2611 matches found
PHP Ticket System Beta 1 (get_all_created_by_user.php, id param) - SQL Injection
No description provided by source. ============================================================== Title ...| PHP Ticket System SQL Injection Version .| BETA1.zip Date ....| 27.02.2014 Found ...| HauntIT Blog Home ....| http://sourceforge.net/projects/phpticketsystem/...
Pet Grooming Management System <= 2.0 Arbitrary Add-Admin Exploit
No description provided by source. !/usr/bin/perl use strict; use LWP::UserAgent; print -+- Pet Grooming Management System = 2.0 Arbitrary Add-Admin Exploit -+-\n; print -+- Discovered && Coded By: t0pP8uZz - Discovered On: 15 MAY 2008 -+-\n; print -+- Script Download:...
minb 0.1.0 - Remote Code Execution Exploit
No description provided by source. !/usr/bin/python minb Remote Code Execution Exploit AUTHOR : IRCRASH R3d.W0rm Sina Yazdanmehr Discovered by : IRCRASH R3d.W0rm Sina Yazdanmehr Our Site : Http://IRCRASH.COM IRCRASH Team Members : Dr.Crash - R3d.w0rm Sina Yazdanmehr Site : http://minb.sf.net...
PHPcounter <= 1.3.2 (defs.php l) Local File Inclusion Vulnerability
No description provided by source. :::::::-. ... ::::::. :::. ;;, ';, ;; ;;;;;;;, ;;; ' . ' $$, $$$$ $$$ $$$ Y$c$$ 888,o8P'88 .d888 888 Y88 MMMMP YmmMMMM MMM YM Discovered by dun \ dunatstrcpy.pl PHPcounter = 1.3.2 Local File Inclusion Vulnerability Script: A multi-account real time web-site...
T-dah Webmail CSRF & Stored XSS
No description provided by source. ----------------------------------------------------------- / | | | | | | | | | | | | | | | | | / |/ |/ \ | | || | || | | | | / | ||\,|,||| ----------------------------------------------------------- T-dah Webmail CSRF & Stored XSS Bug discovered by Pr0T3cT10n...
PortalXP - Teacher Edition 1.2 - Multiple SQL Injection Vulnerabilities
No description provided by source. + PortalXP - Teacher Edition 1.2 Multiple SQL Injection Vulnerabilities + Discovered By SirGod + http://insecurity-ro.org + http://h4cky0u.org + Download :...
TrueCrypt Warns Software 'Not Secure,' Development Shut Down
Is it a hoax, or the end of the line for TrueCrypt? At the moment, there is little more than speculation as to the appearance today of an ominous note greeting visitors to the TrueCrypt page at SourceForge. The text warns that the open source encryption software is not secure and informs users th...
Jasper Server 5.5 Session Fixation
Session Fixation / Hijacking on JasperServer + Date: 09/05/2014 + Risk: High + CWE number: CWE-384 + Author: Felipe Andrian Peixoto + Vendor Homepage: http://www.jaspersoft.com/ + Software Download : http://sourceforge.net/projects/jasperserver/ + Contact: [email protected] + Tested on:...
InfraRecorder 0.53 - Memory Corruption (Denial of Service)
InfraRecorder 0.53 - Memory Corruption Denial of Service Exploit Title: InfraRecorder Memory Corruption Exploit DOS Author: sajith version: version 0.53 vulnerable app link: http://sourceforge.net/projects/infrarecorder/files/InfraRecorder/0.53/ir053.exe/download Tested in windows Xp sp3,english...
InfraRecorder 0.53 - Memory Corruption (Denial of Service)
Exploit Title: InfraRecorder Memory Corruption Exploit DOS Author: sajith version: version 0.53 vulnerable app link: http://sourceforge.net/projects/infrarecorder/files/InfraRecorder/0.53/ir053.exe/download Tested in windows Xp sp3,english rawinput"hit enter to fuzz" print "poc by sajith shetty"...
