41207 matches found
PhpMyDesktopArcade 1.0 Final - phpdns_basedir Remote File Inclusion
PhpMyDesktopArcade 1.0 Final - phpdnsbasedir Remote File Inclusion Name : PhpMyDesktop|arcade 1.0 Final phpdnsbasedir Remote File Include Download From : http://mesh.dl.sourceforge.net/sourceforge/pmd-arcade/pmdarcade10final.zip Found By : RoMaNcYxHaCkEr Home Page : Not Yet : Google Dork : Powere...
PHP Project Management 0.8.10 - Multiple LocalRemote File Inclusions
PHP Project Management 0.8.10 - Multiple LocalRemote File Inclusions PHP Project Management = 0.8.10 Multiple RFI / LFI Vulnerabilities http://surfnet.dl.sourceforge.net/sourceforge/php-pm/release-0.8.tar.gz DORK : "PHP Project Management 0.8.10" POC : RFI...
Stuffed Guys Stuffed Tracker - Multiple Cross-Site Scripting Vulnerabilities
Stuffed Guys Stuffed Tracker - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/25931/info Stuffed Tracker is prone to multiple cross-site scripting vulnerabilities because the application fails to sufficiently sanitize user-supplied input. An attacker may...
phpBB Mod OpenID 0.2.0 - BBStore.php Remote File Inclusion
phpBB Mod OpenID 0.2.0 - BBStore.php Remote File Inclusion ============================================ = = = XORON c 2007 = = = ============================================ = = = phpBB Openid 0.2.0 Remote File Include = = = ============================================ = = Download: =...
NovaSTOR NovaNET 12.0 - Remote SYSTEM
NovaSTOR NovaNET 12.0 - Remote SYSTEM // source: https://www.securityfocus.com/bid/39693/info NovaStor NovaNET is prone to code-execution, denial-of-service, and information-disclosure vulnerabilities. An attacker can exploit these issues to execute arbitrary code, access sensitive information, o...
Trend Micro ServerProtect - eng50.dll Remote Stack Overflow
Trend Micro ServerProtect - eng50.dll Remote Stack Overflow / Copyright c 2007 devcode ^^ D E V C O D E ^^ Trend Micro ServerProtect eng50.dll Stack Overflow CVE-2007-1070 Description: A boundary error within a function in eng50.dll can be exploited to cause a stack-based buffer overflow via a...
Joomla! 1.5 Beta 2 - Search Remote Code Execution
Joomla! 1.5 Beta 2 - Search Remote Code Execution SEC Consult Security Advisory ======================================================================= title: Remote command execution in Joomla! CMS program: Joomla! vulnerable version: 1.5 beta 2 Earlier 1.5 versions may be vulnerable too! impact...
Pictures Rating - index.php?msgid SQL Injection
Pictures Rating - index.php?msgid SQL Injection --==+================================================================================+==-- --==+ Pictures Rating SQL Injection Vulnerbility +==-- --==+================================================================================+==-- AUTHOR:...
Microsoft Windows - Animated Cursor Stack Overflow
Microsoft Windows - Animated Cursor Stack Overflow !/usr/bin/env python $Id: win32-loadaniicon.py 4 2007-06-02 00:47:59Z ramon $ Windows Animated Cursor Stack Overflow Exploit Copyright 2007 Ramon de Carvalho Valle , RISE Security This program is free software; you can redistribute it and/or modi...
Prototype of an PHP Application 0.1 - identdisconnect.php?path_inc Remote File Inclusion
Prototype of an PHP Application 0.1 - identdisconnect.php?pathinc Remote File Inclusion source: https://www.securityfocus.com/bid/24266/info 'Prototype of an PHP application' is prone to multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input to the...
wanewsletter 2.1.3 - Remote File Inclusion
wanewsletter 2.1.3 - Remote File Inclusion ======================= S==A==U==D==I ======================== WAnewsletter-2.1.3 newsletter.php RFI Vul ============================================================== Found By : Mogatil , [email protected]...
CA BrightStor Backup 11.5.2.0 - Mediasvr.exe Denial of Service
CA BrightStor Backup 11.5.2.0 - Mediasvr.exe Denial of Service !/usr/bin/python Computer Associates CA Brightstor Backup Mediasvr.exe DoS catirpc.dll/rwxdr.dll Previously Unknown There is an issue with RPC operation 126 and the imported cactirpc.dll and rwxdr.dll. It looks as if Mediasvr.exe...
MyBulletinBoard (MyBB) 1.2.2 - CLIENT-IP SQL Injection
MyBulletinBoard MyBB 1.2.2 - CLIENT-IP SQL Injection !/usr/bin/perl LOGO Mybb = 4.1 wwork: blind sql-inj ggoogle: Powered By MyBB coded by Elekt antichat.ru Coments ОпиÑание: Работа ÑкÑплойта оÑнована на sql-инъекции в HTTPCLIENTIP...
