1697 matches found
PHP 5.x / Bash Shellshock Proof of Concept
This is a proof of concept that demonstrates how the Bash shellshock vulnerability can be used in PHP to bypass disablefunctions, safemode, etc...
Microsoft Internet Explorer 8 - Fixed Col Span ID (Full ASLR + DEP + EMET 5.0 Bypass) (MS12-037)
Microsoft Internet Explorer 8 - Fixed Col Span ID Full ASLR + DEP + EMET 5.0 Bypass MS12-037 function strtointstr return str.charCodeAt10x10000 + str.charCodeAt0; var free = "EEEE"; while free.length 500 free += free; var string1 = "AAAA"; while string1.length 500 string1 += string1; var string2...
Joomla Mac Gallery 1.5 Arbitrary File Download
Exploit Title : Joomla Mac Gallery = 1.5 Arbitrary File Download Exploit Author : Claudio Viviani Vendor Homepage : https://www.apptha.com Software Link : https://www.apptha.com/downloadable/download/sample/sampleid/18 Dork Google: inurl:option=commacgallery Date : 2014-09-17 Tested on : Windows ...
CVE-2014-6437
creationtimestamp| type| source ---|---|--- 2014-09-15 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/39314...
ActualAnalyzer Lite 2.81 - Command Execution
ActualAnalyzer exploit. Tested on Lite version We load command into a dummy variable as we only have 6 characters to own the eval but load more as first 2 characters get rm'd. We then execute the eval with backticks. 11/05/2011 import urllib import urllib2 import sys import time def banner: print...
CVE-2014-8375
creationtimestamp| type| source ---|---|--- 2014-08-11 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/39282...
CVE-2014-2595
creationtimestamp| type| source ---|---|--- 2014-08-04 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/39278...
WebEngage 2.0.0 - resize.php height Parameter XSS
The WebEngage Feedback, Survey and Notification WordPress plugin was affected by a resize.php height Parameter XSS security vulnerability...
Cross site scripting
Cross-site scripting XSS vulnerability in the Ajax system in Drupal 7.x before 7.29 allows remote attackers to inject arbitrary web script or HTML via vectors involving forms with an Ajax-enabled textfield and a file field...
OL-Commerce 2.1.1 Cross Site Scripting / SQL Injection Vulnerabilities
OL-Commerce version 2.1.1 suffers from cross site scripting and remote SQL injection vulnerabilities. OL-Commerce v2.1.1 - Multiple Vulnerabilties =================================================================== .:. Author : AtT4CKxT3rR0r1ST .:. Contact : email protected , email protected .:...
yongyouNC /hrss/ELTextFile.load.d 信息泄漏漏洞
No description provided by source...
CVE-2014-5109
creationtimestamp| type| source ---|---|--- 2014-07-17 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/39347...
CVE-2014-5112
creationtimestamp| type| source ---|---|--- 2014-07-17 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/39352...
CVE-2014-9301
creationtimestamp| type| source ---|---|--- 2014-07-16 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/39258...
CVE-2014-9302
creationtimestamp| type| source ---|---|--- 2014-07-16 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/39259...
百度浏览器海外版(Spark Browser) v26.5.9999.3511 - Remote Stack Overflow Vulnerability (DoS)
Vendor: Baidu, Inc. Product web page: http://www.baidu.com Affected version: 26.5.9999.3511 Summary: Spark Browser is a free Internet browser with very sharp UIs and cool utilities. It's based on the Chromium technology platform, giving it fast browsing capabilities. Desc: Spark Browser version...
linux/x86 append "/etc/passwd" & exit() 107 bytes
No description provided by source. / appendpasswd.c Payload: Adds the string: toor::0:0:t00r:/root:/bin/bash to /etc/passwd thereby adding a password-less root account with login name toor Platform: linux/x86 Size: 107 bytes Author: $andman / / 08049054 start: 8049054: eb 38 jmp 804908e callfunc...
Gert Doering mgetty 1.1.19/1.1.20/1.1.21/1.22.8 Symbolic Link Traversal
No description provided by source. source: http://www.securityfocus.com/bid/1612/info A vulnerability exists in a portion of the mgetty package, by Gert Doering. By exploiting a flaw in the faxrunq and faxrunqd programs, it is possible for local users to create arbitrary files, and alter arbitrar...
JM CMS 1.0 <= 1.0 - (Auth Bypass) SQL Injection Vulnerability
No description provided by source...
2daybiz Freelance Script SQL Injection Vulnerability Exploit
No description provided by source. ----------------------------Information------------------------------------------------ +Autor : Easy Laster +ICQ : 11-051-551 +Info : http://www.2daybiz.com/freelancescript.html +Discovered by Easy Laster 4004-security-project.com +Security Group...