41207 matches found
JCraftJSch Java Secure Channel 0.1.53 - Recursive sftp-get Directory Traversal
JCraftJSch Java Secure Channel 0.1.53 - Recursive sftp-get Directory Traversal Ref: https://github.com/tintinweb/pub/tree/master/pocs/cve-2016-5725 Version: 0.3 Date: Aug 31st, 2016 Complete Proof of Concept: https://github.com/tintinweb/pub/tree/master/pocs/cve-2016-5725...
FreeBSD 10.2 (x64) - amd64_set_ldt Heap Overflow
FreeBSD 10.2 x64 - amd64setldt Heap Overflow / 1. Advisory Information Title: FreeBSD Kernel amd64setldt Heap Overflow Advisory ID: CORE-2016-0005 Advisory URL: http://www.coresecurity.com/content/freebsd-kernel-amd64setldt-heap-overflow Date published: 2016-03-16 Date of last update: 2016-03-14...
Geeklog 1.4.0 - Multiple Vulnerabilities
Geeklog 1.4.0 - Multiple Vulnerabilities Geeklog Multiple Vulnerabilities Vendor: Geeklog Product: Geeklog Version: = 1.4.0 Website: http://www.geeklog.net/ BID: 16755 CVE: CVE-2006-0823 OSVDB: 23348 23349 SECUNIA: 18920 PACKETSTORM: 44070 Description: Geeklog is one of the most popular content...
TECO JN5 L510-DriveLink 1.482 - .lf5 Overwrite Buffer Overflow (SEH)
TECO JN5 L510-DriveLink 1.482 - .lf5 Overwrite Buffer Overflow SEH !/usr/bin/perl TECO JN5 L510-DriveLink 1.482 SEH Overwrite Buffer Overflow Exploit Vendor: TECO Electric and Machinery Co., Ltd. Product web page: http://www.teco-group.eu Download:...
Beckhoff CX9020 CPU Module - Remote Code Execution
Beckhoff CX9020 CPU Module - Remote Code Execution ! /usr/bin/env python ''' Exploit Title: Beckhoff CX9020 CPU Module Web Exploit RCE Date: 2015-10-22 Exploit Author: Photubias - tijldotdeneutathowestdotbe, based on work by Frank Lycops [email protected] Vendor Homepage:...
The World Browser 3.0 Final - Remote Code Execution
The World Browser 3.0 Final - Remote Code Execution !/usr/bin/php ?php Author : Ehsan Noreddini E-Mail : [email protected] Social : @prot3ct0r Title : The World Browser Remote Code Execution TheWorld Browser is a tiny, fast and powerful web Browser. It is completely free. There is no function...
Dell Netvault Backup 10.0.1.24 - Denial of Service
Dell Netvault Backup 10.0.1.24 - Denial of Service """ Product: Dell Netvault Backup Link: http://software.dell.com/products/netvault-backup/ Vendor: Dell Vulnerable Versions: 10.0.1.24 and probably prior Tested Version: Version 10.0.1.24 Advisory Publication: July 30, 2015 Vendor Notification:...
Fuse 2.9.3-15 - Local Privilege Escalation
Fuse 2.9.3-15 - Local Privilege Escalation Source: https://gist.github.com/taviso/ecb70eb12d461dd85cba Tweet: https://twitter.com/taviso/status/601370527437967360 Recommend Reading: http://seclists.org/oss-sec/2015/q2/520 YouTube: https://www.youtube.com/watch?v=V0i3uJJPJ88 Making a demo exploit...
Codiad 2.5.3 - Local File Inclusion
Codiad 2.5.3 - Local File Inclusion +Title: Codiad v2.5.3 - LFI Vulnerability +Author: TUNISIAN CYBER +Date: 12/03/2015 +Type:WebApp +Risk:High +Overview: Pie Register 2.x suffers, from a Local File Disclosure vulnerability. +Proof Of Concept: PHP...
Linux Kernel 3.15.6 - PPP-over-L2TP Socket Level Handling Crash (PoC)
Linux Kernel 3.15.6 - PPP-over-L2TP Socket Level Handling Crash PoC / ---------------------------------------------------------------------------------------------------- cve-2014-4943poc.c The PPPoL2TP feature in net/l2tp/l2tpppp.c in the Linux kernel through 3.15.6 allows local users to gain...
