1697 matches found
iPhone 5 and 4 Hacked with same Exploit
iPhone 5 is vulnerable to the same attack that successfully breached an iPhone 4S at the mobile Pwn2Own hacker contest held this week at the EUSecWest event in Amsterdam. As we reported that Joost Pol and Daan Keuper won the mobile Pwn2Own contest by compromising a fully patched iPhone 4S device...
Immunity Canvas: IE_EXECCOMMAND
Name| ieexecCommand ---|--- CVE| CVE-2012-4969 Exploit Pack| CANVAS Description| ieexecCommand Notes| CVE Name: CVE-2012-4969 VENDOR: Microsoft Notes: VersionsAffected: Repeatability: Infinite References: 'http://technet.microsoft.com/en-us/security/advisory/2757760' Date public: 09/17/2012 MSADV...
CVE-2012-6151
creationtimestamp| type| source ---|---|--- 2012-09-05 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/38854...
Shopping Tree Cross Site Scripting
Exploit Title: Shopping Tree Cross Site Scripting Google Dork: "Shopping Tree, Inc" Date: 14/08/2012 Author: IranianDarkCodersTeam Discovered By : Nafsh Site : http://idc-team.net/ Software Link: http://www.shoppingtree.com Bug : /logon.asp?msg= Xss Example :...
DivX Plus Player plugin 2.2.0.52 Buffer Overflow PoC
Exploit for windows platform in category dos / poc Exploit Title: DivX Plus Player plugin 2.2.0.52 Buffer Overflow PoC Crash:http://img507.imageshack.us/img507/40/divx.png Class: Boundary Condition Error Date: 2012-08-14 Author: coolkaveh email protected Https://twitter.com/coolkaveh Vendor...
VLC Media Player '.3gp'文件除零拒绝服务漏洞
BUGTRAQ ID: 54791 VLC Media Player是多媒体播放器(最初命名为VideoLAN客户端)是VideoLAN计划的多媒体播放器。 VLC Media Player 2.0.2及其他版本在实现上存在拒绝服务漏洞,成功利用可允许攻击者造成受影响应用崩溃。 0 VLC Media Player 2.0.2 厂商补丁: VideoLAN -------- 目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本: http://www.videolan.org/ !/usr/bin/perl my $a...
AOL Products downloadUpdater2 Plugin - 'SRC' Remote Code Execution
AOL Products downloadUpdater2 Plugin SRC Parameter Remote Code Execution tested against: Microsoft Windows Vista sp2 Microsoft Windows Server 2003 r2 sp2 Mozilla Firefox 14.0.1 download url: http://client.web.aol.com/toolbarfiles/Prod/downloads/downloadupdater/dnupdatersetup.exe this was the upda...
Symantec Web Gateway 5.0.3.18 - pbcontrol.php Root Remote Code Execution
Symantec Web Gateway 5.0.3.18 - pbcontrol.php Root Remote Code Execution !/usr/bin/python import urllib import sys ''' print " " print " Symantec Web Gateway 5.0.3.18 pbcontrol.php ROOT RCE Exploit" print " Offensive Security - http://www.offensive-security.com" print " \n" 06 Jun 2012:...
CVE-2012-1620
slock 0.9 does not properly handle the XRaiseWindow event when the screen is locked, which might allow physically proximate attackers to obtain sensitive information by pressing a button, which reveals the desktop and active windows...
BoutikOne CSRF Add User Vulnerability
Exploit for php platform in category web applications !/usr/bin/perl -w Exploit Title: BoutikOne CSRF Add User Exploit Author: GarA Vendor Homepage: www.boutikone.com Tested on: Win Xp sp3 system "color a"; system "cls"; $numargs = $ARGV + 1; if $numargs != 4 print " :MM:....:HMMM .MMMMMMMMMM. \n...
GetSimple Plugins - The Photo Gallery Timthumb Vulnerability
Exploit for php platform in category web applications 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 +...
Galette <=0.63 picture.class.php SQL注入漏洞
No description provided by source...
SilverStripe CMS 2.4.7 (install.php) Remote Command Execution
Exploit for php platform in category web applications Exploit Title: SilverStripe CMS 2.4.7 install.php Remote Command Execution Exploit Date: 26 Nisan 2012 Author: Mehmet INCE Twitter: https://twitter.com/!/mmetince Company: Bilgi Güvenliği Akademisi www.bga.com.tr Software Link:...
Office based Trojan threat for Mac OS X by Chinese hackers
Office based Trojan threat for Mac OS X by Chinese hackers Security company ESET watches the newly found Trojan for OS X establish connections and receive commands to steal information. Earlier this month, researchers from AlienVault and Intego reported a new malware attack targeting Tibetan NGOs...
THOMAS (The Library Of Congress) Cross Site Scripting
Exploit Title: THOMAS The Library of CongressCross Site Scripting Google Dork: - Date: 26/3/2012 1:35 AM Malaysia Author: Ryuzaki Lawlet Blog: http://justryuz.blogspot.com Tested on: Linux OSHIRIX CVE : XSS Vulnerable Vulnerable : http://thomas.loc.gov/cgi-bin/query/z?c112= Live Preview Sites:...
FBI charge Anonymous for stealing CC worth $700000 in Stratfor attack
FBI charge Anonymous for stealing CC worth $700000 in Stratfor attack The FBI has revealed that there were $700,000 worth of fraudulent credit card charges after hacktivist group Anonymous stole nearly 200 gigabytes of data, including credit card numbers, from security firm Stratfor. Anonymous...
Windows Media Player v11.0.5721.5262 Remote Denial Of Service
Exploit for windows platform in category dos / poc import socket, binascii print "\n" print "----------------------------------------------------------------" print "| WMP11 Remote Null Pointer |" print "| Level, Smash the Stack |" print "| Windows XP SP3 x86, Windows Media Player v11.0.5721.5262...
Putty 0.60 - Crash (PoC)
print "\n" print "----------------------------------------------------------------" print "| putty 0.60 Null Ptr |" print "| Level Smash the Stack |" print "----------------------------------------------------------------" print "\n" import sys, socket, binascii HOST = sys.argv1 PORT = 22 s =...
Java Applet Rhino Script Engine - Remote Code Execution (Metasploit)
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' require 'rex' class Metasploit3 'Jav...
Apache Server 2.3.14 Denial of Service (DDOS) Vulnerability exploit
Apache Server 2.3.14 Denial of Service DDOS Vulnerability exploit Latest version of Apache Server 2.3.14 fails.The Egyptian Hacker and Exploit writer "Xen0n " discovered this Vulnerability and Develop an perl exploit for DDOS Vulnerability. The Exploit is available on Inj3ct0r's Website...