41207 matches found
AWS Xms 2.5 - importer.php?what Directory Traversal
AWS Xms 2.5 - importer.php?what Directory Traversal Advisory ID: HTB23147 Product: AWS XMS Vendor: http://www.aws-dms.com Vulnerable Versions: 2.5 and probably prior Tested Version: 2.5 Vendor Notification: March 6, 2013 Vendor Patch: March 16, 2013 Public Disclosure: March 27, 2013 Vulnerability...
Konftel 300IP SIP-based Conference Phone 2.1.2 - Remote Bypass Reboot
Konftel 300IP SIP-based Conference Phone 2.1.2 - Remote Bypass Reboot !/bin/bash Konftel 300IP SIP-based Conference phone = 2.1.2 remote bypass reboot exploit by Todor Donev / 03.2013 / Sofia,Bulgaria email: todor dot donev at gmail com type: hardware The Konftel 300IP is a flexible SIP-based...
KindEditor - Multiple Arbitrary File Upload Vulnerabilities
KindEditor - Multiple Arbitrary File Upload Vulnerabilities source: https://www.securityfocus.com/bid/58431/info KindEditor is prone to multiple remote file-upload vulnerabilities because it fails to sufficiently sanitize user-supplied input. Attackers can exploit these issues to upload arbitrary...
Linksys WRT160N - Multiple Vulnerabilities
Linksys WRT160N - Multiple Vulnerabilities Device Name: Linksys WRT160Nv2 Vendor: Linksys/Cisco ============ Device Description: ============ Best For: Delivers plenty of speed and coverage, so large groups of users can go online, transfer large files, print, and stream stored media Features: Fas...
Centreon Enterprise Server 2.3.3 2.3.9-4 - Blind SQL Injection
Centreon Enterprise Server 2.3.3 2.3.9-4 - Blind SQL Injection !/usr/bin/env python Exploit Title: Centreon 2.3.3 - 2.3.9-4 menuXML.php Blind SQL Injection Exploit Disclosure Date: December 12, 2012 Author: modpr0be @modpr0be Platform: Linux Tested on: Centreon Enterprise Server with Centreon...
Achievo 1.4.5 - Multiple Vulnerabilities (2)
Achievo 1.4.5 - Multiple Vulnerabilities 2 Advisory ID: HTB23126 Product: Achievo Vendor: www.achievo.org Vulnerable Versions: 1.4.5 and probably prior Tested Version: 1.4.5 Vendor Notification: November 14, 2012 Public Disclosure: December 5, 2012 Vulnerability Type: SQL Injection CWE-89,...
Kordil EDms 2.2.60rc3 - SQL Injection
Kordil EDms 2.2.60rc3 - SQL Injection Exploit Title: Kordil EDMS v2.2.60rc3 SQL Injection Vulnerability Date: 12/05/2012 Exploit Author: Woody Hughes Vendor Homepage: http://sourceforge.net/projects/kordiledms/ Software Link: http://sourceforge.net/projects/kordiledms/files/latest/download Versio...
FirePass SSL VPN - Local File Inclusion
FirePass SSL VPN - Local File Inclusion SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Unauthenticated local file inclusion product: F5 FirePass SSL VPN vulnerable version: = 7.0.0 HF-70-6 fixed version: 7.0.0 HF-70-7...
Zoner Photo Studio 15 b3 - Buffer Overflow (PoC)
Zoner Photo Studio 15 b3 - Buffer Overflow PoC Title: ====== Zoner Photo Studio v15 b3 - Buffer Overflow Vulnerabilities Date: ===== 2012-11-13 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=759 VL-ID: ===== 759 Common Vulnerability Scoring System:...
QNX 6.5.0 QCONN 1.4.207944 - Remote Command Execution
QNX 6.5.0 QCONN 1.4.207944 - Remote Command Execution Title : QNX QCONN Remote Command Execution Vurnerability Version : QNX 6.5.0 = , QCONN = 1.4.207944 Download: http://www.qnx.com/download/feature.html?programid=23665 QNX Neutrino 6.5.0 SP1 Vendor : http://www.qnx.com Date : 2012/09/09 CVE : N...
