Microsoft Windows XP - Task Scheduler '.job' Universal (MS04-022)

/ HOD-ms04022-task-expl.c: MS04-022 Microsoft Windows XP Task Scheduler .job Universal Exploit Exploit version 0.1 coded by .:: houseofdabus ::. at inbox dot ru ------------------------------------------------------------------- Tested on: - Internet Explorer 6.0 SP1 iexplore.exe - Explorer...

VirtuaSystems VirtuaNews 1.0.x (Multiple Modules) - Cross-Site Scripting

source: https://www.securityfocus.com/bid/9812/info It has been reported that the VirtuaNews non-default modules 'Files' and 'Vulns' are prone to multiple cross-site scripting vulnerabilities. These problems surround the application's failure to properly validate user supplied URI input. When...

Caucho Resin Crossite Scripting

Crossite scipring in few CSS examples...

Web Wiz Forums ver. 7.01

Informations : °°°°°°°°°°°° Language : ASP Bugged Version : Web Wiz Forums ver. 7.01 and less ? Patched version : none Website : http://www.webwizforums.com Problems : Permanent XSS Objects : °°°°°°° - forummembers.asp - members.asp - pmbuddylist.asp Exploits : °°°°°°°°...

dcpportal.txt

From: Lifo Fifo To: [email protected] Subject: DCP Portal - 5.5 holes Never use this product if you have turned off magicquotesgpc. And this product won't work anyway if you have turned off registerglobals. All the files in the product, dont check for integrity of variables. You can easil...

yMonda Thread-IT 1.6 - Multiple HTML Injections

yMonda Thread-IT 1.6 - Multiple HTML Injections source: https://www.securityfocus.com/bid/8692/info It has been reported that yMonda Thread-IT is prone to a HTML injection vulnerability that may allow an attacker to execute HTML code in a user's browser. The issue is reported to be present in the...

Microsoft Windows - 'RPC DCOM2' Remote (MS03-039)

/ RPCDCOM2.c ver1.1 copy by FLASHSKY flashsky at xfocus.org 2003.9.14 / include include include include include include unsigned char bindstr= 0x05,0x00,0x0B,0x03,0x10,0x00,0x00,0x00,0x48,0x00,0x00,0x00,0x7F,0x00,0x00,0x00,...

Zope Invalid Query Path Disclosure

The remote Zope web server may be forced into disclosing its physical path when calling 'Examples/ShoppingCart/addItems' with a blank quantity. Note that this install is also likely to be affected by several other vulnerabilities, although Nessus has not checked for them. C Tenable Network...

PoPToP PPTP 1.1.4-b3 - 'poptop-sane.c' Remote Command Execution

/ Fixed Exploit against PoPToP in Linux poptop-sane.c ./r4nc0rwh0r3 of blightninjas [email protected] blightninjas: bringing pain, suffering, and humiliation to the security world Expect more great release like helloworld-annotated.c and cd explained whitepaper, we are working hard in da...

[email protected] Clients Buffer Overflow Exploit

Exploit for linux platform in category remote exploits ========================================= email protected Clients Buffer Overflow Exploit ========================================= / email protected exploit by zillionatsafemode.org 2003/01/07 Credits for the vulnerability go to: SkyLined...

KPMG-2002020: Resin view_source.jsp Arbitrary File Reading

-------------------------------------------------------------------- Title: Resin viewsource.jsp Arbitrary File Reading BUG-ID: 2002020 Released: 17th Jun 2002 -------------------------------------------------------------------- Problem: ======== In a default installation of Resin server, the...

Fixed in Apache Tomcat 4.1.0

Important: Denial of service CVE-2003-0866 A malformed HTTP request can cause the request processing thread to become unresponsive. A sequence of such requests will cause all request processing threads, and hence Tomcat as a whole, to become unresponsive. Affects: 4.0.0-4.0.6 Low: Information...

MHonArc v2.5.2 Script Filtering Bypass Vulnerability

MHonArc v2.5.2 Script Filtering Bypass Vulnerability ==================================================== Affected: --------- MHonArc v2.5.2 http://www.mhonarc.org/ Fixed: ------ MHonArc v2.5.3 http://www.mhonarc.org/MHonArc/CHANGES Problem: -------- MHonArc has a feature which filters out...

BSD chpass (pw_error(3)) Local Root Exploit

Exploit for bsd platform in category local exploits =========================================== BSD chpass pwerror3 Local Root Exploit =========================================== / TESO BSD chpass exploit - caddis greets: !teso, !w00w00, hert!, ozsecurity, plus613 / include char bsdshellcode =...