yahoo! player 1.5 (.m3u) Universal Buffer Overflow (SEH)

No description provided by source. !/usr/bin/perl Exploit Title: yahoo! player 1.5 .m3u Universal Buffer Overflow SEH Date: 27/08/2011 Author: D3r K0n!G Software Link: http://www.clubic.com/lancer-le-telechargement-8059-0-yahoo-player.html Version: 1.5.01.409 Tested on: Windows XP SP3 CVE : N/A...

Free MP3 CD Ripper 1.1 Local Buffer Overflow

Exploit for windows platform in category local exploits Exploit Title : Free MP3 CD Ripper 1.1 Local Buffer Overflow Software : http://www.brothersoft.com/free-mp3-cd-ripper-84543.html Version : 1.1 Tested on : Windows xp sp3 en Date : 27/08/2011 Author : X-h4ck Website : http://www.pirate.al ,...

WordPress SendIt plugin <= 1.5.9 Blind SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: WordPress SendIt plugin getvar"SELECT COUNT FROM $tableemail where email ='$POSTemailadd' and idlista = '$POSTlista';"; As you can see, $POSTlista parameter is nor validated neither escaped, so you can blind sql inject it using...

F-Secure Multiple Products SEH Overwrite

Exploit Title: F-Secure Multiple Products ActiveX Remote SEH Overwrite VulnerabilityHeap Spray Discovered Date: 24/05/2011 Author: 41.w4r10r Version: Multiple Tested on : Windows XP SP2 Eng, IE 6,7,8 Affected Products : F-Secure Anti-Virus 2011 F-Secure Anti-Virus 2010 F-Secure Internet Security...

Bonza Digital Cart Script - SQL Injection

Exploit Title: Bonzo Cart E-Commerce System SQL Injection Date: 2011 Author: Eyup CELIK Software Link: http://www.turnkeycentral.com Version: All Version Tested on: All versions are Vulnerability ISSUE SQL Injection can be done using the command input Example...

JSS-Shop SQL Injection

Exploit Title: JSS-Shop E-Commerce System SQL Injection Date: 2011 Author: Eyup CELIK Software Link: http://www.turnkeycentral.com Version: All Version Tested on: All versions are Vulnerability ISSUE SQL Injection can be done using the command input Example cart.php?pid=&todo=add Exploit:...

WordPress Contus HD FLV Player 1.3 SQL Injection

Exploit Title: WordPress Contus HD FLV Player plugin 1,BENCHMARK5000000,MD5CHAR115,113,108,109,97,112,0&listItem=1 --------------- Vulnerable code --------------- $pid1 = $GET'playid'; foreach $GET'listItem' as $position = $item : mysqlquery"UPDATE $wpdb-prefix" . "hdflvmed2play SET sorder =...

Precision Technologies(page.php)sql Injection Vulnerability

Exploit for php platform in category web applications Exploit Title:Precision Technologiespage.phpsql Injection Vulnerability Date: 17/8/2011 Author: Angel Injection home Page: http://www.club-h.co.cc , http://www.sec-krb.org Email: Angel-Injectionathotmail.com Vendor or Software Link:...

A-PDF All to MP3 2.3.0 - Universal DEP Bypass

!/usr/bin/ruby +Exploit Title: A-PDF All to MP3 v2.3.0 Universal DEP Bypass Exploit +Date: 09\08\2011 +Author: C4SS!0 G0M3S +Software Link: http://www.a-pdf.com/all-to-mp3/ +Version: 2.3.0 +Tested On: WIN-XP SP3 Brazilian Portuguese +CVE: N/A Dep bypass method: LoadLibraryA"kernel32.dll" +...

HP Data Protector (Linux) - Remote Command Execution

HP Data Protector Linux - Remote Command Execution !/bin/bash Exploit Title: HP Data Protector Remote Root Shell for Linux Date: 2011-08-10 Author: SZ Software Link:http://www8.hp.com/us/en/software/software- product.html?compURI=tcm:245-936920&pageTitle=data-protector Version: 0.9 Tested on:...