SpiceWorks 6.0.00993 - Multiple Script Injection Vulnerabilities
SpiceWorks 6.0.00993 - Multiple Script Injection Vulnerabilities !-- Title: Spiceworks 6.0.00993 Multiple Script Injection Vulnerabilities Vendor: Spiceworks Inc. Product web page: http://www.spiceworks.com Affected version: 6.0.00993 and 6.0.00966 Summary: The Spiceworks IT Desktop delivers near...
Novell Groupwise 8.0.2 HP3 and 2012 - Integer Overflow
Novell Groupwise 8.0.2 HP3 and 2012 - Integer Overflow Application: Novell Groupwise Platforms: Windows Version: 8.0.2 HP3 and 2012 Secunia: SA50622 PRL: 2012-28 Author: Francis Provencher Protek Research Lab's Website: http://www.protekresearchlab.com/ Twitter: @ProtekResearch 1 Introduction 2...
libguac - Remote Buffer Overflow
libguac - Remote Buffer Overflow source: https://www.securityfocus.com/bid/55497/info libguac is prone to a remote buffer-overflow vulnerability. Attackers can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in...
Adobe Photoshop CS6 - .png Parsing Heap Overflow
Adobe Photoshop CS6 - .png Parsing Heap Overflow Application: Adobe Photoshop CS6 PNG Parsing Heap Overflow Platforms: Windows & Macintosh Versions: 13.x Secunia: SA49141 PRL: 2012-27 Author: Francis Provencher Protek Research Lab's Website: http://www.protekresearchlab.com/ Twitter:...
CommPort 1.01 - Multiple Vulnerabilities
CommPort 1.01 - Multiple Vulnerabilities -------------------------------------------- CommPort 1.01 Vendor information: "A 'Community Portal' generator that can be tailored for any location. Each user gets a personal portal page to which they can add their own 'channels' or select from a growing...
Zend Framework 2.0.0 beta4 1.12 RC1 1.11.11 - Local File Disclosure
Zend Framework 2.0.0 beta4 1.12 RC1 1.11.11 - Local File Disclosure SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Local file disclosure via XXE injection product: Zend Framework vulnerable version: 1.11.11 1.12.0 RC1...
Able2Doc and Able2Doc Professional 6.0 - Memory Corruption
Able2Doc and Able2Doc Professional 6.0 - Memory Corruption Exploit Title: Able2Doc and Able2Doc Professional v 6.0 memory corruption Date: June 24 2012 Exploit Author: Carlos Mario Penagos Hollmann Vendor Homepage: www.investintech.com Version:6.0 Tested on: Windows 7 CVE : cve-2011-4221 payload...
Qutecom SoftPhone 2.2.1 - Heap Overflow Crash (Denial of Service) PoC)
Qutecom SoftPhone 2.2.1 - Heap Overflow Crash Denial of Service PoC Title: Qutecom Cross-platform, open source softphone Heap Overflow DoS/Crash Proof of Concept Date: 14th June 2012 Exploit Author: Debasish Mandal Author's Blog : http://www.debasish.in/ Vendor Homepage: http://qutecom.org/...
XnView - .ECW Image Processing Heap Overflow
XnView - .ECW Image Processing Heap Overflow Application: XnView ECW Image Processing Heap Overflow Platforms: Windows Secunia: SA49091 PRL: 2012-13 Author: Francis Provencher Protek Research Lab's Website: http://www.protekresearchlab.com/ Twitter: @ProtekResearch 1 Introduction 2 Report Timelin...
Apple iTunes 10.6.1.7 - .m3u Walking Heap Buffer Overflow (PoC)
Apple iTunes 10.6.1.7 - .m3u Walking Heap Buffer Overflow PoC !/usr/bin/perl Apple iTunes 10.6.1.7 M3U Playlist File Walking Heap Buffer Overflow Vendor: Apple Inc. Product web page: http://www.apple.com Affected version: 10.6.1.7 and 10.6.0.40 Summary: iTunes is a free application for your Mac o...
