CVE-2016-5273

The mozilla::a11y::HyperTextAccessible::GetChildOffset function in the accessibility implementation in Mozilla Firefox before 49.0 allows remote attackers to execute arbitrary code via a crafted web site...

ESRI ArcMap Arbitrary Code Execution

Description: Opening a specially crafted mxd file will execute arbitrary code without prompting and without a crash of the application. This is due to a flaw in the programs ability to prompt a user before executing embedded VBA. Mxd files are not filtered by email systems so this allows a remote...

55,000 Hacked Sites Serving Malware Cocktail

Security researchers are raising an alarm for a potent malware cocktail — backdoor Trojans and password stealers — being pushed to Windows users from about 55,000 hacked Web sites. According to Mary Landesman, a researcher in ScanSafe’s security threat alert team, the cybercriminals have embedded...

Firefox 3.0.8 fixes two code execution holes

Mozilla has released Firefox 3.0.8 to fix a pair of code execution holes that put users of the browser at risk of drive-by download attacks. It includes a fix for one of the flaws exploited during this year’s CanSecWest Pwn2Own hacker contest. The update also fixes a separate zero-day flaw...

GeoVision LiveAudio - ActiveX Remote Freed-Memory Access

GeoVision LiveAudio - ActiveX Remote Freed-Memory Access // win32exec - EXITFUNC=seh CMD=c:\windows\system32\calc.exe Size=378 Encoder=Alpha2 http://metasploit.com shellcode = unescape"%u03eb%ueb59%ue805%ufff8%uffff%u4949%u4949%u4949" +...

Joomla Component beamospetition 1.0.12 SQL Injection / XSS

Exploit for unknown platform in category web applications ========================================================== Joomla Component beamospetition 1.0.12 SQL Injection / XSS ========================================================== Joomla component beamospetition 1.0.12 Sql Injection / Xss...

BibCiter 1.4 Multiple SQL Injection Vulnerabilities

No description provided by source. BibCiter 1.4 Multiple SQL Injection Vulnerability Author: nuclear site: http://bibciter.sourceforge.net/ vuln: http://localhost/path/projects.php?idp=-721 UNION SELECT @@version%23 http://localhost/path/contacts.php?idc=-1 UNION SELECT @@version%23...

HTMPL 1.11 - Command Execution

HTMPL 1.11 - Command Execution Software : HTMPL v1.11 Download Link : http://vmeste.org/templex/doc/1.html Vulnrability : Command Execution Severity : High Author : ZeN Website : http://dusecurity.com / http://darkcode.me/ Exploit : site.com/cgi-bin/htmpladmin.cgi?help=|cat /etc/passwd A few othe...

chipmunkboard-sqlxss.txt

--------------------------------------------------------- Portal Name: Chipmunk Board Vendor : http://www.chipmunk-scripts.com/page.php?ID=8 Download : http://www.chipmunk-scripts.com/board/board.zip Vulnerable File : index.php Dork: Powered by c Chipmunk Board Author : PouyaServer ,...

allfa-rfi.txt

Allfaclassfieds level2.php dir remote file inclusion -- Bug Found By Dr.RoVeR --Arab48 Hacker Contact: [email protected] --- Script: allfaclassfieds Download: http://scriptat.com/download.php?sid=718 -- Bug File: level2.php Bug code in line 4: require"$dir/admin/dp.php"; -- Exploit:...

IMGallery 2.5 - Create Uploader Script

DEVIL TEAM IRC: irc.milw0rm.com:6667 devilteam http://www.rahim.webd.pl/ ======== Contact: [email protected] cod3d by Kacper -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=...