IBM Endpoint Manager - Persistent Cross-Site Scripting
IBM Endpoint Manager - Persistent Cross-Site Scripting Advisory: Cross-Site Scripting in IBM Endpoint Manager Relay Diagnostics Page During a penetration test, RedTeam Pentesting discovered that the IBM Endpoint Manager Relay Diagnostics page allows anybody to persistently store HTML and JavaScri...
K7 Computing (Multiple Products) - Arbitrary Write Privilege Escalation
K7 Computing Multiple Products - Arbitrary Write Privilege Escalation / Exploit Title - K7 Computing Multiple Products Arbitrary Write Privilege Escalation Date - 04th February 2015 Discovered by - Parvez Anwar @parvezghh Vendor Homepage - http://www.k7computing.co.uk/ Tested Version - 14.2.0.240...
Microsoft-Excel-Malformed-FEATHEADER
MS Excel Malformed FEATHEADER Record Exploit CVE-2009-3129, MS09-067, OSVDB-59860 Vulnerble application MS office 2003/2007 import sys import zlib Allwin WinExec cmd.exe + ExitProcess Shellcode - 195 bytes by RubberDuck = shellcode = b"\xFC\x33\xD2\xB2\x30\x64\xFF\x32\x5A\x8B"...
EntryPass N5200 - Credentials Exposure
EntryPass N5200 - Credentials Exposure Advisory: EntryPass N5200 Credentials Disclosure EntryPass N5200 Active Network Control Panels allow the unauthenticated downloading of information that includes the current administrative username and password. Details ======= Product: EntryPass N5200 Activ...
Rejetto HTTP File Server (HFS) 2.3a2.3b2.3c - Remote Command Execution
Rejetto HTTP File Server HFS 2.3a2.3b2.3c - Remote Command Execution ========================================================== HTTP File Server 2.3a - 2.3b - 2.3c Remote Command Execution Author : Daniele Linguaglossa Date: 30/09/2014 Remote: Yes Vendor Homepage: http://rejetto.com/ Software Lin...
Innovaphone PBX Admin-GUI - Cross-Site Request Forgery
Innovaphone PBX Admin-GUI - Cross-Site Request Forgery Title: Innovaphone PBX Admin-GUI CSRF Impact: High CVSS2 Score: 7.8 AV:N/AC:M/Au:S/C:P/I:C/A:C/E:F/RL:U/RC:C Announced: August 21, 2014 Reporter: Rainer Giedat NSIDE ATTACK LOGIC GmbH, www.nsideattacklogic.de Products: Innovaphone PBX...
ownCloud 4.0.x4.5.x - upload.php?Filename Remote Code Execution
ownCloud 4.0.x4.5.x - upload.php?Filename Remote Code Execution Vulnerability title: Remote Code Execution in ownCloud CVE: CVE-2014-2044 Vendor: ownCloud Product: ownCloud Affected version: 4.0.x & 4.5.x Fixed version: 5.0 Reported by: Alejo Murillo Moya Details: A remote code execution has been...
SpagoBI 4.0 - Persistent HTML Script Insertion
SpagoBI 4.0 - Persistent HTML Script Insertion 01. Advisory Information Title: Persistent HTML Script Insertion permits offsite-bound forms Date published: 2014-03-01 Date of last update: 2014-03-01 Vendors contacted: Engineering Group Discovered by: Christian Catalano Severity: Medium 02...
MediaWiki 1.22.1 PdfHandler - Remote Code Execution
MediaWiki 1.22.1 PdfHandler - Remote Code Execution -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 MediaWiki images/xnz.php 3. access to php-backdoor! http://vulnerable-site/images/xnz.php?1=rm%20-rf%20%2f%20--no-preserve-root 4. happy pwning!! Related files: thumb.php -- extract all GET array to...
LiveZilla 5.0.1.4 - Remote Code Execution
LiveZilla 5.0.1.4 - Remote Code Execution CVE-2013-6225: Security Advisory – Curesec Research Team 1. Introduction Advisory ID: Cure-2013-1007 Advisory URL: https://www.curesec.com/de/veroeffentlichungen /advisories.html Blog URL: https://cureblog.de/2013/11/remote-code-execution-in-livezilla/...
