3100 matches found
YeaLink IP Phone SIP-TxxP firmware <= 9.70.0.100 - Multiple Vulnerabilities
No description provided by source. +--------------------------------------------------------------------------------------------------------------------------------+ Exploit Title : YeaLink IP Phone SIP-TxxP firmware =9.70.0.100 Multiple Vulnerabilities Date : 12-21-2012 Author : xistence...
OpenDocMan 1.2.6.5 - Persistent XSS Vulnerability
No description provided by source. Exploit Title: OpenDocMan 1.2.6.5 Stored/Reflective XSS Date: 05/04/2013 Exploit Author: drone @dronesec More Exploit Information: Vendor Homepage: http://www.opendocman.com/ Software Link:...
Chipmunk 1.4 Guestbook Index.PHP Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/18118/info Chipmunk Guestbook is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code i...
Proman Xpress 5.0.1 - Multiple Vulnerabilities
No description provided by source...
BbZL.PhP File Inclusion Exploit
No description provided by source...
CPanel 5-10 SUID Wrapper Remote Privilege Escalation Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/20163/info cPanel is prone to a remote privilege-escalation vulnerability. A remote attacker can exploit this issue to gain administrative access to the affected application. This may lead to other attacks. !- for use old...
Telekorn Signkorn Guestbook 1.x help/en/adminhelp0.php dir_path Parameter Remote File Inclusion
No description provided by source...
Mp3 MuZik Data Base Download Vulnerability
No description provided by source. ======================================================================================== | Title : Mp3 MuZik Data Base Download Vulnerability | Author : indoushka | Home : www.iqs3cur1ty.com | Bug : DB ====================== Exploit By indoushka...
awzMB <= 4.2 beta 1 Multiple Remote File Inclusion Vulnerabilities
No description provided by source. \|/// \ - - // Xmors Underground Group @ @ ----oOOo---oOOo-------------------------------------------------- Portal : awzMB system Version 4.2 beta 1 Guestbook/Weblog/Contact Download : http://downloads.sourceforge.net/awzmb/awzmb4.2beta1.zip Author : S.W.A.T...
NX5Linkx 1.0 - Multiple SQL Injection Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/20010/info NX5Linkx is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in an SQL query. An attacker may be able to exploit these issue...
CCleague Pro <= 1.0.1RC1 (Cookie) Remote Code Execution Exploit
No description provided by source. !/usr/bin/php -q -d shortopentag=on ? $devilteam = ::::::::: :::::::::: ::: ::: ::::::::::: ::: :+: :+: :+: :+: :+: :+: :+: +:+ +:+ +:+ +:+ +:+ +:+ +:+ ++ +:+ +++:++ ++ +:+ ++ ++ ++ ++ ++ ++ ++ ++ ++ + + + +++ + + ::::::::::: :::::::::: ::: :::: :::: :+: :+: :+:...
Emesene 2.12.5 Password Disclosure
No description provided by source...
ASX to MP3 Converter 3.0.0.100 - (.pls) Universal Stack Overflow Exploit
No description provided by source. !/usr/bin/perl ASX to MP3 Converter Version 3.0.0.100 .pls Universal Stack Overflow Exploit Exploited By mat http://mini-stream.net/asx-to-mp3-converter/ my $sc = \xeb\x03\x59\xeb\x05\xe8\xf8\xff\xff\xff\x4f\x49\x49\x49\x49\x49...
Browser Navigation Download Trick
No description provided by source. Another moderately interesting tidbit, I guess... It is an important and little-known property of web browsers that one document can always navigate other, non-same-origin windows to arbitrary URLs. Perhaps more interestingly, you can also navigate third-party...
JiRos Link Manager 1.0 openlink.asp LinkID Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/21226/info JiRos Links Manager is prone to multiple input-validation vulnerabilities, including SQL- and HTML-injection issues, because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could...
Den Dating 9.01 - (searchmatch.php) SQL Injection Vulnerability
No description provided by source. Scripts Den Dating Demo V9.01searchmatch.php SQL Injection Vulnerability Author: nuclear site: http://www.scriptsden.com SQL vuln: http://localhost/path/searchmatch.php?page=2&sortby=username&sortorder=asc&txtgender=M&txtlookgender=F' union select...
Vanilla Forums 2.0.18.4 Tagging Stored XSS
No description provided by source. Title: Vanilla Tagging Stored XSS Date: 1/6/12 Author: Henry Hoggard Author URL: henryhoggard.co.uk Author Twitter: @henryhoggard Software: Vanilla Version 2.0.18.4 http://vanillaforums.org/download Create a new thread and post your XSS as tag. I used...
phpMoneyBooks 1.0.2 - Local File Inclusion
涉及文件: /index.php 85-94L php else include'header.php'; if$GETfile=="" $GETfile="index.php"; iffileexists"modules/".$GETmodule."/".$GETfile include"modules/".$GETmodule."/".$GETfile; else echo "error"; 程序会根据传递的 $GETmodule 参数来动态加载程序的处理模块: include"modules/".$GETmodule."/".$GETfile;...
ActiveCollab 2.3.0 - Local File Inclusion / Directory Traversal
No description provided by source...
Plogger Beta 2 index.php id Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/15839/info Plogger is prone to multiple input validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. Successful exploitation of these vulnerabilities cou...