0A29-11-2 : Privilege escalation vulnerability in HP Application Lifestyle Management (ALM) Platform v11

================ Privilege escalation vulnerability in HP Application Lifestyle Management ALM Platform v11 Author: 0a29406d9794e4f9b30b3c5d6702c708 twitter.com/0a29 - 0a29.blogspot.com - GMail 0a2940 ================ Description: ================ The HP Application Lifestyle Management...

HP Application Lifestyle Management Platform 11 Code Execution

================ Privilege escalation vulnerability in HP Application Lifestyle Management ALM Platform v11 Author: 0a29406d9794e4f9b30b3c5d6702c708 twitter.com/0a29 - 0a29.blogspot.com - GMail 0a2940 ================ Description: ================ The HP Application Lifestyle Management...

OpenMyZip 0.1 .ZIP Buffer Overflow

!/usr/bin/perl +Exploit Title: OpenMyZip V0.1 .ZIP File Buffer Overflow Vulnerability +Date: 02\05\2011 +Author: C4SS!0 G0M3S +Software Link: http://download.cnet.com/OpenMyZip/3000-22504-10657274.html +Version: v0.1 +Tested On: WIN-XP SP3 Brazil Portuguese +CVE: N/A use strict; use warnings; my...

CuteZip 2.1 Buffer Overflow

!/usr/bin/perl +Exploit Title: Exploit Buffer Overflow CuteZip 2.1 +Date: 02\12\2011 +Author: C4SS!0 G0M3S +Software Link: http://www.globalscape.com/files/cutezip20b.exe +Version: 2.1 build 9.24.1 +Tested on: WIN-XP SP3 PORTUGUESE BRAZILIAN +CVE: N/A Comment in Brazilian Portuguese || || /...

Oracle Document Capture 10.1.3.5 Insecure Method / Buffer Overflow

ActiveX components contain insecure methods. Digital Security Research Group DSecRG Advisory DSECRG-11-006 internal DSECRG-09-066 Application: Oracle Document Capture Versions Affected: Oracle Document Capture 10.1.3.5 Vendor URL: http://oracle.com Bugs: Insecure method. Buffer overflow. Exploits...

XBMC 9.04.1r20672 soap_action_name post upnp sscanf Buffer Overflow

Exploit for windows platform in category remote exploits =================================================================== XBMC 9.04.1r20672 soapactionname post upnp sscanf Buffer Overflow =================================================================== !/usr/bin/env python ''' - XBMC upnp...

NetBSD 5.0 - Hack GENOCIDE Environment Overflow (PoC)

NetBSD 5.0 - Hack GENOCIDE Environment Overflow PoC !/bin/sh NetBSD 5.0 and below Hack GENOCIDE Environment overflow proof of concept Successfull Exploitation gives guid 100 games Vulnerable Function is in hack.main.c. /usr/games/hack -D use the wizard mode. Only work in wizard mode. It is a basi...

NetBSD 5.0 - Hack GENOCIDE Environment Overflow (PoC)

!/bin/sh NetBSD 5.0 and below Hack GENOCIDE Environment overflow proof of concept Successfull Exploitation gives guid 100 games Vulnerable Function is in hack.main.c. /usr/games/hack -D use the wizard mode. Only work in wizard mode. It is a basic strcpy stack overflow. Such overflows are hard to...

NetBSD 5.0 - Hack PATH Environment Overflow (PoC)

NetBSD 5.0 - Hack PATH Environment Overflow PoC !/bin/sh NetBSD 5.0 and below Hack PATH Environment overflow proof of concept Successfull Exploitation gives guid 100 games Vulnerable Function is in hack.unix.c It is a basic strcpy stack overflow. Such overflows are hard to exploit in NetBSD. If y...

Vermillion FTP Daemon PORT Command Memory Corruption

$Id: vermillionftpdport.rb 8410 2010-02-08 18:53:21Z swtornio $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

TVUPlayer 2.4.9beta1 Active-X Insecure Method

DSECRG-09-065 TuvNetworks TVUPlayer ActiveX component - Insecure method TVUPlayer contains ActiveX component PlayerOcx which contains insecure method that can overwrite any unhidden file in the system. Application: TVUPlayer Versions Affected: Tested on v2.4.9beta1build1797 Vendor URL:...

oBlog - Persistent Cross-Site Scripting / Cross-Site Request Forgery / Admin Brute Force

------------------------------------------------------------------------------------------------- Application: oBlog Version: the only one there is : Download: http://www.dootzky.com/images/projects/oBlog.zip Author of this full disclosure: Milos Zivanovic Vulnerabilities: Persistant XSS, CSRF,...

Microsoft Internet Explorer (AddFavorite) Remote Crash PoC

No description provided by source. ------------------------------------------- IE Add Favourites Stack Buffer Overflow POC Sberry, Compaq ------------------------------------------- html head script language="JavaScript" type="Text/Javascript" function go var str =unescape'%u4141'; var finalstr =...

Microsoft Internet Explorer - AddFavorite Remote Crash (PoC)

Microsoft Internet Explorer - AddFavorite Remote Crash PoC ------------------------------------------- IE Add Favourites Stack Buffer Overflow POC Sberry, Compaq ------------------------------------------- function go var str =unescape'%u4141'; var finalstr = createInlineBufferstr, 5150000; var l...

MS Internet Explorer (AddFavorite) Remote Crash PoC

Exploit for unknown platform in category dos / poc ========================================================== Microsoft Internet Explorer AddFavorite Remote Crash PoC ========================================================== ------------------------------------------- IE Add Favourites Stack...

TransLucid 1.75 - Multiple Vulnerabilities

transLucid - Cross Site Scripting and HTML Injection Vulnerabilities Version Affected: 1.75 newest Info: transLucidonline is the easy website publishing system with which anyone can create and maintain web content, in multiple languages and based on a growing list of ready-made, professional...

SAP GUI 6.4 - ActiveX (Accept) Remote Buffer Overflow (PoC)

SAP GUI 6.4 - ActiveX Accept Remote Buffer Overflow PoC Digital Security Research Group DSecRG Advisory DSECRG-09-015 Original Advisory: http://dsecrg.com/pages/vul/show.php?id=115 Application: SAP GUI for Windows, EnjoySAP Versions Affected: Version 6.4 Vendor URL: http://SAP.com Bugs: Buffer...

[InterN0T] AdPeeps 8.5d1 - XSS and HTML Injection Vulnerabilities

AdPeeps Ad Rotator - XSS and HTML Injection Vulnerabilities Version Affected: 8.5d1 3-18-09 newest Info: Ad Peeps is a banner rotator and text ad rotator - all in one that allows you to track, sell and manage banner ads, rich-media/flash ads and text ads on your website. Built using PHP/MYSQL, Ad...

Impact Software AdPeeps 8.5d1 - Cross-Site Scripting HTML Injection

Impact Software AdPeeps 8.5d1 - Cross-Site Scripting HTML Injection AdPeeps Ad Rotator - XSS and HTML Injection Vulnerabilities Version Affected: 8.5d1 3-18-09 newest Info: Ad Peeps is a banner rotator and text ad rotator - all in one that allows you to track, sell and manage banner ads,...

BibCiter 1.5 SQL Injection

BibCiter 1.4 Multiple SQL Injection Vulnerability Author: nuclear site: http://bibciter.sourceforge.net/ vuln: http://localhost/path/projects.php?idp=-721 UNION SELECT @@version%23 http://localhost/path/contacts.php?idc=-1 UNION SELECT @@version%23 http://localhost/path/users.php?idu=-1 UNION...