41207 matches found
Linux Kernel 2.6.14.6 - procfs Kernel Memory Disclosure
Linux Kernel 2.6.14.6 - procfs Kernel Memory Disclosure / cve-2005-4605.c Linux Kernel http://jon.oberheide.org Information: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4605 The procfs code procmisc.c in Linux 2.6.14.3 and other versions before 2.6.15 allows attackers to read sensitive...
URA 3.0 - cat SQL Injection
URA 3.0 - cat SQL Injection --------------------------------------------------- URA 3.0 cat remote SQL injection Vulnerability --------------------------------------------------- + Author : Chip D3 Bi0s + Email : chipdebiosalt+64gmail.com + Group : LatinHackTeam + Vulnerability : SQL injection...
ISC DHCP dhclient 3.1.2p1 - Remote Buffer Overflow (PoC)
ISC DHCP dhclient 3.1.2p1 - Remote Buffer Overflow PoC / cve-2009-0692.c ISC DHCP dhclient http://jon.oberheide.org Information: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0692 Stack-based buffer overflow in the scriptwriteparams method in client/dhclient.c in ISC DHCP dhclient 4.1...
OpenSSL 0.9.8k1.0.0-beta2 - DTLS Remote Memory Exhaustion Denial of Service
OpenSSL 0.9.8k1.0.0-beta2 - DTLS Remote Memory Exhaustion Denial of Service / cve-2009-1378.c OpenSSL http://jon.oberheide.org Information: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1378 In dtls1processoutofseqmessage the check if the current message is already buffered was missing...
webSPELL 4.2.0e - page Blind SQL Injection
webSPELL 4.2.0e - page Blind SQL Injection !/usr/bin/perl use LWP::UserAgent; use HTTP::Cookies; use Getopt::Long; '/ -.- ------------------oOO------OOo----------------- | | | / / / / | | / / / / / / / / / / / | | // // / / / // / // / // | | ///,// /./,/, // | | Security Research Division //...
Microsoft Internet Explorer - EMBED Memory Corruption (PoC) (MS09-014)
Microsoft Internet Explorer - EMBED Memory Corruption PoC MS09-014 http://skypher.com/SkyLined/Repro/MSIE/EMBED%20memory%20corruption/repro3.html http://skypher.com/index.php/2009/04/19/ms09-014-embed-element-memory-corruption -- var asMimeTypes = "x-world/x-3dmf", "x-world/x-3dmf",...
eZip Wizard 3.0 - Local Stack Buffer Overflow (PoC) (SEH)
eZip Wizard 3.0 - Local Stack Buffer Overflow PoC SEH /ezip wizard Local Stack Buffer Overflow SEH POC SEH chain of main thread Address SE handler 0012FC60 58585858 0012FC60 41414141 AAAA Pointer to next SEH record Old bug ,still not fixed by vendors ,this kind of file can cause problems to a lot...
DMXReady News Manager 1.1 - Arbitrary Category Change
DMXReady News Manager 1.1 - Arbitrary Category Change Title : DMXReady News Manager http://target/path//applications/NewsManager/incnewsmanager.asp Edit - http://target/path//dmin/NewsManager/CategoryManager/updatecategory.asp?cid=x Update Category Name : milw0rm.com 2009-01-13...
Sun Java Runtime and Development Kit 6 Update 10 - Calendar Deserialization (Metasploit)
Sun Java Runtime and Development Kit 6 Update 10 - Calendar Deserialization Metasploit This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
CMS Ortus 1.13 - SQL Injection
CMS Ortus 1.13 - SQL Injection Author: otmorozok428, http://forum.antichat.ru Products: CMS Ortus 1.12, CMS Ortus 1.13 Vendor: http://ortus.nirn.ru Download: http://ortus.nirn.ru/files/ortus1-12.zip, http://ortus.nirn.ru/files/ortus1-13.zip Dork for ALL Versions of CMS Ortus:...