WordPress Plugin Pica Photo Gallery 1.0 - Arbitrary File Upload
WordPress Plugin Pica Photo Gallery 1.0 - Arbitrary File Upload Exploit Title: Wordpress Pica Photo Gallery 1.0 Arbitrary File Upload Google Dork: inurl:wp-content/plugins/pica-photo-gallery/ Date: 11/06/2012 Exploit Author: Adrien Thierry Vendor Homepage: http://www.apptha.com Software Link:...
SocialEngine 4.2.2 - Multiple Vulnerabilities
SocialEngine 4.2.2 - Multiple Vulnerabilities Social Engine 4.2.2 Multiples Vulnerabilities Earlier versions are also possibly vulnerable. INFORMATION Product: Social Engine 4.2.2 Remote-Exploit: yes Vendor-URL: http://www.socialengine.net/ Discovered by: Tiago Natel de Moura aka "i4k" Discovered...
Genium CMS 2012Q2 - Multiple Vulnerabilities
Genium CMS 2012Q2 - Multiple Vulnerabilities Title: ====== Genium CMS 2012|Q2 - Multiple Web Vulnerabilities Date: ===== 2012-05-02 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=517 VL-ID: ===== 517 Introduction: ============= Durch den Einsatz von Genium CMS können S...
Lynx Message Server - Multiple Vulnerabilities
Lynx Message Server - Multiple Vulnerabilities 1. Summary The Micro Technology Services Inc. "Lynx Message Server 7.11.10.2" and/or "LynxTCPService version 1.1.62" web interface is vulnerable to SQL Injection, Cross-Site Scripting, and other security problems. 2. Description Lynx is a "Facility...
Microsoft .NET Framework EncoderParameter - Integer Overflow (MS12-025)
Microsoft .NET Framework EncoderParameter - Integer Overflow MS12-025 ------------------------------------------------------------------------ .NET Framework EncoderParameter integer overflow vulnerability ------------------------------------------------------------------------ Yorick Koster,...
ManageEngine DeviceExpert 5.6 Java Server ScheduleResultViewer servlet - Directory Traversal
ManageEngine DeviceExpert 5.6 Java Server ScheduleResultViewer servlet - Directory Traversal ManageEngine DeviceExpert 5.6 Java Server ScheduleResultViewer servlet Unauthenticated Remote Directory Traversal Database Backup / auth-conf.xml Disclosure Exploit product homepage:...
Cycade Gallery - SQL Injection
Cycade Gallery - SQL Injection Exploit Title: Cycade Gallery SQL Injection Exploit Date: 3/12/2012 Author: -DownFall Vendor or Software Link: Cycade Content Management - http://www.cycade.com/ Category: Web Apps - 0-Day Google dork: intext:"Powered by Cycade" inurl:"gid=" Tested on: Windows 7...
libpurple 2.8.10 - OTR Information Disclosure
libpurple 2.8.10 - OTR Information Disclosure source: https://www.securityfocus.com/bid/52175/info libpurple is prone to an information-disclosure vulnerability. Successful exploits may allow attackers to obtain potentially sensitive information that may aid in other attacks. The following produc...
CoDeSys SCADA 2.3 - Remote Buffer Overflow
CoDeSys SCADA 2.3 - Remote Buffer Overflow / See Also: http://aluigi.altervista.org/adv/codesys1-adv.txt CoDeSys v2.3 Industrial Control System Development Software Remote Buffer Overflow Exploit for CoDeSys Scada webserver Author : Celil UNUVER, SignalSEC Labs www.signalsec.com Tested on WinXP S...
optima apiftp server 1.5.2.13 - Multiple Vulnerabilities
optima apiftp server 1.5.2.13 - Multiple Vulnerabilities Luigi Auriemma Application: Optima APIFTP Server http://www.optimalog.com/home.html Versions: = 1.5.2.13 Platforms: Windows Bugs: A NULL pointer B endless loop Exploitation: remote Date: 13 Nov 2011 Author: Luigi Auriemma e-mail:...
