41207 matches found
Hornbill Supportworks ITSM 1.0.0 - SQL Injection
Hornbill Supportworks ITSM 1.0.0 - SQL Injection Summary SQL Injection Vulnerability in ITSM component of Hornbill Supportworks Application CVE number: CVE-2013-2594 Impact: High Vendor homepage: http://www.hornbill.com Vendor notified: 19/11/2012 Vendor response: This issue has reportedly been...
NETGEAR WNR1000 - Authentication Bypass
NETGEAR WNR1000 - Authentication Bypass Authentication bypass on Netgear WNR1000 ======================================== ADVISORY INFORMATION Title: Authentication bypass on Netgear WNR1000 Discovery date: 10/11/2012 Release date: 29/03/2013 Credits: Roberto Paleari [email protected], twitter:...
TP-Link TL-WR740N Wireless Router - Denial of Service
TP-Link TL-WR740N Wireless Router - Denial of Service !/usr/local/bin/perl TP-Link TL-WR740N Wireless Router Remote Denial Of Service Exploit Vendor: TP-LINK Technologies Co., Ltd. Product web page: http://www.tp-link.us Affected version: - Firmware version: 3.16.4 Build 130205 Rel.63875n...
Rebus:list - list.php?list_id SQL Injection
Rebus:list - list.php?listid SQL Injection Exploit Title: Rebus:list SQL Injection Vulnerability Date: 3/18/2013 Vendor Homepage: http://www.ptfs-europe.com/products/rebus/rebuslist/ Author: Robert Cooper robert.cooper at areyousecure.net Tested on: Linux/Windows 7 Vulnerable Parameters: listid=...
Polycom HDX - Telnet Authentication Bypass (Metasploit)
Polycom HDX - Telnet Authentication Bypass Metasploit ======================================================================== = Polycom HDX Telnet Authorization Bypass = = Vendor Website: = www.polycom.com = = Affected Version: = Polycom HDX devices: = All releases prior to and including...
SumatraPDF 2.1.1MuPDF 1.0 - Integer Overflow
SumatraPDF 2.1.1MuPDF 1.0 - Integer Overflow Sumatra 2.1.1/MuPDF 1.0 Integer Overflow ======================================= There is an integer overflow on the MuPDF in the lexnumber function which can be triggered using a corrupt PDF file with ObjStm. I'm attaching a file that reproduces the...
Zoner Photo Studio 15 b3 - Buffer Overflow (PoC)
Zoner Photo Studio 15 b3 - Buffer Overflow PoC Title: ====== Zoner Photo Studio v15 b3 - Buffer Overflow Vulnerabilities Date: ===== 2012-11-13 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=759 VL-ID: ===== 759 Common Vulnerability Scoring System:...
ZPanel 10.0.1 - Cross-Site Request Forgery Cross-Site Scripting SQL Injection Password Reset
ZPanel 10.0.1 - Cross-Site Request Forgery Cross-Site Scripting SQL Injection Password Reset Exploit Title: ZPanel = 10.0.1 CSRF, XSS, SQLi, Password Reset Date: 04/11/2012 Exploit Author: pcsjj Vendor Homepage: http://www.zpanelcp.com/ Version: 10.0.1 Software Link:...
Cyme ChartFX Client Server - ActiveX Control Array Indexing
Cyme ChartFX Client Server - ActiveX Control Array Indexing Application: CYME Power Engineering Software Platforms: Windows Version: CYME version 5.0.12.663. Secunia: SA48430 PRL: 2012-29 Author: Francis Provencher Protek Research Lab's Website: http://www.protekresearchlab.com/ Twitter:...
jira 4.4.3 greenhopper 5.9.8 - Multiple Vulnerabilities
jira 4.4.3 greenhopper 5.9.8 - Multiple Vulnerabilities -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 CVE-2012-1500, Stored XSS in JIRA v4.4.3663-r165197, GreenHopper Resolved in Version 5.9.8, Proof of Concept External References: CVE-2112-1500 CVE-2112-1500 XSS.Cx Blog GHS-5642 Reported to...