Adobe Reader X 10.1.4.38 - .BMP.RLE Heap Corruption
Adobe Reader X 10.1.4.38 - .BMP.RLE Heap Corruption ''' Title: Adobe Reader X BMP/RLE heap corruption Product: Adobe Reader X Version: 10.x Product Homepage: adobe.com Binary affected: AcroForm.api Binary Version: 10.1.4.38 Binary MD5: 8e0fc0c6f206b84e265cc3076c4b9841 Configuration Requirements...
Apple Mac OSX Server - DirectoryService Buffer Overflow
Apple Mac OSX Server - DirectoryService Buffer Overflow Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ Mac OSX Server DirectoryService buffer overflow 1. Advisory Information Title: Mac OSX Server DirectoryService buffer overflow Advisory ID: CORE-2013-0103 Advisory URL:...
OTRS 3.x - FAQ Module Persistent Cross-Site Scripting
OTRS 3.x - FAQ Module Persistent Cross-Site Scripting Exploit Title: OTRS Faq Module - Persistent XSS Date: 2-Apr-2013 Exploit Author: Luigi Vezzoso Vendor Homepage: http://www.otrs.com Version: OTRS ITSM 3.2.x,OTRS ITSM 3.1.x,OTRS ITSM 3.0.x Tested on: Perl CVE : CVE-2013-2637 OVERVIEW The OTRS...
Open-Xchange Server 6 - Multiple Vulnerabilities
Open-Xchange Server 6 - Multiple Vulnerabilities Multiple security issues for Open-Xchange Server have been discovered and fixed. The vendor has chosen responsible full disclosure to publish security issue details. Users of the software have already been provided with patched versions. Proof...
D-Link DIR-600 DIR-300 (Rev B) - Multiple Vulnerabilities
D-Link DIR-600 DIR-300 Rev B - Multiple Vulnerabilities Device Name: DIR-600 / DIR 300 - HW rev B1 Vendor: D-Link ============ Vulnerable Firmware Releases - DIR-300: ============ Firmware Version : 2.12 - 18.01.2012 Firmware Version : 2.13 - 07.11.2012 ============ Vulnerable Firmware Releases -...
SilverStripe CMS 3.0.2 - (Multiple Vulnerabilities) Cross-Site Scripting Cross-Site Request Forgery
SilverStripe CMS 3.0.2 - Multiple Vulnerabilities Cross-Site Scripting Cross-Site Request Forgery Sense of Security - Security Advisory - SOS-12-011 Release Date. 30-Nov-2012 Last Update. - Vendor Notification Date. 29-Oct-2012 Product. SilverStripe CMS Platform. Windows Affected versions. 3.0.2...
SIEMENS Sipass Integrated 2.6 Ethernet Bus - Arbitrary Pointer Dereference
SIEMENS Sipass Integrated 2.6 Ethernet Bus - Arbitrary Pointer Dereference IOActive Security Advisory Title: SIEMENS Sipass Integrated 2.6 Ethernet Bus Arbitrary Pointer Dereference Severity: Critical Discovered by: Lucas Apa Date Reported: 09/11/12 CVE: TBD Siemens Advisory: SSA-938777...
Lattice Diamond Programmer 1.4.2 - Buffer Overflow (PoC)
Lattice Diamond Programmer 1.4.2 - Buffer Overflow PoC Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ Lattice Diamond Programmer Buffer Overflow 1. Advisory Information Title: Lattice Diamond Programmer Buffer Overflow Advisory ID: CORE-2012-0530 Advisory URL:...
Apple iTunes 10.6.1.7 - Extended m3u Stack Buffer Overflow (Metasploit)
Apple iTunes 10.6.1.7 - Extended m3u Stack Buffer Overflow Metasploit ============================================================================================ Apple iTunes 'iTunes Extended M3U Stack Buffer Overflow', 'Description' = %q This module exploits a stack buffer overflow in iTunes...
phpMyAdmin3 (pma3) - Remote Code Execution
phpMyAdmin3 pma3 - Remote Code Execution !/usr/bin/env python coding=utf-8 pma3 - phpMyAdmin3 remote code execute exploit Author: wofeiwo Thx Superhei Tested on: 3.1.1, 3.2.1, 3.4.3 CVE: CVE-2011-2505, CVE-2011-2506 Date: 2011-07-08 Have fun, DO NOT USE IT TO DO BAD THING. Requirements: 1. "confi...
