2Fax 3.0 Tab Expansion Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/11980/info 2fax is prone to a buffer overflow vulnerability. This issue is exposed when the software performs tab expansion operations while converting files. Since files may originate from an external or untrusted source...

fipsCMS light <= 2.1 (r) Remote SQL Injection Vulnerability

No description provided by source. Exploit Code: victim/path/home/index.asp?w=pages&r=9999999 union select all 0,username,null,0x1 from admin victim/path/home/index.asp?w=pages&r=9999999 union select all 0,password,null,0x1 from admin http://localhost:2222/lab/cms/admin...

IBM Tivoli Endpoint 4.1.1 - Remote SYSTEM Exploit

No description provided by source. !/usr/bin/python tiv-sys.py IBM Tivoli Endpoint 4.1.1 Remote SYSTEM Exploit Jeremy Brown 0xjbrown41-gmail-com June 2011 Discovered by: Brian Adeloye of Tenable Network Security This exploit makes use of two vulnerabilities: 1 Base64 authentication credentials...

Pre Web Host - SQL Injection Vulnerability

No description provided by source. EDB-ID: 1310 CVE: OSVDB-ID: Author: Mr.Benladen Published: 2010-06-07 Verified: No Download: Exploit Code Download: N/A InformatioN Title : Pre Web Host sql inj3ction Vulnerability Author : Mr.Benladen Homepage : http://www.joomlaservice.info Or...

Ubuntu 12.10 64-Bit sock_diag_handlers - Local Root Exploit

No description provided by source. include unistd.h include sys/socket.h include linux/netlink.h include netinet/tcp.h include errno.h include linux/if.h include linux/filter.h include string.h include stdio.h include stdlib.h include linux/sockdiag.h include linux/inetdiag.h include...

GAzie <= 5.20 Cross Site Request Forgery

No description provided by source. ======================================== GAzie = 5.20 Cross Site Request Forgery ======================================== Author: giudinvx Email: giudinvxatgmaildotcom Date: 5/02/2012 Site: http://www.giudinvx.altervista.org/...

Zemana AntiLogger AntiLog32.sys <= 1.5.2.755 Local Privilege Escalation Vulnerability

No description provided by source. Zemana AntiLogger AntiLog32.sys = 1.5.2.755 Local Privilege Escalation Vulnerability VULNERABLE PRODUCTS Zemana AntiLogger =1.9.2.2.206 DETAILS: AntiLog32.sys create a device called \Device\AntiLog32 , and handles DeviceIoControl request IoControlCode = 0x800020...

Rational Software ClearCase for Unix 3.2 ClearCase SUID Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/538/info Rational Software's ClearCase product includes a vulnerability whereby an unprivileged user can have any readable executable set to SUID root.. A 1.5 meg file is copied and then chmod'ed to SUID, and during the...

Hosting Controller <= 0.6.1 Unauthenticated User Registeration (3rd)

No description provided by source. !-- Hi, I'm Soroush Dalili from GSG GrayHatz Security Group. Title: Hosting controller program have a security bug in UserProfile.asp that an authenticated user can change other's profiles. Why is it dangerous: a user can change other's email address and then us...

phf buffer overflow exploit for Linux-x86

No description provided by source. / | phx.c -- phf buffer overflow exploit for Linux-ix86 | Copyright c 2000 by proton. All rights reserved. | | This program is free software; you can redistribute it and/or modify | it under the terms of the GNU General Public License as published by | the Free...

businesswiki 2.5rc3 - Stored XSS & arbitrary file upload

No description provided by source. !/usr/bin/python ''' Exploit Title: Stored XSS & Arbitrary File Upload Vulnerabilities in BusinessWiki. Date: 23/08/2012 Exploit Author: Shai rod @NightRang3r Vendor Homepage: http://onbusinesswiki.com/ Software Link:...

ToxSoft NextFTP 1.82 Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/572/info ToxSoft's shareware FTP client, NextFTP, contains an unchecked buffer in the code that parses CWD command replies. If the FTP server's reply contains the exploit code, arbitrary commands can be run on the client...

CREAR ALMail32 1.10 Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/574/info The ALMail32 POP3 client conatins unchecked buffers in the header parsing code. An abnormally long FROM: or TO: field in the header of an incoming email will overwrite the buffer and allow arbitrary code to be...

YPOPS! 0.9.7.3 - Buffer Overflow (SEH)

No description provided by source. Version:0.9.7.3 Tested on: Windows XP SP3 !/usr/bin/python All modules are SafeSEH protected in service pack 3. import socket, sys print \n ======================================== print YPOPS! v 0.9.7.3 Buffer Overflow SEH print Proof of Concept by Blake print...

Eterm 0.8.10,rxvt 2.6.1,PuTTY 0.48,X11R6 3.3.3/4.0 - Denial of Service

No description provided by source. source: http://www.securityfocus.com/bid/1298/info xterm is a popular X11-based terminal emulator. If VT control-characters are displayed in the xterm, they can be interpreted and used to cause a denial of service attack against the client and even the host...

Elm < 2.5.8 (Expires Header) Remote Buffer Overflow Exploit

No description provided by source. / Exploit code for the bug posted by Ulf Harnhammar metaurtelia.com http://archives.neohapsis.com/archives/fulldisclosure/2005-08/0688.html Probably you will need to change SYSLOC and STRLOC to work on your box / include stdio.h include stdlib.h include string.h...

e107 0.7.x 'e107_admin/banner.php' SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/39609/info e107 is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the...

Zyxel P-660HW-T1 v3 Wireless Router - CSRF Vulnerability

No description provided by source. Exploit Title: Zyxel P-660HW-T1 v3 Wireless Router - CSRF Vulnerabilities Date: 05/22/2014 Author: Mustafa ALTINKAYNAK Vendor Homepage:http://www.zyxel.com/tr/tr/productsservices/p660hwseries.shtml?t=p Category: Hardware/Wireless Router Tested on: Zyxel P-660HW-...

AhnLab V3 Internet Security 8.0 <= 1.2.0.4 - Privilege Escalation Vulnerability

No description provided by source. AhnLab V3 Internet Security 8.0 with AhnRec2k.sys = 1.2.0.4 Local Kernel Mode Privilege Escalation Vulnerability AUTHOR MJ0011 EMAIL thdecoder $ 126.com VULNERABLE PRODUCTS AhnLab V3 Internet Security = 8.0.3.28?build 746 DETAILS: AhnRec2k.sys create a device...

ViRobot Desktop 5.5 and Server 3.5 <= 2008.8.1.1 - Privilege Escalation Vulnerability

No description provided by source. Hauri ViRobot Desktop 5.5 & ViRobot Server 3.5 VRsecos.sys =2008.8.1.1 Local Kernel Mode Privilege Escalation Vulnerability AUTHOR MJ0011 EMAIL thdecoder$126.com VULNERABLE PRODUCTS Hauri ViRobot Desktop 5.5 and below Hauri ViRobot Server 3.5 and below DETAILS:...