twmap 跨站脚本漏洞

Twmap is a Taiwan map-related document/code for China. twmap is vulnerable to a cross-site scripting vulnerability that originates in the file list.php, where the exit function will terminate the script and print a message to the user. No detailed vulnerability details are currently available...

PT-2021-23920 · Twmap · Twmap

Name of the Vulnerable Software and Affected Versions: twmap versions 2.91 through 4.33 Description: The issue is related to a Cross Site Scripting XSS vulnerability. In the file list.php, the exit function will terminate the script and print a message to the user. This message contains the $...

PhpWhois 跨站脚本漏洞

PhpWhois is a Whois library containing Php by Spanish individual developer David Saez Padros. A cross-site scripting vulnerability exists in PhpWhois, which originates in the file example.php, where the exit function will terminate the script and print a message to the user. No detailed...

LanSend 3.2 - Buffer Overflow (SEH)

Exploit Title: LanSend 3.2 - Buffer Overflow SEH Exploit Author: gurbanli Date: 2020-05-12 Vulnerable Software: LanSend 3.2 Vendor Homepage: https://lizardsystems.com Version: 3.2 Software Link: https://lizardsystems.com/download/lansendsetup.exe Tested on: Windows 7 x86 f = file'payload.txt','w'...

Dup Scout Enterprise 9.9.14 - Remote Buffer Overflow (SEH)

!/usr/bin/env python Exploit Title: Dup Scout Enterprise v 9.9.14 Date: 2017-08-25 Exploit Author: Nipun Jaswal & Anurag Srivastava Author Homepage: www.pyramidcyber.com Vendor Homepage: http://www.dupscout.com Software Link: http://www.dupscout.com/setups/dupscoutentsetupv9.9.14.exe Version:...

Adobe-Reader-PDF-LibTiff

Title: Adobe PDF LibTiff Integer Overflow Code Execution. Product: Adobe Acrobat Reader Version: 8.3.0, 9.3.0 CVE: 2010-0188 import sys import base64 import struct import zlib import StringIO SHELLCODEOFFSET=0x555 TIFFOFSET=0x2038 windows/exec - 227 bytes http://www.metasploit.com Encoder:...

Discuz X2 路徑洩漏

简要描述： 缺少 exit‘Access Denied’; 直接浏览该程序直接报错 BTW 一共发现了7个 XSS 包含储存式跟反射式. 等之后整完整點再发出来 详细说明： 檔案路徑: /source/include/misc/miscranklistindex.php 漏洞证明：...

ComSndFTP 1.3.7 Beta - USER Format String (Write4) (Metasploit)

$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 'ComSndFTP v1.3.7 Beta USER Buffe...

Millenium MP3 Studio 1.0 .mpf File Local Stack Overflow Exploit #2

Exploit for unknown platform in category local exploits ================================================================== Millenium MP3 Studio 1.0 .mpf File Local Stack Overflow Exploit 2 ================================================================== + Vulnerability : .mpf File Local Stack...

Weave a dream(Dedecms)arbitrary code execution vulnerability-vulnerability warning-the black bar safety net

Vulnerability page is \include\incbookfunctions.php The trigger page is member/storyaddcontentaction.php Next is open the following address: http://www.xxx.com/member/storyaddcontentaction.php?chapterid=1&arcID=1&body=?& gt; Followed by the word code. When you see the successful message indicates...

linux/x86 iptables -F 58 bytes

No description provided by source. / The shellcode flushs the iptables by running /sbin/iptables -F no exit greetz to zilion: man, my code is shorter! size = 58 bytes OS = Linux i386 written by /rootteam/dev0id www.sysworld.net BITS 32 jmp short callme main: pop esi xor eax,eax mov byte esi+14,al...

os-x/PPC setuid(0) + execve /bin/sh 88 bytes

Exploit for os-x/ppc platform in category shellcode ============================================ os-x/PPC setuid0 + execve /bin/sh 88 bytes ============================================ / PPC OSX/Darwin Shellcode by B-r00t. 2003. Does setuid0; execve/bin/sh; exit0; See ASM below. 88 Bytes. / char...