CVE-2015-0557

Open-source ARJ archiver 3.10.22 does not properly remove leading slashes from paths, which allows remote attackers to conduct absolute path traversal attacks and write to arbitrary files via multiple leading slashes in a path in an ARJ archive...

My_EGallery Module 3.1.1 - Remote Include Command Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/9113/info A problem has been identified in the handling of input by MyeGallery. Because of this, it may be possible for a remote user to gain unauthorized access to a system using the vulnerable software. MyeGallery explo...

ZipScan 2.2c SEH

No description provided by source. !/usr/bin/perl Software : ZipScan 2.2c .zip Bug found by : Lincoln Author : Lincoln & corelanc0d3r OS : Windows Tested on : XP SP3 En VirtualBox Type of vuln : SEH Greetz to : Corelan Security Team...

CVE-2014-0238

The cdfreadpropertyinfo function in cdf.c in the Fileinfo component in PHP before 5.4.29 and 5.5.x before 5.5.13 allows remote attackers to cause a denial of service infinite loop or out-of-bounds memory access via a vector that 1 has zero length or 2 is too long...

Blade API Monitor - Unicode Bypass Serial Number Buffer Overflow

!/usr/bin/python -w --------------------------------------------------------------------------------- Exploit: Blade API Monitor Unicode Bypass Serial Number BOF Author: b33f Ruben Boonen - http://www.fuzzysecurity.com http://www.fuzzysecurity.com/exploits/8.html OS: WinXP PRO SP3 Software:...

K-Rate Advanced Picture Rating Cross Site Scripting

x Author: Andrea Bocchetti x Contact: [email protected] x Homepage : www.geekit.it // Software Info x Name : K-Rate Advanced Picture Rating Script x Vendor : http://kratedemo.com Quick Search fields are potentially exploitable XSS alert/XSS/...

CVE-2010-3357

gnome-subtitles 1.0 places a zero-length directory name in the LDLIBRARYPATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory...

Secure Browser 2.0 DOS Exploit

Exploit for php platform in category dos / poc ============================== Secure Browser 2.0 DOS Exploit ============================== -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-=-=-=-==-=-=-=-==-=-=-=-==-=-=-= AUTHOR : Cur53D MAIL : Hyq6xxatgmail.com DATE :...

CVE-2009-2651

main/rtp.c in Asterisk Open Source 1.6.1 before 1.6.1.2 allows remote attackers to cause a denial of service crash via an RTP text frame without a certain delimiter, which triggers a NULL pointer dereference and the subsequent calculation of an invalid pointer...

Avax Vector ActiveX 1.3 (avPreview.ocx) Denial of Service Exploit

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Sec-r1z.com =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Vulnerabilities : Avax Vector ActiveX 1.3 avPreview.ocx Denial of Service Exploit Bug Hunter: SatanHackers...

Exodus 0.10 - URI Handler Arbitrary Parameter Injection (1)

Exodus 0.10 - URI Handler Arbitrary Parameter Injection 1 -------------------------------------------------------------------------------- Exodus v0.10 uri handler arbitrary parameter injection by Nine:Situations:Group::strawdog tested against IE8b/xpsp3 may not work against non-English systems...

DTSA-56-1 zziplib - arbitrary code execution

Bulletin has no description...

sazcart v1.5 (cart.php) Remote File include

---Hitamputih crew--- Bug Found By : IbnuSina vendor : http://sazcart.com/site Risk : High Greetz : Solpot,permenhack,barbarosa,cah|gemblunkz,fungmen,setiawan,irvian,meteoroid and all member hitamputih crew community bug found on admin/controls/cart.php include$saz'settings''shippingfolder'...

Coppermine Photo Gallery <= 1.4.10 Remote SQL Injection Exploit

No description provided by source. !/usr/bin/php ?php if$argc 4 print "\n---------------------------------------------------------"; print "\nAffected.scr..: Coppermine Photo Gallery = 1.4.10"; print "\nPoc.ID........: 19070104"; print "\nType..........: SQL Injection"; print "\nRisk.level....:...

[MajorSecurity] phpMyAgenda 3.0 Final - Remote File Include Vulnerability

MajorSecurity phpMyAgenda 3.0 Final - Remote File Include Vulnerability -------------------------------------------------------- Software: phpMyAgenda Version: 3.0 Final Type: Remote File Include Vulnerability Date: April, 24th 2006 Vendor: phpMyAgenda Page: http://phpmyagenda.com Risc: High...

LogicBill 1.0 SQL inj.

LogicBill 1.0 SQL inj. Vuln. dicovered by : r0t Date: 25 nov. 2005 orginal advisory:http://pridels.blogspot.com/2005/11/logicbill-10-sql-inj.html Vendor:http://www.logicbill.com affected version: 1.0 and prior Product description: LogicBill is a fully featured web based billing application. It...

CA BrightStor ARCserve Backup - 'dsconfig.exe' Remote Buffer Overflow

/ CA BrightStor ARCserve Backup Buffer Overflow - dsconfig.exe cybertronicatgmxdotnet / include include include include define PORT 41523 unsigned char bindshell = "\xeb\x19\x5e\x31\xc9\x81\xe9\x89\xff\xff\xff\x81\x36\x80\xbf\x32" "\x94\x81\xee\xfc\xff\xff\xff\xe2\xf2\xeb\x05\xe8\xe2\xff\xff\xff"...

Microsoft Outlook Express - NNTP Buffer Overflow (MS05-030)

include include include include pragma commentlib,"ws232" / win32bind - EXITFUNC=process LPORT=4444 Size=344 Encoder=PexFnstenvSub http://metasploit.com / unsigned char scode = "\x31\xc9\x83\xe9\xb0\xd9\xee\xd9\x74\x24\xf4\x5b\x81\x73\x13\x96"...

imap-uw IMAP server CRAM-MD5 unauthorized access

It's possible to access mailboxes of different users...

XSS Vulnerability in ForumKIT

Vulnerable System : forumKIT 1.0 Description : an XSS is founded in the variable members that have the value 'true' you can exchange it with XSS Code . exploit : http://forum.target.com/f.aspx?members="scriptalertdocument.cookie;/script this exploit is discovered by : neO e-mail :...