Lucene search
K

58 matches found

curl security advisories
curl security advisories
added 2016/12/23 8:0 a.m.7 views

uninitialized random

libcurl's new internal function that returns a good 32-bit random value was implemented poorly and overwrote the pointer instead of writing the value into the buffer the pointer pointed to. This random value is used to generate nonces for Digest and NTLM authentication, for generating boundary...

8.1CVSS7.1AI score0.02674EPSS
Exploits0Affected Software2
Kitploit
Kitploit
added 2015/04/20 3:30 p.m.18 views

Net-creds - Sniff passwords and hashes from an interface or pcap file

Thoroughly sniff passwords and hashes from an interface or pcap file. Concatenates fragmented packets and does not rely on ports for service identification. Sniffs URLs visited POST loads sent HTTP form logins/passwords HTTP basic auth logins/passwords HTTP searches FTP logins/passwords IRC...

7.3AI score
Exploits0References1
ThreatPost
ThreatPost
added 2015/03/02 2:2 p.m.8 views

D-Link Routers Haunted by Remote Command Injection Bug

Some D-Link routers contain a vulnerability that leaves them open to remote attacks that can give an attacker root access, allow DNS hijacking and other attacks. The vulnerability affects affects a number of D-Link’s home routers and the key details of the flaw have been made public by one of the...

1AI score
Exploits0References1
Kitploit
Kitploit
added 2014/12/09 1:6 a.m.27 views

THC-Hydra 8.1 - Network Logon Cracker

A very fast network logon cracker which support many different services. See feature sets and services coverage page - incl. a speed comparison against ncrack and medusa.Number one of the biggest security holes are passwords, as every password security study shows. This tool is a proof of concept...

7.6AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.13 views

Edimax AR-7084GA Router CSRF + Persistent XSS Exploit

No description provided by source. ?php / Edimax AR-7084GA Router CSRF + Persistent XSS Exploit Firmware version: 2.9.8.1RUE0.C2A3.7.6.1 Vulnerable page: http://xx.xx.xx.xx/advanced/advnatvirsvr.htm Author: l3D Sites: http://xraysecurity.blogspot.com, http://nullbyte.org.il IRC: irc://irc.nix.co....

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.32 views

PHP-Nuke 7.4 - Remote Privilege Escalation

No description provided by source. A demonstration exploit HTTP form is provided: form name=mantra method=POST action=http://www.sitewithphpnuke.com/admin.php pUSERNAME: input type=text name=addaid br NOME: input type=text name=addname br PASSWORD: input type=text name=addpwd br E-MAIL: input...

7.1AI score
Exploits0
Kitploit
Kitploit
added 2013/12/17 1:23 a.m.30 views

[THC-Hydra 7.5] Fast Parallel Network Logon Cracker

Hydra is a parallelized network logon cracker which supports numerous protocols to attack, new modules are easy to add, beside that, it is flexible and very fast. Features IPv6 Support Graphic User Interface Internationalized support RFC 4013 HTTP proxy support SOCKS proxy support The tool suppor...

7AI score
Exploits0
Kitploit
Kitploit
added 2013/08/07 12:20 a.m.32 views

[THC-Hydra v7.5] Fast network logon cracker

CHANGELOG for 7.5 =================== Moved the license from GPLv3 to AGPLv3 see LICENSE file Added module for Asterisk Call Manager Added support for Android where some functions are not available hydra main: - reduced the screen output if run without -h, full screen with -h - fix for ipv6 and...

7.6AI score
Exploits0
OpenVAS
OpenVAS
added 2013/03/01 12:0 a.m.43 views

Fedora Update for curl FEDORA-2013-2098

Check for the Version of curl OpenVAS Vulnerability Test Fedora Update for curl FEDORA-2013-2098 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of...

7.5CVSS9.6AI score0.22913EPSS
Exploits6References2
n0where
n0where
added 2012/09/23 3:30 p.m.74 views

Ghost Phisher

Ghost Phisher is a computer security application that comes inbuilt with a Fake DNS Server, Fake DHCP Server, Fake HTTP server and also has an integrated area for automatic capture and logging of HTTP form method credentials to a database. The program could be used as an honey pot,could be used t...

1AI score
Exploits0
OpenVAS
OpenVAS
added 2011/06/01 12:0 a.m.23 views

Nmap NSE net: http-form-brute

Performs brute force password auditing against http form-based authentication. SYNTAX: brute.unique: make sure that each password is only guessed once default: true http-form-brute.hostname: sets the host header in case of virtual hosting brute.retries: the number of times to retry if recoverable...

0.1AI score
Exploits0
OpenVAS
OpenVAS
added 2011/06/01 12:0 a.m.12 views

Nmap NSE net: http-form-brute

This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2011/05/08 6:33 a.m.11 views

EgY SpIdEr ShElL : Shell strongest in the history the hacker !

Sites get hacked every day. The bad guys often install a toolkit to control remote servers effectively. Here is one called EgY SpIdEr ShElL: When logging in, you get a quick overview of the machine with what services are running, as well as some hardware specs.: The toolkit provides you with...

7.3AI score
Exploits0
seebug.org
seebug.org
added 2008/11/01 12:0 a.m.27 views

A-Link WL54AP3 and WL54AP2 CSRF+XSS Vulnerability

No description provided by source. Louhi Networks Information Security Research Security Advisory Advisory: A-Link WL54AP3 and WL54AP2 CSRF+XSS vulnerability Release Date: 2008/10/31 Last Modified: 2008/10/28 Authors: Jussi Vuokko, CISSP [email protected] Henri Lindberg [email protected]...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2004/09/08 12:0 a.m.15 views

PHP-Nuke 7.4 Remote Privilege Escalation

No description provided by source. A demonstration exploit HTTP form is provided: form name="mantra" method="POST" action="http://www.sitewithphpnuke.com/admin.php" pUSERNAME: input type="text" name="addaid" br NOME: input type="text" name="addname" br PASSWORD: input type="text" name="addpwd" br...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2004/09/08 12:0 a.m.17 views

PHP-Nuke 7.4 - Privilege Escalation

PHP-Nuke 7.4 - Privilege Escalation A demonstration exploit HTTP form is provided: USERNAME: NOME: PASSWORD: E-MAIL: milw0rm.com 2004-09-08...

0.7AI score
Exploits0
Exploit DB
Exploit DB
added 2004/09/08 12:0 a.m.65 views

PHP-Nuke 7.4 - Privilege Escalation

A demonstration exploit HTTP form is provided: USERNAME: NOME: PASSWORD: E-MAIL: milw0rm.com 2004-09-08...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2002/10/26 12:0 a.m.6426 views

HTTP login page

This script logs onto a web server through a login page and stores the authentication / session cookie. C Tenable Network Security, Inc. @PREFERENCES@ include"compat.inc"; ifdescription scriptid11149; scriptversion"1.37"; scriptsetattributeattribute:"pluginmodificationdate", value:"2025/09/29";...

5.4AI score
Exploits0
Rows per page
Query Builder