DMXReady Links Manager <= 1.1 - Remote Contents Change Vulnerability

No description provided by source. Title : DMXReady Links Manager = 1.1 Remote Contents Change Vulnerability Author : ajann from Turkey Contact : : S.Page : http://www.dmxready.com $$ : 24.97 $ Dork : inurl:inclinksmanager.asp DorkEx :...

DMXReady Catalog Manager <= 1.1 - Remote Contents Change Vuln

No description provided by source. Title : DMXReady Catalog Manager = 1.1 Remote Contents Change Vulnerability Author : ajann from Turkey Contact : : S.Page : http://www.dmxready.com $$ : 149.97 $ Dork : inurl:inccatalogmanager.asp DorkEx :...

DMXReady Account List Manager <= 1.1 Contents Change Vulnerability

No description provided by source. Title : DMXReady Account List Manager = 1.1 Remote Contents Change Vulnerability Author : ajann from Turkey Contact : : S.Page : http://www.dmxready.com $$ : 49.97 $ Dork : inurl:incaccountlistmanager.asp DorkEx :...

eggBlog 4.1.2 - Arbitrary File Upload Vulnerability

No description provided by source. Exploit Title: eggBlog Arbitrary File Upload Vulnerability Google Dork:powered by eggBlog.net Date: 28/04/2013 Exploit Author: Pokk3rs Vendor Homepage: http://eggblog.net/ Software Link: http://sourceforge.net/projects/eggblog/files/eggBlog%204/v4.1.2/ Tested on...

DMXReady Faqs Manager <= 1.1 - Remote Contents Change Vulnerability

No description provided by source. Title : DMXReady Faqs Manager = 1.1 Remote Contents Change Vulnerability Author : ajann from Turkey Contact : : S.Page : http://www.dmxready.com $$ : 24.97 $ Dork : inurl:incfaqsmanager.asp DorkEx :...

Linux Kernel <= 2.4.29-rc2 uselib() Privilege Elevation

No description provided by source. / binfmtelf uselib VMA insert race vulnerability v1.08 gcc -O2 -fomit-frame-pointer elflbl.c -o elflbl Copyright c 2004 iSEC Security Research. All Rights Reserved. THIS PROGRAM IS FOR EDUCATIONAL PURPOSES ONLY IT IS PROVIDED AS IS AND WITHOUT ANY WARRANTY...

MySQL 3.23.x mysqld Privilege Escalation Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7052/info A vulnerability has been discovered for MySQL that may allow the mysqld service to start with elevated privileges. An attacker can exploit this vulnerability by creating a DATADIR/my.cnf that includes the line...

WSCreator 1.1 - Blind SQL Injection

No description provided by source. Name WSCreator Vendor http://www.wscreator.com Versions Affected 1.1 Author Salvatore Fresta aka Drosophila Website http://www.salvatorefresta.net Contact salvatorefresta at gmail dot com Date 2009-12-15 X. INDEX I. ABOUT THE APPLICATION II. DESCRIPTION III...

PHP-Nuke <= 8.0 Final (INSERT) Blind SQL Injection Exploit (mysql)

No description provided by source. !/usr/bin/perl 0day exploit for PHP-nuke =8.0 Final Blind sql injection attack in INSERT syntax version for mysql = 4.0.24, using 'brute force' Coded by:Maciej krasza [email protected] Screenshot: 0day exploit for PHP-nuke =8.0 Final Sql injection attack in...

SPiD 1.3.1 Scan_Lang_Insert.PHP Local File Include Vulnerability

No description provided by source...

CVE-2011-2198

The "insert-blank-characters" capability in caps.c in gnome-terminal vte before 0.28.1 allows remote authenticated users to cause a denial of service CPU and memory consumption and crash via a crafted file, as demonstrated by a file containing the string "\033100000000000000000@"...

mongodb: memory over-read via incorrect BSON object length

The default configuration for MongoDB before 2.3.2 does not validate objects, which allows remote authenticated users to cause a denial of service crash or read system memory via a crafted BSON object in the column name in an insert command, which triggers a buffer over-read...

MySQL User Defined Function Detected

Binary data 8218.prm...

Default configuration

The default configuration for MongoDB before 2.3.2 does not validate objects, which allows remote authenticated users to cause a denial of service crash or read system memory via a crafted BSON object in the column name in an insert command, which triggers a buffer over-read...

UBUNTU-CVE-2012-6619

The default configuration for MongoDB before 2.3.2 does not validate objects, which allows remote authenticated users to cause a denial of service crash or read system memory via a crafted BSON object in the column name in an insert command, which triggers a buffer over-read...

mongodb: memory over-read via incorrect BSON object length

The default configuration for MongoDB before 2.3.2 does not validate objects, which allows remote authenticated users to cause a denial of service crash or read system memory via a crafted BSON object in the column name in an insert command, which triggers a buffer over-read...

NSA allegedly hacked Belgian Cryptography Expert with spoofed LinkedIn Profile

Cryptographer Professor Jean-Jacques Quisquater has become the part of a targeted attack by the US National Security Agency NSA and its British counterpart GCHQ, first reported on Saturday morning by De Standaard. A few months back in September 2013 it was revealed that, Belgacom, the largest...

PizzaInn_Project - SQL Injection

Exploit: PizzaInnProject - SQL Injection + Author: vinicius777 + Contact: vinicius777 AT gmail @vinicius777 + Vendor Homepage: http://sourceforge.net/projects/restaurantmis/ 1 Sql Injection Time Based Blind PoC: http://127.0.0.1/reserve-exec.php?id=1' SQL Injection Vulnerable Code: +...

CVE-2013-3846

Use-after-free vulnerability in Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted CSpliceTreeEngine::InsertSplice object in an HTML document, aka "Internet Explorer Memory Corruption Vulnerability," ...

PHPSHE SQL注入2（全版通杀）

简要描述： PHPSHE SQL注入，全版本通杀。 详细说明： 在/module/index/product.php文件 在商品咨询，和商品评价时未对参数请求头部信息过滤，导致sql注入。 看看商品评价的代码： //@ 商品评价 @// case 'commentadd': if isset$ppesubmit $info'productid' = intval$gid; $info'commenttext' = petexthtmlpedbhold$pcommenttext; $info'commentatime' = time; $info'userid' = $suserid;...