CVE-2019-9891

The function getoptsimple as described in Advanced Bash Scripting Guide ISBN 978-1435752184 allows privilege escalation and execution of commands when used in a shell script called, for example, via sudo...

new packages: perl-Getopt-Long

An update is available for perl-Getopt-Long. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky...

CVE-2021-21907

Garrett Metal Detectors iC Module CMA CMA Version 5.0 has a directory traversal vulnerability in the CMA CLI getenv command. An authenticated remote user can supply a key that reads files under /ltrx_user/env/, potentially exposing sensitive data via local file inclusion. The TALOS description no...

PLANEX CS-QP50F-ING2 Remote Configuration Disclosure Vulnerability

PLANEX CS-QP50F-ING2 security surveillance smart camera remote configuration disclosure exploit. !/usr/bin/perl PLANEX CS-QP50F-ING2 Security Surveillance Smart Camera Remote Configuration Disclosure - Mass Exploiter Copyright 2021 c Todor Donev https://donev.eu/ Disclaimer: This or previous...

new module: perl:5.30

An update is available for perl-Pod-Perldoc, perl-DBI, perl-Pod-Escapes, perl-Devel-PPPort, perl-Pod-Usage, perl-Sub-Exporter, perl-perlfaq, perl-Object-HashBase, perl-CPAN-Meta-YAML, perl-Digest, perl-podlators, perl-bignum, perl-Text-ParseWords, perl-Text-Template, perl-DBD-MySQL, perl-Text-Glo...

Cgiemail 1.6 - Source Code Disclosure

!/usr/bin/env perl Exploit Title: cgiemail local file inclusion Vendor Homepage: http://web.mit.edu/wwwdev/cgiemail/webmaster.html Software Link: http://web.mit.edu/wwwdev/cgiemail/cgiemail-1.6.tar.gz Version: 1.6 and older Date: 2016-09-27 cgiecho a script included with cgiemail will return any...

JCraft / JSch Java Secure Channel 0.1.53 - Recursive sftp-get Directory Traversal

Exploit for windows platform in category dos / poc Ref: https://github.com/tintinweb/pub/tree/master/pocs/cve-2016-5725 Version: 0.3 Date: Aug 31st, 2016 Complete Proof of Concept: https://github.com/tintinweb/pub/tree/master/pocs/cve-2016-5725...

Ovidentia Widgets 1.0.61 - Remote Command Execution

Title: Ovidentia Widgets 1.0.61 Remote Command Execution Exploit Author: bd0rk eMail: bd0rkathackermail.com Twitter: twitter.com/bd0rk Tested on: Ubuntu-Linux Download:...

About. git/config file leaked use-vulnerability warning-the black bar safety net

The beginning is also from the dark clouds that have such a vulnerability, many do not understand the might see on will feel a little confused, in fact, this vulnerability and svn leakage there is so little similar, can also according to the configuration file to restore the entire project proces...

ea-gBook 0.1 - Remote Command Execution with RFI (c99) Exploit

No description provided by source. !/usr/bin/perl ea-gBook 0.1 Remote Command Execution with RFI c99 Exploit Vendor: http://ea-style.de/ Download: http://ea-style.de/eddy/index.php?action=downgbookagb Author: bd0rk Contact: bd0rkathackermail.com site: http://www.soh-crew.it.tt thanks Joss for the...

Ultrastats <= 0.2.142 (players-detail.php) Blind SQL Injection Exploit

No description provided by source. !/usr/bin/perl use LWP::UserAgent; use Getopt::Long; ! Discovered.: DNX ! Vendor.....: http://www.shooter-szene.de | http://www.ultrastats.org ! Detected...: 29.06.2008 ! Reported...: 04.07.2008 ! Response...: xx.xx.2008 ! Background.: UltraStats is a very...

Joomla Component n-forms 1.01 - Blind SQL Injection Exploit

No description provided by source. !/usr/bin/perl use LWP::UserAgent; use Getopt::Long; if!$ARGV1 print \n; print \n; print Mambot Component n-forms Blind SQL Injection Exploit \n; print Author:The Moorish :D \n; print Greetz:Team-dz,His0k4,x.CJP.x,Kader11000,c02,piRAte DIgitAL\n; print...

Ultimate PHP Board <= 1.9.6 GOLD users.dat Password Decryptor

No description provided by source. !/usr/bin/perl Passwords Decrypter for UPB = 1.9.6 Related advisory: http://www.securityfocus.com/archive/1/402461/30/0/threaded Discovered and Coded by Alberto Trivero Password file is located at: http://www.example.com/upb/db/users.dat /str0ke use Getopt::Std;...

ezDatabase <= 2.0 (db_id) Remote Command Execution Exploit

No description provided by source. !/usr/bin/perl ezDatabase Remote Command Execution Exploit based on advisory by Pridels Team Copyright c 2006 cijfer cijfer@netti!fi All rights reserved. never ctrl+c again. cijfer$ http://target.com/dir host changed to 'http://target.com/dir' cijfer$ $Id:...

MailEnable Professional 2.35 - Remote Buffer Overflow Exploit

No description provided by source. !/usr/bin/perl maildisable-v6.pl Mail Enable Professional =v2.35 win32 remote exploit by mu-b - Tue Dec 5 2006 - Tested on: Mail Enable Professional v2.35 win32 Note: timing is quite critical with this!!, so change $senddelay if it doesn't work.... use...

Subdreamer 2.2.1 - SQL Injection / Command Execution Exploit

No description provided by source. !/usr/bin/perl Subdreamer 2.2.1 command exec exploit @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ supported targets: without forum integration with phpBB2 integration with ipb2 integration with vbulletin2 integration...

LiteWEB Web Server 2.7 Invalid Page Remote Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/24628/info LiteWeb webserver is prone to a remote denial-of-service vulnerability because the application fails to handle exceptional conditions. An attacker can exploit this issue to crash the affected application, denyi...

PHP Easy Downloader <= 1.5 (save.php) Remote Code Execution Exploit

No description provided by source. !/usr/bin/perl +------------------------------------------------------------------------------------------- + PHP Easy Download = 1.5 Remote Code Execution Vulnerability +-------------------------------------------------------------------------------------------...

Comparison Engine Power 1.0 - Blind SQL Injection Exploit

No description provided by source. !/usr/bin/perl use LWP::UserAgent; use Getopt::Long; if!$ARGV1 print \n; print VIVA ISLAME VIVA ISLAME \n; print VIVA ISLAME VIVA ISLAME \n; print \n; print Comparison Engine Power 1.0 Blind SQL Injection Exploit \n; print \n; print Author: Mr.SQL \n; print EMAI...

Aborior Encore Web Forum Remote Arbitrary Command Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/10040/info Encore Web Forum is reported prone to an issue that may allow a remote user to execute arbitrary commands on a system implementing the forum software. This issue is due to the application's failure to properly...