pBot Remote Code Execution

!/usr/bin/perl Exploit Title: pBot Remote Code Execution "" hostauth Date: 31.07.2012 Exploit Author: @bwallHatesTwits Software Link: https://www.firebwall.com/decoding/read.php?u=620d21fd31b87046e94975e03fdafa8a decoded from attempted attack Version: Various versions Tested on: Linux 3.2 use...

WordPress Plugin Front End Upload 0.5.4.4 - Arbitrary '.PHP' File Upload

Exploit Title: WordPress Front End Upload v0.5.4.4 Arbitrary PHP File Upload Vulnerability Date: 7/23/12 Exploit Author: Chris Kellum Vendor Homepage: http://mondaybynoon.com/ Software Link: http://downloads.wordpress.org/plugin/front-end-upload.0.5.4.4.zip Version: 0.5.4.4 =====================...

gpEasy CMS Minishop 1.5 Plugin - Persistent Cross-Site Scripting

gpEasy CMS Minishop 1.5 Plugin - Persistent Cross-Site Scripting Exploit Title: gp easy CMS Minishop 1.5 plugin persistent XSS Date: july 2 2012 Exploit Author: Carlos Mario Penahos Hollmann Vendor Homepage:http://gpeasy.com/Download Software Link:...

Slimpdf Reader 1.0 Memory Corruption

Exploit for windows platform in category dos / poc Exploit Title: Date: June 24 2012 Exploit Author: Carlos Mario Penagos Hollmann Vendor Homepage: www.investintech.com Version:1.0 Tested on: Windows 7 CVE : cve-2011-4220 payload ="A"10000 crash="startxref" pdf=payload+crash filename =...

Kingview Touchview 6.53 EIP Overwrite

Exploit for windows platform in category dos / poc Exploit Title: Kingview Touchview EIP direct control Date: June 24 2012 Exploit Author: Carlos Mario Penagos Hollmann Vendor Homepage: www.kingview.com Version: 6.53 Tested on: Windows SP 1 CVE : Open kingivew click on Make choose network...

WordPress Top Quark Architecture 2.10 Shell Upload

Exploit Title: Wordpress Top Quark Architecture Version 2.10 Arbitrary File Upload Google Dork: inurl:wp-content/plugins/topquark/lib/js/fancyupload/showcase/batch/ Date: 11/06/2012 Exploit Author: Adrien Thierry Vendor Homepage: http://topquark.com/ Software Link:...

Wordpress SfBrowser Version 1.4.5 Arbitrary File Upload Vulnerability

Exploit for php platform in category web applications Exploit Title: Wordpress SfBrowser Version 1.4.5 Arbitrary File Upload Google Dork: inurl:wp-content/plugins/sfbrowser/connectors/php/ Date: 11/06/2012 Exploit Author: Adrien Thierry Vendor Homepage: http://www.sjeiti.com/ Software Link:...

Web ellasan Design - SQL injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Web ellasan Design SQL injection Vulnerability Author: Becax Home : CrimeIRCD ---------------------------------------------------------------------! Email : email protected Category: webapps Version: n/a Google dork: "powered by...

IGNITION S.A.R.L. SQL Injection

Exploit Title: IGNITION s.a.r.l. SQL Injection Author: Th4 MasK Contact to ; [email protected] Software Website: http://www.educomoverseas.com Date : 14.02.2012 Platform : Php Dork : Designed and powered by IGNITION s.a.r.l. Demo Site :...

Star Develop Live Help 2.0 Disclosure / Bypass

================================================ Star Develop Live Help v2.0 Mullti Vulnerability ================================================ 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=0 0 . .--. .--. .---. . 1 1 .'| / | 0 0 | --: --: / .-.| .-. . . 1 1 | / | | | 0 0 '---' --' --'...

Set sail for the enterprise built Station system cookie injection vulnerability-vulnerability warning-the black bar safety net

Sail mechanical and electrical equipment enterprise built Station system, The system do businesses stand dynamic templates, code interface separation, is a set of website user with no technical threshold, simple operation, convenient maintenance, powerful, secure and reliable website tool. Websit...

Advneced Management For Services Sites - File Disclosure

Advneced Management For Services Sites - File Disclosure ======================================================================= Advneced Management For Services Sites File Disclosure Vulnerabilities ======================================================================= Vendor:...

Mp3-Nator 2.0 - 'ListData.dat' Universal Buffer Overflow (SEH)

!/usr/bin/perl + Bug : Mp3-Nator 2.0 ListData.dat Universal Buffer Overflow Exploit SEH + Author : ThE g0bL!N Greetz to all my friends Download:http://files.brothersoft.com/mp3audio/players/mp3nator.zip Tested on: Windows XP Pro SP2 Fr Ismail: Hadi Wallah Ghir 3la Rabbi : usage: After Clicking On...

Sienzo Digital Music Mentor - 'DSKernel2.dll' ActiveX Control Stack Buffer Overflow

source: https://www.securityfocus.com/bid/23838/info Sienzo Digital Music Mentor is prone to multiple stack-based buffer-overflow vulnerabilities because the software fails to adequately check boundaries on data supplied to multiple ActiveX control methods. An attacker can exploit this issue to...

GWScripts News Publisher 1.0 - 'author.file' Write

source: https://www.securityfocus.com/bid/1621/info It is possible for a remote user to add an author to the author index author.file in GWScripts News Publisher, a web news publisher. This can be done by requesting the following raw HTTP request using any arbitrary username and password: POST...