407 matches found
HP Sprinter multiple security vulnerabilities
Multiple shell execution vulnerabilities...
LibrettoCMS 2.2.2 - Arbitrary File Upload
No description provided by source. Exploit Title : LibrettoCMS 2.2.2 Malicious File Upload Date : 14 June 2013 Exploit Author : CWH Underground Site : www.2600.in.th Vendor Homepage : http://libretto.artwebonline.com/ Software Link :...
netbsd/x86 setreuid(0, 0); execve("/bin//sh", ..., NULL); 30 bytes
No description provided by source. / minervini at neuralnoise dot com c 2005 NetBSD/i386 2.0, setreuid0, 0; execve/bin//sh, ..., NULL; / include sys/types.h include stdio.h include string.h char scode = \x31\xc0 // xor %eax,%eax \x50 // push %eax \x50 // push %eax \x50 // push %eax \x34\x7e // xo...
linux/x86-64 execve(/bin/sh) 52 bytes
No description provided by source. / Exploit Title : linux/x86-64 execve/bin/sh 52 bytes Tested on : Linux iron 2.6.38-8-generic 42-Ubuntu SMP Mon Apr 11 03:31:24 UTC 2011 x8664 x8664 x8664 GNU/Linux Date : 03/12/2011 Author : X-h4ck Email : [email protected] Website : http://www.pirate.al Greetz :...
sco/x86 execve("/bin/sh", ..., NULL); 43 bytes
No description provided by source. / minervini at neuralnoise dot com c 2005 SCOSV scosysv 3.2 5.0.7 i386, execve/bin/sh, ..., NULL; / include sys/types.h include stdio.h char scode = \x31\xc9 // xor %ecx,%ecx \x89\xe3 // mov %esp,%ebx \x68\xd0\x8c\x97\xff // push $0xff978cd0 \x68\xd0\x9d\x96\x91...
WSN Links SQL Injection Vulnerability
No description provided by source. 'WSN Links' SQL Injection Vulnerability CVE-2010-4006 Mark Stanislav - [email protected] I. DESCRIPTION --------------------------------------- A vulnerability exists in the search.php code that allows for SQL injection of various parameters. By assemblin...
Acritum Femitter Server 1.03 - Multiple Vulnerabilities
No description provided by source. --= Tested on: XP sp 2 Acritum Femitter Server v1.03 is a HTTP and FTP Server for Windows. I came up with few vulnerabilities of this .. some vulns are already has been revelied but some are not so lets have a look HTTP Server ----------- In the Femitter Server...
Sendmail transport arbitrary shell execution
More info at http://blog.swiftmailer.org/post/88660759928/security-fix-swiftmailer-5-2-1-released...
Sendmail transport arbitrary shell execution
More info at http://blog.swiftmailer.org/post/88660759928/security-fix-swiftmailer-5-2-1-released...
用友办公平台任意文件上传getshell
简要描述: 详细说明: 无需登录,通杀用友办公平台。。。 http://oa.bamatea.com http://oa.moonbasa.com http://oa.etonetech.com http://oa.ztcz.cn http://218.249.130.74 http://119.146.190.170:9988 http://zhidao.baidu.com http://wenku.baidu.com http://223.4.22.36 http://222.243.160.83:9090 http://www.chipshow.cn...
Fog Dragonfly 0.8.2 Command Injection Vulnerability
Ruby Gem Fog Dragonfly version 0.8.2 suffers from a remote command injection vulnerability. TITLE: Remote Command Injection in fog-dragonfly-0.8.2 Ruby Gem Credit: Larry W. Cashdollar, @larry0 Date: 8/16/2013 CVE: 2013-5671 Download: https://rubygems.org/gems/fog-dragonfly Description: "Dragonfly...
w-CMS 2.0.1 - Remote Code Execution
w-CMS 2.0.1 - Remote Code Execution Exploit Title: w-CMS 2.0.1 Remote Code Execution Vulnerability Google Dork: intext:"Powered by w-CMS" Date: 15/08/2013 Exploit Author: ICheerNo0M - http://icheernoom.blogspot.com/ Vendor Homepage: http://w-cms.org/ Software Link: - Version: 2.0.1 Tested on:...
Novell Zenworks Mobile Device Management Local File Inclusion
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 'Novell Zenworks Mobile Device Managme...
Cydia Repo Manager - Cross-Site Request Forgery
Cydia Repo Manager - Cross-Site Request Forgery Cydia Repo Manager CSRF Vulnerability By cr4wl3r http://bastardlabs.info http://bastardlabs.info/exploits/CydiaRepoManager.txt Software Link: http://damarist.de/?lang=en Download : http://damar1st.de/downloads/CydiaRepoManager3.1.zip Tested: Win 7...
Wordpress Remote Command Execution
No description provided by source. Exploit Title : Wordpress All Versions Remote Command Execution Author : Nafsh Discovered By : Tapco Security & Research Lab Date : 3 Oct 2012 Home : http://Sec-Lab.Tap-Co.Net Contact : [email protected] Source :...
Slackware: Security Advisory (SSA:2005-278-01)
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
GIMP script-fu buffer overflow
Buffer overflow on message parsing, shell execution...
eGlibc Signedness Code Execution
Exploit Title: eGlibc Signedness Vulnerability Date: November 2011 Exploit Author: c0ntex Vendor Homepage: http://www.eglibc.org Software Link: http://www.eglibc.org/home Version: eGlibc supplied by Ubuntu 10.4 LTS Tested on: Ubuntu 10.4 LTS CVE : CVE-2011-2702 A delicious, yet slightly cold...
pBot - Remote Code Execution
pBot - Remote Code Execution !/usr/bin/perl Exploit Title: pBot Remote Code Execution "" hostauth Date: 31.07.2012 Exploit Author: @bwallHatesTwits Software Link: https://www.firebwall.com/decoding/read.php?u=620d21fd31b87046e94975e03fdafa8a decoded from attempted attack Version: Various versions...
Calibre E-Book Reader - Local Privilege Escalation (1)
Calibre E-Book Reader - Local Privilege Escalation 1 !/bin/sh .50-Calibrer Assault Mount by zx2c4 Calibre uses a suid mount helper, and like nearly all suid mount helpers that have come before it, it's badly broken. Let's go through Calibre's faulty code available at http://pastebin.com/auz9SULi...