41207 matches found
Clipbucket 2.6 Revision 738 - Multiple SQL Injections
Clipbucket 2.6 Revision 738 - Multiple SQL Injections Advisory ID: HTB23125 Product: ClipBucket Vendor: clip-bucket.com Vulnerable Versions: 2.6 Revision 738 and probably prior Tested Version: 2.6 Revision 738 Vendor Notification: November 7, 2012 Vendor Patch: November 28, 2012 Public Disclosure...
Samsung Kies 2.3.2.12054_20 - Multiple Vulnerabilities
Samsung Kies 2.3.2.1205420 - Multiple Vulnerabilities Advisory ID: HTB23099 Product: Samsung Kies Vendor: Samsung Electronics Vulnerable Versions: 2.3.2.1205420 and probably prior Tested Version: 2.3.2.1205420 Vendor Notification: June 25, 2012 Public Disclosure: October 15, 2012 Vulnerability...
Trend Micro Interscan Messaging Security Suite - Persistent Cross-Site Scripting Cross-Site Request Forgery
Trend Micro Interscan Messaging Security Suite - Persistent Cross-Site Scripting Cross-Site Request Forgery Exploit Title: Trend Micro InterScan Messaging Security Suite Stored XSS and CSRF Date: 13/09/2012 Exploit Author: modpr0be modpr0beatspentera.com Vendor Homepage: http://www.trendmicro.com...
IrfanView JLS Formats PlugIn - Heap Overflow
IrfanView JLS Formats PlugIn - Heap Overflow Summary ======= IrfanView Formats PlugIn is prone to an overflow condition. The JLS Plugin jpegls.dll library fails to properly sanitize user-supplied input resulting in a heap-based buffer overflow. With a specially crafted JLS compressed image file, ...
Oreans Themida 2.1.8.0 - .TMD File Handling Buffer Overflow
Oreans Themida 2.1.8.0 - .TMD File Handling Buffer Overflow / Oreans Themida v2.1.8.0 TMD File Handling Buffer Overflow Vulnerability Vendor: Oreans Technologies Product web page: http://www.oreans.com Affected version: 2.1.8.0 32/64bit Summary: Advanced Windows software protection system,...
Linux Kernel 2.6.36 IGMP - Remote Denial of Service
Linux Kernel 2.6.36 IGMP - Remote Denial of Service / linux-undeadattack.c Linux IGMP Remote Denial Of Service Introduced in linux-2.6.36 CVE-2012-0207 credits to Ben Hutchings: http://womble.decadent.org.uk/blog/igmp-denial-of-service-in-linux-cve-2012-0207.html written By Kingcope Year 2012...
VMware - Update Manager Directory Traversal
VMware - Update Manager Directory Traversal Exploit Title:VMware Update Manager Directory Traversal Date:18/11/2011 Author: Alexey Sintsov Software Link: http://www.vmware.com/ Version:2.0.2 Tested on: Windows 2003 / vCenter Update Manager 4.1 U1 CVE : CVE-2011-4404 DSECRG-11-042 VMware Update...
BugTracker.NET 3.4.4 - Multiple Vulnerabilities
BugTracker.NET 3.4.4 - Multiple Vulnerabilities Core Security Technologies - CoreLabs Advisory http://corelabs.coresecurity.com/ Multiple vulnerabilities in BugTracker.Net 1. Advisory Information Title: Multiple vulnerabilities in BugTracker.Net Advisory Id: CORE-2010-1109 Advisory URL:...
EMC Celerra NAS Appliance - Unauthorized Access to Root NFS Export
EMC Celerra NAS Appliance - Unauthorized Access to Root NFS Export Trustwave's SpiderLabs Security Advisory TWSL2010-003: Unauthorized access to root NFS export on EMC Celerra Network Attached Storage NAS appliance https://www.trustwave.com/spiderlabs/advisories/TWSL2010-003.txt Published:...
