Linux/x86_64 execve("/bin/sh"); 30 bytes shellcode

No description provided by source. Linux/x8664 execve/bin/sh; 30 bytes shellcode Date: 2010-04-26 Author: zbt Tested on: x8664 Debian GNU/Linux / ; execve/bin/sh, /bin/sh, NULL section .text global start start: xor rdx, rdx mov qword rbx, '//bin/sh' shr rbx, 0x8 push rbx mov rdi, rsp push rax pus...

NewsAdd <= 1.0 - Multiple SQL Injection Vulnerabilities

No description provided by source. Exploit Title: NewsAdd =1.0 Multiple SQL Injection Google Dork: ----------------------------------- Date: 2012/05/29 Author: WhiteCollarGroup Software Link: http://phpbrasil.com/script/3tCyUs1JeL1M/newsadd--mysql Version: 1.0 Tested on: Debian GNU/Linux Develope...

Mnews <= 1.1 (view.php) SQL Injection

No description provided by source. ??php / Exploit Title: Mnews = 1.1 SQL Injection Google Dork: inurl:mnews/view.php Google Dork: intitle:Mnews sistena de news Date: 03rd 06 2012 Software Link: http://phpbrasil.com/script/eo4aWVVzFd/mnews-sistema-de-noticias Version: 1.1 Tested on: Debian...

dotProject 2.1.5 - SQL Injection Vulnerability

No description provided by source. Exploit Title: dotProject 2.1.5 SQL Injection Vulnerability Google Dork: intitle:dotproject Date: 2011-12-09 Author: sherl0ck sherl0ckatalligatorteamdotorg @AlligatorTeam Software Link: http://www.dotproject.net/ Version: 2.1.5 tested Tested on: Debian GNU/Linux...

4PSA CMS SQL Injection Vulnerabilities

No description provided by source. Exploit Title: 4PSA CMS SQL Injection Vulnerabilities Google Dork: Communications solution from 4PSA. Date: 2012/02/19 Category : Web Application Author: BHG Security Center Discovered by : Nitrojen90 WebSite:WwW.Black-hg.Org Software Link: http://www.4psa.com/...

WSN Links Script 2.3.4 - SQL Injection Vulnerabilitiy

No description provided by source. Exploit Title: WSN Links Script SQL Injection Vulnerabilitiy Google Dork: Powered by WSN Links Date: 1/1/2012 Author: H4ckCity Security Team Discovered By: farbodmahini Home: WwW.H4ckCity.Org Software Link: http://scripts.webmastersite.net/wsnlinks Version: All...

Debian Linux 2.1 httpd Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/318/info The Debian GNU/Linux 2.1 apache package by default allows anyone to view /usr/doc via the web, remotely. This is because srm.conf is preconfigured with the line: Alias /doc/ /usr/doc/ Boa is also preconfigured th...

JDKChat 1.5 - Remote Integer Overflow PoC

No description provided by source. !/usr/bin/perl Title: JDKChat v1.5 Remote Integer Overflow PoC Summary: JDKChat is a simple C++ chat server for GNU/Linux systems. Users can connect to it through a simple tcp client like telnet. WebSite : http://www.jdkoftinoff.com/ ----------------------------...

Zend-Framework - Full Info Disclosure

No description provided by source. Exploit Title : Zend-Framework Full Info Disclosure Google Dork : inurl:/application/configs/application.ini Date : 26/11/2013 Exploit Author : Ariel Orellana Vendor Homepage : http://framework.zend.com/ Category : Web applications Tested on : GNU/Linux...

Exim <= 4.41 dns_build_reverse Local Exploit PoC

No description provided by source. / This proof-of-concept demonstrates the existence of the vulnerability reported by iDEFENSE iDEFENSE Security Advisory 01.14.05. It has been tested against exim-4.41 under Debian GNU/Linux. Note that setuid is not included in the shellcode to avoid...

RaXnet Cacti 0.5/0.6.x/0.8.x Graph_Image.PHP Remote Command Execution Variant Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/14129/info RaXnet Cacti is prone to a remote command execution vulnerability that manifests in the 'graphimage.php' script. The issue is due to a bug in the input filters that leads to a failure in the application to...

Debian bsdmainutils 6.0.14 Calendar Information Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/11077/info The calendar utility contained in the bsdmainutils package on Debian GNU/Linux systems is reported susceptible to an information disclosure vulnerability. This is due to a lack of proper file authorization chec...

GnuTLS libgnutls Double-free Certificate List Parsing Remote DoS

No description provided by source. Sorry I forgot to write headers in previous mail. Exploit Title: possible ways to exploit CVE-2012-1663 GNUTLS-3.0.13 Google Dork: if relevant we will automatically add these to the GHDB Date: Mar 20, 2013 Exploit Author: Shawn the R0ck Vendor Homepage:...

NitroSecurity ESM 8.4.0a - Remote Code Execution

No description provided by source. -- Product description: NitroView ESM is an enterprise-class security information and event management system that identifies, correlates, and remediates threats faster than any other SIEM on the market. -- Problem Description: During research it was found that...

Cacti <= 0.8.6d Remote Command Execution Exploit

No description provided by source. Note: This exploit contains backdoor shell code that is not located on this server. /str0ke !/usr/bin/perl Remote Command Execution Exploit for Cacti = 0.8.6d This exploit open a remote shell on the targets that uses Cacti TARGET HOST MUST BE A GNU/LINUX SERVER,...

Debian GNU/Linux 3.1 top Format String Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1895/info top is a program used to display system usage statistics in real time written by GoupSys Consulting but shipped by default as a core component with many operating systems. On BSD systems, top is installed setgid...

SaurusCMS <= 4.6.4 - Multiple RFI Exploit

No description provided by source. Exploit Title: SaurusCMS = 4.6.4 Multiple RFI Exploit Date: 19-12-2009 Author: cr4wl3r Software Link: http://www.saurus.info Version: N/A Tested on: GNU/LINUX Code class.writeexcelworkbook.inc.php global $classpath; requireonce...

Linux Kernel 2.6.29 - ptrace_attach() Local Root Race Condition Exploit

No description provided by source. / GNU/Linux kernel 2.6.29 ptraceattach local root race condition exploit. ========================================================================== This is a local root exploit for the 2.6.29 ptraceattach race condition that allows a process to gain elevated...

eoCMS <= 0.9.03 Remote FIle Include Vulnerability

No description provided by source. Exploit Title: eoCMS = 0.9.03 Remote FIle Include Vulnerability Date: 14-12-2009 Author: 1nd0n3s14n l4m3r Software Link: http://eocms.com/index.php?act=plugin&id=4 Version: N/A Tested on: GNU/LINUX CVE : N/A Code : N/A eoCMS = 0.9.03 Remote FIle Include...

'Tails' Operating System Website Has Been Hacked

Just a few hours ago, the Official website of the Tails Operating System has been hacked and it appears that a self-proclaimed 17-year old hacker breached and defaced it. Tails is a Linux-based highly secure Operating System, specially designed and optimized to preserve users' anonymity and...