Radio Free TV for PC DLL Hijacking Exploit

Exploit for windows platform in category local exploits ========================================== Radio Free TV for PC DLL Hijacking Exploit ========================================== || || | || o,7 || . o7 || 4||| ow, : / /...

Linux Kernel 2.6.36-rc8 - RDS Protocol Local Privilege Escalation

Linux Kernel 2.6.36-rc8 - RDS Protocol Local Privilege Escalation // source: http://www.vsecurity.com/resources/advisory/20101019-1/ / Linux Kernel Copyright 2010 Virtual Security Research, LLC The handling functions for sending and receiving RDS messages use unchecked copyuserinatomic functions...

Wiki Web Help <= 0.3.3 Insecure Cookie Handling

No description provided by source. =============================================== WikiWebHelp v0.3.3 = Insecure Cookie Handling =============================================== My + Author : FuRty Contact : [email protected] Software info Web App. : WikiWebHelp Version : 0.3.3 Software:...

Gmail JSON Hijacking Proof Of Concept

Gmail Thief by 80vul.com @import url"http://www.google.com/igrestore"; function showMailgt var w = document.styleSheets0.imports1.cssText; var re = new RegExp"accountidx3d.+?""; var reRes = re.execw; if reRes document.getElementById"whom".innerText = reRes1; var e =...

BS.Player 2.56 - .m3u .pls File Processing Multiple Remote Denial of Service Vulnerabilities

BS.Player 2.56 - .m3u .pls File Processing Multiple Remote Denial of Service Vulnerabilities source: https://www.securityfocus.com/bid/43502/info BS.Player is prone to multiple remote denial-of-service vulnerabilities. An attacker can exploit these issues to cause an affected application to crash...

BlackBerry Cross Origin Bypass

0000000000000000000000000000000000 000000000000000000000 00000000000000000000000000000000000 0000000000000000 00000000000000000000000000000000 + BlackBerry Browser Cross Origin Bypass + Author : 599eme Man + Contact : [email protected]...

WAnewsletter v 2.1.2 SQL Injection Vulnerability

Exploit for php platform in category web applications ================================================ WAnewsletter v 2.1.2 SQL Injection Vulnerability ================================================ Exploit Title: WAnewsletter v 2.1.2 SQL Injection Vulnerabilitie Date: 23/09/2010 Author: BrOx-D...

A-PDF All To MP3 Coverter 1.1.0 Universal Exploit

!/usr/bin/python Exploit Title: A-PDF All to MP3 Converter v.1.1.0 Universal Local SEH Exploit Date: September 18, 2010 Author: modpr0be Software Link: http://www.a-pdf.com/all-to-mp3/download.htm Version: 1.1.0 Tested on: Windows XP SP3 Open application -- Next -- Add -- blah.wav -- calc will po...

NWS-Classifieds - 'cmd' Local File Inclusion

source: https://www.securityfocus.com/bid/43259/info NWS-Classifieds is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to obtain potentially sensitive information and to execute arbitrary local...

Acoustica MP3 Audio Mixer 2.471 - Extended .M3U Directives (SEH)

Exploit Title: Acoustica MP3 Audio Mixer 2.471 Extended M3U directives SEH Date: September 8 2010 Author: Carlos Hollmann Software Link: http://www.acoustica.com/downloading.asp?p=1 Version: 2.471 Tested on: Windows xp sp3 running on VMware Fusion 3.1 and VirtualBox 3.2.8 CVE : / / / | | / / / | ...

Amiro.CMS 5.8.4.0 - Multiple HTML Injection Vulnerabilities

Amiro.CMS 5.8.4.0 - Multiple HTML Injection Vulnerabilities source: https://www.securityfocus.com/bid/42908/info Amiro.CMS is prone to multiple HTML-injection vulnerabilities because it fails to properly sanitize user-supplied input before using it in dynamically generated content. Successful...

HP Insight Diagnostics Online Edition 8.4 - globals.php?tabpage Cross-Site Scripting

HP Insight Diagnostics Online Edition 8.4 - globals.php?tabpage Cross-Site Scripting source: https://www.securityfocus.com/bid/42888/info HP Insight Diagnostics Online Edition is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An...

CF Image Hosting Script 1.3.8 - Remote File Inclusion

================================= CF Image Hosting Script ===remote file inclode ================================= CF Image Hosting Script ===remote file inclode Date: 2010-08-29 Author : FoX HaCkEr Contact : [email protected] SiTe : www.sec4ever.com Download:...

Adobe Photoshop CS2 - Wintab32.dll DLL Hijacking

Adobe Photoshop CS2 - Wintab32.dll DLL Hijacking / Exploit Title: Adobe Photoshop CS2 DLL Hijacking Exploit Wintab32.dll Date: August 25, 2010 Author: storm [email protected] Version: CS2 9.0 - Other versions are very possibly exploitable too Tested on: Windows Vista SP2...

Kleeja Upload - Cross-Site Request Forgery (Change Admin Password)

Exploit Title: Kleeja Upload - CSRF Change Admin Password Date: 11-08-2010 Author: KOLTN & [email protected] Software Link: http://www.kleeja.com Software Download: http://www.kleeja.com/download/ Type : CSRF Version: all Version Greetz to : Juba & Mushii Exploit Change Admin Password...

wizmall 6.4 CSRF Vulnerabilities

Exploit for php platform in category web applications ================================ wizmall 6.4 CSRF Vulnerabilities ================================ Author: pyw1414 Software Link: http://www.shop-wiz.com/board/main/view/root/wizmall01/159/0 Version: 6.4 UTF-8 For php Tested on: XP SP3 -= CSRF...

Preation Eden Platform 27.7.2010 - Multiple HTML Injection Vulnerabilities

source: https://www.securityfocus.com/bid/42321/info Preation Eden Platform is prone to multiple HTML-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in dynamically generated content. Successful exploits will allow attacker-supplied...

FathFTP 1.8 Buffer Overflow

' Exploit Title: FathFTP 1.8 SEH ActiveX Buffer Overflow ' Author: MadjiX ' Software Link: http://www.fathsoft.com/fathftp.html ' Version 1.7 : http://www.exploit-db.com/exploits/14269/ Thanks Blake ' Tested on: Windows XP SP3 FR / IE6 ' Visit : www.sec4ever.com...

eSmart-Vision Trading (g_details.php id) SQL Injection Exploit (.py)

Exploit for php platform in category web applications ==================================================================== eSmart-Vision Trading gdetails.php id SQL Injection Exploit .py ==================================================================== !/usr/bin/env python -- coding:utf-8 --...

Social Media v2.0.0 LFI Vulnerabilities

Exploit for php platform in category web applications ======================================= Social Media v2.0.0 LFI Vulnerabilities =======================================...