CommPort 1.01 - Multiple Vulnerabilities
CommPort 1.01 - Multiple Vulnerabilities -------------------------------------------- CommPort 1.01 Vendor information: "A 'Community Portal' generator that can be tailored for any location. Each user gets a personal portal page to which they can add their own 'channels' or select from a growing...
Joomla! Component com_fireboard - SQL Injection
Joomla! Component comfireboard - SQL Injection Title: ====== Joomla comfireboard - SQL Injection Vulnerability Date: ===== 2012-07-11 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=655 VL-ID: ===== 655 Common Vulnerability Scoring System:...
Joomla! Component com_joomgalaxy 1.2.0.4 - Multiple Vulnerabilities
Joomla! Component comjoomgalaxy 1.2.0.4 - Multiple Vulnerabilities Exploit Title: Joomla joomgalaxy 1.2.0.4 Multiple Vulnerabilites dork: inurl:comjoomgalaxy Date: 01-08-2012 Author: Daniel Barragan "D4NB4R" Twitter: @D4NB4R site: http://poisonsecurity.wordpress.com/ Vendor:...
Reserve Logic 1.2 Booking CMS - Multiple Vulnerabilities
Reserve Logic 1.2 Booking CMS - Multiple Vulnerabilities Title: ====== Reserve Logic v1.2 Booking CMS - Multiple Vulnerabilities Date: ===== 2012-06-18 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=617 VL-ID: ===== 617 Common Vulnerability Scoring System:...
WANGKONGBAO CNS-1000 UTM IPS-FW - Directory Traversal (Metasploit)
WANGKONGBAO CNS-1000 UTM IPS-FW - Directory Traversal Metasploit Exploit Title: WANGKONGBAO CNS-1000 and 1100 Network Security Platform UTM Directory Traversal Date: 7/2/2012 Exploit Author: Dillon Beresford Vendor Homepage: http://www.wangkongbao.com/products.html Version: CNS-1000 and 1100 The...
Qutecom SoftPhone 2.2.1 - Heap Overflow Crash (Denial of Service) PoC)
Qutecom SoftPhone 2.2.1 - Heap Overflow Crash Denial of Service PoC Title: Qutecom Cross-platform, open source softphone Heap Overflow DoS/Crash Proof of Concept Date: 14th June 2012 Exploit Author: Debasish Mandal Author's Blog : http://www.debasish.in/ Vendor Homepage: http://qutecom.org/...
Apple iTunes 10.6.1.7 - .m3u Walking Heap Buffer Overflow (PoC)
Apple iTunes 10.6.1.7 - .m3u Walking Heap Buffer Overflow PoC !/usr/bin/perl Apple iTunes 10.6.1.7 M3U Playlist File Walking Heap Buffer Overflow Vendor: Apple Inc. Product web page: http://www.apple.com Affected version: 10.6.1.7 and 10.6.0.40 Summary: iTunes is a free application for your Mac o...
GIMP 2.6 script-fu 2.8.0 - Buffer Overflow (PoC)
GIMP 2.6 script-fu 2.8.0 - Buffer Overflow PoC / There is a buffer overflow in the script-fu server component of GIMP the GNU Image Manipulation Program in all 2.6 versions Windows and Linux versions affecting both the script-fu console and the script-fu network server. A crafted msg to the...
Symantec End Point Protection 11.x Symantec Network Access Control 11.x - Local Code Execution (PoC)
Symantec End Point Protection 11.x Symantec Network Access Control 11.x - Local Code Execution PoC Symantec End Point Protection 11.x & Symantec Network Access Control 11.x Local Code Execution POC Date: 22/05/2012 Author: 41.w4r10r Software Link: Symantec.com Version: 11.x Tested on: Windows XP...