Sagem Router Fast 330434643504 - Telnet Authentication Bypass
Sagem Router Fast 330434643504 - Telnet Authentication Bypass !/home/bin/python Remote Exploit: SAGEM ROUTER FAST 3304/3464/3504 - Telnet Authentication bypass Date: 15-August-2011 Author: Elouafiq Ali Version: 3304-V1 / 3304-V2 / 3464 / 3504 Tested on: Linux Ubuntu 11.04, Linux Backtrack 5 Teste...
HP Network Automation 9.10 - SQL Injection
HP Network Automation 9.10 - SQL Injection source: https://www.securityfocus.com/bid/48924/info HP Network Automation is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow...
FLVPlayer4Free 2.9 - .fp4f Remote Buffer Overflow
FLVPlayer4Free 2.9 - .fp4f Remote Buffer Overflow source: https://www.securityfocus.com/bid/47045/info FLVPlayer4Free is prone to a remote buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied input. Attackers may leverage this issue to...
Multiple Vendor Calendar Manager - Remote Code Execution
Multiple Vendor Calendar Manager - Remote Code Execution / Rodrigo Rubira Branco BSDaemon - http://www.kernelhacking.com/rodrigo http://www.risesecurity.org / include include include include include define CMSDPROG 100068 define CMSDVERS 4 define CMSDINSERT 6 define CMSDUNKN 10 struct cmsend char...
Qcodo Development Framework 0.3.3 - Full Information Disclosure
Qcodo Development Framework 0.3.3 - Full Information Disclosure Exploit Title: Qcodo Development Framework 0.3.3 Full Info Disclosure Google Dork: allintext: /qcodo/devtools/codegen.php Date: 5/02/2011 Author: Daniel Godoy Author Mail: DanielGodoyatGobiernoFederaldotcom Author Web:...
Joomla! Component JE Auto - Local File Inclusion
Joomla! Component JE Auto - Local File Inclusion Name : Joomla comjeauto LFI Vulnerability Date : Dec,7 2010 Vendor Url :http://joomlaextensions.co.in/jeauto Dork:inurl:comjeauto Author : Sid3^effects aKa HaRi Big hugs : Th3 RDX,Hananbutt, special thanks to : r0073r inj3ct0r.com,L0rd...
Radius Manager 3.8.0 - Multiple Cross-Site Scripting Vulnerabilities
Radius Manager 3.8.0 - Multiple Cross-Site Scripting Vulnerabilities Check Point Software Technologies - Vulnerability Discovery Team VDT http://www.checkpoint.com/defense/ Radius Manager Multiple Cross Site Scripting Issues CVE-2010-4275 INTRODUCTION Radius Manager is a centralized way for...
Wolf CMS 0.6.0b - Multiple Vulnerabilities
Wolf CMS 0.6.0b - Multiple Vulnerabilities Vulnerability ID: HTB22681 Reference: http://www.htbridge.ch/advisory/xsrfcsrfinwolfcms.html Product: Wolf CMS Vendor: Wolf CMS team http://www.wolfcms.org/ Vulnerable Version: 0.6.0b and probably prior versions Vendor Notification: 09 November 2010...
Zoopeer 0.10.2 - FCKeditor Arbitrary File Upload
Zoopeer 0.10.2 - FCKeditor Arbitrary File Upload ============================================================= Zoopeer 0.1 & 0.2 fckeditor Zoopeer Shell Upload Vulnerability ============================================================= Exploit Title: Zoopeer 0.1 & 0.2 fckeditor Date: 27-10-2010...
Mozilla Firefox 3.6.3 - XSLT Sort Remote Code Execution
Mozilla Firefox 3.6.3 - XSLT Sort Remote Code Execution ''' | / |/ \ /\ | | | | \ | \ / | | | | / \ | | | | | | | |/| | | | |/ /\ | | | | Beatles """ BlockCount = 43000 count = 1 whilecount\n" count = count + 1 myStyle = myStyle +""" xsl:value-of select="name/l...
