WordPress Plugin Advanced Video 1.0 - Local File Inclusion

!/usr/bin/env python Exploit Title: Advanced-Video-Embed Arbitrary File Download / Unauthenticated Post Creation Google Dork: N/A Date: 04/01/2016 Exploit Author: evait security GmbH Vendor Homepage: arshmultani - http://dscom.it/ Software Link:...

D-Link 2750u/2730u /cgi-bin/webproc 任意文件读取

No description provided by source...

新为软件E-learning系统 /bos/desktop/RequestOrResponse.aspx /site/ajax/WebSiteAjax.aspx 等多处处sql注入

No description provided by source...

LN5KyLD3PXVFYox

A Remote Browser's Agent XSS is a piece of software that allows a remote "operator" to control a browser as if he has physical access to that system. While desktop sharing and remote administration have many legal uses, "XSS" software is usually associated with criminal or malicious activity...

WordPress Plugin Photocart Link 1.6 - Local File Inclusion

Exploit Title: Wordpress Plugin Photocart Link - Local File Inclusion Exploit Author: CrashBandicot @DosPerl Date: 2016-03-27 Google Dork : inurl:/wp-content/plugins/photocart-link/ Vendor Homepage: https://fr.wordpress.org/plugins/photocart-link/ Tested on: MSWin32 Version: 1.6 Vuln file :...

D-Link DWR-932 Firmware 4.00 权限绕过

No description provided by source...

Uber: Lack of rate limiting on get.uber.com leads to enumeration of promotion codes and estimation of a lower bound on the number of Uber drivers

Invite codes are 5 alphanumeric lower case characters. This means there are 36 26 + 10 possible options for each space in the invite code. In total this means there are 36^5 or 60,466,176 possible invite codes. Through enumerating through all possible invite codes, one can find the total number o...

cmseasy demo.php 反射型XSS漏洞

No description provided by source...

方维O2O系统 后台越权漏洞泄露用户详细地址

No description provided by source...

Libsys图书管理系统 /opac/virtual_shelf_lst.php Oracle时间盲注

No description provided by source...

Java RMI services remote command execution exploit-vulnerability warning-the black bar safety net

Java RMI service is a remote method call Remote Method Invocation in. It is a mechanism that is able to make in a java virtual machine on the object calling another Java virtual machine object. In Java Web, many places will use RMI to communicate with each other to call. For example, many large...

workyi人才系统 2.5版本 /map/showtag.aspx 文件SQL注入漏洞

No description provided by source...

Linux/ARM - Connect back to {ip:port} with /bin/sh - 95 bytes

Linux/ARM - Connect back to ip:port with /bin/sh - 95 bytes. Shellcode exploit for arm platform / Title : Linux/ARM - Connect back to ip:port with /bin/sh Length : 95 bytes Date : 2014-06-03 Author : Xeon Tested : ARM1176 rev6 v6l / include include char shellcode =...

致远某内部系统存在大量弱口令

简要描述： 详细说明： http://seeyonqd.seeyon.com/seeyon/index.jsp http://seeyonqd.seeyon.com//seeyon/getAjaxDataServlet?S=ajaxOrgManager&M=isOldPasswordCorrect&CL=true&RVT=XML&P1String=admin&P2String=wy 漏洞证明： 抓包 密码采用123456 加载字典 GET...

InstaLinker <= 1.1.1 - Reflected Cross-Site Scripting (XSS)

Due to a lack of input sanitization in the includes/instalinker-admin-preview.php file, it is possible to utilise a reflected XSS vector to run a script in the target user's browser and potentially compromise the WordPress installation...

Libsys图书管理系统 V5.5 变量覆盖漏洞

登陆页面 sessionstart ; if isset $REQUEST'username' $strUser = trim $REQUEST'username' ; $strInput = trim $REQUEST'passwd' ; $strMsg = "用户名或者密码错误"; switch $strUser case "opacadmin" : $strPassWd = $strPassWdFile; $strMsg = verifypwd $strInput, $strPassWd ; if $strMsg == true $SESSION'ADMINUSER' =...

MiniUPnP igd_desc_parse. c buffer overflow

No description provided by source. TALOS-CAN-0035 CVE 2015-6031 exploit by Aleksandar Nikolic illustrating the SSP bypass with a stack buffer overflow in an application that uses pthreads. import socket import struct SSDP reply to MSEARCH request, specifies the location URL reply = """HTTP/1.1 20...

昆石 VOS2009 文件读取漏洞

No description provided by source...

Shadows-IT Designs Local File Inclusion

No description provided by source...

StrongSoft灾害预警系统strFieldName参数SQL注入漏洞

注入链接：/Response/AjaxHandle/AjaxSingleGetReferenceFieldValue.ashx 注入参数：strFieldName 【获取数据库版本】 /Response/AjaxHandle/AjaxSingleGetReferenceFieldValue.ashx?strFieldValue=1&strSelectFieldCollection=1&tableName=sysobjects&strFieldName=convertint,@@version 【管理员账号密码】...