23 matches found
EUVD-2007-6107
Malware in sbrugna...
Server-Side Template Injection leads to Remote Code Execution
Description Admin or Staff with "Mass mailer" permission can perform a Server-Side Template Injection attack Proof of Concept Log in as an admin or a staff who has "Mass mailer" permission, edit a message In the "Email content" field, insert the following value and click "Update and preview" %...
Picking Apart Remcos Botnet-In-A-Box
This blog post was authored by Edmund Brumaghin and Holger Unterbrink with contributions from Eric Kuhla and Lilia Gonzalez Medina. Overview Cisco Talos has recently observed multiple campaigns using the Remcos remote access tool RAT that is offered for sale by a company called Breaking Security...
VU Mass Mailer Authentication Bypass
No description provided by source. 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ /'\ \ /\ \ \ \ /'\ 0 0 \ \ /\ /\ \ \ \ /\ \ \ /\ /\ \ \ \ \ \ \ / 1 1 \ \ \ \\ \ \ /\ \...
Ani-Shell v1.5 (Final) Released
Ani-Shell v1.5 Final Released Ani-Shell is a simple PHP shell with some unique features like Mass Mailer , A simple Web-Server Fuzzer , a DDoser etc! This shell has immense capabilities and have been written with some coding standards in mind for better editing and customization Features: Shell...
Ani-Shell v1.4 Released With Python - Bind Shell , Anti-Crawler Feature and MD5 Cracker
Ani-Shell v1.4 Released With Python - Bind Shell , Anti-Crawler Feature and MD5 Cracker Ani-Shell is a simple PHP shell with some unique features like Mass Mailer , A simple Web-Server Fuzzer , a DDoser , A MD5 hash Cracker , Python and PHP Bind-Shells , Anti-Crawler Features etc! This shell has...
Ani-Shell v1.4 Released With Python - Bind Shell , Anti-Crawler Feature and MD5 Cracker
Ani-Shell v1.4 Released With Python - Bind Shell , Anti-Crawler Feature and MD5 Cracker Ani-Shell is a simple PHP shell with some unique features like Mass Mailer , A simple Web-Server Fuzzer , a DDoser , A MD5 hash Cracker , Python and PHP Bind-Shells , Anti-Crawler Features etc! This shell has...
Ani Shell v1.3 Released -- Mail Bomber (with less spam detection) & PHP Decoder
Ani Shell v1.3 Released -- Mail Bomber with less spam detection & PHP Decoder Introduction Ani-Shell is a simple PHP shell with some unique features like Mass Mailer , A simple Web-Server Fuzzer , DDoser, Back Connect , Bind Shell etc etc ! This shell has immense capabilities and have been writte...
Ani Shell v1.3 Released -- Mail Bomber (with less spam detection) & PHP Decoder
Ani Shell v1.3 Released -- Mail Bomber with less spam detection & PHP Decoder Introduction Ani-Shell is a simple PHP shell with some unique features like Mass Mailer , A simple Web-Server Fuzzer , DDoser, Back Connect , Bind Shell etc etc ! This shell has immense capabilities and have been writte...
The Social-Engineer Toolkit v1.5 Released
The Social-Engineer Toolkit v1.5 Released The Social Engineering Toolkit SET is a python-driven suite of custom tools which solely focuses on attacking the human element of penetration testing. It's main purpose is to augment and simulate social-engineering attacks and allow the tester to...
Ani-Shell v1.0 - PHP shell with features like Mass-Mailer , Fuzzer , DDoser by lionaneesh
Ani-Shell v1.0 - PHP shell with features like Mass-Mailer , Fuzzer , DDoser by lionaneesh Ani-Shell is a simple PHP shell with some unique features like Mass Mailer , A simple Web-Server Fuzzer , and a DDoser ! This shell has immense capabilities and have been written with some coding standards i...
Ani-Shell v1.0 - PHP shell with features like Mass-Mailer , Fuzzer , DDoser by lionaneesh
Ani-Shell v1.0 - PHP shell with features like Mass-Mailer , Fuzzer , DDoser by lionaneesh Ani-Shell is a simple PHP shell with some unique features like Mass Mailer , A simple Web-Server Fuzzer , and a DDoser ! This shell has immense capabilities and have been written with some coding standards i...
VU Mass Mailer 3.4 SQL Injection
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : Inj3ct0r.com 0 1 + Support e-mail :...
VU Mass Mailer - Authentication Bypass
VU Mass Mailer - Authentication Bypass 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site :...
VU Mass Mailer Authentication Bypass
Exploit for php platform in category web applications ==================================== VU Mass Mailer Authentication Bypass ==================================== 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1...
VU Mass Mailer - Authentication Bypass
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : Inj3ct0r.com 0 1 + Support e-mail :...
CVE-2007-6138
SQL injection vulnerability in redir.asp in VU Mass Mailer allows remote attackers to execute arbitrary SQL commands via the password parameter to Default.asp aka the Login Page. NOTE: some of these details are obtained from third party information...
CVE-2007-6138
SQL injection vulnerability in redir.asp in VU Mass Mailer allows remote attackers to execute arbitrary SQL commands via the password parameter to Default.asp aka the Login Page. NOTE: some of these details are obtained from third party information...
CVE-2007-6138
CVE-2007-6138 affects VU Mass Mailer via the login flow: the redir.asp path is vulnerable to SQL injection in the password parameter to Default.asp (Login Page). The underlying cause is unsafely concatenated SQL in the login logic, enabling remote attackers to execute arbitrary SQL commands. Docu...
VUNET Mass Mailer Default.ASP SQL注入漏洞
VUNET Mass Mailer是一款基于ASP的WEB应用程序。 VUNET Mass Mailer不正确过滤用户提交的URI数据,远程攻击者可以利用漏洞进行SQL注入攻击,可获得敏感信息或操作数据库。 问题是由于'default.asp'脚本对用户提交的密码参数缺少过滤,提交恶意SQL查询作为参数数据,可更改原来的SQL逻辑,获得敏感信息或可能操作数据库。 VUNET Mass Mail 目前没有解决方案提供: http://www.vunet.us/home.asp Password: anything' OR 'x'='x...