Postfix Admin 'functions.inc.php' SQL注入漏洞
BUGTRAQ ID: 66455 CVECAN ID: CVE-2014-2655 Postfix是Unix类操作系统中所使用的邮件传输代理。 用于程序没有在SQL查询前充分过滤用户提供的数据,允许攻击者危及应用程序,访问或修改数据,或利用底层数据库中潜在的漏洞。 0 Postfix Admin Postfix Admin 2.3.5 Postfix Admin Postfix Admin 2.3.4 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://sourceforge.net/projects/postfixadmin/...
TigerVNC "ZRLE_DECODE()"缓冲区溢出漏洞
CVE ID:CVE-2014-0011 TigerVNC是一种先进的VNC的实现。 由于"ZRLEDECODE"功能common/rfb/zrleDecode.h存在边界错误,攻击者可以利用漏洞导致缓冲区溢出。 0 TigerVNC 1.x TigerVNC 1.3.1版本以修复此漏洞,建议用户下载使用: http://sourceforge.net/projects/tigervnc/...
PhpSiteManager 1.1.1 Cross Site Scripting
Exploit Title: PhpSiteManager 1.1.1 Cross site scripting Date: 2014 18 March Author: Dr.3v1l Vendor Homepage: http://sourceforge.net/projects/bakari Download : http://filewatcher.com/m/phpSMv1.1.2.tgz.338496-0.html Version : 1.1.1 Tested on: Windows Category: webapps Google Dork: intext:"Powered ...
Bigace 2.7.5 LFI / XSS / SQL Injection
Exploit Title: Bigace 2.7.5 Blind Sql Injection Bigace 2.7.5 Cross site scripting Bigace 2.7.5 Local File Inclusion Date: 2014 18 March Author: Dr.3v1l Vendor Homepage: http://sourceforge.net/projects/bigace/files/bigace2.7.5.zip Version : 2.7.5 Tested on: Windows Category: webapps Google Dork:...
MicroP 0.1.1.1600 - '.mppl' Local Stack Buffer Overflow
!/usr/bin/env ruby Exploit Title:MicroP.mppl Local Stack Based Buffer Overflow Author:Necmettin COSKUN = twitter.com/babayarisi Blog : http://www.ncoskun.com http://www.grisapka.org Vendor :http://sourceforge.net/projects/microp/ Software...
MicroP 0.1.1.1600 - .mppl Local Stack Buffer Overflow
MicroP 0.1.1.1600 - .mppl Local Stack Buffer Overflow !/usr/bin/env ruby Exploit Title:MicroP.mppl Local Stack Based Buffer Overflow Author:Necmettin COSKUN = twitter.com/babayarisi Blog : http://www.ncoskun.com http://www.grisapka.org Vendor :http://sourceforge.net/projects/microp/ Software...
MicroP 0.1.1.1600 Buffer Overflow
!/usr/bin/env ruby Exploit Title:MicroP.mppl Local Stack Based Buffer Overflow Author:Necmettin COSKUN = twitter.com/babayarisi Blog : http://www.ncoskun.com http://www.grisapka.org Vendor :http://sourceforge.net/projects/microp/ Software...
PHP Ticket System Beta 1 - get_all_created_by_user.php?id SQL Injection
PHP Ticket System Beta 1 - getallcreatedbyuser.php?id SQL Injection ============================================================== Title ...| PHP Ticket System SQL Injection Version .| BETA1.zip Date ....| 27.02.2014 Found ...| HauntIT Blog Home ....|...
doorGets 6.0 Cross Site Scripting
============================================================== Title ...| doorGets 6.0 Multiple vulnerabilities Version .| doorGets 6.0 Date ....| 27.02.2014 Found ...| HauntIT Blog Home ....| http://sourceforge.net ==============================================================...
PHP Ticket System Beta 1 - 'get_all_created_by_user.php?id' SQL Injection
============================================================== Title ...| PHP Ticket System SQL Injection Version .| BETA1.zip Date ....| 27.02.2014 Found ...| HauntIT Blog Home ....| http://sourceforge.net/projects/phpticketsystem/ ==============================================================...