CVE-2017-18374

The ZyXEL P660HN-T1A v1 TCLinux Fw $7.3.15.0 v001 / 3.40ULM.0b31 router distributed by TrueOnline has two user accounts with default passwords, including a hardcoded service account with the username true and password true. These accounts can be used to login to the web interface, exploit...

CVE-2025-5436

A vulnerability was found in Multilaser Sirius RE016 MLT1.0. It has been rated as problematic. This issue affects some unknown processing of the file /cgi-bin/cstecgi.cgi. The manipulation leads to information disclosure. The attack may be initiated remotely. The exploit has been disclosed to the...

Apple QuickTime 7.6.6 Invalid SMIL URI Buffer Overflow

$Id: applequicktimesmildebug.rb 10011 2010-08-13 23:11:23Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

DESlock+ 4.0.2 - dlpcrypt.sys Local Kernel Ring0 Code Execution

DESlock+ 4.0.2 - dlpcrypt.sys Local Kernel Ring0 Code Execution / deslock-dlpcrypt.c Copyright c 2009 by DESlock+ 4.0.2 local kernel SYSTEM exploit by mu-b - Thu 18 Jun 2009 - Tested on: dlpcrypt.sys 0.1.1.27 .text:0001BB2E: 'what do ya want for nothing?' - hmmm, something that doesn't pass kerne...

FLDS 1.2a report.php (linkida) Remote SQL Injection Exploit

Exploit for unknown platform in category web applications =========================================================== FLDS 1.2a report.php linkida Remote SQL Injection Exploit =========================================================== !/usr/bin/perl -w Free Links Directory Script V1.2a Remote SQ...

predynamic-bypass.txt

Aria-Security Team http://aria-security.net -------------------------------------- Vendor :http://www.preproject.com Script/Portal: Pre Dynamic Institution You can bypass the login page with: ' or ' Shouts :theoutl4w...

NewsSync for phpBB 1.5.0rc6 - Remote File Inclusion

NewsSync for phpBB 1.5.0rc6 - Remote File Inclusion newsSync 1.5.0rc6 nukeinclude.php Remote File Inclusion Exploit //'=============================================================================================== //'Script Name: newsSync 1.5.0rc6 //'Author : GoLdM = Mahmoodali //'S.Page :...

CVE-2004-0829

smbd in Samba before 2.2.11 allows remote attackers to cause a denial of service daemon crash by sending a FindNextPrintChangeNotify request without a previous FindFirstPrintChangeNotify, as demonstrated by the SMB client in Windows XP SP2...

Linux 2.4.24 with vserver 1.24 exploit

Hi securityfocus, a small exploit from me which brakes out of a vserver, also if secured with "chmod 000 /vservers". It is a modification of the known "chroot-again" exploit. It belongs to chroots but also to the vserver project. Tested with linux 2.4.24 and vserver 1.24. The bug was posted to th...

Microsoft Internet Explorer - URL Injection in History List (MS04-004)

Microsoft Internet Explorer - URL Injection in History List MS04-004 // Andreas Sandblad, 2004-02-03, patched by MS04-004 // Name: payload // Purpose: Run payload code called from Local Machine zone. // The code may be arbitrary such as executing shell commands. // This demo simply creates a...

IRIX (5.3/6.2/6.3/6.4/6.5/6.5.11) /usr/bin/lpstat Local Exploit

Exploit for irix platform in category local exploits =============================================================== IRIX 5.3/6.2/6.3/6.4/6.5/6.5.11 /usr/bin/lpstat Local Exploit =============================================================== !/bin/sh copyright LAST STAGE OF DELIRIUM jul 2000...