PHPXplorer 0.9.33 - 'action.php' Directory Traversal

source: https://www.securityfocus.com/bid/16292/info phpXplorer is prone to a directory traversal vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this vulnerability to retrieve arbitrary files from the vulnerable...

Remote File Manager 1.0 - Denial of Service

Remote File Manager 1.0 - Denial of Service / Server Remote File Manager DoS Exploit ------------------------------------------- INFGP - Hacking&security Research + Attacking localhost.. + Build DOS string + Buffer size = 300 byte + Sending bad format.. + localhost : Disconected! Greats: Infam0us...

dSMTP Mail Server 3.1b Linux Remote Root Format String Exploit

Exploit for linux platform in category remote exploits ============================================================== dSMTP Mail Server 3.1b Linux Remote Root Format String Exploit ============================================================== / dSMTP - SMTP Mail Server 3.1b Linux Remote Root...

чтение файлов в скриптах printversion.pl и textversion.pl

Скрипты printversion.pl и textversion.pl позволяют читать произвольные файлы на сервере Exploit - http://www.xxx.com/cgi-bin/textversion/textversion.pl?conf=conf.xml&file=../../../../etc/passwd http://www.xxx.com/cgi-bin/printversion/printversion.pl?conf=conf.xml&file=../../../etc/passwd Пример -...

sd server 4.0.70 - Directory Traversal

sd server 4.0.70 - Directory Traversal source: https://www.securityfocus.com/bid/12609/info A vulnerability has been identified in the handling of certain types of requests by SD Server. Because of this, it is possible for an attacker to gain access to potentially sensitive system files. Read...

3Com 3CServer FTP Server < 2.0 Remote Overflow

Binary data 2595.prm...

CVE-2004-1277

The downloadselectionrecursive function in ftplist.c for IglooFTP 0.6.1 allows remote malicious FTP servers to overwrite arbitrary files via filenames that contain / slash characters...

PHP 4.x5.0 Shared Memory Module - Offset Memory Corruption

PHP 4.x5.0 Shared Memory Module - Offset Memory Corruption source: https://www.securityfocus.com/bid/12045/info PHP shared memory module shmop is reported prone to an integer handling vulnerability. The issue exists in the PHPFUNCTIONshmopwrite function and is as a result of a lack of sufficient...

Ability Server <= 2.34 Remote APPE Buffer Overflow Exploit

Exploit for unknown platform in category remote exploits ========================================================== Ability Server include include include // shellc0de by m00 team bind 61200 char shellcode= "\x90\x90\x90\x90\x90\xEB\x0F\x58\x80\x30\xBB\x40\x81\x38\x6D"...

Yanf 0.4 - HTTP Response Buffer Overflow

source: https://www.securityfocus.com/bid/11975/info Yanf is prone to a buffer overflow vulnerability. This issue is exposed when the client reads data from a remote HTTP server. If this issue is successfully exploited, it could allow for execution of arbitrary code in the context of the user...

phpBB 2.0.x - &#039;admin_cash.php&#039; PHP Remote File Inclusion

source: https://www.securityfocus.com/bid/11701/info A vulnerability is reported to exist in the phpBB CashMod module that may allow an attacker to include malicious PHP files containing arbitrary code to be executed on a vulnerable system. Remote attackers could potentially exploit this issue vi...

SlimFTPd 3.15 - Remote Buffer Overflow

/ SlimFTPd = 3.15, Remote Buffer Overflow Exploit v0.1. Bind a shellcode to the port 101. Full disclosure and exploit by class101 at DFind.kd-team.com & n3ws at EFnet 10 november 2004 Thanx to HDMoore and Metasploit.com for their kickass ASM work. ------------------ WHAT IS SLIMFTPD...

SLX Server 6.1 Arbitrary File Creation Exploit (PoC)

No description provided by source. !/usr/bin/perl Proof of concept exploit: Arbitrary file creation for SLX server 6.1 Written by Carl Livitt, Agenda Security Services, June 2004. This exploit abuses the ProcessQueueFile command on SLX 6.1 others? servers to create arbitrary files on the filesyst...

CJOverkill < 4.0.4 trade.php XSS

Binary data 2364.prm...

MAILsweeper Archive File Filtering Bypass

The remote host is running MAILsweeper - a content security solution for SMTP. According to its banner, the remote version of MAILsweeper may allow an attacker to bypass the archive filtering settings of the remote server by sending an archive in the format 7ZIP, ACE, ARC, BH, BZIP2, HAP, IMG, PA...

MySQL < 4.0.21 mysql_real_connect() Function Remote Overflow

The remote host is running a version of MySQL that is older than 4.0.21. MySQL is a database that runs on both Linux/BSD and Windows platforms. This version is vulnerable to a length overflow within it's mysqlrealconnect function. The overflow is due to an error in the processing of a return Doma...

Google Chrome < 1.0.154.53 Multiple Vulnerabilities

Binary data 5079.pasl...

SUSE-SA:2003:020: mutt

The remote host is missing the patch for the advisory SUSE-SA:2003:020 mutt. Mutt is a text-based Mail User Agent MUA. The IMAP-code of mutt is vulnerable to a buffer overflow that can be exploited by a malicious IMAP-server to crash mutt or even execute arbitrary code with the privileges of the...

SWAT PreAuthorization PoC

Hi, The following is a brief proof of concept exploit code for the vulnerability mentioned in "Evgeny Demidov" [email protected]'s advisory: Samba 3.x swat preauthentication buffer overflow Running the perl script against a vulnerable SWAT server will cause: Program received signal SIGSEGV,...

PSCS VPOP3 2.0 - Email Server Remote Denial of Service

PSCS VPOP3 2.0 - Email Server Remote Denial of Service source: https://www.securityfocus.com/bid/10782/info It is reported that VPOP3 is reported prone to a remote denial of service vulnerability. This issue presents itself when an attacker issues a URI request containing a large value for the...