Microsoft Office 2010 - .RTF Header Stack Overflow
Microsoft Office 2010 - .RTF Header Stack Overflow Exploit Title: MS Office 2010 RTF Header Stack Overflow Vulnerability Exploit Date: 7/3/2011 Author: Snake Shahriyar.j gmail Version: MS Office unfortunately msgr3en.dll loads a few seconds after opining office, so just need to open open Office ,...
Ultimate eShop - Error-Based SQL Injection
Ultimate eShop - Error-Based SQL Injection Exploit Title: Ultimate eShop Error Based SQL Injection Vulnerability Google Dork: inurl:index.cgi?aktion=shopview Date: 19/04/2011 Author: Romka Software Link: http://www.ultimate-eshop.de/ Tested on: Windows XP SP3 Exploit:...
YourTube 1.0 - Cross-Site Request Forgery (Add User)
YourTube 1.0 - Cross-Site Request Forgery Add User YourTube v1.0 CSRF Vulnerability Add User ==================================================================== .:. Author : AtT4CKxT3rR0r1ST [email protected] .:. Script : http://www.ac4p.com/ .:. Dork : inurl:"Powered by YourTube v1.0" === Exploit ===...
WordPress Plugin jRSS Widget 1.1.1 - url Information Disclosure
WordPress Plugin jRSS Widget 1.1.1 - url Information Disclosure source: https://www.securityfocus.com/bid/44716/info The jRSS Widget Plugin for WordPress is prone to an information-disclosure vulnerability because it fails to sufficiently validate user-supplied data. An attacker can exploit this...
Adobe Acrobat and Reader - Array Indexing Remote Code Execution
Adobe Acrobat and Reader - Array Indexing Remote Code Execution nSense Vulnerability Research Security Advisory NSENSE-2010-001 --------------------------------------------------------------- Affected Vendor: Adobe Affected Product: Adobe Reader 9.3.4 for Macintosh Platform: OS X Impact: User...
wpQuiz 2.7 - Authentication Bypass
wpQuiz 2.7 - Authentication Bypass Powered by wpQuiz - Auth bypass Vulnerability My + Author : KnocKout + Greatz : DaiMon Contact : [email protected] Software info Script : wpQuiz Version : 2.7 Download : http://webscripts.softpedia.com/script/Quizz/wpQuiz-41098.html Vulnerability Style : Auth...
Webkit (Apple Safari 4.1.25.0.2 Google Chrome 5.0.375.125) - Memory Corruption
Webkit Apple Safari 4.1.25.0.2 Google Chrome 5.0.375.125 - Memory Corruption TITLE: WEBKIT APPLE SAFARI 4.1.2/5.0.2 & GOOGLE CHROME 5.0.375.125 MEMORY CORRUPTION VULNERABILITY TESTED OS: WINDOWS XP SP3 SEVERITY: HIGH CVE-NUMBER: CVE-2010-1813 DISCOVERED DATE: 2010-06-29 FIXED DATE: GOOGLE CHROME...
PTC Sites - Remote Code Execution Cross-Site Scripting
PTC Sites - Remote Code Execution Cross-Site Scripting $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ @Title: PTC Site's RCE/XSS Vulnerability @Vendor: http://www.ptcsites4sale.info & and etc...:D @Author: CrazyMember @SPC Thanks: XroGuE 4 r3p0r7 :P @Dork:"intext:Warning: passthru"...
Netvidade engine 1.0 - Multiple Vulnerabilities
Netvidade engine 1.0 - Multiple Vulnerabilities !/usr/bin/perl -w use strict; use LWP::UserAgent; use Getopt::Long; use MIME::Base64; '/ -.- ----------------------oOO------OOo---------------------- | | | / / / / | | / / / / / / / / / / / | | // // / / / // / // / // | | ///,// /./,/, // | |...
Eros Erotik Webkatalog - start.php?id SQL Injection
Eros Erotik Webkatalog - start.php?id SQL Injection ----------------------------Information------------------------------------------------ +Name : Eros Erotik Webkatalog start.php rubrik&idSQL Injection +Autor : Easy Laster +Date : 11.03.2010 +Script : Eros Erotik Webkatalog +Price : 07,13€...
