHSA-2010:0181-05

Check for the Version of brltty OpenVAS Vulnerability Test RedHat Update for brltty RHSA-2010:0181-05 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...

PHP 6.0 Dev - str_transliterate() Local Buffer Overflow

PHP 6.0 Dev - strtransliterate Local Buffer Overflow Exploited by TheLeader, Debug SP. Thanks: HDM http://www.nullbyte.org.il This code should exploits a buffer overflow in the strtransliterate function to call WinExec and execute CALC Take a look, 'unicode.semantics' has to be on! php.ini...

PHP 6.0 Dev str_transliterate() 0Day Buffer Overflow Exploit

Exploit for windows platform in category remote exploits ============================================================ PHP 6.0 Dev strtransliterate 0Day Buffer Overflow Exploit ============================================================ Exploited by TheLeader, Debug SP. Thanks: HDM...