5 matches found
Joomla! 1.5 < 3.4.5 - Object Injection Remote Command Execution
''' Simple PoC for Joomla Object Injection. Gary @ Sec-1 ltd http://www.sec-1.com/ ''' import requests easyinstall requests def geturlurl, useragent: headers = 'User-Agent': useragent cookies = requests.geturl,headers=headers.cookies for in range3: response = requests.geturl,...
Joomla 1.5 - 3.4.5 - Object Injection Remote Command Execution Exploit
Exploit for php platform in category web applications ''' Simple PoC for Joomla Object Injection. Gary @ Sec-1 ltd http://www.sec-1.com/ ''' import requests easyinstall requests def geturlurl, useragent: headers = 'User-Agent': useragent cookies = requests.geturl,headers=headers.cookies for in...
Splunk Remote Root Exploit
No description provided by source. from sec1httplib.requestbuilder import Requestobj from sec1httplib.threaddispatcher import import threading import re import urlparse import sys import urllib import base64 from optparse import OptionParser import sys Source: http://www.sec-1.com/blog/?p=233...
[Full-disclosure] [Sec-1 Ltd] Advisory: MailMarshal Spam Quarantine Password Retrieval Vulnerability
SEC-1 LTD. www.sec-1.com Security Advisory Advisory Name: MailMarshal Spam Quarantine Password Retrieval Vulnerability Release Date: 17-06-2007 Application: MailMarshal SMTP 6.2.0.x Platform: Microsoft Windows Severity: Password Retrieval Author: Gary O'leary-Steele Reported: See time line sectio...
[Full-disclosure] [SEC-1 LTD] RSA SecurID Web Agent Heap Overflow
SEC-1 LTD. www.sec-1.com Security Advisory Advisory Name: RSA SecurID Web Agent Heap Overflow Release Date: 06-05-2005 Application: RSA SecurID Web Agent 5 RSA SecurID Web Agent 5.2 RSA SecurID web Agent 5.3 Platform: Windows 2000 / IIS Severity: Remote Code Execution Author: Gary O'leary-Steele...