EUVD-2004-1761

Malware in sbrugna...

VLC Media Player/Kodi/PopcornTime Memory Corruption

""" VLC Media Player/Kodi/PopcornTime 'Red Chimera' 2.2.5 Memory Corruption PoC Author: SivertPL [email protected] CVE: CVE-2017-8311 Infamous VLC/Kodi/PopcornTime subtitle attack in libsubtitleplugin.dll. This is the Proof of Concept of the reverse engineered heap corruption vulnerability...

Ali wangwang 2010 remote code execution vulnerability

漏洞复现 阿里旺旺2010版本的ImageMan.dll动态链接库中，有一个COM接口负责处理图片信息，其中有一个函数AutoPic存在漏洞，当在html中加载这个COM接口，并传入特殊字符串时，会由于对字符串长度没有进行检查，在拷贝时读取到不可用地址，从而导致程序进入SEH异常处理，通过超长payload可以覆盖SEH指针从而达到eip可控的效果，下面对此漏洞进行详细分析。 首先安装阿里旺旺2010，之后用IE打开，发现IE崩溃，通过附加windbg，可以到达漏洞崩溃位置。 a5c.628: Access violation - code c0000005 first chance...

PostNuke 0.764 Module modload SQL Injection Vulnerability

No description provided by source. PostNuke 0.764 Module modload SQL Injection Vulnerability Author : BILGEKAGAN Homepage : http://www.1923turk.com Script : postnuke http://www.postnuke.com Download : http://www.postnuke.com/module-Content-view-pid-2.html Vulnerable File...

VideoLAN VLC Media Player 2.0.7 - '.png' Crash (PoC)

!/usr/bin/python VLC Media Player 2.0.7 PNG Crash PoC Vendor Homepage: http://www.videolan.org/ Version: 2.0.7 Tested on: Windows 7 64-bit Author: Kevin Fujimoto Debug Information: Microsoft R Windows Debugger Version 6.12.0002.633 X86 Copyright c Microsoft Corporation. All rights reserved. wait...

Solaris 9 (x86) : 118462-03

SunOS 5.9x86: modload Utils Patch. Date this patch was last updated by Sun : Sep/22/10 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc'; if description...

CVE-2010-1713

SQL injection vulnerability in modules.php in PostNuke 0.764 allows remote attackers to execute arbitrary SQL commands via the sid parameter in a News article modload action...

CVE-2010-1713

PostNuke

PostNuke 0.764 Modload SQL Injection

PostNuke 0.764 Module modload SQL Injection Vulnerability Author : BILGEKAGAN Homepage : http://www.1923turk.com Script : postnuke http://www.postnuke.com Download : http://www.postnuke.com/module-Content-view-pid-2.html Vulnerable File modules.php?op=modload&name=News&file=article&sid= SQL XpL...

CVE-2008-7176

Multiple directory traversal vulnerabilities in Facil CMS 0.1RC allow remote attackers to read arbitrary files via a .. dot dot in the 1 changelang parameter to index.php or 2 modload parameter to modules.php...

OpenBSD/x86 - setuid(0) + Load Kernel Module (/tmp/o.o) Shellcode (74 bytes)

OpenBSD/x86 - setuid0 + Load Kernel Module /tmp/o.o Shellcode 74 bytes. Shellcode exploit for OpenBSDx86 platform / The modload shellcode setuid0 loads /tmp/o.o module very usefull if you have rootkit as kernel module in the /tmp dir Size 74 bytes OS OpenBSD /rootteam/dev0id rootteam.void.ru...

OpenBSD/x86 - Load Kernel Module (/tmp/o.o) Shellcode (66 bytes)

OpenBSD/x86 - Load Kernel Module /tmp/o.o Shellcode 66 bytes. Shellcode exploit for OpenBSDx86 platform / The modload shellcode loads /tmp/o.o module very usefull if you have rootkit as kernel module in the /tmp dir and you can easily change the path directly in the code Size 66 bytes OS OpenBSD...

CVE-2008-3600

Directory traversal vulnerability in contrib/phpBB2/modules.php in Gallery 1.5.7 and 1.6-alpha3, when registerglobals is enabled, allows remote attackers to include and execute arbitrary local files via a .. dot dot in the phpEx parameter within a modload action...

Directory traversal

Directory traversal vulnerability in contrib/phpBB2/modules.php in Gallery 1.5.7 and 1.6-alpha3, when registerglobals is enabled, allows remote attackers to include and execute arbitrary local files via a .. dot dot in the phpEx parameter within a modload action...

CVE-2008-3600

Directory traversal vulnerability in contrib/phpBB2/modules.php in Gallery 1.5.7 and 1.6-alpha3, when registerglobals is enabled, allows remote attackers to include and execute arbitrary local files via a .. dot dot in the phpEx parameter within a modload action...

CVE-2007-3332

Directory traversal vulnerability in Satellite.php in Satel Lite for PhpNuke allows remote attackers to read arbitrary files via a .. dot dot sequence in the name parameter in a modload action...

Directory traversal

Directory traversal vulnerability in Satellite.php in Satel Lite for PhpNuke allows remote attackers to read arbitrary files via a .. dot dot sequence in the name parameter in a modload action...

phpnukeXSS.txt

PHP-Nuke Search Cross-Site Scripting Vulnerability Vulnerable: i think all ver. data:2005-09-5 exploit : openme.htm :: ' document.searchform.sub.click thanks , BHFH. email : [email protected]...

CVE-1999-1584

CVE-1999-1584 affects SunOS 4.1.1–4.1.3c (and Open Windows 3.0) where two components, loadmodule and modload (when modload runs with setuid/setgid privileges), improperly handle environment variables. This allows local users to gain root privileges. The underlying cause is improper environment sa...

CVE-2005-1050

The modload op in the Reviews module for PostNuke 0.760-RC3 allows remote attackers to obtain sensitive information via an invalid id parameter, which reveals the path in a PHP error message...