41207 matches found
tcpdump 4.6.2 - Geonet Decoder Denial of Service
tcpdump 4.6.2 - Geonet Decoder Denial of Service CVE-2014-8768 tcpdump denial of service in verbose mode using malformed Geonet payload 1. Background tcpdump is a powerful command-line packet analyzer. It allows the user to intercept and display TCP/IP and other packets being transmitted or...
WordPress Plugin CM Download Manager 2.0.0 - Code Injection
WordPress Plugin CM Download Manager 2.0.0 - Code Injection Vulnerability title: Code Injection in Wordpress CM Download Manager plugin 2.0.0 CVE: CVE-2014-8877 Plugin: CM Download Manager plugin Vendor: CreativeMinds - https://www.cminds.com/ Link download:...
ACME micro_httpd - Denial of Service
ACME microhttpd - Denial of Service """ Exploit Title: Buffer Overflow in microhttpd by ACME Date: 4/7/2014 Exploit Author: Yuval tisf Nativ Vendor Homepage: http://www.acme.com/software/microhttpd/ Software Link: http://www.acme.com/software/microhttpd/ Version: June 2012 CVE: CVE-2014-4927 Test...
McAfee ePolicy Orchestrator 4.6.0 4.6.5 - ePowner Multiple Vulnerabilities
McAfee ePolicy Orchestrator 4.6.0 4.6.5 - ePowner Multiple Vulnerabilities Exploit Title: McAfee ePolicy Orchestrator 4.6.0-4.6.5 ePowner - Multiple vulnerabilities Date: 20 November 2012 Exploit Author: [email protected] a.k.a. [email protected] Vendor Homepage:...
WD Arkeia Virtual Appliance 10.2.9 - Local File Inclusion
WD Arkeia Virtual Appliance 10.2.9 - Local File Inclusion SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Path Traversal/Remote Code Execution product: WD Arkeia Virtual Appliance AVA vulnerable version: All Arkeia...
SpagoBI 4.0 - Privilege Escalation
SpagoBI 4.0 - Privilege Escalation 01. Advisory Information Title: Remote Privilege Escalation in SpagoBI Date published: 2013-02-28 Date of last update: 2013-02-28 Vendors contacted: Engineering Group Discovered by: Christian Catalano Severity: High 02. Vulnerability Information CVE reference:...
Catia V5-6R2013 - CATV5_Backbone_Bus Stack Buffer Overflow (PoC)
Catia V5-6R2013 - CATV5BackboneBus Stack Buffer Overflow PoC ''' Title: Dassault Syst�mes Catia V5-6R2013 "CATV5BackboneBus" Stack Buffer Overflow Date: 2-18-2014 Author: Mohamed Shetta Email: mshetta |at| live |dot| com Vendor Homepage:...
Jenkins 1.523 - Persistent HTML Code
Jenkins 1.523 - Persistent HTML Code 01. Advisory Information Title: Default markup formatter permits offsite-bound forms Date published : 2013-12-16 Date of last update: 2013-12-16 Vendors contacted : Jenkins CI v 1.523 Discovered by: Christian Catalano Severity: Low 02. Vulnerability Informatio...
Stem Innovation - IZON Hard-Coded Credentials
Stem Innovation - IZON Hard-Coded Credentials Stem Innovation ‘IZON’ Hard-coded Credentials CVE-2013-6236 Mark Stanislav - [email protected] I. DESCRIPTION --------------------------------------- Stem Innovation's IP camera called ‘IZON’ utilizes numerous hard-coded credentials within it...
Microsoft SharePoint 2013 (Cloud) - Persistent Exception Handling (MS13-067)
Microsoft SharePoint 2013 Cloud - Persistent Exception Handling MS13-067 Title: ====== Microsoft SharePoint 2013 Cloud - Persistent Exception Handling Web Vulnerability Date: ===== 2013-09-11 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=812 Security Bulletin: MS13-06...