VidiScript (Avatar) - Arbitrary File Upload
VidiScript Avatar - Arbitrary File Upload || || | || o,7 || . o7 || 4||| ow, : / / . |-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=| | | | /' \ /'\ /\ \ /'\ /\ \ | | /, \ /\/\L\ \ \ \ ,/\ /\ \ \ \ / | | //\ \ /' \ /\ //\ Kings of injection | | // | | |...
PHP-Fusion Mod Kroax 4.42 - category SQL Injection
PHP-Fusion Mod Kroax 4.42 - category SQL Injection ========================================================== The kroax phpfusion Remote SQL-injection. ========================================================== Author : boom3rang Contact : [email protected] webpage : www.khg-crew.ws ---...
Kmita Mail 3.0 - file Remote File Inclusion
Kmita Mail 3.0 - file Remote File Inclusion \ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /\ / / / / / .OR.ID ECHOADV94$2008 ----------------------------------------------------------------------------------------- ECHOADV94$2008 Kmita Mail = 3.0 file Remote File Inclusion...
BlogMe PHP 1.1 - comments.php SQL Injection
BlogMe PHP 1.1 - comments.php SQL Injection + BlogMe PHP remote SQL injection exploit + Script download : http://www.drumster.net/gamma/downloads/BlogMe11.zip + Founded by : His0k4 ALGERIAN HaCkEr + Greetz : All friends & muslims HaCkeRs... + Dork : "BlogMe PHP created by Gamma Scripts" + Exploit...
Dovecot IMAP 1.0.10 1.1rc2 - Remote Email Disclosure
Dovecot IMAP 1.0.10 1.1rc2 - Remote Email Disclosure lame Dovecot IMAP 1.0.10 - 1.1rc3 Exploit Here's an exploit for the recent TAB vulnerability in Dovecot. It's nothing special since in the wild there are few to none targets because of the special option which has to be set. see CVE Entry...
VHCS 2.4.7.1 - vhcs2_daemon Remote Code Execution
VHCS 2.4.7.1 - vhcs2daemon Remote Code Execution !/usr/bin/php -q http://acid-root.new.fr/ [email protected] Exploit: + Logged in Administrator + The administrator has 2 resellers / Changing dareseller's password / Trying to connect as dareseller:thatpwnz + Login successful + The reseller...
PHP Live! 3.2.2 - questid SQL Injection (1)
PHP Live! 3.2.2 - questid SQL Injection 1 !Info! PHP Live! © OSI Codes Inc. enables live help and live customer support communication directly from your website. With PHP Live!, you can provide one-on-one chat assistance in real-time, answer visitor questions and add that extra human touch to yo...
OpenSSL 0.9.7l0.9.8d - SSLv2 Client Crash
OpenSSL 0.9.7l0.9.8d - SSLv2 Client Crash !/usr/bin/perl Copyrightc Beyond Security Written by Noam Rathaus - based on beSTORM's SSL Server module Exploits vulnerability CVE-2006-4343 - where the SSL client can be crashed by special SSL serverhello response use strict; use IO::Socket; my $sock =...
FreeWebShop 2.2.1 - Blind SQL Injection
FreeWebShop 2.2.1 - Blind SQL Injection !/usr/bin/perl Indonesian Newhack Security Advisory ------------------------------------ FreeWebshop version 2.2.1 - Multiple Remote SQL Injection Vulnerabilities Waktu : Dec 16 2007 01:50AM Software : FreeWebshop version 2.2.1 Vendor :...
WordPress 1.5.1.1 2.2.2 - Multiple Vulnerabilities
WordPress 1.5.1.1 2.2.2 - Multiple Vulnerabilities !/usr/bin/env ruby .---. .---. : : o : happy antiblogging, dear kids! ..-: 0 : :-.. / .-'' ' ---' ---' " -. Copyright c Lance M. Havok .' " ' " . " . ' " . : '.---.,,.,...,.,.,.,..---. ' ; . " . .' " .' ----- All rights reserved. . '. .-/|||||||-...
