1087 matches found
KMPlayer 3.9.x - '.srt' Crash (PoC)
!/usr/bin/perl -w Title : KMPlayer 3.9.x - Crash Proof Of Concept Company : http://www.kmplayer.com Tested : Windows 7 / Windows 8.1 Author : Peyman Motevalli Manesh Linkedin : https://ir.linkedin.com/in/peymanmotevalli E-Mail : meatPDPnetworkdotir Website : www.PDPnetwork.ir FaceBook :...
Counter-Strike 1.6 GameInfo Query Reflection Denial Of Service Exploit
Exploit for multiple platform in category dos / poc !/usr/bin/perl Counter-Strike 1.6 'GameInfo' Query Reflection DoS Proof Of Concept Copyright 2015 c Todor Donev email protected http://www.ethical-hacker.org/ https://www.facebook.com/ethicalhackerorg http://pastebin.com/u/hackerscommunity...
UPNPD M-SEARCH ssdp:discover Reflection Denial Of Service
!/usr/bin/perl upnpd M-SEARCH ssdp:discover reflection Copyright 2015 c Todor Donev [email protected] http://www.ethical-hacker.org/ https://www.facebook.com/ethicalhackerorg The SSDP protocol can discover Plug & Play devices, with uPnP Universal Plug and Play. SSDP is HTTP like protocol and...
UPNPD M-SEARCH - ssdp:discover Reflection Denial of Service
UPNPD M-SEARCH - ssdp:discover Reflection Denial of Service !/usr/bin/perl upnpd M-SEARCH ssdp:discover reflection Copyright 2015 c Todor Donev [email protected] http://www.ethical-hacker.org/ https://www.facebook.com/ethicalhackerorg The SSDP protocol can discover Plug & Play devices, with...
File Roller 3.4.1 Denial Of Service
!/usr/bin/perl Title: File Roller - DoS PoC Date: 08/07/2015 Author: Arsyntex Homepage: https://wiki.gnome.org/Apps/FileRoller Version: v3.4.1 Tested on: Linux lab 3.2.0-85-generic-pae 122-Ubuntu i686 i386 GNU/Linux ------------------------------------------------------------------------- Create ...
ClickHeat 1.13+ - Remote Command Execution
Clickheat 1.13+ Unauthenticated RCE ----------------------------------- The Clickheat developers have been informed, but have not responded to my email. The code has not been updated recently and the project seems to be in an abandoned state. I have discovered a vulnerability in Clickheat 1.13...
Alienvault OSSIM/USM Multiple Vulnerabilities
Details ======= Product: Alienvault OSSIM/USM Vulnerability: Multiple Vulnerabilities XSS, SQLi, Command Execution Author: Peter Lapp, [email protected] CVE: None assigned Vulnerable Versions: Tested on 4.14, 4.15, and 5.0. It likely affects all previous versions as well. Fixed Version: No fix ha...
Tiny Server 1.1.9 - Arbitrary File Disclosure Exploit
Exploit for windows platform in category remote exploits !/usr/bin/perl -w Title : Tiny Server v1.1.9 Arbitrary File Disclosure Exploit Download : http://tinyserver.sourceforge.net/tinyserverfull.zip Author : ZoRLu Test : Windows7 Ultimate Date : 29/11/2014 BkiAdam : Dr.Ly0n, KnocKout, LifeSteaLe...
Shellshock Exploits Used Against SMTP Servers at Webhosts
The persistence of the Shellshock vulnerability remains high more than a month after it first surfaced. The latest attacks involved SMTP servers belonging to web hosts, said a report published by the SANS Internet Storm Center. Attackers are using Shellshock exploits targeting the now infamous...
Toast Forums Database Disclosure
!/usr/bin/perl -w Toast Forums Database Disclosure Exploit Author : indoushka Vondor : ToastForums.com use LWP::Simple; use LWP::UserAgent; system'cls'; system'Toast Forums Database Disclosure Exploit'; system'color a'; if@ARGV new; my $request = $useragent-get$url,":contentfile" = "D:/data.mdb";...
Usermin 'miniserv.pl' Arbitrary File Disclosure
The Usermin install on the remote host is affected by an information disclosure flaw in the Perl script 'miniserv.pl'. This flaw could allow a remote, unauthenticated attacker to read arbitrary files on the affected host, subject to the privileges of the web server user id. %NASLMINLEVEL 70300 C...
Usermin Null Byte Filtering Information Disclosure
The version of Usermin installed on the remote host is affected by an information disclosure vulnerability due to the Perl script 'miniserv.pl' failing to properly filter null characters from URLs. An attacker could exploit this to reveal the source code of CGI scripts, obtain directory listings,...
Grand MA 300 Fingerprint Reader Weak PIN Verification
=== LSE Leading Security Experts GmbH - Security Advisory 2014-07-13 === Grand MA 300 Fingerprint Reader - Weak Pin Verification ------------------------------------------------------------------------ Affected Versions ================= Grand MA 300/ID with firmware 6.60 Issue Overview...
LSE Leading Security Experts GmbH - LSE-2014-07-13 - Granding Grand MA 300 - Weak Pin Verification
=== LSE Leading Security Experts GmbH - Security Advisory 2014-07-13 === Grand MA 300 Fingerprint Reader - Weak Pin Verification ------------------------------------------------------------------------ Affected Versions ================= Grand MA 300/ID with firmware 6.60 Issue Overview...
Hanso Player 1.3.0 - (.m3u) Denial of Service Vulnerability
No description provided by source. Exploit Title: Hanso Player Version 1.3.0 .m3u DoS Date: 10/02/2010 Author: xsploited security Software Link: http://www.hansotools.com/downloads/hanso-player-setup.exe Version: 1.3.0 Tested on: Windows XP Pro SP3 CVE : N/A EAX 00000001 ECX 80567B8E EDX EDD619A0...
Halloween Linux 4.0,RedHat Linux 6.1/6.2 imwheel Vulnerability (2)
No description provided by source. source: http://www.securityfocus.com/bid/1060/info A vulnerability exists in the 'imwheel' package for Linux. This package is known to be vulnerable to a buffer overrun in its handling of the HOME environment variable. By supplying a sufficiently long string...
IP Reg <= 0.4 - Remote Blind SQL Injection Exploit
No description provided by source. !/usr/bin/perl ----------------------------------------------- IP Reg = 0.4 Blind SQL Injection Exploit Discovered By StAkeR - StAkeRathotmaildotit Discovered On 03/10/2008 ----------------------------------------------- Download...
zawhttpd <= 0.8.23 (GET) Remote Buffer Overflow DoS
No description provided by source. !/usr/bin/perl zawhttpd Buffer Overflow Exploit by Kamil 'K3' Sienicki use IO::Socket; use strict; my$socket = ; if$socket = IO::Socket::INET-new PeerAddr = $ARGV0, PeerPort = $ARGV1, Proto = TCP print Attempting to kill zawhttpd at $ARGV0:$ARGV1 ...; print...
RedHat Linux 7.0 Roaring Penguin PPPoE Denial of Service Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/2098/info Roaring Penguin Software's PPPoE is a freeware PPP over Ethernet client often used by ADSL subscribers running Linux or NetBSD. PPPoE contains a possibly remotely exploitable denial of service vulnerability in i...
AWStats (6.0-6.2) configdir Remote Command Execution Exploit (c code)
No description provided by source. / AwStats exploit by Thunder, [email protected] This exploit makes use of the remote command execution bug discovered in AwStats ver 6.2 and below. The bug resides in the awstats.pl perl script. The script does not sanitise correctly the user input for the...