WordPress Plugin Social Slider 5.6.5 - SQL Injection

Exploit Title: Social Slider...

cFTP 0.1 r80 Shell Upload

Software Link: https://code.google.com/p/clients-oriented-ftp/downloads/list Version: 0.1 Tested on: linux // Vulnerable URL $url = 'http://url domain/cFTP/'; // The file to upload $filename = dirnameFILE.'/info.php'; $failext = array'php', 'pl'; $username = 'hackname'.rand0, 999999;...

Symantec Backup Exec 12.5 - Man In The Middle

Exploit Title: Symantec Backup Exec MiTM Attack Date: 27/05/2011 Author: Nibin Software Link: http://www.symantec.com/business/products/family.jsp?familyid=backupexec Version: - Symantec Backup Exec for Windows Servers versions 11.0, 12.0, and 12.5 - Symantec Backup Exec 2010 versions 13.0 and 13...

Various Indian Sites Cross Site Scripting

%+ $...............4.........|........0............// %+ %+ %+ %+++++++++++++++++++++++++++++ +++++++++++ Exploit Title: .in.com XSS vulnerability Vendor: various Date: 6th july,2011 Author: r007k17 a.k.a Raghavendra Karthik D link: http://shadowrootkit.wordpress.com/ Google Dork: © Copyright...

VietNext CMS Multiple Vulnerabilities

Exploit for php platform in category web applications + Exploit Title:Multiple Vulnerabilities + Date: 2011 + script:VietNext cms + Software: http://vietnextco.com & http://vietnext.vn + Author : pentesters.ir + Website : WwW.PenTesters.IR + dorks :"Developed & Design By VietNext" and "Design by...

SVM Infotech SQL injection Vulnerability

Exploit for php platform in category web applications ‡‡‡‡‡‡‡‡‡‡‡‡‡‡ + Exploit Title : SVM Infotech.. SQL injection Vulnerability + Author : k's0uR! + Category : WebApps + d0rk : "Developed & Managed By: SVM Infotech"Or"Designed & Developed By: SVM Infotech" + Tested o...

Technote 7.2 - Blind SQL Injection

Exploit Title: technote blind sql injection Google Dork: inurl:/technote7/board.php?board= Date: 2011.06.11 Author: BlueH4G http://blueh4g.org Software Link: http://www.technote.co.kr/php/technote1/board.php?board=consult&command=skininsert&exe=insertdownshop Version: technote7.2 && Mysql 3.x sor...

E-Manage MySchool 7.02 SQL Injection

Exploit Title: SQL Injection MySchool Version 7.02 Google Dork: "MySchool Version 7.02" Date: 05-21-2011 Software Link: http://em.com.eg/ Version: Version 7.02 Author: az7rb Tested on : winxp sp3 Ar end bt5 Homepage : www.p0c.cc Greetz : p0c Team & Dr.NaNo & All My Msn Messenger Friends wWw.p0c.c...

E-Manage MySchool 7.02 SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: SQL Injection MySchool Version 7.02 Google Dork: "MySchool Version 7.02" Date: 05-21-2011 Software Link: http://em.com.eg/ Version: Version 7.02 Author: az7rb Tested on : winxp sp3 Ar end bt5 Homepage : www.p0c.cc Greetz : p0c...

A-PDF WAV To MP3 Converter 1.2.0 DEP Bypass

Exploit Title: A-PDF Wav to MP3 Converter v 1.2.0 DEP Bypass Software Link: http://www.a-pdf.com/wav-to-mp3/a-pdf-wtm.exe Version: 1.2.0 Tested on: Win XP SP3 French Date: 12/05/2011 Author: h1ch4m Hicham Oumounid Email: [email protected] Home: http://net-effects.blogspot.com Big thanks to...