19 matches found
EUVD-2024-32588
Malicious code in bioql PyPI...
PT-2025-34577
Name of the Vulnerable Software and Affected Versions: YiFang CMS versions up to 2.0.5 Description: A SQL injection issue exists in the file app/logic/L tool.php due to the manipulation of the new url argument. This issue may be exploited remotely. The vendor was contacted but did not respond...
CVE-2025-9234
The CVE-2025-9234 issue affects Scada-LTS prior to 2.7.8.2. The vulnerability is a cross-site scripting (XSS) flaw arising from improper handling of the Alias parameter in maintenance_events.shtm, allowing remote attacker-controlled input to be executed in users’ browsers. Multiple sources confir...
PT-2025-22843 · Unknown · Scriptandtools Real-Estate-Website-In-Php
Name of the Vulnerable Software and Affected Versions: ScriptAndTools Real-Estate-website-in-PHP version 1.0 Description: A critical vulnerability was found in the Admin Login Panel of the ScriptAndTools Real-Estate-website-in-PHP. The manipulation of the Password argument leads to SQL injection...
DoraCMS Cross-Site Scripting Vulnerability (CNVD-2023-9750397)
DoraCMS is a software application. Based on Nodejs+eggjs+mongodb to write a content management system . A cross-site scripting XSS vulnerability exists in DoraCMS version v2.1.8. An attacker can exploit this vulnerability to execute arbitrary code by uploading a specially crafted HTML or image fi...
IBM System Director Agent - Remote System Level
IBM System Director Agent - Remote System Level IBM System Director Remote System Level Exploit CVE-2009-0880 extended zeroday Copyright C 2012 Kingcope IBM System Director has the port 6988 open. By using a special request to a vulnerable server, the attacker can force to load a dll remotely fro...
Opial 1.0 (albumid) Remote SQL Injection Vulnerability
No description provided by source. Opial 1.0 albumid Remote SQL Injection Vuln Founder : ThE g0bL!N SQL Injection Vulnerability Exploit: http://www.path.com/albumdetail.php?albumid=-31+union//select//1,version,3,4,5,6,7,8,9,10,11,12,13,14,user,16-- Demo: ---- http://www.opial.com/demo/ Greeting :...
Sasser Worm ftpd Remote Buffer Overflow Exploit (port 5554)
No description provided by source. / / // / / / / \ / / / / / / / // // / // / // //// - ROMANIAN SECURITY RESEARCH 2004 - sasser va-e exploit of its ftpd server exploit version 1.4, public author: mandragore date: Mon May 10 16:13:31 2004 vuln type: SEH ptr overwriting greets: rosecurity team...
HC Newssystem 1.0-1.4 - 'index.php?ID' SQL Injection
HC NEWSSYSTEM 1.0-4 index.php "ID" Blind SQL Injection Type : SQL Injection Release Date : 2007-03-08 Product / Vendor : HC Design News Publisher. http://www.hcdesign.at/demo Bug : http://localhost/script/index.php?option=news&aktion=komm&ID=-SQL Inj.- SQL Inj Code : Admin Username/Password Query...
Netrek 2.12.0 - 'pmessage2()' Remote Limited Format String
Luigi Auriemma Application: Netrek http://www.netrek.org Versions: = 2.12.0 Vanilla server Platforms: nix and Windows Bug: format string Exploitation: remote in-game Date: 02 Mar 2007 Author: Luigi Auriemma e-mail: [email protected] web: aluigi.org 1 Introduction 2 Bug 3 The Code 4 Fix...
SoftBB v0.1 < = Cross-Site Scripting
SoftBB v0.1 = Cross-Site Scripting - XSS Exploit ; Discovred By : ThELeOMor0Ccan Islam DefenDers Team ; Software : SoftBB ; Version : 0.1 ; Site Of Software : Www.Softbb.Be ; Exploit : http://Www.Site.Com/Script/index.php?page=scriptalert'hacking20xss'/script ; Greetz : M.I.D.TDrackanZ, Mr.IlysS ...
ELOG 2.5.6 - Remote Shell
/ Worked on latest version for me http://midas.psi.ch/elog/download/tar/elog-latest.tar.gz elog-latest.tar.gz 26-Jan-2005 21:36 519K Default port 8080. str0ke / / Hi there, someone has brought to u a gift. ELOG Remote Shell Exploit = 2.5.6 Also for future Versions Updated On 18/April/2004 LOCK YO...
SudoEdit 1.6.8 - Local Change Permission
/ Copyright © Rosiello Security 2004 http://www.rosiello.org sudoedit Exploit SOFTWARE : sudoedit REFERENCE: http://www.sudo.ws/sudo/alerts/sudoedit.html DATE: 18/09/2004 Summary: A flaw in exists in sudo's -u option aka sudoedit in sudo version 1.6.8 that can give an attacker read permission to ...
IBM Tivoli Directory Server 3.2.24.1 - LDACGI Directory Traversal
IBM Tivoli Directory Server 3.2.24.1 - LDACGI Directory Traversal source: https://www.securityfocus.com/bid/10841/info IBM Tivoli Directory Server is reported to contain a directory traversal vulnerability in its web front-end application. This issue presents itself due to insufficient sanitizati...
Sasser Worm ftpd - Remote Buffer Overflow (port 5554)
Sasser Worm ftpd - Remote Buffer Overflow port 5554 / / // / / / / \ / / / / / / / // // / // / // //// - ROMANIAN SECURITY RESEARCH 2004 - sasser va-e exploit of its ftpd server exploit version 1.4, public author: mandragore date: Mon May 10 16:13:31 2004 vuln type: SEH ptr overwriting greets:...
NIPrint LPD-LPR Print Server 4.10 - Remote Overflow
/ \ remote exploit for NIPrint LPD-LPR Print Server Version include else include include include include include include include include endif include // JMP ESP ADDRESS in Win XP 5.1.2600 define RET 0x77F5801c define SHELL 7788 char shellcode =...
WU-FTPD 2.6.2 - Off-by-One Remote Command Execution
/ wu-ftpd v2.6.2 off-by-one remote 0day exploit. exploit by "you dong-hun"Xpl017Elz Brute-Force function added. / define VERSION "v0.0.3" include include include include include include define DEBUGNG undef DEBUGNG define NRL 0 define SCS 1 define FAD -1 define MAXBF 16 define BFLSZ 0x100 / 256 /...
[SECURITY] New versions of Debian traceroute packages
---------------------------------------------------------------------------- Debian Security Advisory [email protected] http://www.debian.org/security/ Daniel Jacobowitz October 13, 2000 - ---------------------------------------------------------------------------- Package: traceroute...
WuFTPD: Providing *remote* root since at least1994
/ - wuftpd2600.c VERY PRIVATE VERSION. DO NOT DISTRIBUTE. 15-10-1999 WUFTPD 2.6.0 REMOTE ROOT EXPLOIT by tf8 NOTE: For ethical reasons, only an exploit for 2.6.0 will be released 2.6.0 is the most popular version nowadays, and it should suffice to proof this vulnerability concept. Site exec was...