Adobe Photoshop CS4 Extended 11.0 - .GRD File Handling Remote Buffer Overflow (PoC)
Adobe Photoshop CS4 Extended 11.0 - .GRD File Handling Remote Buffer Overflow PoC / Title: Adobe Photoshop CS4 Extended 11.0 GRD File Handling Remote Buffer Overflow PoC Summary: The Adobe® Photoshop® family of products is the ultimate playground for bringing out the best in your digital images,...
CodeIgniter 1.0 - BASEPATH Multiple Remote File Inclusions
CodeIgniter 1.0 - BASEPATH Multiple Remote File Inclusions source: https://www.securityfocus.com/bid/38672/info CodeIgniter is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to...
Joomla! Component com_doqment - cid SQL Injection
Joomla! Component comdoqment - cid SQL Injection Joomla Component comdoqment cid SQL Injection Vulnerability Author : Gamoscu Site : www.1923turk.biz Site : www.1923turk.com Greetz : Baybora - Manas58 - Delibey - Tiamo - Psiko - Turco - infazci - X-TRO Blog : http://gamoscu.wordpress.com/ DORK:...
Lizard Cart - Arbitrary File Upload
Lizard Cart - Arbitrary File Upload ======================================================================================== | Title : Lizard Cart Upload Shell Vulnerability | | Author : indoushka | | email : [email protected] | | Home : Souk Naamane - 04325 - Oum El Bouaghi - Algeria...
Linux Kernel 2.6.19 (x86x64) - udp_sendmsg Local Privilege Escalation (2)
Linux Kernel 2.6.19 x86x64 - udpsendmsg Local Privilege Escalation 2 / second verse, same as the first CVE-2009-2698 udpsendmsg, x86/x64 Cheers to Julien/Tavis for the bug, p0c73n1 for just throwing code at NULL and finding it executed This exploit is a bit more nuanced and thoughtful ; use...
Cisco WLC 4402 - Basic Auth Remote Denial of Service (Metasploit)
Cisco WLC 4402 - Basic Auth Remote Denial of Service Metasploit require 'msf/core' class Metasploit3 'Cisco WLC 4200 Basic Auth Denial of Service', 'Description' = %q This module triggers a Denial of Service condition in the Cisco WLC 4200 HTTP server. By sending a GET request with long...
unclassified NewsBoard 1.6.4 - Multiple Vulnerabilities
unclassified NewsBoard 1.6.4 - Multiple Vulnerabilities Author girex Homepage girex.altervista.org Date 31/05/2009 CMS Unclassified NewsBoard 1.6.4 and maybe lower Dork "This board is powered by the Unclassified NewsBoard software, 1.6.4" Multiple remote vulnerabilities 1 Remote SQL Injection...
ClanWeb 1.4.2 - Remote Change Password Add Admin
ClanWeb 1.4.2 - Remote Change Password Add Admin =-=-remote change password and add admin xpl-=-= -=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-=-=-=-=-=-=-=-= script:ClanWeb 1.4.2 ------------------------------------------------- Author: ahmadbady my site :Coming Soon...
LoudBlog 0.8.0a - ajax.php SQL Injection
LoudBlog 0.8.0a - ajax.php SQL Injection !/usr/bin/perl This Exploit requires a valid user name and password of an account regardless of the permissions Author: Xianur0 Affected: All Versions Bug: SQL Injection Doorks: allintext: "powered by LoudBlog" use HTTP::Request::Common qwPOST; use...
Active Link Engine - default.asp?catid SQL Injection
Active Link Engine - default.asp?catid SQL Injection Title : Active Link Engine Remote SQL Injection Vulnerability Author : CyberGhost My Web Site : http://aspspider.org/cgsecurity Demo Page : http://www.activewebsoftwares.com/demoactivelinkengine Script Page :...
WebText 0.4.5.2 - Remote Code Execution
WebText 0.4.5.2 - Remote Code Execution DEVIL TEAM IRC: irc.milw0rm.com:6667 devilteam http://www.rahim.webd.pl/ ======== Contact: [email protected] cod3d by Kacper -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=...
