Fedora 23 : php (2016-0729e59542)

13 Oct 2016 - PHP version 5.6.27 Core: - Fixed bug php73025 Heap Buffer Overflow in virtualpopen of zendvirtualcwd.c. cmb - Fixed bug php73058 crypt broken when salt is 'too' long. Anatol - Fixed bug php72703 Out of bounds global memory read in BFcrypt triggered by passwordverify. Anatol - Fixed...

Joomla DVFolderContent 1.0.2 Local File Disclosure

Exploit Title : Joomla DVFolderContent V1.0.2 Module - Local File Disclosure Exploit Author : Persian Hack Team Vendor Homepage : http://www.dvextensions.de/en/extensions/dvfoldercontent Category Webapps Tested on Win Version : V1.0.2 Date 2016/10/01 PoC The Vulnerable page is...

Vanderbilt IP Camera CCPW3025-IR / CVMW3025-IR - Credentials Disclosure

Exploit for cgi platform in category web applications 1. Advisory Information ======================================== Title : Vanderbilt IP-Camera CCPW3025-IR + CVMW3025-IR Remote Credentials Disclosure Vendor Homepage : https://is.spiap.com/ Remotely Exploitable : Yes Tested on Camera types :...

CVE-2007-1710

The readfile function in PHP 4.4.4, 5.1.6, and 5.2.1 allows context-dependent attackers to bypass safemode restrictions and read arbitrary files by referring to local files with a certain URL syntax instead of a pathname syntax, as demonstrated by a filename preceded a "php://../../" sequence...

Gkplugins Picasaweb - Download File

Exploit Title: Gkplugins Picasaweb Download File Date : 2015-08-13 Exploit Author : TMT VNhgroup Vendor Homepage: https://gkplugins.com/ Tested on: Windows 7 File ------------------------ $fileout = $GET'f'; -- can you download file $filelength = $GET'l'; $filestream = $GET'start'; if$fileout!=""...

Invision Gallery <= 2.0.7 ReadFile() & SQL Injection Exploit (linux)

No description provided by source. / | || || | | |/ / | || | | / - | | ' | ' | / | ' \ - |||||||\|||, |||// hellknights.void.ru |/ coded by 1nf3ct0r Windows, ported by ShadOSLinux Invision Gallery = 2.0.7 ReadFile & SQL injection exploit +-------------+ | Uzage: | +-------------+ + ReadFile: -...

House Style 0.1.2 - readfile() Local File Disclosure Vulnerability

No description provided by source. Exploit Title: House Style 0.1.2 = readfile Local File Disclosure Vulnerability Date: 11/07/2012 Author: GoLdM Vendor or Software Link: http://sourceforge.net/projects/housestyle/ Version: 1.03 Category:: readfile Local File Disclosure Vulnerability2 Tested on: ...

Webfwlog <= 0.92 (debug.php) Remote File Disclosure Vulnerability

No description provided by source. ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ + D.Script:ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/packages-stable/All/webfwlog-0.92.tbz + D.Scrpit:http://webfwlog.sourceforge.net/...

Invision Gallery <= 2.0.7 ReadFile() & SQL Injection Exploit

No description provided by source. / | || || | | |/ / | || | | / - | | ' | ' | / | ' \ - |||||||\|||, |||// hellknights.void.ru |/ coded by 1nf3ct0r Invision Gallery = 2.0.7 ReadFile & SQL injection exploit +-------------+ | Uzage: | +-------------+ + ReadFile: - syntax: readfile 1 host...

airVisionNVR 1.1.13 readfile() Disclosure and SQL Injection

No description provided by source. Exploit Title: airVisionNVR readfile disclosure and sql injection Google Dork: Date: Oct 13, 2012 Exploit Author: pennyGrit Vendor Homepage: http://www.ubnt.com/ Software Link: http://www.ubnt.com/downloads/airvision/airVision-v1.1.3-installer.exe Version: 1.1.1...

Stack overflow

Stack-based buffer overflow in the ReadFile function in fltBMP.dll in Chasys Draw IES before 4.11.02 allows remote attackers to execute arbitrary code via crafted biPlanes and biBitCount fields in a BMP file...

CVE-2013-3928

CVE-2013-3928 : A stack-based buffer overflow exists in the ReadFile function of flt_BMP.dll used by Chasys Draw IES (BMP parsing). The flaw allows remote attackers to trigger arbitrary code execution by supplying a specially crafted BMP file (affecting versions prior to 4.11.02). Confirmed affec...

CVE-2013-3928

Stack-based buffer overflow in the ReadFile function in fltBMP.dll in Chasys Draw IES before 4.11.02 allows remote attackers to execute arbitrary code via crafted biPlanes and biBitCount fields in a BMP file...

Chasys Draw IES Buffer Overflow Vulnerability

This Metasploit module exploits a buffer overflow vulnerability found in Chasys Draw IES version 4.10.01. The vulnerability exists in the module fltBMP.dll, while parsing BMP files, where the ReadFile function is used to store user provided data on the stack in a insecure way. It results in...

Chasys Draw IES - Local Buffer Overflow (Metasploit)

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 "Chasys Draw IES...

airVisionNVR 1.1.13 - readfile() Disclosure SQL Injection

airVisionNVR 1.1.13 - readfile Disclosure SQL Injection Exploit Title: airVisionNVR readfile disclosure and sql injection Google Dork: Date: Oct 13, 2012 Exploit Author: pennyGrit Vendor Homepage: http://www.ubnt.com/ Software Link:...

airVisionNVR 1.1.13 - &#039;readfile()&#039; Disclosure / SQL Injection

Exploit Title: airVisionNVR readfile disclosure and sql injection Google Dork: Date: Oct 13, 2012 Exploit Author: pennyGrit Vendor Homepage: http://www.ubnt.com/ Software Link: http://www.ubnt.com/downloads/airvision/airVision-v1.1.3-installer.exe Version: 1.1.13 Tested on: WinXP SP3 CVE: Possibl...

CVE-2012-4054

Buffer overflow in the readfile function in CPE17 Autorun Killer 1.7.1 and earlier allows physically proximate attackers to execute arbitrary code via a crafted inf file...

Buffer overflow

Buffer overflow in the readfile function in CPE17 Autorun Killer 1.7.1 and earlier allows physically proximate attackers to execute arbitrary code via a crafted inf file...

CVE-2012-4054

CVE-2012-4054 affects CPE17 Autorun Killer 1.7.1 and earlier. The vulnerability is a buffer overflow in the readfile function that enables arbitrary code execution by a crafted inf file, with a Local attack vector and no authentication required per the CVSS data. Impact is listed as complete conf...