ASUS RT-AC66U - acsd Remote Command Execution
ASUS RT-AC66U - acsd Remote Command Execution !/usr/bin/env python import signal, struct from time import sleep from socket import from sys import exit, excinfo TitleASUS RT-AC66U Remote Root Shell Exploit - acsd param command Discovered and ReportedJune 2013 Discovered/Exploited ByJacob...
Winamp 5.63 - Stack Buffer Overflow
Winamp 5.63 - Stack Buffer Overflow Inshell Security Advisory http://www.inshell.net 1. ADVISORY INFORMATION ----------------------- Product: WinAmp Vendor URL: www.winamp.com Type: Stack-based Buffer Overflow CWE-121 Date found: 2013-06-05 Date published: 2013-07-01 CVSSv2 Score: Bug 1: 7,5...
mnoGoSearch 3.3.12 (search.cgi) - Arbitrary File Read
mnoGoSearch 3.3.12 search.cgi - Arbitrary File Read ----------------------------------------------------------- PT-2013-17 Positive Technologies Security Advisory Arbitrary Files Reading in mnoGoSearch ----------------------------------------------------------- --- Vulnerable software mnoGoSearch...
Apple QuickTime Player 7.7.2 - Crash (PoC)
Apple QuickTime Player 7.7.2 - Crash PoC !/usr/bin/perl Title : Apple QuickTime Player 7.7.2 Division By Zero Version : 7.7.21680.56 Date : 2012-10-23 Vendor : http://www.apple.com Impact : Med/High Contact : coolkaveh at rocketmail.com Twitter : @coolkaveh tested : XP SP3 ENG Bug : ---- Don't...
WaveSurfer 1.8.8p4 - Memory Corruption (PoC)
WaveSurfer 1.8.8p4 - Memory Corruption PoC !/usr/bin/perl WaveSurfer 1.8.8p4 This script creates a crafted WAV file which leads the application to crash DoS. my $crafted = "\x52\x49\x46\x46\x20\x12\x01\x00\x57\x41\x56\x45\x66\x6D\x74\x20"...
traq 2.3.5 - Multiple Vulnerabilities
traq 2.3.5 - Multiple Vulnerabilities ==================================================================== Vulnerable Software: traq-2.3.5 Official Site: TraqProject.org ==================================================================== About Software: Traq is a PHP powered project manager,...
Liferay XSL - Command Execution (Metasploit)
Liferay XSL - Command Execution Metasploit $Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require...
cubecart 2.0.7 - Multiple Vulnerabilities
cubecart 2.0.7 - Multiple Vulnerabilities Exploit Title: CubeCart 2.0.7 XSS && Remote SQL Injection = Multiple Vulnerabilities Date: June, 14th 2011 GMT +7 Author: Shamus Software Link: http://www.cubecart.com/ Version : CubeCart 2.0.7 Tested on: windows 7, ubuntu 11.04 CVE : -...
GNU glibc - regcomp() Stack Exhaustion Denial of Service
GNU glibc - regcomp Stack Exhaustion Denial of Service // source: https://www.securityfocus.com/bid/45233/info GNU glibc is prone to a denial-of-service vulnerability due to stack exhaustion. Successful exploits will allow attackers to make the affected computer unresponsive, denying service to...
Pandora Fms 3.1 - Directory Traversal Local File Inclusion
Pandora Fms 3.1 - Directory Traversal Local File Inclusion + Introduction Pandora FMS for Pandora Flexible Monitoring System is a software solution for monitoring computer networks. It allows monitoring in a visual way the status and performance of several parameters from different operating...
Cag CMS 0.2 - Cross-Site Scripting Blind SQL Injection
Cag CMS 0.2 - Cross-Site Scripting Blind SQL Injection ----------------------------------------------------------------------------------------- Cag CMS Version 0.2 Beta = XSS && Blind SQL Injection Multiple Vulnerabilities...
