ecoCMS 18.4.2010 'admin.php' Cross Site Scripting Vulnerability

No description provided by source. !/usr/bin/env python coding: utf-8 from pocsuite.net import req from pocsuite.poc import POCBase, Output from pocsuite.utils import register from urlparse import urljoin class TestPOCPOCBase: vulID = 'SSV-87089' vul ID version = '1' author = 'fenghh' vulDate =...

Winds3D Viewer 3 'GetURL()' Arbitrary File Download Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/35595/info Winds3D Viewer is prone to a vulnerability that can allow malicious files to be downloaded an executed within the context of the affected browser that uses the plugin. Successfully exploiting this issue will...

aidiCMS 3.55 - (ajax_create_folder.php) Remote Code Execution

No description provided by source. ?php / -------------------------------------------------------------------- aidiCMS v3.55 ajaxcreatefolder.php Remote Code Execution Exploit -------------------------------------------------------------------- author............: Egidio Romano aka EgiX...

Adobe InDesign CS4 DLL Hijacking Exploit (ibfs32.dll)

No description provided by source. / Exploit Title: Adobe InDesign CS4 DLL Hijacking Exploit ibfs32.dll Date: August 25, 2010 Author: Glafkos Charalambous glafkos@astalavistadotcom Version: CS4 v6.0 Tested on: Windows 7 x64 Ultimate Vulnerable extensions: .indl .indp .indt .inx Greetz: Astalavist...

Borland StarTeam 2008 10.0 .57 - Multiple Remote Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/28080/info Borland StarTeam is prone to multiple issues, including multiple integer-overflow vulnerabilities, a heap-overflow vulnerability, and a denial-of-service vulnerability. Successfully exploiting these issues allo...

Ultra Shareware Office Control ActiveX HttpUpload Buffer Overflow

No description provided by source. $Id: ultraofficehttpupload.rb 10394 2010-09-20 08:06:27Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and...

Zenphoto - Config Update and Command Execute Vulnerability

No description provided by source. ?php / | / |/ \ /\ | | | | \ | \ / | | | | / \ | | | | | | | |/| | | | |/ /\ | | | | | | | | || / \ || | | | || ||// \/|/ http://www.exploit-db.com/moaub-26-zenphoto-config-update-and-command-execute-vulnerability/ Abysssec Inc Public Advisory Title :...

Linux kernel 2.2 Predictable TCP Initial Sequence Number Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/670/info A vulnerability in the Linux kernel allows remote users to guess the initial sequence number of TCP sessions. This can be used to create spoofed TCP sessions bypassing some types of IP based access controls. The...

Poppler 0.10.3 - Multiple Denial of Service Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/33749/info Poppler is prone to multiple denial-of-service vulnerabilities when handling malformed PDF files. Successfully exploiting this issue allows remote attackers to crash applications that use the vulnerable library...

XLReader 0.9 - Remote Client-Side Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/11970/info A remote, client-side buffer overflow vulnerability affects xlreader. This issue is due to a failure of the application to properly validate the length of user-supplied strings prior to copying them into static...

Rumba FTP Client FTPSFtp.dll 4.2.0.0 - OpenSession() Buffer Overflow

No description provided by source. html head titleRumba FTP Client FTPSFtp.dll v4.2.0.0 OpenSession Buffer Overflow by sinn3r/title /head body object classid=clsid:677A6F83-52A0-4931-8E62-EC713EE9B949 id=ftpsftp/object script language=JavaScript / Rumba FTP Client FTPSFtp.dll v4.2.0.0 OpenSession...

Cyclope Internet Filtering Proxy 4.0 - CEPMServer.exe DoS (Poc)

No description provided by source. !/usr/bin/python Title: Cyclope Internet Filtering Proxy 4.0 - CEPMServer.exe DoS Poc. From: The eh?-Team || The Great White Fuzz we're not sure yet Found by: loneferret Software link: http://www.cyclope-series.com/download/index.aspx?p=2 Date Found: Oct 20th 20...

Quicksilver Master of Orion III 1.2.5 - Multiple Remote Denial of Service Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/11550/info Master of Orion III is reported prone to multiple remote denial of service vulnerabilities. These issues occur because the application does not handle exceptional conditions in a proper manner. Master of Orion...

Online Job Board (Auth Bypass) SQL Injection Vulnerability

No description provided by source. '/ -.- --------------------oOO------OOo----------------------------- | Online Job Board Auth Bypass SQL Injection Vulnerability | | works only with magicquotesgpc = off | ---------------------------------------------------------------- ! Discovered: cr4wl3r...

Gene6 G6 FTP Server 2.0 - Buffer Overflow DoS Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/805/info The G6 FTP Server, by Gene6, is vulnerable to a buffer overflow attack. If 2000 characters are sent as the username or password, the software will use up all available memory and CPU time and bring the host to a...

Joomla Component com_ranking SQL Injection Vulnerability

No description provided by source. Title : Joomla Component comranking SQL Injection Vulnerability Author: DevilZ TM Data : 2010-04-05 InformatioN Title : Joomla Component comranking SQL Injection Vulnerability Author : DevilZ TM By D3v1l.blackhat Homepage : http://www.DEVILZTM.com Email :...

NetWin DNews 5.3 Server Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1172/info DNews News Server is a CGI application that gives access to auser's NNTP server over the web. There are many unchecked buffers in the program, some of which can be exploited directly from any browser. Supplying ...

World in Conflict 1.0.1 Typecheck Remote Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/35751/info World in Conflict is prone to a remote denial-of-service vulnerability because the application fails to handle exceptional conditions. An attacker could exploit this issue to crash the affected application,...

NASM 0.98.x Error Preprocessor Directive Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/11991/info NASM is prone to a buffer overflow. This condition is exposed when the application attempts to assemble a source file that contains malformed '%error' preprocessor directive arguments. Since the source file may...

IrfanView FlashPix PlugIn Decompression Heap Overflow

No description provided by source. Application: IrfanView FlashPix PlugIn Decompression Heap Overflow Platforms: Windows Secunia Number: SA48772 PRL: 2012-08 Author: Francis Provencher Protek Research Lab's Website: http://www.protekresearchlab.com/ Twitter: @ProtekResearch 1 Introduction 2...