3100 matches found
Pet Grooming Management System <= 2.0 Arbitrary Add-Admin Exploit
No description provided by source. !/usr/bin/perl use strict; use LWP::UserAgent; print -+- Pet Grooming Management System = 2.0 Arbitrary Add-Admin Exploit -+-\n; print -+- Discovered && Coded By: t0pP8uZz - Discovered On: 15 MAY 2008 -+-\n; print -+- Script Download:...
PHP Speedy <= 0.5.2 Wordpress Plugin (admin_container.php) Remote Code Exec Exploit
No description provided by source. ?php / php speedy = 0.5.2 wordpress plugin admincontainer.php Remote Code Exec Exploit vendor: http://aciddrop.com/ ------------------------------- May the stars be aligned! php.ini requirements: registerglobals=On allowurlinclude=On magicquotesgpc=Off...
SoapUI 4.6.3 - Remote Code Execution
No description provided by source. Exploit Title: SoapUI Remote Code Execution Date: 25.12.13 Exploit Author: Barak Tawily Vendor Homepage: http://www.soapui.org/ http://www.soapui.org/ Software Link: http://www.soapui.org/Downloads/download-soapui-pro-trial.html...
webMethods Glue <= 6.5.1 Console Directory Traversal Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/23423/info webMethods Glue is prone to a directory-traversal vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to retrieve arbitrary files from the...
YaPiG 0.9x Upload.PHP Directory Traversal Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/13877/info YaPiG is prone to a directory traversal vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An authorized user can add and delete arbitrary directories...
IPTBB <= 0.5.4 (viewdir id) Remote SQL Injection Vulnerability
No description provided by source. --------------------------------------------------------------- / | |\ \ / | / |/ | | |/ \ | | / \ \ | \ \ | | | \ | |/ \ | | // | || | ||| /| / /\ | |||| /| / / --------------------------------------------------------------- Http://www.inj3ct-it.org...
Java Search Engine 0.9.34 Search.JSP Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/15687/info Java Search Engine is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have...
Sun Solaris <= 2.6 power management Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/160/info A vulnerability exists in Sun's power management software under Solaris versions 2.4-2.6 although only 2.6 as part of the main distribution. The sys-suspend program is initiated when a user runs the program, or...
cyberBB 0.6 - Multiple Remote SQL Injection Vulnerabilities
No description provided by source. Name : cyberBB v. 0.6 Multiply Remote SQL Injection Vulnerabilities Author : cOndemned Dark-Coders Greetz : Avantura, str0ke, ZaBeaTy, voo|doo, irk4z, and many, many more... Conditions : Magic quotes gpc = On & Off / User must be logged into source of...
KMMail 1.0 E-Mail HTML Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/6013/info kmMail does not sufficiently sanitize HTML and script code from the body of e-mail messages. As a result, an attacker may send a malicious message to a user of kmMail that includes arbitrary HTML and script code...
TimberWolf 1.2.2 ShowNews.PHP Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/21733/info TimberWolf is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code execute in t...
Now SMS/MMS Gateway 5.5 - Remote Buffer Overflow Exploit
No description provided by source. / Dreatica-FXP crew ---------------------------------------- Target : Now SMS/MMS Gateway v5.5 and others ---------------------------------------- Exploit : Now SMS/MMS Gateway v5.5 Remote Buffer Overflow Exploit Exploit date : 14.04.2008 Exploit writer : Hereti...
Bitweaver 1.1.1 view_post.php post_id Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/15962/info bitweaver is prone to multiple input validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. Successful exploitation of these vulnerabilities...
Slackware Linux 3.4 makebootdisk temporary file Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/78/info makebootdisk creates the file /tmp/return insecurely and follows symbolic links. An attacker can create a symbolic link from /tmp/return to any file and wait for root to run the program. This will clober the targe...
Apple Mac OS X Server 10.5 - Wiki Server Directory Traversal Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/28278/info Apple Mac OS X Server Wiki Server is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input data. Exploiting this issue allows an attacker to access arbitrary...
Claroline 1.8.9 course/index.php URL XSS
No description provided by source. source: http://www.securityfocus.com/bid/30269/info Claroline is prone to multiple input-validation vulnerabilities: 1. Multiple cross-site scripting vulnerabilities. 2. A remote URI-redirection vulnerability. An attacker may leverage these issues to execute...
FreePBX 2.5.1 - SQL injection
No description provided by source...
Free MP3 CD Ripper 1.1 - DEP Bypass Exploit
No description provided by source. !/usr/bin/python +Exploit Title: Free MP3 CD Ripper 1.1 Universal DEP Bypass Exploit +Date: 27\08\2011 +Author: C4SS!0 G0M3S +Software Link: http://www.brothersoft.com/free-mp3-cd-ripper-84543.html +Found/Initial Exploit:...
Joomla Component BibTeX <= 1.3 - Remote Blind SQL Injection Exploit
No description provided by source. html head titleJoomla Component BibTeX = 1.3 Remote Blind SQL Injection Vulnerability/title /head body !-- Title : Joomla Component BibTeX = 1.3 Remote Blind SQL Injection Vulnerability -- !-- Author : ajann -- !-- Contact : : -- !-- S.Page :...
PHP <= 4.4.6 / 5.2.1 array_user_key_compare() ZVAL dtor Local Exploit
No description provided by source. ?php //////////////////////////////////////////////////////////////////////// // // // | || | | | | | | | || || \ // // | |/ || '|/ |/ -| ' \ / -/ |||| /| || / // // ||||,||| ,|||||||,| || |||||| // // // // Proof of concept code from the Hardened-PHP...