1634 matches found
Code injection
An ActiveX control in exlauncher.dll in the Help subsystem in National Instruments LabWindows/CVI before 2013 allows remote attackers to cause a denial of service by triggering the display of local example files...
CVE-2013-5025
An ActiveX control in exlauncher.dll in the Help subsystem in National Instruments LabWindows/CVI before 2013 allows remote attackers to cause a denial of service by triggering the display of local example files...
imacs CMS 0.3.0 Shell Upload
?php / ,--^----------,--------,-----,-------^--, | ||||||||| --------' | O .. CWH Underground Hacking Team .. +---------------------------^----------| ,-------, | / XXXXXX /| / / XXXXXX / \ / / XXXXXX /\ / XXXXXX / / XXXXXX / ------' Exploit Title : imacs CMS Unrestricted File Upload Exploit Date...
[SECURITY] Fedora 18 Update: phpMyAdmin-3.5.8-1.fc18
phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the World Wide Web. Most frequently used operations are supported by the user interface managing databases, tables, fields, relations, index es, users, permissions, while you still have the ability to directly...
JAOW 2.4.8 Cross Site Scripting
Script Name : JAOW 2.4.8 Version : 2.4.8 Bug Type : XSS vulnerability Found by : Metropolis Home : http://metropolis.fr.cr Discovered : 23/03/2013 Download app : http://www.jaow.net/uploads/jaow2.4.8.zip Google search : Propulsé par Jaow 2.4.8 - PoC : http://target/path/addons.php?addons=Xss...
Petite Annonce 1 Cross Site Scripting
Script Name : SCRIPT PETITE ANNONCE v1 Version : v1 Bug Type : XSS vulnerability Found by : Metropolis Home : http://metropolis.fr.cr Discovered : 14/03/2013 Download app : http://www.script-php-petite-annonce.com/achat.html Google search : inurl:/annonce/moteur-prix.php?categoriemoteur= PoC :...
ClipShare 4.1.4 - Multiple Vulnerabilities
===================================================================== Vulnerable Software: ClipShare - Video Sharing Community Script 4.1.4 Official site: http://www.clip-share.com Software License: Commercial. Vulns: Blind SQl injection && Plaintext Password...
ClipShare 4.1.4 SQL Injection / Plaintext Password Vulnerabilities
ClipShare version 4.1.4 suffers from remote blind SQL injection and plaintext password vulnerabilities. ===================================================================== Vulnerable Software: ClipShare - Video Sharing Community Script 4.1.4 Official site: http://www.clip-share.com Software...
AdaptCMS 2.0.4 - config.php?question SQL Injection
AdaptCMS 2.0.4 - config.php?question SQL Injection Exploit Title: AdaptCMS = 2.0.4 SQL Injection vulnerability Date: 26/10/2012 Exploit Author: Kallimero Vendor Homepage: http://www.adaptcms.com/ Software Link: http://www.insanevisions.com/page/3/Downloads/ Version: 2.0.4 Tested on: Debian...
quota security and bug fix update
1:3.13-8.0.1 - Add ocfs2 support Orabug: 14208111 1:3.13-8 - Fix CVE-2012-3417 incorrect use of tcpwrappers Resolves: 841448 1:3.13-7 - Fix parsing numeric arguments of setquota Resolves: 831520 1:3.13-6 - Do not use real domains in warnquota example Resolves: 680429 - Use /proc/mounts for...
Fedora 16 : php-pear-CAS-1.3.2-1.fc16 (2012-21122)
Changes in version 1.3.2 Security Fixes : - CVE-2012-5583 Missing CN validation of CAS server certificate 58 Joachim Fritschi Bug Fixes : - Fix broken character encoding in Greek and French 40 Joachim Fritschi - Minor error corrections in a few example files Joachim Fritschi - Remove erroneous...
. net file upload vulnerability in the code example and solution-vulnerability warning-the black bar safety net
At this point in the test when stripped down the code and some lost, and only a patch solution. We make do and see. Something very simple. string str = filename. Substringfilename. LastIndexOf"." + 1, 3; if str == "png" || str == "gif" || str == "jpg" || str == "jpeg" || str == "PNG" || str ==...
MD Webmarketing Cross Site Scripting / SQL Injection
Exploit Title : MD-WEBMARKETING - SQL Injection/Cross Site Scripting Vulnerabilities Date : 06-11-2012 Author : Caleb Bucker Independent Security Researcher Contact : https://twitter.com/CalebDrugs Website : www.calebbucker.blogspot.com Vendor : MD Webmarketing URL Vendor :...
[SECURITY] Fedora 17 Update: phpMyAdmin-3.5.3-1.fc17
phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the World Wide Web. Most frequently used operations are supported by the user interface managing databases, tables, fields, relations, index es, users, permissions, while you still have the ability to directly...
Estudio447 SQL Injection / Cross Site Scripting
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 x Official Website: http://www.1337day.com 0 1 x...
Flexap Control Panel 5.1 Blind SQL Injection Vulnerability
Exploit for php platform in category web applications ===================================================== Vulnerable software: Control Panel version 5.1 Vendor: http://www.flexap.am/ Vuln type: Blind SQL Injection Software License: Commercial Software: Control Panel version 5.1 Discovered and...
Flexap.am Control Panel 5.1 Blind SQL Injection
===================================================== Vulnerable software: Control Panel version 5.1 Vendor: http://www.flexap.am/ Vuln type: Blind SQL Injection Software License: Commercial Software: Control Panel version 5.1 Discovered and Exploited in Wild...
Pululart CMS SQL Injection
Exploit Title: Pululart CMS Sql Injection Vulnerability Google Dork:intext:"Powered by Pululart" Date: 08/24/2012 Author: Crim3R Vendor Home : http://www.pululart.com/ Tested on: all $ $ ----Author will be not responsible for any damage---- $ ========================================...
ptunnel 0.72 - Remote Denial of Service
ptunnel 0.72 - Remote Denial of Service !/usr/bin/env python =============================================================================== Exploit Title: ptunnel ' % sys.argv0 target remotehost = sys.argv1 ptunnel.h typedef struct uint32t magic, // magic number, used to identify ptunnel packets...
http-phpself-xss NSE Script
Crawls a web server and attempts to find PHP files vulnerable to reflected cross site scripting via the variable $SERVER"PHPSELF". This script crawls the webserver to create a list of PHP files and then sends an attack vector/probe to identify PHPSELF cross site scripting vulnerabilities. PHPSELF...