VerliAdmin <= 0.3 (language.php) Local File Inclusion Exploit

No description provided by source. !/usr/bin/perl VerliAdmin = 0.3 Remote Command Execution Exploit linK : http://bohyn.czechweb.cz/ d0rk: allinurl:verliadmin cod3d and f0unded by Kw3RLn from Romanian Security Team a.K.A http://RST-CREW.NET Contact: ciriboflacsATYaHOo.com or [email protected]...

jmd-cms - Multiple Vulnerabilities

No description provided by source. ''' | / |/ \ /\ | | | | \ | \ / | | | | / \ | | | | | | | |/| | | | |/ /\ | | | | | | | | || / \ || | | | || ||// \/|/ http://www.exploit-db.com/moaub-19-jmd-cms-multiple-remote-vulnerabilities/ ''' Abysssec Inc Public Advisory Title : JMD-CMS Multiple Remote...

WordPress Random Banner 1.1.2.1 Cross Site Scripting

Exploit Title : Wordpress random-banner.1.1.2.1 Cross Site Scripting Exploit Author : Ashiyane Digital Security Team Vendor Homepage : http://wordpress.org/plugins/random-banner/ Software Link : http://downloads.wordpress.org/plugin/random-banner.1.1.2.1.zip Date : 2014-06-28 Tested on : Windows ...

WordPress Easy Banners 1.4 Cross Site Scripting

Exploit Title : Wordpress easy-banners.1.4 Cross Site Scripting Exploit Author : Ashiyane Digital Security Team Vendor Homepage : http://wordpress.org/plugins/easy-banners/ Software Link : http://downloads.wordpress.org/plugin/easy-banners.1.4.zip Date : 2014-06-28 Tested on : Windows 7 / Mozilla...

CVE-2013-1668

The uploadFile function in upload/index.php in CosCMS before 1.822 allows remote administrators to execute arbitrary commands via shell metacharacters in the name of an uploaded file. Recent assessments: wchen-r7 at September 12, 2019 6:08pm UTC reported: In fact, doesn’t seem like the user shoul...

Python - Interpreter Heap Memory Corruption (PoC)

Python - Interpreter Heap Memory Corruption PoC Title: Python Interpreter Heap Memory Corruption Date: Sun, 30 Mar 2014 20:09:44 -0400 Vulnerability Discovered By : Unknown Proof of Concept : Debasish Mandal https://twitter.com/debasishm89 Software Link: https://www.python.org/ Version: All , Fix...

Crime24 Stealer Panel 1.0 - Multiple Vulnerabilities

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= | \ | | | \ | | | |/ | / | | | | |/ / \ | | | |/ | ' \ | || | | | \ \ || | Twitter @TheHackersBay Pentester / Underground hacker Exploit Title: Crime24 Stealer Panel &in=1&search=Search Example: http://i.imgur.com/zyIr5xv.png...

Crime24 Stealer Panel 1.0 - Multiple Vulnerabilities

Crime24 Stealer Panel 1.0 - Multiple Vulnerabilities =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= | \ | | | \ | | | |/ | / | | | | |/ / \ | | | |/ | ' \ | || | | | \ \ || | Twitter @TheHackersBay Pentester / Underground hacker Exploit Title: Crime24 Stealer Panel...

Memory corruption

Use-after-free vulnerability in Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via vectors related to the CMarkup::IsConnectedToPrimaryMarkup function, as exploited in the wild in April 2014. NOTE: this iss...

Madss Software Solution SQL Injection

Exploit Title : Developed by Madss Software Solution Login page Bypass Vulnerability Exploit Author : Ashiyane Digital Security Team Vendor Homepage : http://madsssoftwaresolution.com Tested on: Windows 7 , Linux Google Dork : intext:"Developed by Madss Software Solution Pvt. Ltd." Date: 2014/4/1...

