41207 matches found
e107 0.7.21 full - Remote File Inclusion Cross-Site Scripting
e107 0.7.21 full - Remote File Inclusion Cross-Site Scripting ======================================================================= e107 0.7.21 full Mullti RFI/XSS Vulnerabilities =======================================================================...
interuse Website Builder design - index2.php SQL Injection
interuse Website Builder design - index2.php SQL Injection ------------------------------------------------------------------------------------------- interuse Website Builder & design index2.php SQL Injection Vulnerability...
Alibaba Clone Platinum - buyerindex.php SQL Injection
Alibaba Clone Platinum - buyerindex.php SQL Injection Title: Alibaba Clone Platinum buyer/index.php SQL Injection Vulnerability Author: GuN Published: 2010-14-05 Verified: yes ........../¯¯/.................\¯¯.......... ........./¯.//....................\.¯...
Microsoft Windows - SMB2 Negotiate Protocol 0x72 Response Denial of Service
Microsoft Windows - SMB2 Negotiate Protocol 0x72 Response Denial of Service !/usr/bin/python === EDIT – this exploit appears to be exactly the same one of one which was already found and fixed notified by Laurent Gaffié, i did not know this but his blog post can be found here:...
IDEAL Administration 2010 10.2 - Local Buffer Overflow
IDEAL Administration 2010 10.2 - Local Buffer Overflow !/usr/bin/env python IDEAL Administration 2010 v10.2 Local Buffer Overflow Exploit Found By: DrIDE Usage: Migrate - Open Migration Project - Bind Shell Download: www.pointdev.com Tested On: Windows XPSP3 windows/shellbindtcp - 696 bytes...
Alstrasoft AskMe Pro 2.1 - que_id SQL Injection
Alstrasoft AskMe Pro 2.1 - queid SQL Injection / / / \ \ \ \ \ / / \\ \ \ \ \ // /// \ \ / / \ //|\ / \ \ \ \ \ \ / / \ \ / / \ | | | \ | | || | | |/ / \ V / || |\ V / / \ | / \ | /| | | || / | | | | . | ' || / | || // \ // \|||/|||||||||\ .WEB.ID...
EasyFTP Server 1.7.0.2 - CWD Buffer Overflow (Metasploit)
EasyFTP Server 1.7.0.2 - CWD Buffer Overflow Metasploit Exploit Title: EasyFTP Server 'EasyFTP Server %q This module exploits a stack-based buffer overflow in EasyFTP Server 1.7.0.2. EasyFTP fails to check input size when parsing 'CWD' commands, which allows for easy stack based buffer overflow...
Avtech Software - ActiveX avc781viewer.dll Multiple Vulnerabilities
Avtech Software - ActiveX avc781viewer.dll Multiple Vulnerabilities Title: AVTECH Software AVC781Viewer.dll ActiveX Multiple Remote Vulnerabilities Vendor: AVTECH Software, Inc. Product Web Page: http://www.avtech.com Summary: AVTECH Software, a private corporation founded in 1988, is a computer...
Tembria Server Monitor 5.6.0 - Denial of Service
Tembria Server Monitor 5.6.0 - Denial of Service !/usr/bin/python Exploit Title : Tembria Server Monitor 5.6.0 CVE-ID : CVE-2010-1316 Date : April 9, 2010 Author : Lincoln Software Link : http://www.tembria.com/ Version : 5.6.0 OS : Windows Tested on : XP SP3 En VirtualBox Type of vuln : Remote D...
Media Player classic StatsReader - .stats Stack Buffer Overflow (PoC)
Media Player classic StatsReader - .stats Stack Buffer Overflow PoC ! /usr/bin/python Media Player classic StatsReader .stats file stack buffer Overflow poc Software Link: http://mpc-hc.sourceforge.net/download-media-player-classic-hc.html Tested in : Windows XP SP3 Credit : ItSecTeam mail :...
DZ Auktionshaus V4.rgo - id news.php?SQL Injection
DZ Auktionshaus V4.rgo - id news.php?SQL Injection ----------------------------Information------------------------------------------------ +Name : DZ Auktionshaus "V4.rgo" id news.php SQL Injection +Autor : Easy Laster +Date : 08.03.2010 +Script : DZ Auktionshaus "V4.rgo" +Price : 99,99€ +Languag...
TinyMCE WYSIWYG Editor - Multiple Vulnerabilities
TinyMCE WYSIWYG Editor - Multiple Vulnerabilities + Vurnerebility: Js tinymce/tinymce WYSIWYGjava script vurnerebility xss--popup & SQl implemented + Language : Java--,Xml + lisences : LGPL + Vendor : Moxiecode Systems AB + support : IE7J0/IE6.0/NS8.1-IE/NS8.1-G/FF2.0/O9.02; + Category : bug repo...