LiveCMS 3.4 - categoria.php?cid SQL Injection
LiveCMS 3.4 - categoria.php?cid SQL Injection !/usr/bin/perl / \ / \ | | | | | | | | | | | / | | | | | | | ' / | | ' \ / \ | | | | || | || | | | \ | | | | / | , |/ /|| ||| |||| / | |/ INFO: Program Title LiveCMS = 3.4 SQL Injection, Absolute Path Disclosure, XSS Injection, Arbitrary File...
PHPLojaFacil 0.1.5 - path_local Remote File Inclusion
PHPLojaFacil 0.1.5 - pathlocal Remote File Inclusion PHPLojaFacil 0.1.5 pathlocal Remote File Inclusion Vulnerabilities D.Script: http://www.crieseuwebsite.com/php/download.php?categoria=E-Commerce&arquivo=24 Discovered by: GolDM = Mahmoodali Homepage: http://www.Tryag.Com/cc...
YaPiG 0.95b - Remote Code Execution
YaPiG 0.95b - Remote Code Execution ?php / \|/// \ - - // @ @ ----oOOo---oOOo-------------------------------------------------- Portal : YaPIG 0.95b Vendor : http://yapig.sourceforge.net Author : Dj7xpl We Are : Y4Ho0 -Mr.Mithridates -Sir SiSiLi -System Failure -Satanic Soulfull -And Me Email :...
XOOPS Module Lykos Reviews 1.00 - index.php SQL Injection
XOOPS Module Lykos Reviews 1.00 - index.php SQL Injection XOOPS Module Lykos Reviews 1.00 index.php BLIND SQL Injection Exploit //'=============================================================================================== //'Script Name: XOOPS Module Lykos Reviews 1.00 index.php BLIND SQL...
XOOPS module Articles 1.02 - print.php?id SQL Injection
XOOPS module Articles 1.02 - print.php?id SQL Injection !/usr/bin/perl -w Xoops All Version -Articles- Print.PHP ID Blind SQL Injection Exploit And PoC Type : SQL Injection Release Date : 2007-03-26 Product / Vendor : http://support.sirium.net/ Bug :...
Sun Microsystems Java - .GIF File Parsing Memory Corruption
Sun Microsystems Java - .GIF File Parsing Memory Corruption / FileName: JvmGifVulPoc.java Date: 2007-01-21 Description: Sun Microsystems Java GIF File Parsing Memory Corruption Vulnerability Prove Of Concept Exploit Environment: Only successfully tested on Sun Jre 1.5 Author: luoluo Contact:...
PHP Advanced Transfer Manager 1.30 - Source Code Disclosure
PHP Advanced Transfer Manager 1.30 - Source Code Disclosure DEVIL TEAM IRC: irc.milw0rm.com:6667 devilteam http://www.rahim.webd.pl/ ======== Contact: [email protected] -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Greetings DragonHeart and all DEVIL TEAM Patriots ...
Exhibit Engine 1.5 RC 4 - photo_comment.php File Inclusion
Exhibit Engine 1.5 RC 4 - photocomment.php File Inclusion ' ' EXPLOIT coded by Kacper in Visual Basic ;- ' '::::::::: :::::::::: ::: ::: ::::::::::: ::: ':+: :+: :+: :+: :+: :+: :+: '+:+ +:+ +:+ +:+ +:+ +:+ +:+ '++ +:+ +++:++ ++ +:+ ++ ++ '++ ++ ++ ++ ++ ++ ++ '+ + + +++ + + ' ':::::::::::...
ZipCentral 4.01 - .ZIP File Handling Local Buffer Overflow
ZipCentral 4.01 - .ZIP File Handling Local Buffer Overflow / ZipCentral 4.01 Exploit by bratax http://www.bratax.be/ Soooooo many thanks to BuzzDee and c0rrupt for helping me with all the problems I encountered : Wouldn't have finished this without you guys! Greetz to everyone I like... no, that...