Proman Xpress 5.0.1 - Multiple Vulnerabilities
Proman Xpress 5.0.1 - Multiple Vulnerabilities Title: ====== Proman Xpress v5.0.1 - Multiple Web Vulnerabilities Date: ===== 2012-05-09 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=513 VL-ID: ===== 512 Common Vulnerability Scoring System:...
WordPress 3.3.1 - Multiple Cross-Site Request Forgery Vulnerabilities
WordPress 3.3.1 - Multiple Cross-Site Request Forgery Vulnerabilities +---------------------------------------------------------------------------------------------------------------------------------------------------+ Exploit Title : Wordpress 3.3.1 Multiple CSRF Vulnerabilities Date : 19-03-20...
Microsoft .NET Framework EncoderParameter - Integer Overflow (MS12-025)
Microsoft .NET Framework EncoderParameter - Integer Overflow MS12-025 ------------------------------------------------------------------------ .NET Framework EncoderParameter integer overflow vulnerability ------------------------------------------------------------------------ Yorick Koster,...
ArticleSetup - Multiple Persistence Cross-Site Scripting SQL Injections
ArticleSetup - Multiple Persistence Cross-Site Scripting SQL Injections Title : ArticleSetup Multiple Persistence Cross-Site Scripting and SQL Injection Vulnerabilities Author : Antu Sanadi SecPod Technologies www.secpod.com Vendor : http://www.articlesetup.com/ Advisory :...
Yealink VOIP Phone - Persistent Cross-Site Scripting
Yealink VOIP Phone - Persistent Cross-Site Scripting ============================================================== Secur-I Research Group Security Advisory SV-2012-005 ============================================================== Title: Yealink VOIP Phone Persistent Cross Site Scripting...
Snom IP Phone - Privilege Escalation
Snom IP Phone - Privilege Escalation Sense of Security - Security Advisory - SOS-12-001 Release Date. 23-Feb-2012 Last Update. - Vendor Notification Date. 27-Jan-2012 Product. Snom IP Phone series Platform. Hardware Affected versions. All versions prior to v8.4.35 Severity Rating. High Impact...
Joomla! Component Module Simple File Upload 1.3 - Remote Code Execution
Joomla! Component Module Simple File Upload 1.3 - Remote Code Execution ?PHP / -------------------------------------------------------------------------------- Title: Simple File Upload v1.3 module for joomla Remote Code Execution Exploit...
CoDeSyS-SCADA-Server
CoDeSyS SCADA Exploit. Vulnerability occurs while parsing long HTTP requests in webserver. import string, sys import socket, httplib import telnetlib Target = sys.argv1 Port = intsys.argv2 ShellcodeType = sys.argv3 def howtousage: print "Sorry, required arguments: Host Port" sys.exit-1 def run:...
PHP Photo Album 0.4.1.16 - Multiple Disclosure Vulnerabilities
PHP Photo Album 0.4.1.16 - Multiple Disclosure Vulnerabilities ---------------------------------------------------------------- PHP Photo Album = 0.4.1.16 Multiple Disclosure Vulnerabilities ---------------------------------------------------------------- Exploit Title: PHP Photo Album = 0.4.1.16...
Vivvo CMS - Local File Inclusion
Vivvo CMS - Local File Inclusion !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! Exploit Title: Vivvo CMS - Local File include ! D0rk: Find YourSelf = ! Date: Sun, 02 Oct 2011 11:55:00 = ! Author: JaBrOtxHaCkEr ! Email My ^ [email protected] ^ ! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!...
Adobe Photoshop Elements 8.0 - Multiple Arbitrary Code Execution Vulnerabilities
Adobe Photoshop Elements 8.0 - Multiple Arbitrary Code Execution Vulnerabilities Title: ------ Adobe Photoshop Elements 8.0 Multiple Arbitrary Code Execution Vulnerabilities Vendor: ------- Adobe Systems Inc. http://www.adobe.com Product web page: -----------------...
