FL Studio 10 Producer Edition Buffer Overflow

Title : FL Studio 10 Producer Edition - SEH Based Buffer Overflow PoC Author : Dark-Puzzle Souhail Hammou Type : PoC Risk : High Vendor : Image Line: http://www.image-line.com/downloads/flstudiodownload.html Versions : 10 Producer Edition Other Versions May be Vulnerable. Tested On : Windows 7...

Toshiba ConfigFree CF7 File Stack Buffer Overflow (ProfileName)

/-------------------------------------------------------------------------------- | Toshiba ConfigFree CF7 File Stack Buffer Overflow ProfileName | --------------------------------------------------------------------------------/ Summary ======= There is a stack buffer overflow vulnerability in t...

phpMyAdmin 'server_sync.php' Backdoor Vulnerability

phpMyAdmin is prone to a backdoor vulnerability. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:phpmyadmin:phpmyadmin"; if...

Poweradmin - index.php Cross-Site Scripting

Poweradmin - index.php Cross-Site Scripting source: https://www.securityfocus.com/bid/55619/info Poweradmin is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the brows...

vBulletin 4.1.12 - blog_plugin_useradmin.php SQL Injection

vBulletin 4.1.12 - blogpluginuseradmin.php SQL Injection source: https://www.securityfocus.com/bid/55592/info VBulletin is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. A successful exploit may allow an attack...

SquidClamav Multiple XSS Vulnerabilities

SquidClamav is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

linux/x86 - cp /etc/shadow /tmp && chmod 777 /tmp/shadow - 126 bytes

/ 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 x Official Website: http://www.1337day.com 0 1 x...

linux/x86 - "man /bin/cat" shellcode 121 bytes

/ 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 x Official Website: http://www.1337day.com 0 1 x...

linux/x86 - Nmap Default Router Services Scan - 73 bytes

/ 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 x Official Website: http://www.1337day.com 0 1 x...

Slackware Advisory SSA:2003-237-01 unzip vulnerability patched

The remote host is missing an update as announced via advisory SSA:2003-237-01. OpenVAS Vulnerability Test $Id: esoftslkssa200323701.nasl 6598 2017-07-07 09:36:44Z cfischer $ Description: Auto-generated from the corresponding slackware advisory Authors: Thomas Reinke Copyright: Copyright c 2012...

ThinPrint - tpfc.dll Insecure Library Loading Arbitrary Code Execution

ThinPrint - tpfc.dll Insecure Library Loading Arbitrary Code Execution // source: https://www.securityfocus.com/bid/55421/info ThinPrint is prone to a vulnerability that lets attackers execute arbitrary code. Exploiting this issue allows local attackers to execute arbitrary code with the privileg...

Crowbar - 'file' Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/55315/info Crowbar is prone to multiple cross-site scripting vulnerabilities because it fails to sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of...

op5 Monitor <= 5.4.2 Multiple Vulnerabilities

op5 Monitor is prone to an HTML injection vulnerability and an SQL injection SQLi vulnerability because it fails to sanitize user-supplied input. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective...

XODA <= 0.4.5 Multiple Vulnerabilities - Active Check

XODA is prone to an arbitrary file upload vulnerability and multiple HTML injection vulnerabilities because it fails to properly sanitize user-supplied input. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

Symantec Web Gateway 5.0.3.18 - Arbitrary Password Change (Metasploit)

@Kc57 Symantec Web Gateway "Symantec Web Gateway %q This module will change the password for the specified account on a Symantec Web Gatewaye server. , 'License' = MSFLICENSE, 'Version' = "$Revision: 0 $", 'Author' = 'Kc57', , 'References' = 'CVE', '2012-2977' , 'OSVDB', '0' , 'BID', '54430' ,...

phpMyAdmin 'show_config_errors.php' Full Path Information Disclosure Vulnerability

phpMyAdmin is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Trombinoscope <= 3.5 SQLi Vulnerability - Active Check

Trombinoscope is prone to an SQL injection SQLi vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

MindTouch DekiWiki - Multiple LocalRemote File Inclusions

MindTouch DekiWiki - Multiple LocalRemote File Inclusions source: https://www.securityfocus.com/bid/54991/info MindTouch DekiWiki is prone to multiple remote and local file-include vulnerabilities because it fails to sufficiently sanitize user-supplied input. An attacker may leverage these issues...

AraDown - &#039;id&#039; SQL Injection

source: https://www.securityfocus.com/bid/54891/info AraDown is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. A successful exploit may allow an attacker to compromise the application, access or modify data, or...

Plixer / Dell SonicWALL Scrutinizer Default Credentials (MySQL Protocol)

Plixer / Dell SonicWALL Scrutinizer is using known default credentials in the MySQL component. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...