Ingres Database 9.3 - Heap Buffer Overflow
Ingres Database 9.3 - Heap Buffer Overflow source: https://www.securityfocus.com/bid/38001/info Ingres Database is prone to a heap-based buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied data. Attackers can exploit this issue to execu...
Soft Direct 1.05 - Multiple Vulnerabilities
Soft Direct 1.05 - Multiple Vulnerabilities ======================================================================================== | Title : Soft Direct v1.05 Multti Vulnerability | Author : indoushka | email : [email protected] | Home : www.iq-ty.com/vb | Script Home :...
Pay Per Minute Video Chat Script 2.02.1 - Multiple Vulnerabilities
Pay Per Minute Video Chat Script 2.02.1 - Multiple Vulnerabilities ? ?????????????????????????In The Name Of Allah The Mercifull?????????????????????? ? Tybe: suffer from multi XSS Vulnerability Vendor: payperviewvideosoftware.com ? Software : Pay Per Minute Video Chat Script V 2.1 - pR!CE :...
Quiz - Cross-Site Scripting
Quiz - Cross-Site Scripting ======================================================================================== | Title : quiz Cross Site Scripting Vulnerability | | Author : indoushka | | email : [email protected] | | Home : Souk Naamane - 04325 - Oum El Bouaghi - Algeria -0021377181886...
Best Top List - Cross-Site Scripting
Best Top List - Cross-Site Scripting ======================================================================================== | Title : Best Top List Cross Site Scripting Vulnerability | | Author : indoushka | | email : [email protected] | | Home : Souk Naamane - 04325 - Oum El Bouaghi -...
Pandora FMS Monitoring Application 2.1.x 3.x - SQL Injection
Pandora FMS Monitoring Application 2.1.x 3.x - SQL Injection PenTest Information: ==================== GESEC Teamsmash & rem0ve discover a SQL Injection Vulnerability on Pandora FMS Monitoring Software. Attackers can manipulate the application DBMS over a remote sql-injection vulnerability. Detai...
Sitecore Staging Module 5.4.0 - Authentication Bypass File Manipulation
Sitecore Staging Module 5.4.0 - Authentication Bypass File Manipulation SEC Consult Security Advisory ========================================================================== title: Authentication bypass and file manipulation in Sitecore Staging Module products: Sitecore Staging Module vulnerab...
Kaspersky Lab (Multiple Products) - Local Privilege Escalation
Kaspersky Lab Multiple Products - Local Privilege Escalation ShineShadow Security Report 16122009-15 TITLE Kaspersky Lab Multiple Products Local Privilege Escalation Vulnerability BACKGROUND Due to its high level of professionalism and dedication, Kaspersky Lab has become a market leader in the...
Tender System 0.9.5b - Local File Inclusion
Tender System 0.9.5b - Local File Inclusion . . \ \ | | / | | / / || | | /\ \ / | |/ // \ / |/ \ \ \ | \ | | / \ | | \ | \ |\ /| || / / / / / / / / / ------------------------------------------------------------------------------------------- Note: TESTED LOCALLY WITH XAMPP FOR...
Joomla! Component com_jphoto - id SQL Injection
Joomla! Component comjphoto - id SQL Injection Joomla Component comjphoto SQL injection vulnerability - id Author : kaMtiEz [email protected] Homepage : http://www.indonesiancoder.com Date : december 9, 2009 Software Information + Vendor : http://www.corephp.com/ + About :...
redcat media - SQL Injection
redcat media - SQL Injection x==========================================x | AntiSecuritydotorg | x==========================================x x==========================================x | Title : redcat media inurl:index.php?contentId= SQL Injection Vulnerability | Vendor :...
Cisco ACE XML Gateway 6.0 - Internal IP Disclosure
Cisco ACE XML Gateway 6.0 - Internal IP Disclosure +----------------------------------------------------------------------- -+ | ....... | | ..''xxxxxxxxxxxxxxx'... | | ..'xxxxxxxxxxxxxxxxxxxxxxxxxxx.. | | ..'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx'. | | .'xxxxxxxxxxxxxxxxxxxxxxxxxxxx'''.......'. | |...
Elite Gaming Ladders 3.2 - platform SQL Injection
Elite Gaming Ladders 3.2 - platform SQL Injection -------------------------------------------------------- Elite Gaming Ladders v3.2 Remote SQL Injection Vulnerability -------------------------------------------------------- Discovered By: Snakespc ALGERIAN HaCkEr Mail: [email protected]...