Linux Kernel 2.6.13 2.6.17.4 - sys_prctl() Local Privilege Escalation (3)
Linux Kernel 2.6.13 2.6.17.4 - sysprctl Local Privilege Escalation 3 / $Id: raptorprctl.c,v 1.1 2006/07/13 14:21:43 raptor Exp $ raptorprctl.c - Linux 2.6.x suiddumpable vulnerability Copyright c 2006 Marco Ivaldi The suiddumpable support in Linux kernel 2.6.13 up to versions before 2.6.17.4, and...
Spid 1.3 - lang_path File Inclusion
Spid 1.3 - langpath File Inclusion source: https://www.securityfocus.com/bid/14208/info SPiD is a gallery management application written in PHP. SPiD is prone to a remote file include vulnerability, due to lack of validation of user input. An attacker may leverage this issue to execute arbitrary...
PPA 0.5.6 - ppa_root_path File Inclusion
PPA 0.5.6 - pparootpath File Inclusion source: https://www.securityfocus.com/bid/14209/info PPA is susceptible to a remote file include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitra...
Microsoft Windows - SMB Transaction Response Handling (MS05-011)
Microsoft Windows - SMB Transaction Response Handling MS05-011 / Windows SMB Client Transaction Response Handling MS05-011 CAN-2005-0045 This works against Win2k cybertronicatgmxdotnet http://www.livejournal.com/users/cybertronic/ usage: gcc -o mssmbpoc mssmbpoc.c ./mssmbpoc connect via \ip and...
osTicket 1.21.3 - Multiple Input Validation Remote Code Injection Vulnerabilities
osTicket 1.21.3 - Multiple Input Validation Remote Code Injection Vulnerabilities source: https://www.securityfocus.com/bid/13478/info osTicket is affected by multiple input validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input...
PunBB 1.2.4 - id SQL Injection
PunBB 1.2.4 - id SQL Injection !/usr/bin/python | || | | | | | | | || || \ | |/ || '|/ |/ -| ' \ / -/ |||| /| || / ||||,||| ,|||||||,| || |||||| Proof of concept code from the Hardened-PHP Project -= PunBB 1.2.4 =- changeemail SQL injection exploit user-supplied data within the database is...
Microsoft Windows SQL Server - Remote Denial of Service (MS03-031)
Microsoft Windows SQL Server - Remote Denial of Service MS03-031 //////////////////////////////////////////////////////////////// // // Microsoft SQL Server DoS Remote Exploit MS03-031 // By refdom of xfocus // //////////////////////////////////////////////////////////////// include include inclu...
cPanel 5.0 - Guestbook.cgi Remote Command Execution (2)
cPanel 5.0 - Guestbook.cgi Remote Command Execution 2 source: https://www.securityfocus.com/bid/6882/info A remote command execution vulnerability has been discovered in the cPanel CGI Application. This issue occurs due to insufficient sanitization of externally supplied data to the 'guestbook.cg...
DotBr 0.1 - System.php3 Remote Command Execution
DotBr 0.1 - System.php3 Remote Command Execution source: https://www.securityfocus.com/bid/6866/info The DotBr 'system.php3' script is prone to a remote command execution vulnerability. This is due to insufficient sanitization of user-supplied data. Exploitation may result in execution of arbitra...
SSH (x2) - Remote Command Execution
SSH x2 - Remote Command Execution https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/349.tgz x2.tgz milw0rm.com 2002-05-01...
DC Scripts DCShop Beta 1.0 02 - File Disclosure (2)
DC Scripts DCShop Beta 1.0 02 - File Disclosure 2 source: https://www.securityfocus.com/bid/2889/info DCShop is a GCI-based ecommerce system from DCScripts. Under certain configurations, a beta version of this product can allow a remote user to request and obtain files containing confidential ord...