Microsoft Windows Media Player 10 - Plugin Overflow (MS06-006)
Microsoft Windows Media Player 10 - Plugin Overflow MS06-006 WMP Plugin EMBED Exploit // Windows Media Player Plug-In EMBED Overflow Universal Exploit MS06-006 // By Matthew Murphy [email protected] // // DISCLAIMER: // // This exploit code is intended only as a demonstration tool for //...
CPGNuke Dragonfly 9.0.6.1 - Remote Command Execution
CPGNuke Dragonfly 9.0.6.1 - Remote Command Execution this works regardless of magicquotesgpc settings Sun-Tzu: "Thus it may be known that the leader of armies is the arbiter of the people's fate, the man on whom it depends whether the nation shall be in peace or in peril." / a short explaination:...
SPIP 1.81.9 - index.php3 Cross-Site Scripting
SPIP 1.81.9 - index.php3 Cross-Site Scripting source: https://www.securityfocus.com/bid/16461/info SPIP is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitra...
gpsdrive 2.09 (PPC) - friendsd2 Remote Format String
gpsdrive 2.09 PPC - friendsd2 Remote Format String !/usr/bin/perl -w Heh - Code by KF kflistsatdigitalmunitiondotcom - Shellcode by Charles Stevenson http://www.digitalmunition.com FrSIRT 24/24 & 7/7 - Centre de Recherche on Donkey Testicles. Free 14 day Testicle licking trial available! IIIIIIII...
Easy Message Board - Remote Command Execution
Easy Message Board - Remote Command Execution source: https://www.securityfocus.com/bid/13555/info Easy Message Board is prone to a remote command execution vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input...
Subversion 0.3.71.0.0 - Remote Buffer Overflow
Subversion 0.3.71.0.0 - Remote Buffer Overflow / hoagiesubversion.c Remote exploit against Subversion-Servers. Author: greuff Tested on Subversion 1.0.0 and 0.37 Algorithm: This is a two-stage exploit. The first stage overflows a buffer on the stack and leaves us 60 bytes of machine code to be...
SimpGB 1.0 - Guestbook.php SQL Injection
SimpGB 1.0 - Guestbook.php SQL Injection source: https://www.securityfocus.com/bid/12801/info SimpGB is reportedly affected by an SQL injection vulnerability. This issue is due to the application failing to properly sanitize user-supplied input passed to the 'guestbook.php' script before using it...
phpGroupWare 0.9.14 - Tables_Update.Inc.php Remote File Inclusion
phpGroupWare 0.9.14 - TablesUpdate.Inc.php Remote File Inclusion source: https://www.securityfocus.com/bid/12074/info phpGroupWare is prone to a remote file include vulnerability, potentially allowing the execution of malicious PHP code. This would occur in the context of the affected web server...
Aardvark Topsites 4.1.0 - Multiple Vulnerabilities
Aardvark Topsites 4.1.0 - Multiple Vulnerabilities Aardvark Topsites Multiple Vulnerabilities Vendor: Aardvark Industries Product: Aardvark Topsites Version: = 4.1.0 Website: http://www.aardvarkind.com/ BID: 9231 Description: Aardvark Topsites is a popular free PHP topsites script. See URL for...
Virtual Programming VP-ASP 4.005.00 - shopdisplayproducts.asp SQL Injection
Virtual Programming VP-ASP 4.005.00 - shopdisplayproducts.asp SQL Injection source: https://www.securityfocus.com/bid/9134/info It has been reported that VP-ASP may be prone to a SQL injection vulnerability that may allow an attacker to disclose sensitive information by supplying malicious SQL co...
Microsoft Windows XP2000 - RPC Remote Non Exec Memory
Microsoft Windows XP2000 - RPC Remote Non Exec Memory / have you recently bought one of those expensive new windows security products on the market? do you think you now have strong protection? Look again: rpc!exec by ins1der trixterjack yahoo com windows remote return into libc exploit! remote r...