Open Auto Classifieds 1.5.9 - Multiple Vulnerabilities
Open Auto Classifieds 1.5.9 - Multiple Vulnerabilities MorningStar Security - Advisory http://www.morningstarsecurity.com/ Multiple security issues in Open Auto Classifieds 1. Advisory Information ---------------------------------------------------------------------------------------------- Title...
Avast! 4.8.1335 Professional - Kernel Local Buffer Overflow
Avast! 4.8.1335 Professional - Kernel Local Buffer Overflow include include include include include include / Program : avast! 4.8.1335 Professionnel Homepage : http://www.avast.com Discovery : 2009/07/29 Author Contacted : 2009/07/31 Found by : Heurs This Advisory : Heurs Contact :...
Joomla! Component com_pms 2.0.4 - Ignore-List SQL Injection
Joomla! Component compms 2.0.4 - Ignore-List SQL Injection PMS Enhanced-Config Tab: Backend - Ingorlist: Yes Create a valid User on the target Joomla 1.0.15 System with Community Builder, login and copy the cookieinformation into the $cookie var below, adjust the User-Agent on your Post Header...
XOOPS 2.3.3 - .htaccess Remote File Disclosure
XOOPS 2.3.3 - .htaccess Remote File Disclosure ======================================================================== XOOPS = 2.3.3 Remote Arbitrary File Retrieval ======================================================================== Affected Software : XOOPS = 2.3.3 Author : Luca "daath" De...
Joomla! Component Akobook 2.3 - gbid SQL Injection
Joomla! Component Akobook 2.3 - gbid SQL Injection Joomla Component comakobook Vulnerability ---------------------------------------------------------------------- + Author : Ab1i + Email : [email protected] + Dork : inurl:index.php?option=comakobook Example:...
kloxo 5.75 - Multiple Vulnerabilities
kloxo 5.75 - Multiple Vulnerabilities Who : http://lxlabs.com What : kloxo "Kloxo Previously Lxadmin The most flexible software on this planet. From Kloxo HostInaBox, World's lightest and the most efficient webhosting platform, to Kloxo Enterprise, which can manage 100s of thousands of domains on...
Online Grades Attendance 3.2.6 - Blind SQL Injection
Online Grades Attendance 3.2.6 - Blind SQL Injection !/usr/bin/perl || || || -----------------------------------------\ == -- ----------- ---------------------------- ------------------/ ¡VIVA SPAIN!...¡GANAREMOS EL MUNDIAL!...o.O ¡PROUD TO BE SPANISH!...
Apple Safari - RSS feed: Buffer Overflow via libxml2 (PoC)
Apple Safari - RSS feed: Buffer Overflow via libxml2 PoC !/usr/bin/ruby Quick-n-dirty PoC for APPLE-SA-2009-05-12 ala CVE-2008-3529 Safari RSS feed:// buffer overflow via libxml2 by KF of Digitalmunition and Netragard http://www.digitalmunition.com , http://www.netragard.com The application...
KingSoft Web Shield 1.1.0.62 - Cross-Site Scripting Code Execution
KingSoft Web Shield 1.1.0.62 - Cross-Site Scripting Code Execution KingSoft Web Shield XSS and Remote Code Execution Vulnerability Found by inking Version test Just make a website with evil javascript codes, and browse the url shows above milw0rm.com 2009-05-19...
BolinTech DreamFTP Server 1.02 - users.dat Arbitrary File Disclosure
BolinTech DreamFTP Server 1.02 - users.dat Arbitrary File Disclosure !/usr/bin/perl -w This Bug Similar to others found By My Friend : Stack = so special Thanx So You Can Exploit Arbitrary File Disclosure From The Server == You can use Stack's Exploit To do That But This Exploit i will get Users ...
ablespace 1.0 - Cross-Site Scripting Blind SQL Injection
ablespace 1.0 - Cross-Site Scripting Blind SQL Injection riginal advisory: http://dsecrg.com/pages/vul/show.php?id=137 Digital Security Research Group DSecRG Advisory DSECRG-09-037 Application: AbleSpace Versions Affected: 1.0 Vendor URL: http://abk-soft.com/ Bugs: Multiple Blind SQL Injections,...
net2ftp 0.97 - Cross-Site Scripting Request Forgery
net2ftp 0.97 - Cross-Site Scripting Request Forgery =cicatriz ==advisories= / / / / // / / // / o / / .-/ =net2ftp = 0.97 Cross-Site Scripting/Request Forgery==/= == =Advisory & Vulnerability Information=== Title: net2ftp = 0.97 Cross-Site Scripting/Request Forgery Advisory ID: VUDO-2009-0804...