Mozilla Firefox 2.0.0.2 - Document.Cookie Path Argument Denial of Service
Mozilla Firefox 2.0.0.2 - Document.Cookie Path Argument Denial of Service source: https://www.securityfocus.com/bid/22879/info Mozilla Firefox is prone to a remote denial-of-service vulnerability. An attacker may exploit this vulnerability to cause Mozilla Firefox to crash, resulting in...
Liberum Help Desk 0.97.3 - SQL Injection
Liberum Help Desk 0.97.3 - SQL Injection Title : Liberum Help Desk All Password Changed to "kro" """"""""""""""""""""" ajann,Turkey ... Im not Hacker! milw0rm.com 2006-11-25...
2020 Applications Data Shed 1.0 - f-email.asp?itemID SQL Injection
2020 Applications Data Shed 1.0 - f-email.asp?itemID SQL Injection source: https://www.securityfocus.com/bid/21156/info 20/20 DataShed is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these...
Teamtek Universal FTP Server - Multiple Commands Remote Denial of Service Vulnerabilities
Teamtek Universal FTP Server - Multiple Commands Remote Denial of Service Vulnerabilities source: https://www.securityfocus.com/bid/21085/info Universal FTP Server is prone to multiple remote denial-of-service vulnerabilities because the application fails to handle exceptional conditions. An...
D-Link DWL-G132 - Wireless Driver Beacon Rates Overflow (Metasploit)
D-Link DWL-G132 - Wireless Driver Beacon Rates Overflow Metasploit $Id: dlinkwifirates.rb 9670 2010-07-03 03:19:07Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more...
QK SMTP 3.01 - RCPT TO Remote Buffer Overflow (1)
QK SMTP 3.01 - RCPT TO Remote Buffer Overflow 1 / . \ \ \ \ | | / | | | | \ / / /\ \ / \ | \ / / / / 25\10\06 / || / / mm. dM8 YMMMb. dMM8 YMMMMb dMMM' YMMMb dMMMP There are doors I have yet to open YMMM MMM' windows I have yet to look through "MbdMP Going forward may not be the answer...
LoCal Calendar 1.1 - lcUser.php Remote File Inclusion
LoCal Calendar 1.1 - lcUser.php Remote File Inclusion +------------------------------------------------------------------------------------------- local Calendar System v1.1 lcUser.php Remote File Include --------------------------------------------------------------------------------------------...
myEvent 1.21.3 - myevent.php Remote File Inclusion
myEvent 1.21.3 - myevent.php Remote File Inclusion source: https://www.securityfocus.com/bid/19246/info myEvent is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include arbitrary remote files containin...
DreamAccount 3.1 - auth.api.php Remote File Inclusion
DreamAccount 3.1 - auth.api.php Remote File Inclusion !/usr/bin/perl use HTTP::Request; use LWP::UserAgent; ---------------------------------------------------- DREAMACCOUNT V3.1 Remote Command Execution Exploit ---------------------------------------------------- Discovered By CrAshoVeRrIdEArabi...
Papoo 2.1.2 - Guestbook.php?menuid SQL Injection
Papoo 2.1.2 - Guestbook.php?menuid SQL Injection source: https://www.securityfocus.com/bid/16020/info Papoo is prone to multiple SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. Successful...
Limbo 1.0.4.2 - _SERVER[REMOTE_ADDR] Remote Command Execution
Limbo 1.0.4.2 - SERVERREMOTEADDR Remote Command Execution this works wtih registerglobals off & regardless of magicquotesgpc settings usage: launch from Apache, fill in requested fields, then go! Sun-Tzu: "Humble words and increased preparations are signs that the enemy is about to advance. Viole...
Virtools Web Player 3.0.0.100 - Buffer Overflow (Denial of Service) (PoC)
Virtools Web Player 3.0.0.100 - Buffer Overflow Denial of Service PoC / by Luigi Auriemma / include include include include ifdef WIN32 include typedef unsigned char uchar; typedef unsigned int uint; define ftruncate chsize else include include endif define VER "0.1" define SIGN "Nemo" define FIL...
Wireless Tools 26 (IWConfig) - Local Privilege Escalation
Wireless Tools 26 IWConfig - Local Privilege Escalation // if the iwconfig executable is setuid /str0ke include include include include / 45 Byte /bin/sh http://www.milw0rm.com/id.php?id=1169 https://www.exploit-db.com/exploits/1169/ / char shellcode= "\x31\xc0\x31\xdb\x50\x68\x2f\x2f"...
