Lucene search
+L

184 matches found

exploitpack
exploitpack
added 2013/06/26 12:0 a.m.16 views

PHP-Charts 1.0 - index.php?type Remote Code Execution

PHP-Charts 1.0 - index.php?type Remote Code Execution !/usr/bin/python Original Advisory came from: http://packetstormsecurity.com/files/119582/PHP-Charts-1.0-Code-Execution.html infodox - insecurety.net import requests import random import threading import sys def genpayloadhost, port: """ Perl...

8.1AI score
Exploits0
0day.today
0day.today
added 2012/09/11 12:0 a.m.21 views

vOlk Botnet Framework v4.0 Multiple Vulnerabilities

Exploit for php platform in category web applications Title: ====== vOlk Botnet Framework v4.0 - Multiple Web Vulnerabilities Introduction: ============= vOlk-Botnet v4.0 is a remote administration tool, its main function is to manage the HOSTS file of the windows operating systems The code creat...

7.1AI score
Exploits0
0day.today
0day.today
added 2012/08/11 12:0 a.m.19 views

Flogr 2.5.6 / 2.3 Cross Site Scripting Vulnerabilities

Exploit for php platform in category web applications Flogr v2.5.6 & v2.3 - Cross Site Script Vulnerabilities Details: ======== Multiple non persistent cross site scripting vulnerabilities are detected in the Flogr v2.5.6 & v2.3 photo gallery CMS. The vulnerability allows remote attackers to hija...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2012/04/14 12:0 a.m.148 views

Microsoft Service Cross Site Scripting

Title: ====== Microsoft Service - Persistent Web Vulnerabilities Date: ===== 2012-04-14 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=433 http://www.vulnerability-lab.com/getcontent.php?id=439 MSRC ID: 12209nj VL-ID: ===== 433 Introduction: ============= Official...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2010/07/17 12:0 a.m.31 views

Group Office 3.5.9 Remote Command Execution

Title Group Office Remote Command Execution Vulnerability Author ADEO Security Published 16/07/2010 Version 3.5.9 Possible all versions Vendor http://www.group-office.com Download http://sourceforge.net/projects/group-office/files/3.5/groupoffice-com-3.5.9.tar.gz/download Description "Take your...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2009/07/15 12:0 a.m.28 views

Greenwood Content Manager Code Execution

!usr/bin/python Greenwood Content Manager Remote Code Execution AUTHOR : Sina Yazdanmehr R3d.W0rm Discovered by : Sina Yazdanmehr R3d.W0rm Our Site : http://ircrash.com My Official WebSite : http://r3dw0rm.ir IRCRASH Team Members : Khashayar Fereidani - R3d.w0rm Sina Yazdanmehr Download :...

0.4AI score
Exploits0
securityvulns
securityvulns
added 2009/05/01 12:0 a.m.117 views

Proxy bypass vulnerability & plain text passwords in LevelOne AMG-2000

SEC Consult Security Advisory 20090429-0 ======================================================================= title: Proxy bypass vulnerability & plain text passwords in LevelOne AMG-2000 product: LevelOne AMG-2000 Wireless AP Management Gateway vulnerable version: Firmware =2.00.00build00600...

7.2AI score
Exploits0
exploitpack
exploitpack
added 2008/12/23 12:0 a.m.15 views

PHPLD 3.3 - Blind SQL Injection

PHPLD 3.3 - Blind SQL Injection phpLD 3.3 Blind SQL Injection http://www.phplinkdirectory.com/ magicquotesgpc = Off registerglobals = On Vulnerable: GET http://site/phpld/page.php?name= True Request: validpagename' or 1=1 False Request: validpagename' or 1=0 Try this urlencode: validpagename' or...

0.4AI score
Exploits0
myhack58
myhack58
added 2007/09/18 12:0 a.m.35 views

Cocoon Counter statistics program background written mA-vulnerability warning-the black bar safety net

Reference the latest Ocean to the top of the eval version in a few words, here to use is % eval reques tchr 3 5 % , "evalExecutePP. htm in the text box write your own code is added with 2006X2. exe conversion to generate the html text box in code. What is the text box you know? Don't just check t...

7.3AI score
Exploits0
NVD
NVD
added 2006/05/24 1:2 a.m.16 views

CVE-2006-2559

Linksys WRT54G Wireless-G Broadband Router allows remote attackers to bypass access restrictions and conduct unauthorized operations via a UPnP request with a modified InternalClient parameter, which is not validated, as demonstrated by using AddPortMapping to forward arbitrary traffic...