Real Server 789 (Windows Linux) - Remote Code Execution
Real Server 789 Windows Linux - Remote Code Execution / / THCREALbad 0.4 - Wind0wZ & Linux remote root exploit / Exploit by: Johnny Cyberpunk thehackerschoice / THC PUBLIC SOURCE MATERIALS / / http://www.service.real.com/help/faq/security/rootexploit082203.html / / After successful exploitation o...
Valve Software Half-Life Server 1.1.1.03.1.1.1c14.1.1.1a - Multiplayer Request Buffer Overflow
Valve Software Half-Life Server 1.1.1.03.1.1.1c14.1.1.1a - Multiplayer Request Buffer Overflow // source: https://www.securityfocus.com/bid/8300/info // Half-Life servers are prone to a buffer overflow that may be exploited by a malicious remote client. The vulnerability occurs because the softwa...
Apache 2.x - Memory Leak
Apache 2.x - Memory Leak / apache-massacre.c Test code for Apache 2.x Memory Leak By Matthew Murphy DISCLAIMER: This exploit tool is provided only to test networks for a known vulnerability. Do not use this tool on systems you do not control, and do not use this tool on networks you do not own...
Phusion WebServer 1.0 - Directory Traversal (1)
Phusion WebServer 1.0 - Directory Traversal 1 source: https://www.securityfocus.com/bid/4117/info Phusion Webserver is a commercial HTTP server that runs on Microsoft Windows 9x/NT/2000 operating systems. Phusion Webserver is prone to directory traversal attacks. It is possible to break out of...
ISC BIND 8.2.x - TSIG Remote Stack Overflow (1)
ISC BIND 8.2.x - TSIG Remote Stack Overflow 1 / tsig0wn.c Copyright Field Marshal August Wilhelm Anton Count Neithardt von Gneisenau [email protected] The author is not and will not be held responsible for the action of other people using this code. provided for informational purposes only sin...
Tridia DoubleVision 3.0 7.00 - Local Privilege Escalation
Tridia DoubleVision 3.0 7.00 - Local Privilege Escalation // source: https://www.securityfocus.com/bid/1697/info A utility integral to Tridia DoubleVision for SCO UnixWare 7.x has been found to be vulnerable to a buffer overflow attack. dvtermtype, which is setuid root, is run by a user at login...
DNSTools Software DNSTools 1.0.81.10 - Input Validation
DNSTools Software DNSTools 1.0.81.10 - Input Validation source: https://www.securityfocus.com/bid/1028/info A vulnerability exists in the 1.0.8 release of DNSTools labeled on some areas of their site as 1.08, from DNSTools Software. By manipulating the contents of certain post variables, arbitrar...
FreeBSD 2.x HP-UX 91011 Kernel 2.0.3 Windows NT 4.0Server 2003 NetBSD 1 - land.c loopback Denial of Service (1)
FreeBSD 2.x HP-UX 91011 Kernel 2.0.3 Windows NT 4.0Server 2003 NetBSD 1 - land.c loopback Denial of Service 1 / source: https://www.securityfocus.com/bid/2666/info A number of TCP/IP stacks are vulnerable to a "loopback" condition initiated by sending a TCP SYN packet with the source address and...
PHPFI 1.0FI 2.0FI 2.0 b10 - mylogmlog
PHPFI 1.0FI 2.0FI 2.0 b10 - mylogmlog source: https://www.securityfocus.com/bid/713/info The PHP/FI package which was originally written by Rasmus Lerdorf is an is an HTML-embedded scripting language. Much of its syntax is borrowed from C, Java and Perl with a couple of unique PHP-specific featur...
OpenTFTP 1.66 - Local Privilege Escalation
OpenTFTP 1.66 - Local Privilege Escalation Exploit Title: OpenTFTP 1.66 - Local Privilege Escalation Exploit Author: boku Date: 2020-02-12 Vendor Homepage: https://sourceforge.net/projects/tftp-server/ Software Link:...