Multiple OS (Win32AixCisco) - Crafted ICMP Messages Denial of Service (MS05-019)
Multiple OS Win32AixCisco - Crafted ICMP Messages Denial of Service MS05-019 / HOD-icmp-attacks-poc.c: 2005-04-15: PUBLIC v.0.2 Copyright c 2004-2005 houseofdabus. MS05-019 CISCO:20050412 ICMP attacks against TCP Proof-of-Concept .:: houseofdabus ::. for more details:...
Microsoft Windows XP2003 - Remote Denial of Service
Microsoft Windows XP2003 - Remote Denial of Service / Added Line 1 - BSDSOURCE!!!! /str0ke / define BSDSOURCE include include include include include include include include include include include / Windows Server 2003 and XP SP2 remote DoS exploit Tested under OpenBSD 3.6 at WinXP SP 2 Vuln by...
Linux Kernel 2.4 - uselib() Local Privilege Escalation (2)
Linux Kernel 2.4 - uselib Local Privilege Escalation 2 / EDB Note: There's is an updated version https://www.exploit-db.com/exploits/895/ / / Linux kernel 2.4 uselib privilege elevation exploit. original exploit source from http://isec.pl reference:...
NapShare 1.2 - Remote Buffer Overflow (2)
NapShare 1.2 - Remote Buffer Overflow 2 // source: https://www.securityfocus.com/bid/11967/info It is reported that NapShare is susceptible to a remote buffer overflow vulnerability. This is due to a failure of the application to properly bounds check user-supplied data prior to copying it to a...
Invision Power Board (IP.Board) 1.3.1 - Design Error
Invision Power Board IP.Board 1.3.1 - Design Error IP.Board Design Error Vendor: Invision Power Services Product: IP.Board Version: = 1.3.1 Website: http://www.invisionpower.com/ BID: 10559 Description: Invision Power Board IPB is a professional forum system that has been built from the ground up...
Microsoft Windows XP2000 - showHelp .CHM File Execution (MS03-004)
Microsoft Windows XP2000 - showHelp .CHM File Execution MS03-004 source: https://www.securityfocus.com/bid/9320/info Microsoft Windows is prone to a security flaw in the implementation of the showHelp function. Microsoft previously released patches that provide security measures to prevent abuse ...
Microsoft Windows Server 2000 - CreateFile API Named Pipe Privilege Escalation (2)
Microsoft Windows Server 2000 - CreateFile API Named Pipe Privilege Escalation 2 // source: https://www.securityfocus.com/bid/8128/info It has been reported that Microsoft Windows does not properly handle named pipes through the CreateFile API. Because of this, an attacker may be able to gain...
Trend Micro ScanMail For Exchange 3.8 - Authentication Bypass
Trend Micro ScanMail For Exchange 3.8 - Authentication Bypass source: https://www.securityfocus.com/bid/6619/info A vulnerability has been reported for ScanMail for Microsoft Exchange. The vulnerability allows a remote attacker to bypass existing authentication mechanisms and obtain access to...
Cisco CBOS 2.x - Broadband Operating System TCPIP Stack Denial of Service
Cisco CBOS 2.x - Broadband Operating System TCPIP Stack Denial of Service source: https://www.securityfocus.com/bid/4815/info Cisco Broadband Operating System CBOS is the operating system used on Cisco 600 series routers. When the CBOS TCP/IP stack is forced to process a high number of unusually...
National Instruments LabVIEW 5.1.16.06.1 - HTTP Request Denial of Service
National Instruments LabVIEW 5.1.16.06.1 - HTTP Request Denial of Service source: https://www.securityfocus.com/bid/4577/info A vulnerability has been reported in some versions of National Instruments LabVIEW for Linux and Microsoft Windows. LabVIEW includes an integrated HTTP server. If a...
Brecht Claerhout Sniffit 0.3.6 HIP0.3.7 Beta - Mail Logging Buffer Overflow (3)
Brecht Claerhout Sniffit 0.3.6 HIP0.3.7 Beta - Mail Logging Buffer Overflow 3 // source: https://www.securityfocus.com/bid/1158/info Sniffit is a freely available, open source network monitoring tool. It is designed for use on the Unix and Linux Operating Systems. Sniffit contains a remotely...
Sun SunVTS 4.x - PTExec Buffer Overflow
Sun SunVTS 4.x - PTExec Buffer Overflow source: https://www.securityfocus.com/bid/2898/info SunVTS is the Sun Validation Test Suite, distributed and maintained by Sun Microsystems. The SunVTS is used to test various components of OEM Sun hardware, and can also be used to stress-test components an...
