NIBE heat pump - Local File Inclusion

NIBE heat pump - Local File Inclusion !/usr/bin/python import socket,sys,os,base64 NIBE heat pump LFI exploit Written by Jelmer de Hen Published at http://h.ackack.net/?p=302 Special thanks to Fredrik Nordberg Almroth and Mathias Karlsson for obtaining this information http://h.ackack.net/?p=274...

gpEasy 1.6.1 - Cross-Site Request Forgery (Add Admin)

gpEasy 1.6.1 - Cross-Site Request Forgery Add Admin ============================================= gpEasy Date : 04-29-2010 Site : http://www.giudinvx.altervista.org/ Location : Naples, Italy -------------------------------------------------------- Application Info Site : http://www.gpeasy.com/...

Joomla! Component com_jesectionfinder - Arbitrary File Upload

Joomla! Component comjesectionfinder - Arbitrary File Upload -------------------------------------------------------------------------------------- Sid3^effects aKa HaRi Greetz to all Andhra Hackers and ICW MemebersIndian Cyber Warriors Thanks:L0rd ÇrusAdêr,d4rk-blu™®,R45C4L idi0th4ck3r,CR4C|...

PHP Classifieds 6.09 - E-mail Dump

PHP Classifieds 6.09 - E-mail Dump ======================================================================================== | Title : PHP Classifieds V6.09 E-mail Dump Vulnerability | Author : indoushka | Home : www.dz-blackhat.com | Tested on: Lunix Français v.9.4 Ubuntu | Bug : E-mail Dump...

Magneto Net Resource ActiveX 4.0.0.5 - 'NetShareEnum' Universal

'Magneto Net Resource ActiveX v4.0.0.5 NetShareEnum Exploit Universal 'Author: dookie 'Original PoC by: s4squatch - http://www.exploit-db.com/exploits/12207 'Vendor: http://www.magnetosoft.com/products/sknetresource/sknetresourcefeatures.htm 'Control: SKNetResource.ocx 'Function NetShareEnum ByVa...

McAfee Email Gateway < 6.7.2 Hotfix 2 - Multiple Vulnerabilities

source: https://www.securityfocus.com/bid/39242/info McAfee Email Gateway formerly IronMail is prone to multiple vulnerabilities, including: A local privilege-escalation vulnerability A denial-of-service vulnerability. Multiple cross-site scripting vulnerabilities An information-disclosure...

68KB Knowledge Base 1.0.0rc3 - Cross-Site Request Forgery (Edit Main Settings)

Exploit Title: 68kb Knowledge Base v1.0.0rc3 edit main settings CSRF Date: 2010-04-02 Author: Jelmer de Hen Software Link: http://68kb.googlecode.com/files/68kb-v1.0.0rc3.zip Version: v1.0.0rc3 escapable'...

CMS Made Simple 1.7 - Cross-Site Request Forgery

======================================================================= CMS Made Simple 1.7 CSRF Vulnerability ======================================================================= Vulnerability found in- Admin module email [email protected] company aksitservices Credit by Pratul Agrawal...

PHP Jokesite 2.0 - exec Command

PHP Jokesite 2.0 - exec Command ======================================================================================== | Title : PHP Jokesite V 2.0 exec command EXploit | Author : indoushka | email : [email protected] | Home : www.iqs3cur1ty.com | Tested on: windows SP2 Français V.Pnx2 2.0 ...

SiteX CMS 0.7.4 Beta - 'photo.php' SQL Injection

?php echo "\n\n\n"; echo " \n"; echo " Product: SiteX CMS 0.7.4 beta /photo.php SQL-Injection exploit \n"; echo " Usage: php.exe sitex.php www.site.com /cmspath/ \n"; echo " Require: Magicquotes = off \n"; echo " Author: Sc0rpi0n RUS http://scorpion.su \n"; echo " Special for Antichat...

Woltlab Burning Board Teamsite Hack 3.0 - 'ts_other.php' SQL Injection

----------------------------Information----------------------------------------------------- +Name : Woltlab Burning Board Teamsite Hack V3.0 tsother.php SQL Injection Exploit Python +Autor : Easy Laster +Date : 21.03.2010 +Script : Woltlab Burning Board Teamsite Hack V3.0 +Google Door : Teamsite...

phpAuthent 0.2.1 SQL Injection

phpAuthent 0.2.1 SQL Injection Vulnerability Author : Gamoscu Homepage : http://www.1923turk.com Blog : http://gamoscu.wordpress.com/ Script : phpAuthent http://phpauth.sourceforge.net/ Download : http://phpauth.sourceforge.net/download.php Vulnerable File newsreleases.php?nid= SQL XpL...

Adobe Reader PDF - LibTiff Integer Overflow Code Execution

doc=''' Title: Adobe PDF LibTiff Integer Overflow Code Execution. Product: Adobe Acrobat Reader Version: =8.3.0, =9.3.0 CVE: 2010-0188 Author: villy villys777 at gmail.com Site: http://bugix-security.blogspot.com/ Tested : succesfully tested on Adobe Reader 9.1/9.2/9.3 OS Windows XPSP2,SP3...

iPhone Springboard Malformed Character Crash PoC

Exploit for hardware platform in category dos / poc ================================================ iPhone Springboard Malformed Character Crash PoC ================================================ !/usr/bin/python iPhone Springboard crash PoC by Chase Higgins. Devices tested: iPhone 2G @ OS 3.1...

Joomla Janews Local File Inclusion

Joomla Component comjanews Local File Inclusion ============================================================== .:. Author : AtT4CKxT3rR0r1ST [email protected] .:. Team : Sec Attack Team .:. Home : www.sec-attack.com/vb .:. Script : Joomla Component comjanews .:. Bug Type : Local File Inclusion LFI .:...

Dojo Toolkit 1.4.1 - '/doh/runner.html' Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/38739/info Dojo is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...

Liquid XML Studio 2010 < 8.061970 - 'LtXmlComHelp8.dll OpenFile()' Remote Overflow

!-- |------------------------------------------------------------------| | | | / / / / | | / / / / / / / \ / / / / \ | | / // // / / / / / // / / / / / // / // / / / / / / | | /// //,// // //,// // // | | | | http://www.corelan.be:8800 | | [email protected] | | |...

systemsoftware Community Black - index.php SQL Injection

systemsoftware Community Black - index.php SQL Injection ----------------------------Information------------------------------------------------ +Name : systemsoftware Community Black index.php SQL Injection +Autor : Easy Laster +Date : 13.03.2010 +Script : systemsoftware Community Black +Downloa...

win32/xp sp3 (Ita) calc.exe shellcode 36 bytes

Exploit for win32 platform in category shellcode ============================================== win32/xp sp3 Ita calc.exe shellcode 36 bytes ============================================== / Title: Windows XP Professional SP2 ita calc.exe shellcode 36 bytes Type: Shellcode Author: Stoke Platform:...

Anantasoft Gazelle CMS Cross Site Request Forgery

======================================================================= Anantasoft Gazelle CMS CSRF Vulnerability ======================================================================= by Pratul Agrawal Vulnerability found in- Admin module email [email protected] company aksitservices Credit by...