Microsoft Excel - 0x5D record Stack Overflow (MS10-038)
Microsoft Excel - 0x5D record Stack Overflow MS10-038 This is an exploit for MS10-038/CVE-2010-0822 Everything is hardcoded! winxp sp3 webDEViL w3bd3vilatgmaildot.com http://krash.in/excel1.xls Office 2007 - 12.0.4518.1014 MS10-038 bulletin states that Office 2007 is not vulnerable, lol import...
Struts2XWork 2.2.0 - Remote Command Execution
Struts2XWork 2.2.0 - Remote Command Execution Friday, July 9, 2010 CVE-2010-1870: Struts2/XWork remote command execution Update Tue Jul 13 2010: Added proof of concept Apache Struts team has announced uploaded but has not released, due to an unreasonably prolonged voting process, the 2.2.0 releas...
Joomla! Component Phoca Gallery 2.7.3 - SQL Injection
Joomla! Component Phoca Gallery 2.7.3 - SQL Injection --------------------------------------------------------------------------- Founded by RoAdKiLlEr Team: Albanian Hacking Crew Contact: RoAdKiLlEratKhg-CrewdotWs Home: http://a-h-crew.net Download...
Esoftpro Online Photo Pro 2 - Multiple Vulnerabilities
Esoftpro Online Photo Pro 2 - Multiple Vulnerabilities Exploit Title: Esoftpro Online Photo Pro Multiple Vulnerability Vendor url:http://www.esoftpro.com/ Version:2 Author: L0rd CrusAd3r aka VSN [email protected] Published: 2010-07-4 Greetz to:r0073r inj3ct0r.com, Sid3^effects, MaYur, MA1201,...
HP OpenView Network Node Manager (OV NNM) - getnnmdata.exe CGI Invalid Hostname Remote Code Execution
HP OpenView Network Node Manager OV NNM - getnnmdata.exe CGI Invalid Hostname Remote Code Execution Exploit Title: HP OpenView NNM getnnmdata.exe CGI Invalid Hostname Remote Code Execution Date: 2010.07.02 Author: S2 Crew Hungary Software Link: hp.com Version: 7.53 Tested on: Windows 2003 CVE:...
OpenEMR Electronic Medical Record Software 3.2 - Multiple Vulnerabilities
OpenEMR Electronic Medical Record Software 3.2 - Multiple Vulnerabilities Redspin Security Notice -- RSN-2010-01 Multiple vulnerabilities in OpenEMR Electronic Medical Record Software Overview ---------------- Quote from http://www.oemr.org/ OpenEMR is a free medical practice management, electron...
Havij 1.10 - Persistent Cross-Site Scripting
Havij 1.10 - Persistent Cross-Site Scripting Exploit Title: Havij Persistent XSS =v1.10 Date: 15/6/2010 Author: hexon Version: 1.10 and below Tested on: Windows XP Service Pack 2 Professional, Windows 7 Code : htttp://site.com/file.php?param=XSS Code Havij Persistent XSS =v1.10 By : Hkhexon...
Eyeland Studio Inc. - game.php SQL Injection
Eyeland Studio Inc. - game.php SQL Injection Eyeland Studio Inc. game.php SQL Injection Vulnerability Author : CoBRa21 Script Home : http://www.eyeland.com/ Dork : "Eyeland Studio Inc. All Rights Reserved." inurl:game.php SQL Injection:...
Nginx 0.7.650.8.39 (dev) - Source Disclosure Download
Nginx 0.7.650.8.39 dev - Source Disclosure Download TITLE: NGINX ENGINE X SERVER http://nginx.org/en/ ref-1 ======TESTED VERSIONS===== Unix versions are not vulnerable it only affects to NTFS file system Windows Stable versions: nginx/0.7.66 -- Not vulnerable nginx/0.7.65 -- Vulnerable nginx/0.7....
interuse Website Builder design - index2.php SQL Injection
interuse Website Builder design - index2.php SQL Injection ------------------------------------------------------------------------------------------- interuse Website Builder & design index2.php SQL Injection Vulnerability...