FreeBSD LiteSpeed Web Server 4.0.17 with PHP - Remote Exploit

No description provided by source. LiteSpeed Web Server 4.0.17 w/ PHP Remote Exploit for FreeBSD bug discovered & exploited by Kingcope Dec 2010 Lame Xploit Tested with success on FreeBSD 8.0-RELEASE - LiteSpeed WebServer 4.0.17 Standard & Enterprise x86 FreeBSD 6.3-RELEASE - LiteSpeed WebServer...

Halloween Linux 4.0,RedHat Linux 6.1/6.2 imwheel Vulnerability (2)

No description provided by source. source: http://www.securityfocus.com/bid/1060/info A vulnerability exists in the 'imwheel' package for Linux. This package is known to be vulnerable to a buffer overrun in its handling of the HOME environment variable. By supplying a sufficiently long string...

RechnungsZentrale V2 <= 1.1.3 - Remote Inclusion Vulnerability

No description provided by source. - GroundZero Security Research and Software Development 2006 - Software: RechnungsZentrale V2 Version: 1.1.3, likely older versions are affected aswell. Vendor: http://www.nfec.de/ Remote Inclusion:...

User-Mode Linux Kernel 2.4.17 -8 Memory Access Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/3973/info User-Mode Linux UML is a patch which allows the Linux Kernel to run as a user space process. It is currently available for the Linux operating system. It may be used as an efficient tool for kernel development, ...

AzDGDatingMedium 1.9.3 'l' Parameter Multiple Cross Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/37514/info Azerbaijan Development AzDGDatingMedium is prone to multiple cross-site scripting vulnerabilities because the application fails to sufficiently sanitize user-supplied input. An attacker may leverage these issue...

The Everything Development System <= Pre-1.0 - SQL Injection Vuln

No description provided by source. Application: The Everything Development System Versions: = Pre-1.0 current version at time of release Author: sub [email protected] Released: 2/1/2008 There exists a vulnerability in The Everything Development Engine that allows a user to inject their own SQL to...

Mthree Development MP3 to WAV Decoder Denial of Service Vulnerability

No description provided by source. Exploit Title: Mthree Development MP3 to WAV Decoder .mp3 DoS Date: 10 / 8 / 2010 Author: Oh Yaw Theng Credit : ZAC0034m!n Software Link: http://www.mthreedev.com/setupmp3towav.exe Tested on: Windows XP SP 2 CVE : N / A Description : Create the malicious .mp3 fi...

Macromedia ColdFusion MX 6.0 - Remote Development Service File Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8109/info A vulnerability has been reported for the RDS service that may allow an attacker to obtain unauthorized access to a data residing on a ColdFusion MX server. The vulnerability is due to the way that authenticatio...

Pi3Web 2.0.2 SortName Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7787/info Pi3Web is prone to a buffer overflow vulnerability. This is due to insufficient bounds checking of URI parameters. This could be exploited to cause a denial of service or possibly to execute malicious...

Worldviewer.com CMS SQL Injection Vulnerability

No description provided by source. Exploit Title: Worldviewer.com CMS SQL Injection Vulnerability Date: 12-4-2010 Author: 41.w4r10r aka AN1L Software Link : Version: Web Application Tested on: Apcahe/Unix CVE : if exists Dork : inurl:php/showContent.php?linkid= Or inurl:/php/showNews.php?newsid=...

Omnis Studio 2.4 Weak Database Field Encryption Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1255/info Omnis Studio 2.4 is a development tool for creating database applications. The tool gives developers the option to encrypt database entries. However, the encryption scheme used is weak and easily broken with any...

OracleAS TopLink Mapping Workbench Weak Encryption Algorithm Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/9515/info OracleAS TopLink Mapping Workbench is a tool included with OracleAS TopLink, a Java-based database integration development framework that is included as a component of various Oracle Application Server releases...

Development Site Professional Liberal - Company Institutional SQL Injection Vulnerability

No description provided by source...

Mercury Mail 4.01 - (Pegasus) IMAP Buffer Overflow (2) (c code)

No description provided by source. / Remote Mercury32 Imap exploit 14 types of attacks WOW! By: [email protected] Notes: Second public release and both of them are murcury32 ; Again someone posted some dos code : why bother? If you spent the time to look, it uses the same buffer for all 14 type...

XBMC 9.04.1r20672 soap_action_name post upnp sscanf Buffer Overflow

No description provided by source. !/usr/bin/env python ''' - XBMC upnp Remote Buffer Overflow - ========================================================================= ! Exploit Title: Xbmc soapactionname post upnp sscanf buffer overflow !...

Twilight WebServer 1.3.3 .0 GET Request Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8181/info It has been reported that Twilight WebServer may be prone to a remote buffer overflow vulnerability. The problem may be present due to a lack of bounds checking performed on incoming GET requests. Arbitrary code...

PHPSelect Web Development Index.PHP3 Remote File Include Vulnerability

No description provided by source. !/usr/bin/env python coding: utf-8 import re from pocsuite.net import req from pocsuite.poc import Output, POCBase from pocsuite.utils import register class PHPSelectWebDevelopmentRemoteFileIncludePOCBase: vulID = '82263' version = '1' vulDate = '2006-09-27'...

EZHomeTech EzServer <= 6.4.017 Stack Buffer Overflow Vulnerability

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3...

lftp <= 2.6.9 - Remote Stack based Overflow Exploit

No description provided by source. / lftp remote stack-based overflow exploit by Li0n7 voila fr Vulnerability discovered by Ulf Harnhammar Ulf.Harnhammar.9485 student uu se Lftp versions later than 2.6.10 are prone to a remotly exploitable stack-based overflow in trynetscapeproxy and trysquideplf...

PRADO PHP Framework 3.2.0 Arbitrary File Read Vulnerability

No description provided by source. PRADO PHP Framework 3.2.0 Arbitrary File Read Vulnerability Vendor: Prado Software Product web page: http://www.pradosoft.com Affected version: 3.2.0 r3169 Summary: PRADO is a component-based and event-driven programming framework for developing Web applications...