Magento WooCommerce CardGate Payment Gateway 2.0.30 - Payment Process Bypass
Magento WooCommerce CardGate Payment Gateway 2.0.30 - Payment Process Bypass Exploit Title: Magento WooCommerce CardGate Payment Gateway 2.0.30 - Payment Process Bypass Discovery Date: 2020-02-02 Public Disclosure Date: 2020-02-22 Exploit Author: GeekHack Vendor Homepage: https://www.cardgate.com...
Cuckoo Clock v5.0 - Buffer Overflow
Cuckoo Clock v5.0 - Buffer Overflow Exploit Title: Cuckoo Clock 5.0 - Buffer Overflow Exploit Author: boku Date: 2020-02-14 Vendor Homepage: https://en.softonic.com/author/pxcompany Software Link: https://en.softonic.com/download/parallaxis-cuckoo-clock/windows/post-download Version: 5.0 Tested O...
Torrent iPod Video Converter 1.51 - Stack Overflow
Torrent iPod Video Converter 1.51 - Stack Overflow Exploit Title: Torrent iPod Video Converter 1.51 - Stack Overflow Exploit Author: boku Date: 2020-02-10 Software Vendor: torrentrockyou Vendor Homepage: http://www.torrentrockyou.com Software Link:...
OpenSMTPD 6.6.2 - Remote Code Execution
OpenSMTPD 6.6.2 - Remote Code Execution Exploit Title: OpenSMTPD 6.6.2 - Remote Code Execution Date: 2020-01-29 Exploit Author: 1F98D Original Author: Qualys Security Advisory Vendor Homepage: https://www.opensmtpd.org/ Software Link: https://github.com/OpenSMTPD/OpenSMTPD/releases/tag/6.6.1p1...
Webtareas 2.0 - id SQL Injection
Webtareas 2.0 - id SQL Injection Exploit Title: Webtareas 2.0 - 'id' SQL Injection Date: 2020-01-23 Exploit Author: Greg.Priest Vendor Homepage: http://webtareas.sourceforge.net/general/home.php Software Link: http://webtareas.sourceforge.net/general/home.php Version: Webtareas v2.0 Tested on:...
WebKit - Universal XSS in WebCore::command
WebKit - Universal XSS in WebCore::command frame = document-frame; if !frame || frame-document != document // 1 return Editor::Command; document-updateStyleIfNeeded; // 2 return frame-editor.commandcommandName, userInterface ? CommandFromDOMWithUserInterface : CommandFromDOM; bool...
osTicket 1.12 - Formula Injection
osTicket 1.12 - Formula Injection Exploit Title: osTicket-v1.12 Formula Injection Vendor Homepage: https://osticket.com/ Software Link: https://osticket.com/download/ Exploit Author: Aishwarya Iyer Contact: https://twitter.com/aish9524 Website: https://about.me/aishiyer Category: webapps CVE:...
Ovidentia 8.4.3 - Cross-Site Scripting
Ovidentia 8.4.3 - Cross-Site Scripting ------------------------------------------------------- Exploit Title: Ovidentia CMS - XSS Ovidentia 8.4.3 Description: The vulnerability permits any kind of XSS attacks. Reflected, DOM and Stored XSS. Date: 06/05/2019 CVE: CVE-2019-13977 Exploit Author:...
Thunderbird ESR 60.7.XXX - parser_get_next_char Heap-Based Buffer Overflow
Thunderbird ESR 60.7.XXX - parsergetnextchar Heap-Based Buffer Overflow X41 D-Sec GmbH Security Advisory: X41-2019-002 Heap-based buffer overflow in Thunderbird ========================================= Severity Rating: High Confirmed Affected Versions: All versions affected Confirmed Patched...
Vim 8.1.1365 Neovim 0.3.6 - Arbitrary Code Execution
Vim 8.1.1365 Neovim 0.3.6 - Arbitrary Code Execution by Arminius @rawsec Vim/Neovim Arbitrary Code Execution via Modelines ================================================= Product: Vim 8.1.1365, Neovim 0.3.6 Type: Arbitrary Code Execution CVE: CVE-2019-12735 Date: 2019-06-04 Author: Arminius...