Microsoft Windows Server 2000 SP1SP2 - isapi .printer Extension Overflow (1)
Microsoft Windows Server 2000 SP1SP2 - isapi .printer Extension Overflow 1 / iishack 2000 - eEye Digital Security - 2001 This affects all unpatched windows 2000 machines with the .printer isapi filter loaded. This is purely proof of concept. Quick rundown of the exploit: Eip overruns at position...
Cisco Catalyst 4000 4.x5.x Catalyst 5000 4.55.x Catalyst 6000 5.x - Memory Leak Denial of Service
Cisco Catalyst 4000 4.x5.x Catalyst 5000 4.55.x Catalyst 6000 5.x - Memory Leak Denial of Service source: https://www.securityfocus.com/bid/2072/info Cisco Catalyst is a high speed switch implemented in local area networks. The telnet server that is built into the Catalyst firmware for remote...
McMurtreyWhitaker Associates Cart32 3.03.13.5 - Full Path Disclosure
McMurtreyWhitaker Associates Cart32 3.03.13.5 - Full Path Disclosure source : https://www.securityfocus.com/bid/1932/info Cart32 is a shopping cart application for e-commerce enabled sites. Cart32 contains a vulnerability which reveals server information. Requesting a specially crafted URL, by wa...
Tomcat 3.03.1 Snoop Servlet - Information Disclosure
Tomcat 3.03.1 Snoop Servlet - Information Disclosure source: https://www.securityfocus.com/bid/1532/info A vulnerability exists in the snoop servlet portion of the Tomcat package, version 3.1, from the Apache Software Foundation. Upon hitting an nonexistent file with the .snp extension, too much...
RedHat 6.2 Piranha Virtual Server Package - Default Account and Password
RedHat 6.2 Piranha Virtual Server Package - Default Account and Password source: https://www.securityfocus.com/bid/1148/info A default username and password has been discovered in the Piranha virtual server and load balancing package from RedHat. Version 0.4.12 of the piranha-gui program contains...
3R Soft MailStudio 2000 2.0 - userreg.cgi Arbitrary Command Execution
3R Soft MailStudio 2000 2.0 - userreg.cgi Arbitrary Command Execution // source: https://www.securityfocus.com/bid/1335/info MailStudio 2000 is vulnerable to multiple attacks. It is possible for a remote user to gain read access to all files located on the server via the usage of the "/.." string...
Phorum 3.0.7 - violation.php3 Arbitrary Email Relay
Phorum 3.0.7 - violation.php3 Arbitrary Email Relay source: https://www.securityfocus.com/bid/2272/info Phorum is a freely available, open source package originally written by Brian Moon. The package is designed to add enhanced features to a web page, allowing users to interact through bulletin...
Majordomo 1.94.41.94.5 - Local -C Parameter (2)
Majordomo 1.94.41.94.5 - Local -C Parameter 2 // source: https://www.securityfocus.com/bid/903/info It is possible for a local user to gain majordomo privileges through a vulnerability which allows privileged arbitrary commands to be executed. If the -C parameter is passed to majordomo or one of...
Microsoft Internet Explorer 4.x5 Outlook 2000 098 0Express 4.x - ActiveX .CAB File Execution
Microsoft Internet Explorer 4.x5 Outlook 2000 098 0Express 4.x - ActiveX .CAB File Execution Microsoft Internet Explorer 4.0 for Windows 95/Windows NT 4,Internet Explorer 4.1 for Windows 95/Windows 98/Windows NT 4,Internet Explorer 5.0 for Windows 2000/Windows 95/Windows 98/Windows NT 4,Internet...
PhpIX 2012 Professional - id SQL Injection
PhpIX 2012 Professional - id SQL Injection Title: PhpIX 2012 Professional - 'id' SQL Injection Date: 2020-02-26 Author: indoushka Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 69.032-bit Vendor : http://www.allhandsmarketing.com/ poc : + Dorking İn Google Or Other Search...
Odin Secure FTP Expert 7.6.3 - Denial of Service (PoC)
Odin Secure FTP Expert 7.6.3 - Denial of Service PoC Exploit Title : Odin Secure FTP Expert 7.6.3 - Denial of Service PoC Exploit Author : Berat Isler Date : 2020-02-25 Vendor Homepage : https://odin-secure-ftp-expert.jaleco.com/ Software Link Download :...
SOPlanning 1.45 - by SQL Injection
SOPlanning 1.45 - by SQL Injection Exploit Title: SOPlanning 1.45 - 'by' SQL Injection Date: 2020-02-14 Exploit Author: J3rryBl4nks Vendor Homepage: https://www.soplanning.org/en/ Software Link: https://sourceforge.net/projects/soplanning/files/soplanning/ Version 1.45 Tested on Windows 10/Kali...