HP OpenView Network Node Manager (OV NNM) - getnnmdata.exe CGI Invalid MaxAge Remote Code Execution
HP OpenView Network Node Manager OV NNM - getnnmdata.exe CGI Invalid MaxAge Remote Code Execution Exploit Title: HP OpenView NNM getnnmdata.exe CGI Invalid MaxAge Remote Code Execution Date: 2010.07.02 Author: S2 Crew Hungary Software Link: hp.com Version: 7.53 Tested on: Windows 2003 CVE:...
Subdreamer Pro 3.0.4 - CMS Upload
Subdreamer Pro 3.0.4 - CMS Upload . \\ \\ / |/ | || | | /\\ \\\\ \\ \\/ \\| | \\/ /\\ \\ | | | | \\ / \\| | | | | /\\ \\ / \\| | | / /| || \\/|// /| \\/ \\/ \\/ \\/ Exploit Title: Subdreamer Pro v3.0.4 CMS upload Vulnerability Author: Battousai Home:...
PreProject Multi-Vendor Shopping Malls - SQL Injection
PreProject Multi-Vendor Shopping Malls - SQL Injection Source: Pre Multi-Vendor Shopping Malls SQL Injection Vulnerability Download: http://preproject.com/products.asp Dork: inurl:Powered by: PreProjects + detail.php?prodid=694 Author: [email protected] Exploit :...
Employee TimeClock Software 0.99 - SQL Injection
Employee TimeClock Software 0.99 - SQL Injection source: http://www.securityfocus.com/archive/1/509995 ====================================================================== Secunia Research 10/03/2010 - Employee Timeclock Software SQL Injection Vulnerabilities -...
Horde 3.3.5 - PHP_SELF Cross-Site Scripting
Horde 3.3.5 - PHPSELF Cross-Site Scripting ============================================= INTERNET SECURITY AUDITORS ALERT 2009-012 - Original release date: October 13th, 2009 - Last revised: December 16th, 2009 - Discovered by: Juan Galiana Lara - CVE ID: CVE-2009-3701 - Severity: 6.3/10 CVSS Bas...
WordPress Plugin WP-Polls 2.x - Incorrect Flood Filter
WordPress Plugin WP-Polls 2.x - Incorrect Flood Filter Exploit Title: WP-Polls 2.x Incorrect Flood Filter Date: 30/11/2009 Author: Jbyte jbyte-security.blogspot.com Software Link: http://lesterchan.net/wordpress/readme/wp-polls.html Version: 2.x Tested on: Windows 7/windows xp/ ubuntu 9.04/ ubunt...
CuteNews and UTF-8 CuteNews - Multiple Vulnerabilities
CuteNews and UTF-8 CuteNews - Multiple Vulnerabilities MorningStar Security - Advisory http://www.morningstarsecurity.com/ Multiple security issues in Cute News and UTF-8 Cute News 1. Advisory Information...
CubeCart 4 - Session Management Bypass
CubeCart 4 - Session Management Bypass CubeCart 4 Session Management Bypass Release Date: 2009/10/29 Author: Bogdan Calin bogdan at acunetix dot com Severity: Critical Vendor Status: Vendor has released an updated version I. Background From Wikipedia: CubeCart is a free-to-use eCommerce software...
Oracle Secure Backup Server 10.3.0.1.0 - Authentication Bypass Remote Code Injection
Oracle Secure Backup Server 10.3.0.1.0 - Authentication Bypass Remote Code Injection !/bin/bash Oracle Secure Backup Administration Server authentication bypass, plus command injection vulnerability 1-day exploit for CVE-2009-1977 and CVE-2009-1978 PoC script successfully tested on: Oracle Secure...
PHP Live! 3.3 - deptid SQL Injection
PHP Live! 3.3 - deptid SQL Injection , . | | o | | |,---.,---., .,---.,---.,---.,---.,---|,---.,---.| .,---.|/ ---'| || || |,---|| ,---|| | ||---'| | || || \ | ---'---|---|---^---'---^ ---'---' ---' ' ---'---' o PHP Live! 3.3 deptid Remote SQL Injection --== Author ==-- + Author : v3n0m + Contact...
