WordPress Amerisale-Re Remote Shell Upload

Exploit Title : Wordpress amerisale-re Remote Shell Upload Exploit Author : T3rm!nat0r5 Vendor Homepage : http://wordpress.org/ Google Dork : inurl:/wp-content/plugins/amerisale-re Date : 2014/01/30 Tested on : Windows 8 , Linux This module requires Metasploit: http//metasploit.com/download Curre...

haneWIN DNS Server 1.5.3 - Remote Buffer Overflow (SEH)

!/usr/bin/python Exploit Title: haneWIN DNS Server SEH Author: Dario Estrada dash https://intrusionlabs.org Date: 2014-01-29 Version: haneWIN DNS Server 1.5.3 Vendor Homepage: http://www.hanewin.net/ Vulnerable app link:http://www.hanewin.net/dns-e.htm Tested on: Windows XP SP3 Thanks to God, to ...

Two-year-old vulnerability in JBoss Application Servers enables Remote Shell for Hackers

Cyber security of many organizations being attacked at an extremely high rate this month, well another alarming cyber crime report become public today. A widely unpatched and two years old critical vulnerability in JBoss Application Server AS that enable an attacker to remotely get a shell on a...

Two-year-old vulnerability in JBoss Application Servers enables Remote Shell for Hackers

Cyber security of many organizations being attacked at an extremely high rate this month, well another alarming cyber crime report become public today. A widely unpatched and two years old critical vulnerability in JBoss Application Server AS that enable an attacker to remotely get a shell on a...

JBoss AS Attacks Up Since Exploit Code Disclosed

Attackers are exploiting a two-year-old vulnerability in JBoss Application Servers that enables a hacker to remotely get a shell on a vulnerable webserver. The number of infections has surged since exploit code called pwn.jsp was publicly disclosed Oct. 4. Researchers at Imperva said that a numbe...

w-CMS 2.0.1 - Remote Code Execution

Exploit Title: w-CMS 2.0.1 Remote Code Execution Vulnerability Google Dork: intext:"Powered by w-CMS" Date: 15/08/2013 Exploit Author: ICheerNo0M - http://icheernoom.blogspot.com/ Vendor Homepage: http://w-cms.org/ Software Link: - Version: 2.0.1 Tested on: Windows 7 + PHP 5.2.6 --- Vuln Code :...

FunGamez Remote Shell Upload

FunGamez Remote File Upload Vulnerability Brought to you by cr4wl3r http://bastardlabs.info Software Link: http://sourceforge.net/projects/fg-gsm/?source=dlp Tested: Linux, Windows ----------------------------------------------- Source FunGamez/admin/modules/game.php .......... 135 And your shell...

Atomymaxsite Shell Upload

Exploit Title: ATOMYMAXSITE CMS Remote Shell Upload Vulnerability + Google Dork: "Powered by ATOMYMAXSITE" + Date: 30/06/2013 + Exploit Author: IranianDarkCodersTeam + Vendor Homepage: http://board.maxsitepro.com + Version: All Version 1.50 - 2.5 + Tested on: Windows 7 + Exploit: +...

Plesk hosting management software remote get shell 0day-vulnerability warning-the black bar safety net

6 month 5 days late, the Great God king cope in foreign countries well-known mailing list seclists burst Plesk latest remote exploit 0day and gives a perl version of the exp. On Plesk with: Plesk is a cross-platform host Management Control Panel software, is a server virtualization and automation...

IBM QRadar SIEM command injection vulnerability

Overview IBM QRadar SIEM software contains a command injection vulnerability that allows an authenticated user to execute operating system commands on the QRadar device. Description The IBM security bulletin for CVE-2013-2970 states:A command injection vulnerability has been discovered within the...

EasyPHP Webserver PHP Command Execution

1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : 1337day.com 0 1 + Support e-mail :...

EasyPHP WebServer v.(all) <= Multiple Vulnerabilities

EasyPHP is Suffer from : + Auth Bypass + Remote Shell Injection / Remote Code Execute The Bug in EasyPHP WebServer Manager found because the PORTAL of Administration doesn't protected ! so just when you found the Admin-Portal - you can bypass the auth directly and remote attacker can get some...

Belkin Wemo Arbitrary Firmware Upload

Exploit Title: Belkin Wemo Arbitrary Firmware Vulnerability Date: 4/3/13 Exploit Author: Daniel Buentello Vendor Homepage: http://www.belkin.com/us/wemo Version: Any version prior to WeMoUS2.00.2176.PVT CVE : CVE-2013-2748 Hello Im independently working with Mitre and Belkin on this matter so...

Jieqi(Jackie)CMS V1. 6 PHP code execution 0day vulnerabilities EXP-vulnerability warning-the black bar safety net

Jackie website management system, referred to as the JIEQI CMS, China National copyright Bureau copyright registration number: 2006SR03382 is a modular site erected system with simple, flexible, superior performance, safe and reliable and other characteristics. We provide you with the current mos...

OpenEMR 4.1.1 Shell Upload

Exploit for php platform in category web applications ?php / OpenEMR 4.1.1 ofcuploadimage.php Arbitrary File Upload Vulnerability Vendor: OpenEMR Product web page: http://www.open-emr.org Affected version: 4.1.1 Summary: OpenEMR is a Free and Open Source electronic health records and medical...

OpenEMR 4.1.1 Shell Upload

?php / OpenEMR 4.1.1 ofcuploadimage.php Arbitrary File Upload Vulnerability Vendor: OpenEMR Product web page: http://www.open-emr.org Affected version: 4.1.1 Summary: OpenEMR is a Free and Open Source electronic health records and medical practice management application that can run on Windows,...

rsh Excessive Trust Vulnerability

Added: 01/25/2013 CVE: CVE-1999-0515 Background The rsh service allows remote users, using an rsh client, to execute individual shell commands on an rsh server without the need for a password. The rsh process uses the .rhosts file to list trusted hosts those machines allowed to use the service...

rsh Excessive Trust Vulnerability

Added: 01/25/2013 CVE: CVE-1999-0515 Background The rsh service allows remote users, using an rsh client, to execute individual shell commands on an rsh server without the need for a password. The rsh process uses the .rhosts file to list trusted hosts those machines allowed to use the service...

rsh Excessive Trust Vulnerability

Added: 01/25/2013 CVE: CVE-1999-0515 Background The rsh service allows remote users, using an rsh client, to execute individual shell commands on an rsh server without the need for a password. The rsh process uses the .rhosts file to list trusted hosts those machines allowed to use the service...

Barracuda Networks SSHd Backdoor Accounts

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Critical SSH Backdoor in multiple Barracuda Networks Products vulnerable products: Barracuda Spam and Virus Firewall Barracuda Web Filter Barracuda Message Archiver...