Blue Coat Reporter - Directory Traversal
Blue Coat Reporter - Directory Traversal Exploit Title: Blue Coat Reporter Unauthenticated Directory Traversal Author: nitr0us / http://twitter.com/nitr0usmx Software Link: http://www.bluecoat.com/products/reporter Version: 9.2.x - 9.1.x Tested on: Windows Server 2003 Standard Blue Coat Reporter...
NetCat CMS - Multiple Vulnerabilities
NetCat CMS - Multiple Vulnerabilities Exploit Title: NetCat CMS Code exec, SQL-injection Google Dork: none Date: 28.11.2010 Author: brainpillow Software Link: http://netcat.ru/ Version: UNKNOWN On different versions of this software next vulnerabilities are availible:...
cFTP 0.1 - r80 Arbitrary File Upload
cFTP 0.1 - r80 Arbitrary File Upload Software Link: https://code.google.com/p/clients-oriented-ftp/downloads/list Version: 0.1 Tested on: linux // Vulnerable URL $url = 'http://url domain/cFTP/'; // The file to upload $filename = dirnameFILE.'/info.php'; $failext = array'php', 'pl'; $username =...
Adobe Reader 5.1 - XFDF Buffer Overflow (SEH)
Adobe Reader 5.1 - XFDF Buffer Overflow SEH Exploit Title: Adobe Reader 5.1 XFDF Buffer Overflow Vulnerability SEH Google Dork: N/A or filtype ".xfdf" Date: 04/01/2011 Author: [email protected] / http://extraexploit.blogspot.com Software Link: http://www.oldversion.com/download/acrobat51.exe...
ICONICS WebHMI - ActiveX Stack Overflow
ICONICS WebHMI - ActiveX Stack Overflow , , . .' '. ', . , '. , ., , / / / \ \ ==/ /\ \ / / \ / \ / / | \ \ Y Y \ / /| / \ /||| / / /.-. / /:wq x.0 '=.|w|.=' ='"=. presents.. ICONICS WebHMI ActiveX Stack Overflow Vendor Link: http://www.iconics.com/ PDF:...
Dream Vision Technologies Web Portal - SQL Injection
Dream Vision Technologies Web Portal - SQL Injection Title : Dream Vision Technologies SQL Injection Vulnerability Author: eXeSoul Home : 1337day.com or www.indishell.in /www.andhrahackers.com Email : [email protected] date : 6/04/2011 d0rk:- Developed and Managed by Dream Vision Technologies Pvt...
Monkeys Audio - .ape Remote Buffer Overflow
Monkeys Audio - .ape Remote Buffer Overflow source: https://www.securityfocus.com/bid/46887/info Monkeyâ??s Audio is prone to a stack-based buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied data. Successfully exploiting this issue...
PHP Exif Extension - exif_read_data() Remote Denial of Service
PHP Exif Extension - exifreaddata Remote Denial of Service Source: http://permalink.gmane.org/gmane.comp.security.oss.general/4198 ===================================================================== PHP Exif 64bit Casting Vulnerability...
Openfire 3.6.4 - Multiple Cross-Site Request Forgery Vulnerabilities
Openfire 3.6.4 - Multiple Cross-Site Request Forgery Vulnerabilities Title: Multiple CSRF Vulnerabilities in Openfire 3.6.4 Administrative Section ------------------------------------------------------------------------ ------------------------------------------------------------------------ --...
MetInfo 3.0 - FCKeditor Arbitrary File Upload
MetInfo 3.0 - FCKeditor Arbitrary File Upload Exploit Title: MetInfo 3.0 fckeditor File Upload Exploit Date: 02-11-2010 Author: sh3n Software Link: http://www.metinfo.cn/upload/file/metinfo3.0.zip Version: 3.0 Tested on: BT4 Ubuntu, Windows 7 Ultimate Exploit:...
Zoopeer 0.10.2 - FCKeditor Arbitrary File Upload
Zoopeer 0.10.2 - FCKeditor Arbitrary File Upload ============================================================= Zoopeer 0.1 & 0.2 fckeditor Zoopeer Shell Upload Vulnerability ============================================================= Exploit Title: Zoopeer 0.1 & 0.2 fckeditor Date: 27-10-2010...