Catia V5-6R2013 "CATV5_Backbone_Bus" - Stack Buffer Overflow

A stack buffer overflow occurs when copying a user supplied input to a fixed size stack buffer. The copying procedure stops when a null byte is found and no size check is proceeded. The same copying pattern is used for more than one time in the vulnerable procedure but only the below one can be...

Catia V5-6R2013 - &#039;CATV5_Backbone_Bus&#039; Stack Buffer Overflow (PoC)

''' Title: Dassault Syst�mes Catia V5-6R2013 "CATV5BackboneBus" Stack Buffer Overflow Date: 2-18-2014 Author: Mohamed Shetta Email: mshetta |at| live |dot| com Vendor Homepage: http://www.3ds.com/products-services/catia/portfolio/catia-v5/latest-release/ Tested on: Windows 7 & Windows XP...

Simple E-Document 1.31 SQL Injection

Exploit: Simple e-document v1.31 Login Bypass + Author: vinicius777 + Contact: vinicius777 AT gmail @vinicius777sec + version: Simple e-document v1.31 + Vendor Homepage: http://sourceforge.net/projects/simplee-doc/files/ 1 Sql Injection on username field PoC: username=-4731' OR 2708=2708 Burp...

Simple e-document 1.31登录绕过漏洞

No description provided by source. 1 Sql Injection on username field PoC: username=-4731' OR 2708=2708 Burp output POST /simpleedocumentv131/login.php HTTP/1.1 Host: localhost User-Agent: Mozilla/5.0 X11; Linux i686; rv:22.0 Gecko/20100101 Firefox/22.0 Iceweasel/22.0 Accept:...

Easy POS System SQL注入漏洞

No description provided by source. 1 Sql Injection POST Time Based Blind Note: Time based Injection on POST requests using burp, as output indicated. You might use ‘sqlmap -l’ to load it though. PoC: POST /login.php HTTP/1.1 Host: localhost User-Agent: Mozilla/5.0 X11; Linux i686; rv:22.0...

mySeatXT 0.2134 - SQL Injection

mySeatXT 0.2134 - SQL Injection + Exploit: mySeatXT 0.2134 + Author: vinicius777 + Contact: vinicius777 AT gmail @vinicius777 + Vendor Homepage: http://sourceforge.net/projects/myseat 1 Sql Injection PoC: http://localhost/mySeatXT/web/ajax/autocompleteres.php?term=99' 'SQL INJECT' Vulnerable Code...

Easy POS System - &#039;login.php&#039; SQL Injection

Exploit: Easy POS System - SQL Injection + Author: vinicius777 + Contact: vinicius777 AT gmail @vinicius777 + Vendor Homepage: http://sourceforge.net/projects/easypossystem/ 1 Sql Injection POST Time Based Blind Note: Time based Injection on POST requests using burp, as output indicated. You...

mySeatXT 0.2134 - SQL Injection Vulnerability

Exploit for php platform in category web applications + Exploit: mySeatXT 0.2134 + Author: vinicius777 + Contact: vinicius777 AT gmail @vinicius777 + Vendor Homepage: http://sourceforge.net/projects/myseat 1 Sql Injection PoC: http://localhost/mySeatXT/web/ajax/autocompleteres.php?term=99' 'SQL...

Cells Blog 3.3 - Reflected Cross-Site Scripting Blind SQLite Injection

Cells Blog 3.3 - Reflected Cross-Site Scripting Blind SQLite Injection + Exploit: Cells v3.3 XSS Reflected & Blind SQLite Injection + Author: vinicius777 + Contact: vinicius777 AT gmail @vinicius777 + version: Cells Blog 3.3 + Vendor Homepage: http://cells.tw + 14/01/2014 vendor contacted +...

Adult Webmaster PHP - Password Disclosure Vulnerbility

Exploit for php platform in category web applications + Exploit:Adult Webmaster PHP - Password Disclosure + Author: vinicius777 + Email/Twitter: vinicius777 AT gmail @vinicius777 + Vendor Homepage: http://sourceforge.net/projects/adultweb/ 1 Administrative Credential Disclosure PoC:...