WordPress Video Player 1.5.16 Plugin - SQL Injection

Exploit for php platform in category web applications !-- Multiple SQL injection vulnerabilities in WordPress Video Player Abstract It was discovered that WordPress Video Player is affected by multiple blind SQL injection vulnerabilities. Using these issues it is possible for a logged on...

Untangle NGFW 12.1.0 Beta - 'execEvil()' Command Injection

!/usr/bin/python Title: Untangle NGFW "...

Shopify: CSRF in Connecting Pinterest Account

Hi, The connect to Pinterest function is vulnerable to CSRF. This allows an attacker to connect his/her pinterest account to the victim's shopify. Even if the victim has already connected a pinterest account, this will allow the attacker to replace the existing connected pinterest account with th...

WordPress Plugin CP Reservation Calendar 1.1.6 - SQL Injection

Exploit Title: WordPress: cp-reservation-calendar 1.1.6 SQLi injection Date: 2015-09-15 Google Dork: Index of /wp-content/plugins/cp-reservation-calendar/ Exploit Author: Joaquin Ramirez Martinez i0akiN SEC-LABORATORY Software Link: https://downloads.wordpress.org/plugin/cp-reservation-calendar.z...

Rockwell Automation Micrologix 1100 and 1400 PLC Systems Vulnerabilities (Update A)

OVERVIEW This updated advisory is a follow-up to the original advisory titled ICSA-15-300-03 Rockwell Automation MicroLogix 1100 and 1400 PLC Systems Vulnerabilities that was published October 27, 2015, on the NCCIC/ICS-CERT web site. Ilya Karpov of Positive Technologies, David Atch of CyberX, an...

Security Audit Notes: OpenSSL d1_srvr.c Overflow - Advanced Information Security

-= Advanced Information Security Corporation =- ------------------------------------------------------------------------ Author: Nicholas Lemonias Type: Security Audit Notes Date: 17/3/2015 Email: lem.nikolas at gmail dot com Audit: OpenSSL v1.0.2 22nd of January, 2015 Release...

Radexscript CMS 2.2.0 SQL Injection

Vulnerability title: Radexscript CMS 2.2.0 - SQL Injection vulnerability Vendor: http://redaxscript.com/ Product: Radexscript CMS Software link: http://redaxscript.com/download/releases Affected version: Redaxscript 2.2.0 Fixed version: Redaxscript 2.3.0 CVE ID: CVE-2015-1518 Author: Pham Kien...

RedaxScript CMS 2.2.0 - SQL Injection

Exploit Title: Radexscript CMS 2.2.0 - SQL Injection vulnerability Google Dork: N/A Date: 02/09/2015 Exploit Author: Pham Kien Cuong [email protected] & ITAS Team www.itas.vn Vendor Homepage: http://redaxscript.com/ Software Link: http://redaxscript.com/download/releases Version: Redaxscript...

Exploit-Tutorial-1

This is a module that will help you learn the basics of exploit development, the focus on this one is a stack-buffer type of overflow and the platform used is GNU/Linux. Basic Buffer Overflow for Linux - Part of the Exploit Pack Tutorials The following exploit code has been written in Python and...

WordPress Plugin Download Manager 2.7.4 - Remote Code Execution

!/usr/bin/python Exploit Name: Wordpress Download Manager 2.7.0-2.7.4 Remote Command Execution Vulnerability discovered by SUCURI TEAM http://blog.sucuri.net/2014/12/security-advisory-high-severity-wordpress-download-manager.html Exploit written by Claudio Viviani 2014-12-03: Discovered...

WordPress Download Manager 2.7.4 Remote Command Execution

!/usr/bin/python Exploit Name: Wordpress Download Manager 2.7.0-2.7.4 Remote Command Execution Vulnerability discovered by SUCURI TEAM http://blog.sucuri.net/2014/12/security-advisory-high-severity-wordpress-download-manager.html Exploit written by Claudio Viviani 2014-12-03: Discovered...

TRENDnet SecurView Wireless Network Camera TV-IP422WN - 'UltraCamX.ocx' Stack Buffer Overflow (PoC)

TRENDnet SecurView Wireless Network Camera TV-IP422WN UltraCamX.ocx Stack BoF Vendor: TRENDnet Product web page: http://www.trendnet.com Affected version: TV-IP422WN/TV-IP422W Summary: SecurView Wireless N Day/Night Pan/Tilt Internet Camera, a powerful dual-codec wireless network camera with the...

Joomla Kunena Component 3.0.4 - Persistent XSS

No description provided by source. Persistent XSS in Joomla::Kunena 3.0.4 26. February 2014 by Qoppa +++ Description Kunena is the leading Joomla forum component. Downloaded more than 3,750,000 times in nearly 6 years. Kunena is written in PHP. Users can post a Google Map using the following BBCo...

Limbo CMS <= 1.0.4.2L (com_contact) Remote Code Execution Exploit

No description provided by source. !/usr/bin/php -q -d shortopentag=on ? printr' ----------------------------------------------------------------------------- Limbo = 1.0.4.2L comcontact remote commands execution exploit by rgod [email protected] site: http://retrogod.altervista.org dorks:...

Adobe Illustrator CS5.5 Memory Corruption Exploit

No description provided by source. Felipe Andres Manzano [email protected] ''' The vulnerable function follows... ---------------------------------- .text:004A7200 ; =============== S U B R O U T I N E ======================================= .text:004A7200 .text:004A7200 ; Attribute...

Oracle Document Capture 10.1.3.5 Insecure Method / Buffer Overflow

No description provided by source. Source: http://packetstormsecurity.org/files/view/97871/DSECRG-11-006.txt ActiveX components contain insecure methods. Digital Security Research Group DSecRG Advisory DSECRG-11-006 internal DSECRG-09-066 Application: Oracle Document Capture Versions Affected:...

eCryptfs write_tag_3_packet Heap Buffer Overflow Vulnerability

eCryptfs in Linux kernel version 2.6.18 suffer from a writetag3packet heap buffer overflow vulnerability. +--------------------------------------------------------------------------------------------+ | XADV-2013003 Linux Kernel eCryptfs writetag3packet Heap Buffer Overflow Vulnerability |...

mcrypt 2.5.8 - Local Stack Overflow

!/usr/bin/perl Title : mcrypt ', $filename; print F $file; close F; sub buildfile magic $file .= "\x00m\x03"; flags $file .= pack'C', 1 6; algorithm $file .= "H@Ck3d\x00"; keysize $file .= pack'S', 0xdead; mode $file .= "h@cK3d\x00"; keymode $file .= "H@CK3D\x00"; sflags $file .= "\xff"; payload...

Adobe Illustrator CS5.5 Memory Corruption Proof Of Concept

Exploit for windows platform in category dos / poc Felipe Andres Manzano email protected ''' The vulnerable function follows... ---------------------------------- .text:004A7200 ; =============== S U B R O U T I N E ======================================= .text:004A7200 .text:004A7200 ; Attribute...

Active Collab "chat module" 2.3.8 Remote PHP Code Injection

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 'Active Collab "chat module" %q This...