262 matches found
TikiWiki <= 1.9.8.1 - Local File Inclusion Vulnerabilities
No description provided by source. ====================================================================== TikiWiki = 1.9.8.1 Local File Inclusion ====================================================================== Author: L4teral l4teral 4t gmail com Impact: Local File Inclusion Status: patch...
Audio Converter 8.1 0day Stack Buffer Overflow PoC exploit
No description provided by source. Exploit Title : Audio Converter 8.1 0day Stack Buffer Overflow PoC exploit Date : 16/05/2010 Author : Sud0 Bug found by : chap0 Software Link : http://download.cnet.com/Audio-Converter/3000-21404-10045287.html Version : 8.1 OS : Windows Tested on : XP SP3 En...
Pointter PHP Micro-Blogging Social Network Unauthorized Privilege Escalation
No description provided by source. 'Pointter PHP Micro-Blogging Social Network' Unauthorized Privilege Escalation CVE-2010-4333 Mark Stanislav - [email protected] I. DESCRIPTION --------------------------------------- A vulnerability exists in the 'Pointter PHP Micro-Blogging Social Networ...
Re: Medium severity flaw in BlackBerry QNX Neutrino RTOS
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Nth Dimension Security Advisory NDSA20140311 Date: 11th March 2014 Author: Tim Brown mailto:[email protected] URL: http://www.nth-dimension.org.uk/ / http://www.machine.org.uk/ Product: QNX Neutrino RTOS 6.5.0...
Yahoo! Open Redirect
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Advisory: Yahoo Bug Bounty Program Vulnerability 2 Open Redirect Advisory ID: SSCHADV2013-YahooBB-002 Author: Stefan Schurtz Affected Software: Successfully tested on ads.yahoo.com Vendor URL: http://yahoo.com Vendor Status: informed...
WBR-3406 Wireless Broadband NAT Router - Web-Console Password Change Bypass / Cross-Site Request Forgery
----------------------------------------------------------- WBR-3406 Wireless Broadband NAT Router Web-Console Password Change Bypass & CSRF Vulnerability This PoC code should do two main things: 1. Cross Site Request Forgery For more information, just google it. 2. This code change to new passwo...
Alt-N MDaemon 13.0.3 and 12.5.6 Email Body HTML/JS Injection Vulnerability
Exploit for windows platform in category web applications VULNERABILITY DESCRIPTION: ========================== Alt-N MDaemon is prone to an HTML/Javascript injection vulnerability because it fails to sanitize user-supplied input. Attacker-supplied HTML and/or JavaScript code could run in the...
Calendar Scripts A.M.Y. Ad Management Software 1.4 Persistent XSS Vulnerability
Exploit for php platform in category web applications Advisory:Calendar Scripts A.M.Y. Ad Management Software 1.4 Persistent XSS Vulnerability Version:1.4 Vendor URL: http://calendarscripts.info/ Demo Link:http://demo.pimteam.net/amy/admin.php Author: Viknesvaran Sittaramane Category: Webapp...
Heise.de Cross Site Scripting
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Advisory: heise.de - Cross-site Scripting vulnerability Advisory ID: SSCHADV2013-002 Author: Stefan Schurtz Affected Software: Successfully tested on heise.de Vendor URL: http://www.heise.de Vendor Status: fixed ========================== Vulnerabilit...
Microsoft windows remote desktop PoC C# Exploit
It Case The Dead Blue Screen :D 4 DoS ! //ms12-020 "chinese shit" PoC //Tested On Win7 Ultimate & Win 2008 Server & Win 2003 Serrver R2 //C Coded By Yomi :D using System; using System.Net; using System.Net.Sockets; namespace RDPPoCExploit class Program public static readonly string strshell =...
Microsoft Internet Explorer 9 - Memory Corruption Crash (PoC)
Microsoft Internet Explorer 9 - Memory Corruption Crash PoC / settimelimit0; iniset'memorylimit', '300M'; if!fileexists"junk.htm" $string = ""; fileputcontents"junk.htm", $string; print "View the sourcecode of the iframe below right click - view source: \n"; print "\n"; for$i = 0; $i \n"; /...
Internet Explorer 9 Memory Corruption
/ settimelimit0; iniset'memorylimit', '300M'; if!fileexists"junk.htm" $string = ""; fileputcontents"junk.htm", $string; print "View the sourcecode of the iframe below right click - view source: \n"; print "\n"; for$i = 0; $i \n"; / http://0xffe4.org / ?...
Microsoft Internet Explorer 9 - Memory Corruption Crash (PoC)
/ settimelimit0; iniset'memorylimit', '300M'; if!fileexists"junk.htm" $string = ""; fileputcontents"junk.htm", $string; print "View the sourcecode of the iframe below right click - view source: \n"; print "\n"; for$i = 0; $i \n"; / http://0xffe4.org / ?...
NeXus Infotech CMS SQL Injection
Exploit title : NeXus Infotech CMS SQL Injection Vulnerability Date : May 05,2012 Author : gr00vehack3r Contact : groove.hacker7/a/t/gmail.com Homepage : www.gr00ve-hack3r.com Vendor : NeXus Infotech Vendor Site : http://www.nexusinfotech.org/ Google Dork : intext:"Powered By NeXus Infotech"...
'phpMoneyBooks' Local File Inclusion (CVE-2012-1669)
'phpMoneyBooks' Local File Inclusion CVE-2012-1669 Mark Stanislav - [email protected] I. DESCRIPTION --------------------------------------- A vulnerability exists in index.php for module handling that allows for local file inclusion using a null-byte attack on the 'module' GET parameter...
GENU CMS - SQL Injection
GENU CMS - SQL Injection -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- GENU CMS SQL Injection Vulnerability -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- bug found by h0rd h0rdatnull.net homepage http://h0rd.net download http://www.gnew.fr/pages/download.php?file=GENU-2012.3.tar.gz vulnerability ...
GENU CMS - SQL Injection
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- GENU CMS SQL Injection Vulnerability -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- bug found by h0rd h0rdatnull.net homepage http://h0rd.net download http://www.gnew.fr/pages/download.php?file=GENU-2012.3.tar.gz vulnerability in read.php vuln code:...
phpPaleo 4.8b156 Local File Inclusion
'phpPaleo' Local File Inclusion CVE-2012-1671 Mark Stanislav - [email protected] I. DESCRIPTION --------------------------------------- A vulnerability exists in index.php for language handling that allows for local file inclusion using a null-byte attack on the 'lang' GET parameter. II...
KnFTPd 1.0.0 Denial Of Service
!/usr/bin/perl Advisory: KnFTPd 1.0.0 'FEAT' DoS PoC-Exploit Author: Stefan Schurtz Affected Software: Successfully tested on KnFTPd 1.0.0 Vendor URL: http://knftp.sourceforge.net/ Vendor Status: informed CVE-ID: - PoC-Version: 1.0 use strict; use Net::FTP; my $user = "system"; my $password =...
KnFTPd 1.0.0 - FEAT Denial of Service (PoC)
KnFTPd 1.0.0 - FEAT Denial of Service PoC !/usr/bin/perl Advisory: KnFTPd 1.0.0 'FEAT' DoS PoC-Exploit Author: Stefan Schurtz Affected Software: Successfully tested on KnFTPd 1.0.0 Vendor URL: http://knftp.sourceforge.net/ Vendor Status: informed CVE-ID: - PoC-Version: 1.0 use strict; use Net::FT...