Advantech WebAccess/SCADA

CVSS v3 5.3 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: Advantech Equipment: WebAccess/SCADA Vulnerabilities: Path Traversal, SQL Injection AFFECTED PRODUCTS The following versions of WebAccess/SCADA, a SCADA software platform, are affected: WebAccess/SCADA versions prior ...

Siemens SINEMA Server Privilege Escalation Vulnerability (Update A)

OVERVIEW This updated advisory is a follow-up to the original advisory titled ICSA-16-215-02 Siemens SINEMA Server Privilege Escalation Vulnerability that was published August 2, 2016, on the NCCIC/ICS-CERT web site. --------- Begin Update A Part 1 of 2 -------- Security researcher rgod working...

Samsung SmartViewer BackupToAvi 3.0 - Remote Code Execution Exploit

Exploit for windows platform in category remote exploits var payloadlength = 15000; var arg1=1; var arg2=1; var arg3=1; //blank strings var junk = ""; var buf1 = ""; var buf2 = ""; //offset to SE is 156, initial analysis using metasploit cyclic pattern for i=0; i 0day.today 2018-02-27...

Php-Stats <= 0.1.9.1b (ip) Remote SQL Injection Exploit

No description provided by source. ?php printr' --------------------------------------------------------------------------- Php-Stats = 0.1.9.1b ip urldecode/ ereg / sql injection / cleat text admin pass disclosure exploit method ii by rgod mail: retrog at alice dot it site:...

MyCMS <= 0.9.8 - Remote Command Execution Exploit

No description provided by source. !/usr/bin/php -q -d shortopentag=on ? echo MyCMS = 0.9.8 Remote Command Execution Exploit by BlackHawk [email protected] http://itablackhawk.altervista.org Thanks to rgod for the php code and Marty for the Love ; if $argc3 echo Usage: php .$argv0. Host Path C...

phpBB <= 2.0.20 (Admin/Restore DB/default_lang) Remote Exploit

No description provided by source. !/usr/bin/php -q -d shortopentag=on ? echo PhpBB = v2.0.20 \Admin/Restore Database/defaultlang remote commands execution\r\n; echo by rgod [email protected]\r\n; echo site: http://retrogod.altervista.org\r\n; echo - you need an admin sid, works regardless of...

ThWboard <= 3.0b2.84-php5 SQL Injection / Code Execution Exploit

No description provided by source. ?php printr' ----------------------------------------------------------------------------- ThWboard =3.0 beta 2.84-php5 boardstyleid sql injection / cmd exec exploit by rgod dork: powered by ThWboard version specific: powered by ThWboard 3 Beta 2.84-php5 by...

PHPList <= 2.10.2 GLOBALS[] Remote Code Execution Exploit

No description provided by source. !/usr/bin/php -q -d shortopentag=on ? echo PHPList = 2.10.2 GLOBALS remote cmmnds xctn \r\n; echo by rgod [email protected]\r\n; echo site: http://retrogod.altervista.org\r\n\r\n; echo - this works against registerglobals=On \r\n; echo a dork:...

Unclassified NewsBoard 1.5.3 Patch 3 - Blind SQL Injection Exploit

No description provided by source. ?php ---UNB153pl3xpl.php 11.35 12/11/2005 Unclassified NewsBoard 1.5.3 patch level 3 Datefrom blind SQL injection / Admin MD5 password hash dump by rgod site: http://rgod.altervista.org usage: launch from Apache, fill in requested fields, then go! make these...

SugarSuite Open Source <= 4.0beta Remote Code Execution Exploit (c)

No description provided by source. / gcc -o sugar sugar.c Usage ./sugar host /path/ site cmd Sugar Suite Open Source = 4.0 beta remote code execution c code coded by: pointslash v. credits: rgod, unitedasia host - hostname ex: www.sitename.com path - path ex: /sugar/ or just / site - remote...

kubix <= 0.7 - Multiple Vulnerabilities exploit

No description provided by source. !/usr/bin/php -q -d shortopentag=on \r\n"; echo "Thanks to rgod for the php code and Marty for the Love\r\n\r\n"; if $argc Related: path of the file to include\r\n"; echo " |- Es: php ".$argv0." localhost /kubix/ 1 ../../../../../etc/passwd\r\n\r\n"; echo " 2 -...