GeekLog 1.7.0 - FCKeditor Arbitrary File Upload
GeekLog 1.7.0 - FCKeditor Arbitrary File Upload db 88 88 ,ad8888ba, d88b 88 88 d8"' "8b d8'8b 88 88 d8' d8' 8b 88aaaaaaaa88 88 d8YaaaaY8b 88""""""""88 88 88888 d8""""""""8b 88 88 Y8, 88 d8' 8b 88 88 Y8a. .a88 d8' 8b 88 88 "Y88888P" Exploit Title: Geeklog Date: 18-10-2010 Author: Kubanezi AHG...
Microsoft Excel - SxView Record Parsing Heap Memory Corruption
Microsoft Excel - SxView Record Parsing Heap Memory Corruption ''' | / |/ \ /\ | | | | \ | \ / | | | | / \ | | | | | | | |/| | | | |/ /\ | | | | day 29 binary analysis | | | | || / \ || | | | || ||// \/|/ ''' Title : Microsoft Excel SxView Record Parsing Heap Memory Corruption Version : Excel...
Adobe Acrobat and Reader - pushstring Memory Corruption
Adobe Acrobat and Reader - pushstring Memory Corruption ''' | / |/ \ /\ | | | | \ | \ / | | | | / \ | | | | | | | |/| | | | |/ /\ | | | | ' + self.eol else: self.content += self.eol + data + self.eol self.content += 'endobj' + self.eol def objSWFStreamself, objnum, data, stream:...
dompdf 0.6.0 beta1 - Remote File Inclusion
dompdf 0.6.0 beta1 - Remote File Inclusion ================================== apps dompdf RFI Vulnerability ================================== ==================================================== x ExpL0it TitLe : apps dompdf RFI Vulnerability x DatE : 01 September 2010 x AutH0r : AndreCorleone x...
Joomla! Component com_zina - SQL Injection
Joomla! Component comzina - SQL Injection Exploit Title: Joomla Component comzina SQL Injection Vulnerability Date: 21-08-2010 Author: Th3 RDX Software Link:http://www.pancake.org/zina/ Version: 2.x Tested on: Demo Site category: webapp Code : n/a...
Microsoft Windows - nt!SeObjectCreateSaclAccessBits() Missed ACE Bounds Checks (MS10-047)
Microsoft Windows - nt!SeObjectCreateSaclAccessBits Missed ACE Bounds Checks MS10-047 Microsoft Windows nt!SeObjectCreateSaclAccessBits missed ACE bounds checks ---------------------------------------------------------------------------- CVE-2010-1890 An ACE is an Access Control Entry, of which...
Joomla! Component com_qcontacts - SQL Injection
Joomla! Component comqcontacts - SQL Injection Exploit Title: Joomla Component QContacts comqcontacts - SQL Injection Vulnerability Date: 12, July 2010 Author: mlk Software Link: http://bugsec.googlecode.com/files/Joomlacomqcontacts.zip Version: 1.0.4 and previous Tested on: all OS CVE : 0 Code :...
PHPaaCMS 0.3.1 - show.php?id SQL Injection
PHPaaCMS 0.3.1 - show.php?id SQL Injection Exploit Title: phpaaCms show.php?id= SQL injection Vulnerable Software http://www.phpaa.cn Tested on: win 7 category: webapp Code : n/a +++++++++++++++++++++++++++++++++++++++++++++++++++++++ MWUHH TO Bl00dMafia: KashmiriMafia, Mirpuri, Mirzatun: gula,...
Eyeland Studio Inc. - game.php SQL Injection
Eyeland Studio Inc. - game.php SQL Injection Eyeland Studio Inc. game.php SQL Injection Vulnerability Author : CoBRa21 Script Home : http://www.eyeland.com/ Dork : "Eyeland Studio Inc. All Rights Reserved." inurl:game.php SQL Injection:...