WordPress WPTouch Authenticated File Upload

The WordPress WPTouch plugin contains an authenticated file upload vulnerability. A wp-nonce CSRF token is created on the backend index page and the same token is used on handling ajax file uploads through the plugin. By sending the captured nonce with the upload, we can upload arbitrary files to...

Microsoft Windows XP/2003 Explorer WMF File Handling Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/22715/info Microsoft Windows Explorer is prone to a denial-of-service vulnerability. A remote attacker may exploit this vulnerability by presenting a malicious file to a victim user. Users do not have to open the file --...

JV2 Folder Gallery <= 3.1 - (gallery.php) Remote File Inclusion Vulnerability

No description provided by source...

JV2 Folder Gallery <= 3.0 - Remote File Include Vulnerability

No description provided by source. Greatz to:AsB-MaY TeAm & HaCk.eGy & To0oFa ScRiPt:-http://foldergallery.jv2.net/download.php?file=foldergallery3.0.2 Discovered By:- ThE dE@Th AsB-MaY DiScOvEr ExPlIoTs TeAm template.php:- ?php include $galleryfilesdir./galleryfooter.php; ? ExPlOiT:...

Microsoft Windows NT 4.0 User Shell Folders Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1042/info The registry value HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\Common Startup specifies the shared startup folder for all users on a system. This key is set to be...

CTERA 3.2.29.0 and 3.2.42.0 - Stored XSS

No description provided by source. 恶意用户可以修改项目文件夹描述进行XSS攻击和HTML注入（添加链接、图片和按钮等）。 因为项目文件夹时被不同用户共享，该漏洞可以用来抓取会话cookie。 创建一个项目文件夹并添加下面的描述（根据版本修改特定路径）：...

Folder Lock 5.9.5 Weak Password Encryption Local Information Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/30766/info Folder Lock is prone to an information-disclosure vulnerability because it stores credentials in an insecure manner. A local attacker can exploit this issue to obtain passwords used by the application, which ma...

JV2 Folder Gallery 3.1.1 - (popup_slideshow.php) Multiple Vulnerability

No description provided by source. ----------------------------------------------------------------------------------- JV2 Folder Gallery 3.1.1 popupslideshow.php Multiple Vulnerability ----------------------------------------------------------------------------------- Vendor:...

ASP Folder Gallery Download_Script.ASP Arbitrary File Download Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/24345/info ASP Folder Gallery is prone to an arbitrary-file-download vulnerability because the application fails to sufficiently sanitize user-supplied input. An attacker can exploit this issue to download arbitrary files...

Microsoft Outlook 2002 Mailto Parameter Quoting Zone Bypass Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/9827/info Microsoft Outlook is prone to a vulnerability that may permit execution of arbitrary code on client systems. This issue is exposed through Outlook, but will reportedly cause Internet Explorer to load malicious...

Easy LAN Folder Share 3.2.0.100 - Buffer Overflow Exploit (SEH)

No description provided by source. !/usr/bin/python ========================================================================================== Exploit Title: Easy LAN Folder Share Version 3.2.0.100 Buffer Overflow vulnerability SEH Date: 2013-08-03 Exploit Author: sagi- Original Bug Found By:...

Dr.Web 4.x Virus Scanner Folder Name Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7022/info A buffer overflow vulnerability has been reported for Dr. Web virus scanner. The vulnerability is due to insufficient bounds checking when processing folder names. An attacker is able to exploit this vulnerabili...

FL Studio 10 Producer Edition - SEH Based Buffer Overflow PoC

No description provided by source. Title : FL Studio 10 Producer Edition - SEH Based Buffer Overflow PoC Author : Dark-Puzzle Souhail Hammou Type : PoC Risk : High Vendor : Image Line: http://www.image-line.com/downloads/flstudiodownload.html Versions : 10 Producer Edition Other Versions May be...

McAfee 4.0,Network Associates for Windows NT 4.0.2/4.0.3 a,Norton AntiVirus 2000 Recycle Bin Exclusion

No description provided by source. McAfee VirusScan 4.0,Network Associates VirusScan for Windows NT 4.0.2/4.0.3 a,Symantec Norton AntiVirus 2000 Recycle Bin Exclusion Vulnerability source: http://www.securityfocus.com/bid/956/info Many commercial virus scanners for Windows platforms exclude the...

ImageVue 0.16.1 dir.php Folder Permission Disclosure

No description provided by source. source: http://www.securityfocus.com/bid/16594/info ImageVue is prone to multiple vulnerabilities, including unauthorized uploading of files with arbitrary extensions, authentication bypass, information disclosure, and content injection. Successful exploitation...

cPanel 11.18.3 - List Directories and Folders Information Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/28300/info cPanel is prone to an information-disclosure vulnerability. An attacker can exploit this issue to determine programs that are running on the affected server and to view folders on other sites that are protected...

JBLOG 1.5.1 - Remote SQL Table Backup Exploit

No description provided by source. !/usr/bin/perl =about VENDOR JBLOG 1.5.1 maybe earlier versions vulnerable too http://www.lisijie.org AUTHOR discovered & written by Ams ax330d doggy gmail dot com http://www.0x416d73.name/ VULNERABILITY DESCRIPTION Both 'index.php' and 'admin.php' includes file...

Elm 2.5.3 Alternative-Folder Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2403/info There is a buffer overflow in elm 2.5 PL3. This overflow is accessible by passing a long string to the -f Alternative-Folder command-line option. This vulnerability may not be restricted to this version of elm. ...

JC URLshrink 1.3.1 - Remote Code Execution Vulnerability

No description provided by source. .--. / Dj7xpl \ | | |, .-. .-. ,| | o/ \o | |/ /\ | @ ^^ \|IIIIII|/ @8@8|-\IIIIII/-| / \ / @ +Iranian Are The Best In World+ + + /I N F O\ + | | +...

Apple Mac OS <= 8 8.6 Weak Password Encryption Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/519/info The encryption algorithm in MacOS system is simple and the password can be easily decoded. Password is stored in Users & Groups Data File in Preferences folder. Offset is different on each system and depends on...