15 matches found
Exploit for Heap-based Buffer Overflow in Microsoft
CVE-2024-38077-POC Pseudocode, for backup p...
Sekiryu - Comprehensive Toolkit For Ghidra Headless
This Ghidra Toolkit is a comprehensive suite of tools designed to streamline and automate various tasks associated with running Ghidra in Headless mode. This toolkit provides a wide range of scripts that can be executed both inside and alongside Ghidra, enabling users to perform tasks such as...
Exploit for CVE-2020-1349
CVE-2020-1349 This vulnerability occurs in Outlook 2019 16.0...
Interactive Disassembler: Plasma
Interactive disassembler for x86/ARM/MIPS. Generates indented pseudo-code with colored syntax code. PLASMA is an interactive disassembler. It can generate a more readable assembly pseudo code with colored syntax. You can write scripts with the available Python api. The project is still in big...
DameWare mini remote control Vulnerability CVE-2 0 1 6-2 3 4 5: let you play with remote controller-vulnerability warning-the black bar safety net
! In doing a security assessment, we often encounter some allow an administrator on the network remote management system software. Although very convenient, but a variety of package leads to the remote access system, there are some security risks. In this article, we will detail the way in a plac...
PHP-Nuke 7.x Journal Module Search.PHP SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/20829/info The PHP-Nuke Journal module is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker...
PHP-Nuke 7.x Block-Old_Articles.PHP SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/22037/info PHP-Nuke is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the...
EspCMS最新版可伪造任意帐户登陆(简单利用代码)
简要描述: EspCMS最新版可伪造任意帐户登陆(源码分析) 测试版本espcmsutf85.8.14.03.03b 详细说明: EspCMS中用户cookie生成算法中重要的就是dbpscode 貌似前面有大牛提交过多次,厂商都只是略作修改,并没有最终搞定问题 这里来说一下,可以通过注册普通帐号,通过帐号+cookie破解得到dbpscode 首先是cookie加密算法,/public/classfunction.php,144-170行 function eccode$string, $operation = 'DECODE', $key =...
PHP-Nuke <= 7.9 Old-Articles Block "cat" SQL Injection vulnerability
/ -------------------------------------------------------- Neo Security Team NST - Advisory 31 - 2007-01-13 -------------------------------------------------------- Program: PHP-Nuke Homepage: http://www.phpnuke.org Vulnerable Versions: PHP-Nuke = 7.9 Risk: Medium Impact: Medium Risk -==PHP-Nuke ...
PHP-Nuke 7.x - 'Block-Old_Articles.php' SQL Injection
source: https://www.securityfocus.com/bid/22037/info PHP-Nuke is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data...
PHP-Nuke News Module Index.PHP SQL注入漏洞
PHP-Nuke News是一款基于PHP-Nuke的一个新闻模块。 PHP-Nuke News不充分过滤用户提交的URI输入,远程攻击者可以利用漏洞进行SQL注入攻击,获得敏感信息。 问题是'Index.PHP'脚本对用户提交的'sid'参数缺少过滤,提交恶意SQL查询作为参数数据,可更改原来的SQL逻辑,获得敏感信息。 PHP-Nuke PHP-Nuke 7.9 PHP-Nuke PHP-Nuke 7.8 PHP-Nuke PHP-Nuke 7.7 PHP-Nuke PHP-Nuke 7.6 PHP-Nuke PHP-Nuke 7.5 PHP-Nuke PHP-Nuke 7.4...
nst-30.txt
/ -------------------------------------------------------- Neo Security Team NST - Advisory 30 - 2006-11-24 -------------------------------------------------------- Program: PHP-Nuke Homepage: http://www.phpnuke.org Vulnerable Versions: PHP-Nuke sqlfetchrow$db-sqlquery"SELECT title FROM...
PHP-Nuke 7.x Journal Module - 'search.php' SQL Injection
source: https://www.securityfocus.com/bid/20829/info The PHP-Nuke Journal module is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application,...
PHP-Nuke 7.x Journal Module - search.php SQL Injection
PHP-Nuke 7.x Journal Module - search.php SQL Injection source: https://www.securityfocus.com/bid/20829/info The PHP-Nuke Journal module is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue...
nst-29.txt
------=Part948836292592.1162313436170 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline / -------------------------------------------------------- Neo Security Team NST - Advisory 29 - 2006-10-31...