Sun Calendar Express Web Server - Denial of Service Cross-Site Scripting
Sun Calendar Express Web Server - Denial of Service Cross-Site Scripting Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ Multiple vulnerabilities in Sun Calendar Express Web Server 1. Advisory Information Title: Multiple vulnerabilities in Sun Calendar Express...
PHPizabi 0.8 - notepad_body SQL Injection
PHPizabi 0.8 - notepadbody SQL Injection source: https://www.securityfocus.com/bid/34223/info PHPizabi is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromi...
BusinessSpace 1.2 - id SQL Injection
BusinessSpace 1.2 - id SQL Injection \ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /\ / / / / / .OR.ID ECHOADV102$2009 ----------------------------------------------------------------------------------------- ECHOADV102$2009 BusinessSpace = 1.2 id Remote SQL Injection Vulnerability...
tadbook2 Module for XOOPS - open_book.php SQL Injection
tadbook2 Module for XOOPS - openbook.php SQL Injection source: https://www.securityfocus.com/bid/33196/info The tadbook2 module for XOOPS is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue...
Linux Kernel 2.6.27.8 - ATMSVC Local Denial of Service
Linux Kernel 2.6.27.8 - ATMSVC Local Denial of Service / cve-2008-5079.c Linux Kernel http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5079: net/atm/svc.c in the ATM subsystem in the Linux kernel 2.6.27.8 and earlier allows local users to cause a denial of service kernel infinite loop b...
Rapid Classified 3.1 - Database Disclosure
Rapid Classified 3.1 - Database Disclosure --------------------------------------------------------------------------- Script Name: Rapid Classified Version: v3.1 Google Dork: intext:©2003-2008 RC v3.1 Developed by: GA Soft Author: CoBRa21 My Web Site: www.ipbul.org...
Booking Centre 2.01 - HotelID SQL Injection
Booking Centre 2.01 - HotelID SQL Injection ----------------------------بسم الله الرØÙ…Ù† الرØÙŠÙ…------------------------------ Tybe: hotelhabitaciones.php HotelID Remote SQL Injection Vulnerability Vendor: www.bookingcentre.eu Software: Hotels Group author: Ñ3d D3v!L Date:...
Total Video Player - vcen.dll Remote Off-by-One Crash
Total Video Player - vcen.dll Remote Off-by-One Crash Total Video Player vcen.dll Remote Heap Overflow Crash By Cn4phux. Vendor: http://www.effectmatrix.com/ Risk : high The "" tag fail to handle long strings, which can lead to a Heap overflow in TVP. This bug can be remote or local, TVP parse an...
Simple Machines Forum (SMF) 1.1.6 - Code Execution
Simple Machines Forum SMF 1.1.6 - Code Execution URL: http://real.olympe-network.com/ Note: other versions are maybe vulnerable, not tested. SMF suffers from multiples vulnerabilities. Combining some of them, we can obtain a remote code execution on the remote host. I won't talk here about all of...
phpScheduleIt 1.2.10 - reserve.php Remote Code Execution
phpScheduleIt 1.2.10 - reserve.php Remote Code Execution settitletranslate"Processing $Class"; 53. $t-printHTMLHeader; 54. $t-startMain; 55. 56. processreservation$POST'fn'; 57. 58. else 59. $resinfo = getResInfo; 60. $t-settitle$resinfo'title'; 61. $t-printHTMLHeader; 62. $t-startMain; 63...
Postfix 2.6-20080814 - symlink Local Privilege Escalation
Postfix 2.6-20080814 - symlink Local Privilege Escalation !/bin/sh "rspocfix.sh" PoC for Postfix local root vulnerability: CVE-2008-2936 by Roman Medina-Heigl Hernandez a.k.a. RoMaNSoFt Tested: Ubuntu / Debian Madrid, 30.Aug.2008 Config writabledir=/tmp spooldir=/var/mail Use "postconf...
Belkin Wireless G Router ADSL2 Modem - Authentication Bypass
Belkin Wireless G Router ADSL2 Modem - Authentication Bypass html code to bypass the webinterface password protection of the Belkin wireless G router + adsl2 modem. It worked on model F5D7632-4V6 with upgraded firmware 6.01.08. Change dns nameservers ip's can't be the same Clear log file Change...
WordPress Plugin Download Manager 0.2 - Arbitrary File Upload
WordPress Plugin Download Manager 0.2 - Arbitrary File Upload WORDPRESS PLUGIN DOWNLOAD MANAGER 0.2 REMOTE FILE UPLOAD SaO BiyoSecurityTeam || www.biyosecurity.com Plugin URI: http://giulioganci.netsons.org/downloads-manager Local File milw0rm.com 2008-07-24...