Oracle WebLogic IIS connector JSESSIONID - Remote Overflow
Oracle WebLogic IIS connector JSESSIONID - Remote Overflow !/usr/bin/perl No point in keeping this private anymore! ksOSe - 02/16/2009 - CVE-2008-5457 Tested on w2k sp4 and w2k3 R2 sp2 no NX cohelet framework-3.2 ./msfcli multi/handler PAYLOAD=windows/reflectivemeterpreter/reversetcp...
Fantastico - index.php Local File Inclusion
Fantastico - index.php Local File Inclusion source: https://www.securityfocus.com/bid/32578/info Fantastico is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to view files and execute local scripts ...
hMAilServer 4.4.2 - PHPWebAdmin File Inclusion
hMAilServer 4.4.2 - PHPWebAdmin File Inclusion hMAilServer 4.4.2 PHPWebAdmin local & remote file inclusion poc by Nine:Situations:Group::strawdog -------------------------------------------------------------------------------- our site: http://retrogod.altervista.org software site:...
Youngzsoft CMailServer 5.4.6 - CMailCOM.dll Remote Overwrite (SEH)
Youngzsoft CMailServer 5.4.6 - CMailCOM.dll Remote Overwrite SEH 0 strUID = arrStringi objPOP3.MoveToFolder strUID ' ---------------- bof ... By attaching olly to the w3wp.exe sub-process you will see the usual dump with ecx and eip owned, with a buffer of approxymately 13000 chars...
AlsaPlayer 0.99.80-rc3 - Vorbis Input Local Buffer Overflow
AlsaPlayer 0.99.80-rc3 - Vorbis Input Local Buffer Overflow I have released this exploit for the alsaplayer bug CVE-2007-5301. You can find all the needed files at http://www.wekk.net/research/CVE-2007-5301/ With my modified version of vorbiscomment, you can generate a ogg exploit like this:...
Mapbender 2.4.4 - mapFiler.php Remote Code Execution
Mapbender 2.4.4 - mapFiler.php Remote Code Execution Advisory: Remote Command Execution in Mapbender During a penetration test RedTeam Pentesting discovered a remote command execution vulnerability in Mapbender. An unauthorized user can create arbitrary PHP-files on the Mapbender webserver, which...
BookmarkX script 2007 - topicid SQL Injection
BookmarkX script 2007 - topicid SQL Injection BookmarkX scriptPowered by GengoliaWebStudioSQL Injection AUTHOR : S@BUN HOME : http://www.hackturkiye.com/ DorKs 1 : "2007 BookmarkX script" DORKS 2 : Powered by GengoliaWebStudio DORK 3 : allinurl :"index.php?menu=showtopic" EXPLOIT :...
Gizzar 03162002 - index.php Remote File Inclusion
Gizzar 03162002 - index.php Remote File Inclusion !/usr/bin/perl gizzar --Remote File Inclusion Vulnerablity Class = Remote File Inclusion Bug Found & Exploit coded By DeltahackingTEAM Dr.Trojan&Dr.Pantagon Download:http://switch.dl.sourceforge.net/sourceforge/gizzar/gizzar-03162002.tar.gz...
Mambo Component Remository 3.25 - Remote File Inclusion
Mambo Component Remository 3.25 - Remote File Inclusion .: insecurity research team :. ....:...:. . .:. | |/ :/ // :/ .:. : | | | \\ /\ / :. . ..: ||| / \ \ .: .:.. .. ./ .:/:. ./. .:/: . ...:. .advisory. .:... :..................: o9.o8.2oo6 .. Affected Application: Remository v3.25...
SoftiaCom wMailServer 1.0 - SMTP Remote Buffer Overflow (Metasploit)
SoftiaCom wMailServer 1.0 - SMTP Remote Buffer Overflow Metasploit This file is part of the Metasploit Framework and may be redistributed according to the licenses defined in the Authors field below. In the case of an unknown or missing license, this file defaults to the same license as the core...
