linux/x86 eject/close cd-rom loop (follows /dev/cdrom symlink) 45 bytes

No description provided by source. / linux/x86 eject & close cd-rom frenzy loop follows "/dev/cdrom" symlink - 45 bytes - izik [email protected] / char shellcode = "\x6a\x05" // push $0x5 "\x58" // pop %eax "\x31\xc9" // xor %ecx,%ecx "\x51" // push %ecx "\xb5\x08" // mov $0x8,%ch...

linux/x86 cat /dev/urandom > /dev/console 63 bytes

linux/x86 cat /dev/urandom /dev/console, just for kicks - 63 bytes. Shellcode exploit for linx86 platform / linux/x86 cat /dev/urandom /dev/console, no real profit just for kicks - 63 bytes - izik / char shellcode = "\x31\xc9" // xor %ecx,%ecx "\x51" // push %ecx "\x68\x6e\x64\x6f\x6d" // push...

Unix Command Shell, Reverse TCP (/dev/tcp)

Creates an interactive shell via bash's builtin /dev/tcp. This will not work on circa 2009 and older Debian-based Linux distributions including Ubuntu because they compile bash without the /dev/tcp feature. This module requires Metasploit: https://metasploit.com/download Current source:...

Dev_15_sql_xpl.php.txt

---- Dev web management system ConfLoadDBtoPHP; include "admin/config.php"; echo "...

Dev Web Management System 1.5 - getfile.php?cat SQL Injection

Dev Web Management System 1.5 - getfile.php?cat SQL Injection source: https://www.securityfocus.com/bid/16063/info Dev Web Management System is prone to multiple input validation vulnerabilities. These issues may allow SQL injection and cross-site scripting attacks. Dev Web Management System...

Dev Web Management System 1.5 - download_now.php?target SQL Injection

Dev Web Management System 1.5 - downloadnow.php?target SQL Injection source: https://www.securityfocus.com/bid/16063/info Dev Web Management System is prone to multiple input validation vulnerabilities. These issues may allow SQL injection and cross-site scripting attacks. Dev Web Management Syst...

Dev Web Management System 1.5 - 'add.php' Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/16063/info Dev Web Management System is prone to multiple input validation vulnerabilities. These issues may allow SQL injection and cross-site scripting attacks. Dev Web Management System versions 1.5 and earlier are prone to these issues...

Dev Web Management System 1.5 - 'getfile.php?cat' SQL Injection

source: https://www.securityfocus.com/bid/16063/info Dev Web Management System is prone to multiple input validation vulnerabilities. These issues may allow SQL injection and cross-site scripting attacks. Dev Web Management System versions 1.5 and earlier are prone to these issues...

Dev Web Management System <= 1.5 (cat) Remote SQL Injection Exploit

No description provided by source. ?php ---Dev15sqlxpl.php 9.54 24/12/2005 Dev =1.5 'cat' SQL injection / admin MD5 password hash disclosure coded by rgod site: http://rgod.altervista.org - this works regardless of magicquotesgpc setting usage: launch from Apache, fill in requested fields, then g...

Dev Web Management System <= 1.5 (cat) Remote SQL Injection Exploit

Exploit for unknown platform in category web applications =================================================================== Dev Web Management System this works regardless of magicquotesgpc setting usage: launch from Apache, fill in requested fields, then go! Sun-Tzu: "Prohibit the taking of...

CVE-2005-4508

Nexus Concepts Dev Hound 2.24 and earlier allows remote attackers to obtain the installation path via a URL containing a non-existent .dll file...

CVE-2005-4507

Multiple cross-site scripting XSS vulnerabilities in Nexus Concepts Dev Hound 2.24 and earlier allow remote attackers to inject arbitrary web script or HTML via multiple unspecified user input fields...

CVE-2005-4506

Nexus Concepts Dev Hound 2.24 and earlier stores username and password information in cleartext in the devhound.tdbd file, which allows local users to gain privileges...

CVE-2005-4508

CVE-2005-4508 affects Nexus Concepts Dev Hound (versions 2.24 and earlier). The vulnerability allows remote attackers to discover the installation path by requesting a URL containing a non-existent .dll file, exposing partial confidentiality via a path disclosure. The available documents do not s...

CVE-2005-4507

CVE-2005-4507 documents multiple cross-site scripting (XSS) vulnerabilities in Nexus Concepts Dev Hound 2.24 and earlier. Affected component: the web application’s user input handling where unvalidated inputs can lead to script/HTML injection. Impact is partial integrity compromise of affected pa...

CVE-2005-4508

Nexus Concepts Dev Hound 2.24 and earlier allows remote attackers to obtain the installation path via a URL containing a non-existent .dll file...

CVE-2005-4506

Nexus Concepts Dev Hound 2.24 and earlier stores username and password information in cleartext in the devhound.tdbd file, which allows local users to gain privileges...

CVE-2005-4506

Nexus Concepts Dev Hound 2.24 and earlier stores usernames and passwords in cleartext in the devhound.tdbd file, enabling local users to gain privileges. Affected component: Dev Hound data store file devhound.tdbd. Root cause: credentials saved in cleartext. Impact: local privilege escalation if ...

CVE-2005-3631

udev does not properly set permissions on certain files in /dev/input, which allows local users to obtain sensitive data that is entered at the console, such as user passwords...

security flaw

udev does not properly set permissions on certain files in /dev/input, which allows local users to obtain sensitive data that is entered at the console, such as user passwords...