978 matches found
CDex Genre 1.79 Stack Buffer Overflow
''' Exploit Title: CDex Genre Stack Buffer Overflow Date: 10/9/2015 Exploit Author: UnN0n Software Link: http://cdex.mu/download Version: 1.79 Tested on: Windows 7 x8632 BIT Steps to Produce the Crash: 1- Generate a File by python code mentioned below. 2- Goto...
Palo Alto Networks Panorama PAN-OS < 6.0.1 Firmware Signature Verification Bypass Arbitrary Code Execution
The remote Panorama appliance is running a version of Palo Alto Networks PAN-OS prior to 6.0.1. It is, therefore, affected by a firmware signature bypass vulnerability due to a flaw in signature verification process that allows an attacker to execute arbitrary Python code within an image file...
CVE-2014-2331
CheckMK 1.2.2p2, 1.2.2p3, and 1.2.3i5 allows remote authenticated users to execute arbitrary Python code via a crafted rules.mk file in a snapshot. NOTE: this can be exploited by remote attackers by leveraging CVE-2014-2330...
Code injection
CheckMK 1.2.2p2, 1.2.2p3, and 1.2.3i5 allows remote authenticated users to execute arbitrary Python code via a crafted rules.mk file in a snapshot. NOTE: this can be exploited by remote attackers by leveraging CVE-2014-2330...
CVE-2014-2331
CheckMK 1.2.2p2, 1.2.2p3, and 1.2.3i5 allows remote authenticated users to execute arbitrary Python code via a crafted rules.mk file in a snapshot. NOTE: this can be exploited by remote attackers by leveraging CVE-2014-2330...
Netsparker 2.3.x - Remote Code Execution
Netsparker 2.3.x - Remote Code Execution !/usr/bin/python Title : Netsparker 2.3.X - Remote Code Execution Tested on Netsparker 2.3.x / Win 7 Author : Hesam Bazvand E-Mail : [email protected] FaceBook : https://www.facebook.com/hesam.king73 Twitter : https://twitter.com/hesamking73 Exploit...
Netsparker 2.3.x - Remote Code Execution
!/usr/bin/python Title : Netsparker 2.3.X - Remote Code Execution Tested on Netsparker 2.3.x / Win 7 Author : Hesam Bazvand E-Mail : [email protected] FaceBook : https://www.facebook.com/hesam.king73 Twitter : https://twitter.com/hesamking73 Exploit MS14-064 CVE2014-6332 1 . run python code...
Acunetix Web Vulnerability Scanner 9.5 - Crash (PoC)
!/usr/bin/env python Title : Acunetix Web Vulnerability Scanner 9.5 - Crash Proof Of Concept Website : https://www.acunetix.com Tested : win 7 / win 8.1 / win vista Author : Hadi Zomorodi Monavar Email : [email protected] 1 . run python code : python poc.py 2 . open hadi.txt and copy content...
CVE-2015-3446
The Framework Daemon in AlienVault Unified Security Management before 4.15 allows remote attackers to execute arbitrary Python code via a crafted plugin configuration file .cfg...
Code injection
The Framework Daemon in AlienVault Unified Security Management before 4.15 allows remote attackers to execute arbitrary Python code via a crafted plugin configuration file .cfg...
CVE-2015-3446
The Framework Daemon in AlienVault Unified Security Management before 4.15 allows remote attackers to execute arbitrary Python code via a crafted plugin configuration file .cfg...
AlienVault Unified Security Management Plugin Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of AlienVault Unified Security Management. Authentication is not required to exploit this vulnerability. The specific flaw exists within the AlienVault framework daemon which permits remote...
CVE-2015-0693
CVE-2015-0693 affects Cisco Web Security Appliance (WSA) devices running 8.5.0-ise-147, where improper handling of the pickle module during tunnel-status checks allows an authenticated, local attacker to execute arbitrary Python code and elevate privileges via a crafted pickle file (Bug CSCut3925...
Cisco Web Security Appliance Local Elevation of Privilege Vulnerability
The Cisco Web Security Appliance is a secure Web gateway that integrates malware protection, application visualization control, policy control, and more in one platform. A local elevation of privilege vulnerability exists in Cisco Web Security Appliance. This vulnerability allows attackers to...
Cisco Web Security Appliance (WSA) Local Arbitrary Python Code Execution Vulnerability
The Cisco Adaptive Security Appliance is an adaptive security appliance that provides modules for security and VPN services. A security vulnerability exists in the Cisco Web Security Appliance WSA that allows a local attacker to execute arbitrary Python code via specially crafted serialized objec...
Design/Logic Flaw
emitters.py in Django Piston before 0.2.3 and 0.2.x before 0.2.2.1 does not properly deserialize YAML data, which allows remote attackers to execute arbitrary Python code via vectors related to the yaml.load method...
CVE-2011-4104
The fromyaml method in serializers.py in Django Tastypie before 0.9.10 does not properly deserialize YAML data, which allows remote attackers to execute arbitrary Python code via vectors related to the yaml.load method...
CVE-2014-3593
Eval injection vulnerability in luci 0.26.0 allows remote authenticated users with certain permissions to execute arbitrary Python code via a crafted cluster configuration...
Design/Logic Flaw
Eval injection vulnerability in luci 0.26.0 allows remote authenticated users with certain permissions to execute arbitrary Python code via a crafted cluster configuration...
CVE-2014-3593
Eval injection vulnerability in luci 0.26.0 allows remote authenticated users with certain permissions to execute arbitrary Python code via a crafted cluster configuration...