Linux Kernel 2.4.29-rc2 - uselib() Local Privilege Escalation (1)
Linux Kernel 2.4.29-rc2 - uselib Local Privilege Escalation 1 / EDB Note: There's is an updated version https://www.exploit-db.com/exploits/895/ / / binfmtelf uselib VMA insert race vulnerability v1.08 gcc -O2 -fomit-frame-pointer elflbl.c -o elflbl Copyright c 2004 iSEC Security Research. All...
Solaris 2.5.12.678 rlogin (SPARC) - binlogin Remote Buffer Overflow
Solaris 2.5.12.678 rlogin SPARC - binlogin Remote Buffer Overflow / $Id: raptorrlogin.c,v 1.1 2004/12/04 14:44:38 raptor Exp $ raptorrlogin.c - rlogin, Solaris/SPARC 2.5.1/2.6/7/8 Copyright c 2004 Marco Ivaldi Buffer overflow in login in various System V based operating systems allows remote...
Samba 2.2.x - call_trans2open Remote Buffer Overflow (1)
Samba 2.2.x - calltrans2open Remote Buffer Overflow 1 // source: https://www.securityfocus.com/bid/7294/info A buffer overflow vulnerability has been reported for Samba. The problem occurs when copying user-supplied data into a static buffer. By passing excessive data to an affected Samba server,...
Phorum 3.0.7 - admin.php3 Unverified Administrative Password Change
Phorum 3.0.7 - admin.php3 Unverified Administrative Password Change source: https://www.securityfocus.com/bid/2271/info Phorum is a popular, free, open source software package originally written by Brian Moon. The package is designed to add chat/bulletin board style interaction between visitors o...
S.u.S.E Linux 5.2 - gnuplot Local Overflow Local Privilege Escalation
S.u.S.E Linux 5.2 - gnuplot Local Overflow Local Privilege Escalation / source: https://www.securityfocus.com/bid/319/info Linux gnuplot 3.5 is shipped with S.u.S.E. Linux 5.2 and installed suid root by default. There is a buffer overflow vulnerability present in gnuplot which allows for users to...
Dota 2 7.23f - Denial of Service (PoC)
Dota 2 7.23f - Denial of Service PoC Exploit Title: Dota 2 7.23f - Denial of Service PoC Google Dork: N/A Date: 2020-02-05 Exploit Author: Bogdan Kurinnoy [email protected] bi7s Vendor Homepage: https://www.valvesoftware.com/en/ Software Link: N/A Version: 7.23f Tested on: Windows 10 x64 CVE :...
Cups Easy 1.0 - Cross Site Request Forgery (Password Reset)
Cups Easy 1.0 - Cross Site Request Forgery Password Reset Title: Cups Easy 1.0 - Cross Site Request Forgery Password Reset Date: 2020-01-28 Exploit Author: J3rryBl4nks Vendor Homepage: https://sourceforge.net/u/ajayshar76/profile/ Software Link:...
XMLBlueprint 16.191112 - XML External Entity Injection
XMLBlueprint 16.191112 - XML External Entity Injection Exploit Title: XMLBlueprint 16.191112 - XML External Entity Injection Exploit Author: Javier Olmedo Date: 2018-11-14 Vendor: XMLBlueprint XML Editor Software Link: https://www.xmlblueprint.com/update/download-64bit.exe Affected Version:...
Integard Pro NoJs 2.2.0.9026 - Remote Buffer Overflow
Integard Pro NoJs 2.2.0.9026 - Remote Buffer Overflow Exploit Title: Integard Pro NoJs 2.2.0.9026 - Remote Buffer Overflow Date: 2019-09-22 Exploit Author: purpl3f0xsecur1ty Vendor Homepage: https://www.tucows.com/ Software Link: http://www.tucows.com/preview/519612/Integard-Home Version: Pro...