MajorDoMo 跨站脚本漏洞

MajorDoMo is an open-source DIY smart home automation platform developed by the MajorDoMo community. MajorDoMo has a cross-site scripting vulnerability. This vulnerability stems from the /objects/?method endpoint, which allows unvalidated execution of stored methods. The parameters controlled by...

Advanced Electron Forum 1.0.9 - Cross-Site Request Forgery

Credits: hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/AEF-CSRF.txt Vendor: ============================= www.anelectron.com/downloads/ Product: ==================================== Advanced Electron Forum v1.0.9 AEF Exploit patched current...

Advanced Electron Forum 1.0.9 Cross Site Request Forgery

Credits: hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/AEF-CSRF.txt Vendor: ============================= www.anelectron.com/downloads/ Product: ==================================== Advanced Electron Forum v1.0.9 AEF Exploit patched current...

Platinum SDK Library post upnp sscanf Buffer Overflow Vulnerability

No description provided by source. / -POC CODE Remote Buffer Overflow - ========================================================================= ! Exploit Title: Platinum SDK library post upnp sscanf buffer overflow ! ========================================================================= Date...

LinEx Password Reset

Exploit Title: LinEx All Versions Password Reset Vulnerability Google Dork: linkex.dk 2006-2011 Date: 15/01/2014 Exploit Author: N B Sri Harsha Reconnect Gray hat Vendor Homepage: http://linkex.dk/ Software Link: http://linkex.dk/releases/linkex.20120508.zip Version: All Versions LinkEx Is A Open...

Ultimate Locator SQL Injection

Exploit Title: Ultimate Locator SQL Injection Vulnerability Author: Robert Cooper Robert.Cooper at areyousecure.net Software Link: http://www.ultimatelocator.com/ Dork: "Powered by Ultimate Locator" Tested on: Linux/Windows 7 Vulnerable File: resultslist.php Vulnerable parameter: radius= PoC:...

SPlayer 3.7 Buffer Overflow

!/usr/bin/python Exploit Title: SPlayer Software Link: http://www.splayer.org/index.en.html Versions: URL ctrl+u ... 3. Input the server URL and Click OK ... 4. Boom!/calc ... Method 2: 1. Execute this script ... 2. Launch SPlayer and click Open ctrl+o ... 3. Browse to any playlist file m3u, pls ...

HTMPL 1.11 - Command Execution

Software : HTMPL v1.11 Download Link : http://vmeste.org/templex/doc/1.html Vulnrability : Command Execution Severity : High Author : ZeN Website : http://dusecurity.com / http://darkcode.me/ Exploit : site.com/cgi-bin/htmpladmin.cgi?help=|cat /etc/passwd A few other little..... tricks The admins...

esmart-bypass.txt

Aria-Security Team http://aria-security.net -------------------------------------- Vendor :http://www.preproject.com Script/Portal: E-SMART CART You can bypass the login page with: ' or ' Shouts :theoutl4w...

predynamic-bypass.txt

Aria-Security Team http://aria-security.net -------------------------------------- Vendor :http://www.preproject.com Script/Portal: Pre Dynamic Institution You can bypass the login page with: ' or ' Shouts :theoutl4w...

Pre Hotel and Resorts reservation portal login bypass

Aria-Security Team http://aria-security.net -------------------------------------- Vendor :http://www.preproject.com Script/Portal: Pre Hotel and Resorts reservation You can bypass the login page with: ' or ' Shouts :theoutl4w...

RGameScript Pro (page.php id) Remote File Inclusion Vulnerability

No description provided by source. /////\ Web Application: RCMS-Pro ///// Info: ///////////////////////////////////////////////////// Vulnerability: Remote File Inclusion Vendor: http://www.rcms-pro.com/ Dork: "Powered by RGameScript" Found By: Warpboy E-Mail/MSNM: [email protected]...

mxBB Module MX Smartor FAP 2.0 RC1 Remote File Inclusion Vulnerability

mxBB Module MX Smartor FAP 2.0 RC1 Remote File Inclusion Vulnerability Class: Remote Vendor: http://www.mx-system.com/modules/mxpafiledb/dload.php?action=download&fileid=364 Founder: bd0rk Contact: bd0rkathackermail.com Vulnerable Code in /admin/adminalbumotf.php...