7.5CVSS6.7AI score0.01704EPSS
Exploits0References6
securityvulns
securityvulns
added 2006/05/06 12:0 a.m.43 views

RaidenHTTPD Web server / Quick 'n Easy Web Server / Baby ASP / Blazix Web Server / AN HTTPD / Xeneo scripts source code disclosure

It's possible to retrieve script source code by adding " ./" to request...

0.1AI score
Exploits0References7Affected Software5
0day.today
0day.today
added 2004/09/16 12:0 a.m.106 views

PHP-Nuke SQL Injection Edit/Save Message(s) Bug

Exploit for unknown platform in category web applications =============================================== PHP-Nuke SQL Injection Edit/Save Messages Bug =============================================== !/usr/bin/perl use LWP; $log = "poskomenphpnukesavemsg.txt"; $Agent = "Mbahmubangga/1.0"; $proxy ...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2004/09/14 12:0 a.m.26 views

SnipSnap 0.5.2 - HTTP Response Splitting

source: https://www.securityfocus.com/bid/11180/info SnipSnap is reported prone to an HTTP response splitting vulnerability. The issue exists in the 'referer' parameter. The issue presents itself due to a flaw in the application that allows an attacker to manipulate how POST requests are handled...

7AI score
Exploits0
0day.today
0day.today
added 2004/07/22 12:0 a.m.18 views

Conceptronic CADSLR1 Router Denial of Service Vulnerability

Exploit for hardware platform in category dos / poc =========================================================== Conceptronic CADSLR1 Router Denial of Service Vulnerability =========================================================== $ $victima="ip.victim" $ perl -e 'print "GET / HTTP/1.1\r\nHost:...

7AI score
Exploits0
exploitpack
exploitpack
added 2004/03/02 12:0 a.m.21 views

SureCom EP-9510AXEP-4504AX Network Device - Malformed Web Authorisation Request Denial of Service (2)

SureCom EP-9510AXEP-4504AX Network Device - Malformed Web Authorisation Request Denial of Service 2 // source: https://www.securityfocus.com/bid/9795/info An issue in the handling of specific web requests by SureCom network devices has been identified. By placing a malformed request to the web...

0.6AI score
Exploits0
Exploit DB
Exploit DB
added 2003/12/19 12:0 a.m.25 views

Xerox MicroServer - Web Server Directory Traversal

source: https://www.securityfocus.com/bid/9256/info It has been reported that XeroxMicroServer/Xerox11 may be prone to a directory traversal vulnerability that may allow an attacker to traverse outside the server root directory by using '/..' or '/.' character sequences at the end of a URL reques...

7.4AI score
Exploits0
NVD
NVD
added 2003/08/27 4:0 a.m.23 views

CVE-2003-0424

Apple QuickTime / Darwin Streaming Server before 4.1.3f allows remote attackers to obtain the source code for scripts by appending encoded space %20 or . %2e characters to an HTTP request for the script, e.g. viewbroadcast.cgi...

5CVSS6.5AI score0.0142EPSS
Exploits1References2
CVE
CVE
added 2003/07/25 4:0 a.m.55 views

CVE-2003-0424

The CVE-2003-0424 entry affects Apple QuickTime/Darwin Streaming Server prior to 4.1.3f. The vulnerability allows an attacker to disclose script source code by appending encoded characters (%20 space or %2e dot) to an HTTP request for a script (e.g., /view_broadcast.cgi). The issue is a Script So...

5CVSS6.5AI score0.0142EPSS
Exploits1References2Affected Software1
NVD
NVD
added 2002/05/31 4:0 a.m.17 views

CVE-2002-0304

Lil HTTP Server 2.1 allows remote attackers to read password-protected files via a /./ in the HTTP request...

5CVSS6.5AI score0.01539EPSS
Exploits0References4
NVD
NVD
added 2001/06/27 4:0 a.m.18 views

CVE-2001-0425

AdLibrary.pm in AdCycle 0.78b allows remote attackers to gain privileges to AdCycle via a malformed Agent: header in the HTTP request, which is inserted into a resulting SQL query that is used to verify login information...

7.5CVSS7.4AI score0.02401EPSS
Exploits1References2
Rows per page
Query Builder