Mattermost 安全漏洞

Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. Mattermost suffers from a SQL injection vulnerability that stems from the use of uncompiled statements, which can be exploited by an attacker to retrieve database data via a specially designed sorting...

Andy's PHP KnowledgeBase 0.95.2 - 'viewusers.php' SQL Injection

'Andy's PHP Knowledgebase' SQL Injection Vulnerability CVE-2011-1546 Mark Stanislav - [email protected] I. DESCRIPTION --------------------------------------- A vulnerability exists in aviewusers.php allowing for SQL injection of the 's' query parameter. II. TESTED VERSION...

Andys PHP KnowledgeBase 0.95.2 - viewusers.php SQL Injection

Andys PHP KnowledgeBase 0.95.2 - viewusers.php SQL Injection 'Andy's PHP Knowledgebase' SQL Injection Vulnerability CVE-2011-1546 Mark Stanislav - [email protected] I. DESCRIPTION --------------------------------------- A vulnerability exists in aviewusers.php allowing for SQL injection of...

Quick Polls 1.0.1 Local File Inclusion / Deletion

'Quick Polls' Local File Inclusion & Deletion Vulnerabilities CVE-2011-1099 Mark Stanislav - [email protected] I. DESCRIPTION --------------------------------------- Two vulnerabilities exist in 'Quick Polls' providing local file inclusion & local file deletion due to null-byte attacks...

'Seo Panel' Cookie-Rendered Persistent XSS Vulnerability (CVE-2010-4331)

'Seo Panel' Cookie-Rendered Persistent XSS Vulnerability CVE-2010-4331 Mark Stanislav - [email protected] I. DESCRIPTION --------------------------------------- A vulnerability exists in 'Seo Panel' page rendering which allows for unfiltered, unencrypted content to be presented to a user...

BSD/x86 - Break chroot (../ 10x Loop) Shellcode (40 bytes)

BSD/x86 - Break chroot ../ 10x Loop Shellcode 40 bytes. Shellcode exploit for BSDx86 platform / One of the smallest chroot shellcodes it will put '../' 10 times Size 40 bytes OS BSD /rootteam/dev0id rootteam.void.ru [email protected] BITS 32 jmp short callme main: pop esi mov edi,esi xor...

BSD/x86 - Bind TCP (2222/TCP) Shell Shellcode (100 bytes)

BSD/x86 - Bind TCP 2222/TCP Shell Shellcode 100 bytes. Shellcode exploit for BSDx86 platform / The bind shellcode that opens the shell on 2222nd port Size 100 bytes OS BSD /rootteam/dev0id rootteam.void.ru [email protected] BITS 32 main: xor eax,eax push byte 0x06 push byte 0x01 push byte 0x0...

WebSpeed Development Mode Check

The remote web server is using WebSpeed, a website creation language used with database-driven websites. The installation of WebSpeed on the remote host is configured to operate in 'Development' rather than 'Production' mode, which could allow users to discover sensitive information and even run...

linux/x86 symlink /bin/sh xoring 56 bytes

No description provided by source. /The shellcode calls the symlink and makes the link to the /bin/sh in the current dir. short version with anti IDS xoring size = 56 bytes OS = BSD written by /rootteam/dev0id www.sysworld.net [email protected] BITS 32 jmp short callme main: pop esi xor ecx,e...