Word Viewer OCX 3.2 - Remote Command Execution

Word Viewer OCX 3.2 - Remote Command Execution ---------------------------------------------------------- Word viewer OCX V 3.2 Remote File execution exploit ---------------------------------------------------------- ----------------------------------- By Mountassif Moad a.k.a Stack...

CVE-2008-5677

Unrestricted file upload vulnerability in Kwalbum 2.0.4, 2.0.2, and earlier, when PICSPATH is located in the web root, allows remote authenticated users with upload capability to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the...

CVE-2008-5663

Multiple unrestricted file upload vulnerabilities in Kusaba 1.0.4 and earlier allow remote authenticated users to execute arbitrary code by uploading a file with an executable extension using 1 loadreceiver.php or 2 a shipainter action to paintsave.php, then accessing the uploaded file via a dire...

CVE-2008-5677

Unrestricted file upload vulnerability in Kwalbum 2.0.4, 2.0.2, and earlier, when PICSPATH is located in the web root, allows remote authenticated users with upload capability to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the...

Design/Logic Flaw

Incomplete blacklist vulnerability in the Quarantine feature in CoreTypes in Apple Mac OS X 10.5 before 10.5.6 allows user-assisted remote attackers to execute arbitrary code via an executable file with the content type indicating no application association for the file, which does not trigger a...

CVE-2008-4234

Incomplete blacklist vulnerability in the Quarantine feature in CoreTypes in Apple Mac OS X 10.5 before 10.5.6 allows user-assisted remote attackers to execute arbitrary code via an executable file with the content type indicating no application association for the file, which does not trigger a...

CVE-2008-4234

Incomplete blacklist vulnerability in the Quarantine feature in CoreTypes in Apple Mac OS X 10.5 before 10.5.6 allows user-assisted remote attackers to execute arbitrary code via an executable file with the content type indicating no application association for the file, which does not trigger a...

IIS vulnerability application-vulnerability warning-the black bar safety net

by yuange The newly discovered IIS a bunch of vulnerabilities, and talk about the application. Need a virtual executable Directory,WINDOWS common /scripts,/cgi-bin,/vtibin, General/vtibin directory is mapped to the“program files”directory, usually in the system tray above, and the SCRIPTS sometim...

Hacking tricks of a few over-active Defense method-vulnerability warning-the black bar safety net

Generally the Trojan is added from the start is antivirus software active defense, or 3 6 0 intercept,a few days ago in an online found several registry since the start of the method,the effect is also good,can be considered currently active Defense of a large Dead Space,even of micro-point turne...

peid-overflow.txt

!/usr/bin/perl PEiD = 0.92 Buffer Overflow Universal Exploit Exploit by SkD [email protected] ---------------------------------------------- An old vulnerability but no existing exploit for it, so here it is. Of course, I had to make it universal because of that.This exploit will work on all OS...

linux/amd64 - flush iptables rules shellcode 84 bytes

linux/amd64 flush iptables rules shellcode 84 bytes. Shellcode exploit for linamd64 platform / /sbin/iptables -F shellcode for AMD64 84 bytes By gat3way The code to load the sc into an executable mmap-ed executable page was shamelessly stolen by hophet too lazy : Thanks Gustavo C. for the...

linux/amd64 flush iptables rules shellcode 84 bytes

No description provided by source. / /sbin/iptables -F shellcode for AMD64 84 bytes By gat3way gat3wayat gat3waydoteu The code to load the sc into an executable mmap-ed executable page was shamelessly stolen by hophet too lazy : Thanks Gustavo C. for the inspiration - x8664 assembly is fun : Here...

Unrestricted file upload

Unrestricted file upload vulnerability in admin/uploadform.php in wPortfolio 0.3 and earlier allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in admin/tmp/...

Windows Command Shell, Bind TCP (via Ruby)

Continually listen for a connection and spawn a command shell via Ruby This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 128 include Msf::Payload::Single include...

CVE-2008-5002

Insecure method vulnerability in the ChilkatCrypt2.ChilkatCrypt2.1 ActiveX control ChilkatCrypt2.dll 4.3.2.1 in Chilkat Crypt ActiveX Component allows remote attackers to create and overwrite arbitrary files via the WriteFile method. NOTE: this could be leveraged for code execution by creating...

Unrestricted file upload

Unrestricted file upload vulnerability in the "Add Image Macro" feature in WebCards 1.3 allows remote authenticated administrators to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the uploaded file...

Webshell under to crack computer administrator password-vulnerability warning-the black bar safety net

Information source: evil octal information security team www.eviloctal.com） This idea derived from previous studies runas command when inspired. Method of use: 1, The your password dictionary was renamed into the psw. txt, upload to the target server is an executable, writable directory. It is...

Webroot SpySweeper Enterprise Check

This plugin checks that the remote host has Webroot Spy Sweeper Enterprise installed and properly running, and makes sure that the latest Vdefs are loaded. OpenVAS Vulnerability Test $Id: spysweepercorpinstalled.nasl 7580 2017-10-26 11:16:36Z cfischer $ Description: Webroot SpySweeper Enterprise...

Webroot SpySweeper Enterprise Check

This plugin checks that the remote host has Webroot Spy Sweeper Enterprise installed and properly running, and makes sure that the latest Vdefs are loaded. SPDX-FileCopyrightText: 2008 Jeff Adams / Tenable Network Security Some text descriptions might be excerpted from a referenced sources, and a...

CVE-2008-4557

plugins/wacko/highlight/html.php in Strawberry in CuteNews.ru 1.1.1 aka Strawberry allows remote attackers to execute arbitrary PHP code via the text parameter, which is inserted into an executable regular expression...