217 matches found
CVE-2019-9891
The function getoptsimple as described in Advanced Bash Scripting Guide ISBN 978-1435752184 allows privilege escalation and execution of commands when used in a shell script called, for example, via sudo...
new packages: perl-Getopt-Long
An update is available for perl-Getopt-Long. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky...
CVE-2021-21907
Garrett Metal Detectors iC Module CMA CMA Version 5.0 has a directory traversal vulnerability in the CMA CLI getenv command. An authenticated remote user can supply a key that reads files under /ltrx_user/env/, potentially exposing sensitive data via local file inclusion. The TALOS description no...
PLANEX CS-QP50F-ING2 Remote Configuration Disclosure Vulnerability
PLANEX CS-QP50F-ING2 security surveillance smart camera remote configuration disclosure exploit. !/usr/bin/perl PLANEX CS-QP50F-ING2 Security Surveillance Smart Camera Remote Configuration Disclosure - Mass Exploiter Copyright 2021 c Todor Donev https://donev.eu/ Disclaimer: This or previous...
new module: perl:5.30
An update is available for perl-Pod-Perldoc, perl-DBI, perl-Pod-Escapes, perl-Devel-PPPort, perl-Pod-Usage, perl-Sub-Exporter, perl-perlfaq, perl-Object-HashBase, perl-CPAN-Meta-YAML, perl-Digest, perl-podlators, perl-bignum, perl-Text-ParseWords, perl-Text-Template, perl-DBD-MySQL, perl-Text-Glo...
Cgiemail 1.6 - Source Code Disclosure
!/usr/bin/env perl Exploit Title: cgiemail local file inclusion Vendor Homepage: http://web.mit.edu/wwwdev/cgiemail/webmaster.html Software Link: http://web.mit.edu/wwwdev/cgiemail/cgiemail-1.6.tar.gz Version: 1.6 and older Date: 2016-09-27 cgiecho a script included with cgiemail will return any...
JCraft / JSch Java Secure Channel 0.1.53 - Recursive sftp-get Directory Traversal
Exploit for windows platform in category dos / poc Ref: https://github.com/tintinweb/pub/tree/master/pocs/cve-2016-5725 Version: 0.3 Date: Aug 31st, 2016 Complete Proof of Concept: https://github.com/tintinweb/pub/tree/master/pocs/cve-2016-5725...
Ovidentia Widgets 1.0.61 - Remote Command Execution
Title: Ovidentia Widgets 1.0.61 Remote Command Execution Exploit Author: bd0rk eMail: bd0rkathackermail.com Twitter: twitter.com/bd0rk Tested on: Ubuntu-Linux Download:...
About. git/config file leaked use-vulnerability warning-the black bar safety net
The beginning is also from the dark clouds that have such a vulnerability, many do not understand the might see on will feel a little confused, in fact, this vulnerability and svn leakage there is so little similar, can also according to the configuration file to restore the entire project proces...
Aborior Encore Web Forum Remote Arbitrary Command Execution Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/10040/info Encore Web Forum is reported prone to an issue that may allow a remote user to execute arbitrary commands on a system implementing the forum software. This issue is due to the application's failure to properly...
Firebird 1.0 - Remote Pre-Authentication Database Name Buffer Overrun Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/10446/info Firebird is reported prone to a remote buffer-overrun vulnerability. The issue occurs because the application fails to perform sufficient boundary checks when the database server is handling database names. A...
Subdreamer 2.2.1 - SQL Injection / Command Execution Exploit
No description provided by source. !/usr/bin/perl Subdreamer 2.2.1 command exec exploit @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ supported targets: without forum integration with phpBB2 integration with ipb2 integration with vbulletin2 integration...
Ultimate PHP Board <= 1.9.6 GOLD users.dat Password Decryptor
No description provided by source. !/usr/bin/perl Passwords Decrypter for UPB = 1.9.6 Related advisory: http://www.securityfocus.com/archive/1/402461/30/0/threaded Discovered and Coded by Alberto Trivero Password file is located at: http://www.example.com/upb/db/users.dat /str0ke use Getopt::Std;...
Joomla Component n-forms 1.01 - Blind SQL Injection Exploit
No description provided by source. !/usr/bin/perl use LWP::UserAgent; use Getopt::Long; if!$ARGV1 print \n; print \n; print Mambot Component n-forms Blind SQL Injection Exploit \n; print Author:The Moorish :D \n; print Greetz:Team-dz,His0k4,x.CJP.x,Kader11000,c02,piRAte DIgitAL\n; print...
Joomla Component JooBB 0.5.9 - Blind SQL Injection Exploit
No description provided by source. !/usr/bin/perl use LWP::UserAgent; use Getopt::Long; if!$ARGV1 print \n; print \n; print Joomla Component Joo!BB Blind SQL Injection Exploit \n; print Author:His0k4 ALGERIAN HaCkeR \n; print \n; print Conctact: His0k4.hlmatgamil.com \n; print Greetz: All friends...
PacketTrap TFTPD 2.2.5459.0 - Remote Denial of Service Exploit
No description provided by source. !/usr/bin/perl Jeremy Brown [email protected]/jbrownsec.blogspot.com PacketTrap TFTPD DoS latest 2.2.5459.0 tested -- www.packettrap.com Must have Net::TFTP installed easy to install, 'cpan' then 'install Net::TFTP' ; A product of tftpfuzz.pl coming soon use...
CuteNews <= 1.4.1 (categories.mdu) Remote Command Execution Exploit
No description provided by source. !/usr/bin/perl cijfer-cnxpl - CuteNews =1.4.1 Remote Command Execution Copyright c 2005 cijfer [email protected] All rights reserved. 1. example cijfer@kalma:/research$ ./cijfer-cnxpl.pl -h www.xxxx.org -d /news [email protected] /$ id;uname -a uid=48apache...
MailEnable Professional 2.35 - Remote Buffer Overflow Exploit
No description provided by source. !/usr/bin/perl maildisable-v6.pl Mail Enable Professional =v2.35 win32 remote exploit by mu-b - Tue Dec 5 2006 - Tested on: Mail Enable Professional v2.35 win32 Note: timing is quite critical with this!!, so change $senddelay if it doesn't work.... use...
Pars4U Videosharing 1.0 - XSS / Remote Blind SQL Injection Exploit
No description provided by source. !/usr/bin/perl use LWP::UserAgent; use Getopt::Long; if!$ARGV1 print \n; print VIVA ISLAME VIVA ISLAME \n; print VIVA ISLAME VIVA ISLAME \n; print \n; print Pars4u Videosharing V1 Blind SQL Injection Exploit \n; print \n; print categoriesportal.php catid \n; pri...
ezDatabase <= 2.0 (db_id) Remote Command Execution Exploit
No description provided by source. !/usr/bin/perl ezDatabase Remote Command Execution Exploit based on advisory by Pridels Team Copyright c 2006 cijfer cijfer@netti!fi All rights reserved. never ctrl+c again. cijfer$ http://target.com/dir host changed to 'http://target.com/dir' cijfer$ $Id:...