Brocade Network Advisor 14.4.1 - Unauthenticated Remote Code Execution
Brocade Network Advisor 14.4.1 - Unauthenticated Remote Code Execution / Exploit Title: Brocade Network Advisor - Unauthenticated Remote Code Execution Date: 2017-03-29 Exploit Author: Jakub Palaczynski Vendor Homepage: https://www.broadcom.com/ CVE: CVE-2018-6443 Version: Tested on Brocade Netwo...
VMware Workstation 15.1.0 - DLL Hijacking
VMware Workstation 15.1.0 - DLL Hijacking --------------------------------------------------------- Title: VMware Workstation DLL hijacking DLLIMPORT void SHGetFolderPathW MessageBox0, "s1kr10s", "VMWare-Poc", MBICONINFORMATION; exit0; --------------------------...
D-Link DWL-2600AP - Multiple OS Command Injection
D-Link DWL-2600AP - Multiple OS Command Injection Document Title: =============== D-Link DWL-2600AP - Authenticated OS Command Injection Restore Configuration Product & Service Introduction: =============================== The D-Link DWL-2600AP has a web interface for configuration. You can use a...
Oracle Business Intelligence 11.1.1.9.0 12.2.1.3.0 12.2.1.4.0 - Directory Traversal
Oracle Business Intelligence 11.1.1.9.0 12.2.1.3.0 12.2.1.4.0 - Directory Traversal Exploit Title: Directory traversal in Oracle Business Intelligence Date: 16.04.19 Exploit Author: @vah13 Vendor Homepage: http://oracle.com Software Link:...
WordPress Plugin WooCommerce - GloBee (cryptocurrency) Payment Gateway 1.1.1 - Payment Bypass Unauthorized Order Status Spoofing
WordPress Plugin WooCommerce - GloBee cryptocurrency Payment Gateway 1.1.1 - Payment Bypass Unauthorized Order Status Spoofing ?php Exploit Title: WordPress WooCommerce - GloBee cryptocurrency Payment Gateway Plugin Payment Bypass / Unauthorized Order Status Spoofing Discovery Date: 14.12.2018...
BEWARD N100 H.264 VGA IP Camera M2.1.6 - Cross-Site Request Forgery (Add Admin)
BEWARD N100 H.264 VGA IP Camera M2.1.6 - Cross-Site Request Forgery Add Admin BEWARD N100 H.264 VGA IP Camera M2.1.6 CSRF Add Admin Exploit Vendor: Beward R&D Co., Ltd Product web page: https://www.beward.net Affected version: M2.1.6.04C014 Summary: The N100 compact color IP camera with support f...
Rundeck Community Edition 3.0.13 - Persistent Cross-Site Scripting
Rundeck Community Edition 3.0.13 - Persistent Cross-Site Scripting Exploit Title: Rundeck Community Edition before 3.0.13 Multiple Stored XSS Vendor Homepage: https://www.rundeck.com/open-source Software Link: https://docs.rundeck.com/downloads.html Exploit Author: Ishaq Mohammed Contact:...
Zyxel NBG-418N v2 Modem 1.00(AAXM.6)C0 - Cross-Site Request Forgery
Zyxel NBG-418N v2 Modem 1.00AAXM.6C0 - Cross-Site Request Forgery NBG-418N v2 Modem CSRF Exploit & PoC...
Fortify Software Security Center (SSC) 17.1017.2018.10 - Information Disclosure (2)
Fortify Software Security Center SSC 17.1017.2018.10 - Information Disclosure 2 Details ================ Software: Fortify SSC Software Security Center Version: 17.10, 17.20 & 18.10 Homepage: https://www.microfocus.com Advisory report: https://github.com/alt3kx/CVE-2018-7691 CVE: CVE-2018-7691...