Microsoft IIS - ASP Multiple Extensions Security Bypass 5.x6.x Vulnerabilities
Microsoft IIS - ASP Multiple Extensions Security Bypass 5.x6.x Vulnerabilities !/usr/bin/python Exploit Title: Exploit for Microsoft IIS ASP Multiple Extensions Security Bypass 5.x/6.x Date: 29 dec 2009 Author: Emanuele 'emgent' Gentili and Emanuele 'crossbower' Acri Software Link: N/A Version: I...
Joomla! Component Hotel Booking System - Cross-Site Scripting SQL Injection
Joomla! Component Hotel Booking System - Cross-Site Scripting SQL Injection \ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /\ / / / / / .OR.ID ECHOADV111$2009 ----------------------------------------------------------------------------------------- ECHOADV111$2009 Joomla Hotel...
Arab Portal 2.2 - mod.php Local File Inclusion
Arab Portal 2.2 - mod.php Local File Inclusion || || | || o,7 || . o7 || q||| o\, : / / . /QQQQQQQQQQQQQQQQQQQ\ /QQQ/\QQQ\ /QQQQQ/ \QQQQQQ\ /QQQQ/ QQQQ\ /QQQQ/ \QQQQ\ |QQQQ/ By Qabandi \QQQQ| |QQQQ| |QQQQ| |QQQQ| From Kuwait, PEACE... |QQQQ| |QQQQ| |QQQQ| |QQQQ\ iqaahotmail.fr /QQQQ| \QQQQ...
Firebird SQL - op_connect_request main listener shutdown
Firebird SQL - opconnectrequest main listener shutdown -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ Firebird SQL opconnectrequest main listener shutdown vulnerability 1. Advisory Information Title: Firebird SQL...
TorrentTrader Classic 1.09 - Multiple Vulnerabilities
TorrentTrader Classic 1.09 - Multiple Vulnerabilities waraxe-2009-SA074 - Multiple Vulnerabilities in TorrentTrader Classic 1.09 =============================================================================== Author: Janek Vind "waraxe" Date: 15. June 2009 Location: Estonia, Tartu Web:...
Flexphplink Pro - Arbitrary File Upload
Flexphplink Pro - Arbitrary File Upload !/usr/bin/perl HAPPY CHRISTMAS !! Flexphplink Pro http://www.hotscripts.com/jump.php?listingid=21062&jumptype=1 Bug: Arbitrary File Upload I coded this exploit just for fun ; Exploit coded by Osirys osirysatlivedotit http://osirys.org Greets: x0r, miclen,...
zeeproperty 1.0 - Arbitrary File Upload Cross-Site Scripting
zeeproperty 1.0 - Arbitrary File Upload Cross-Site Scripting ZEEPROPERTY v1.0 remote file Upload & XSS author: ZoRLu msn: [email protected] home: www.z0rlu.blogspot.com dork: "Designed & Developed by Zeeways.com" first register to site you add this code your shell to head GIF89a; example...
Adobe Reader - util.printf() JavaScript Function Stack Overflow (2)
Adobe Reader - util.printf JavaScript Function Stack Overflow 2 Adobe Reader Javascript Printf Buffer Overflow Exploit =========================================================== Reference: http://www.coresecurity.com/content/adobe-reader-buffer-overflow CVE-2008-2992 Thanks to coresecurity for t...
Arcadem Pro - articlecat SQL Injection
Arcadem Pro - articlecat SQL Injection || | | Arcadem Pro articlecat Remote SQL Injection Vulnerability | | |---------------------Hussin X----------------------| | | Author: Hussin X | | Home : WwW.IQ-ty.CoM | WwW.TrYaG.CC | | email: darkangelg85atYahooDoTcom | | | | | | | | script :...
Scripteen Free Image Hosting Script 1.2 - cookie Pass Grabber
Scripteen Free Image Hosting Script 1.2 - cookie Pass Grabber Scripteen Free Image Hosting Script V1.2. cookie Admin Password Grabber Exploit Coded By RMx - Liz0ziM Web:www.biyosecurity.com Dork:"Powered by Scripteen Free Image Hosting Script V1.2" TARGET HOST: Example:www.xxxx.com TARGET PATH:...