1087 matches found
KMPlayer 3.9.x - '.srt' Crash (PoC)
!/usr/bin/perl -w Title : KMPlayer 3.9.x - Crash Proof Of Concept Company : http://www.kmplayer.com Tested : Windows 7 / Windows 8.1 Author : Peyman Motevalli Manesh Linkedin : https://ir.linkedin.com/in/peymanmotevalli E-Mail : meatPDPnetworkdotir Website : www.PDPnetwork.ir FaceBook :...
Counter-Strike 1.6 GameInfo Query Reflection Denial Of Service Exploit
Exploit for multiple platform in category dos / poc !/usr/bin/perl Counter-Strike 1.6 'GameInfo' Query Reflection DoS Proof Of Concept Copyright 2015 c Todor Donev email protected http://www.ethical-hacker.org/ https://www.facebook.com/ethicalhackerorg http://pastebin.com/u/hackerscommunity...
UPNPD M-SEARCH ssdp:discover Reflection Denial Of Service
!/usr/bin/perl upnpd M-SEARCH ssdp:discover reflection Copyright 2015 c Todor Donev [email protected] http://www.ethical-hacker.org/ https://www.facebook.com/ethicalhackerorg The SSDP protocol can discover Plug & Play devices, with uPnP Universal Plug and Play. SSDP is HTTP like protocol and...
UPNPD M-SEARCH - ssdp:discover Reflection Denial of Service
UPNPD M-SEARCH - ssdp:discover Reflection Denial of Service !/usr/bin/perl upnpd M-SEARCH ssdp:discover reflection Copyright 2015 c Todor Donev [email protected] http://www.ethical-hacker.org/ https://www.facebook.com/ethicalhackerorg The SSDP protocol can discover Plug & Play devices, with...
File Roller 3.4.1 Denial Of Service
!/usr/bin/perl Title: File Roller - DoS PoC Date: 08/07/2015 Author: Arsyntex Homepage: https://wiki.gnome.org/Apps/FileRoller Version: v3.4.1 Tested on: Linux lab 3.2.0-85-generic-pae 122-Ubuntu i686 i386 GNU/Linux ------------------------------------------------------------------------- Create ...
ClickHeat 1.13+ - Remote Command Execution
Clickheat 1.13+ Unauthenticated RCE ----------------------------------- The Clickheat developers have been informed, but have not responded to my email. The code has not been updated recently and the project seems to be in an abandoned state. I have discovered a vulnerability in Clickheat 1.13...
Alienvault OSSIM/USM Multiple Vulnerabilities
Details ======= Product: Alienvault OSSIM/USM Vulnerability: Multiple Vulnerabilities XSS, SQLi, Command Execution Author: Peter Lapp, [email protected] CVE: None assigned Vulnerable Versions: Tested on 4.14, 4.15, and 5.0. It likely affects all previous versions as well. Fixed Version: No fix ha...
Tiny Server 1.1.9 - Arbitrary File Disclosure Exploit
Exploit for windows platform in category remote exploits !/usr/bin/perl -w Title : Tiny Server v1.1.9 Arbitrary File Disclosure Exploit Download : http://tinyserver.sourceforge.net/tinyserverfull.zip Author : ZoRLu Test : Windows7 Ultimate Date : 29/11/2014 BkiAdam : Dr.Ly0n, KnocKout, LifeSteaLe...
Shellshock Exploits Used Against SMTP Servers at Webhosts
The persistence of the Shellshock vulnerability remains high more than a month after it first surfaced. The latest attacks involved SMTP servers belonging to web hosts, said a report published by the SANS Internet Storm Center. Attackers are using Shellshock exploits targeting the now infamous...
Toast Forums Database Disclosure
!/usr/bin/perl -w Toast Forums Database Disclosure Exploit Author : indoushka Vondor : ToastForums.com use LWP::Simple; use LWP::UserAgent; system'cls'; system'Toast Forums Database Disclosure Exploit'; system'color a'; if@ARGV new; my $request = $useragent-get$url,":contentfile" = "D:/data.mdb";...
Usermin Null Byte Filtering Information Disclosure
The version of Usermin installed on the remote host is affected by an information disclosure vulnerability due to the Perl script 'miniserv.pl' failing to properly filter null characters from URLs. An attacker could exploit this to reveal the source code of CGI scripts, obtain directory listings,...
Usermin 'miniserv.pl' Arbitrary File Disclosure
The Usermin install on the remote host is affected by an information disclosure flaw in the Perl script 'miniserv.pl'. This flaw could allow a remote, unauthenticated attacker to read arbitrary files on the affected host, subject to the privileges of the web server user id. %NASLMINLEVEL 70300 C...
Grand MA 300 Fingerprint Reader Weak PIN Verification
=== LSE Leading Security Experts GmbH - Security Advisory 2014-07-13 === Grand MA 300 Fingerprint Reader - Weak Pin Verification ------------------------------------------------------------------------ Affected Versions ================= Grand MA 300/ID with firmware 6.60 Issue Overview...
LSE Leading Security Experts GmbH - LSE-2014-07-13 - Granding Grand MA 300 - Weak Pin Verification
=== LSE Leading Security Experts GmbH - Security Advisory 2014-07-13 === Grand MA 300 Fingerprint Reader - Weak Pin Verification ------------------------------------------------------------------------ Affected Versions ================= Grand MA 300/ID with firmware 6.60 Issue Overview...
Hanso Player 1.3.0 - (.m3u) Denial of Service Vulnerability
No description provided by source. Exploit Title: Hanso Player Version 1.3.0 .m3u DoS Date: 10/02/2010 Author: xsploited security Software Link: http://www.hansotools.com/downloads/hanso-player-setup.exe Version: 1.3.0 Tested on: Windows XP Pro SP3 CVE : N/A EAX 00000001 ECX 80567B8E EDX EDD619A0...
Halloween Linux 4.0,RedHat Linux 6.1/6.2 imwheel Vulnerability (2)
No description provided by source. source: http://www.securityfocus.com/bid/1060/info A vulnerability exists in the 'imwheel' package for Linux. This package is known to be vulnerable to a buffer overrun in its handling of the HOME environment variable. By supplying a sufficiently long string...
CSO Lanifex Outreach Project Tool 0.946 b Request Origin Spoofing Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/6630/info It has been reported that OPT accepts the values supplied supplied by users in HTTP headers as the originating IP address of a request. It is possible for a remote host to supply a fake IP address in one of thes...
DBHcms <= 1.1.4 - Remote File Inclusion exploit
No description provided by source. !/usr/bin/perl DBHcms = 1.1.4 Remote File Inclusion exploit Vendor url: www.drbenhur.com exploit is hard to execute through a browser -possible though- since it's with POST Iron http://www.randombase.com require LWP::UserAgent; Shell: ?php...
MyBB Member.PHP SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/14684/info MyBB is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. Successful exploitation could result in a compromise of the...
Novell GroupWise Messenger 2.0 - Client Buffer Overflow Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/29602/info Novell GroupWise Messenger is prone to two buffer-overflow vulnerabilities because it fails to adequately bounds-check user-supplied data before copying it to an insufficiently sized buffer. Attackers can explo...