VImpX ActiveX (VImpX.ocx 4.7.3.0) - Remote Buffer Overflow Exploit

No description provided by source. !- IE 6 / DB Software Laboratory VImpX ActiveX VImpX.ocx v. 4.7.3.0 remote buffer overflow exploit windows xp sp2 it version / eip overwrite method by rgod site: http://retrogod.altervista.org mail: retrog at alice dot it software site:...

Moodle <= 1.6dev SQL Injection / Command Execution Exploit

No description provided by source. ?php moodle16devxpl.php 4.19 10/11/2005 Moodle = 1.6dev get record SQL injection / / remote commands execution by rgod site: http://rgod.altervista.org usage: launch from Apache, fill in requested fields, then go! make these changes in php.ini if you have troubl...

PHP-Nuke 7.8 - SQL Injection / Remote Command Execution Exploit

No description provided by source. ?php 20.05 23/10/2005 ---phpnuke78xpl.php PHPNuke 7.8 with all security fixes/patches Downloads,WebLinks & YourAccount modules SQL Injection / remote commands execution exploit yet not tested 7.9, but OK... by rgod site: http://rgod.altervista.org make these...

Nucleus CMS <= 3.22 (DIR_LIBS) Arbitrary Remote Inclusion Exploit

No description provided by source. !/usr/bin/php -q -d shortopentag=on ? echo Nucleus = 3.22 arbitrary remote inclusion exploit\r\n; echo by rgod [email protected]\r\n; echo site: http://retrogod.altervista.org\r\n\r\n; echo this is called the \deadly eyes of Sun-tzu\r\n; echo dork: Copyright...

Cacti <= 0.8.6i cmd.php popen() Remote Injection Exploit

No description provided by source. ?php printr' -------------------------------------------------------------------------------- Cacti = 0.8.6i cmd.php popen injection by rgod dork: intitle:login to cacti mail: retrog at alice dot it site: http://retrogod.altervista.org...

ATutor <= 1.5.3.1 (links) Remote Blind SQL Injection Exploit

No description provided by source. !/usr/bin/php -q -d shortopentag=on ? echo ATutor = 1.5.3.1 'links' blind SQL injection / admin credentials disclosure\n; echo by rgod [email protected]\n; echo site: http://retrogod.altervista.org\n; echo dork, version specific: \Web site engine's code is...

Realtek Sound Manager (rtlrack.exe 1.15.0.0) - PlayList BOF Exploit

No description provided by source. usage: exploit.py print -------------------------------------------------------------------------- print Realtek Sound Manager rtlrack.exe v. 1.15.0.0 PlayList Buffer Overflow\n print url: http://www.realtek.com.tw/\n print download:...

XOOPS <= 2.0.13.2 xoopsOption[nocommon] Remote Exploit

No description provided by source. !/usr/bin/php -q -d shortopentag=on ? echo XOOPS = 2.0.13.2 'xoopsOptionnocommon' exploit\r\n; echo by rgod [email protected]\r\n; echo site: http://retrogod.altervista.org\r\n\r\n; / works with: magicquotesgpc = Off registerglobals = On / if $argc4 echo Usage:...

PHP <= 5.2.3 snmpget() object id Local Buffer Overflow Exploit

No description provided by source. ?php //PHP = 5.2.3 snmpget object id local Buffer Overflow eip overwrite exploit //bug discovered by rgod //Original advisory: http://retrogod.altervista.org/php446snmpgetlocalbof.html //quote=rgodmore than 256 chars result in simple eip overwrite/quote //right!...