41207 matches found
AOL SuperBuddy - ActiveX Control Remote Code Execution (Metasploit)
AOL SuperBuddy - ActiveX Control Remote Code Execution Metasploit require 'msf/core' module Msf class Exploits::Windows::Browser::AOLSuperBuddyLinkSBIcons 'AOL Sb.Superbuddy vulnerability', 'Description' = %q This module exploits a flaw in AOL Sb.SuperBuddy. We stole this code from a pre-existing...
XOOPS Module MyAds Bug Fix 2.04jp - index.php SQL Injection
XOOPS Module MyAds Bug Fix 2.04jp - index.php SQL Injection !/usr/bin/perl Script Name: Xoops Module MyAds Bug Fix : "; $dir = ; chop $dir; if $dir = /exit/ print "-- Exploit FailedYou Are Exited \n"; exit; if $dir = /// else print "-- Exploit FailedNo DIR \n"; exit; $target =...
Activist Mobilization Platform (AMP) 3.2 - Remote File Inclusion
Activist Mobilization Platform AMP 3.2 - Remote File Inclusion \ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /\ / / / / / .OR.ID ECHOADV71$2007 --------------------------------------------------------------------------- ECHOADV71$2007 AMP v3.2 basepath Remote File Inclusion...
Mozilla Firefox 2.0.0.2 - Document.Cookie Path Argument Denial of Service
Mozilla Firefox 2.0.0.2 - Document.Cookie Path Argument Denial of Service source: https://www.securityfocus.com/bid/22879/info Mozilla Firefox is prone to a remote denial-of-service vulnerability. An attacker may exploit this vulnerability to cause Mozilla Firefox to crash, resulting in...
otscms 2.1.5 - SQL Injection Cross-Site Scripting
otscms 2.1.5 - SQL Injection Cross-Site Scripting Coding 4 Fun Name = OTSCMS 2.1.5 by Wrzasq http://otscms.com ; Class = Sql Injection / XSS ; Download = http://sourceforge.net/project/showfiles.php?groupid=145557 ; Found by = GregStar gregstaratc4f.pl http://c4f.pl ;...
Xero Portal - phpbb_root_path Remote File Inclusion
Xero Portal - phpbbrootpath Remote File Inclusion C XORON - 2007 Bug name: Xero Portal v1.2 phpbbrootpath Local File Include Vulnerablity Script Name: Xero Portal v1.2 Wrong Codes: require$phpbbrootpath . 'includes/bbcode.'.$phpEx; Exploit:...
KDPics 1.111.16 - index.php3?categories Cross-Site Scripting
KDPics 1.111.16 - index.php3?categories Cross-Site Scripting source: https://www.securityfocus.com/bid/21515/info KDPics is prone to multiple input-validation vulnerabilities, including cross-site scripting and remote file-include issues, because the application fails to sanitize user-supplied...
Liberum Help Desk 0.97.3 - SQL Injection
Liberum Help Desk 0.97.3 - SQL Injection Title : Liberum Help Desk All Password Changed to "kro" """"""""""""""""""""" ajann,Turkey ... Im not Hacker! milw0rm.com 2006-11-25...
2020 Applications Data Shed 1.0 - f-email.asp?itemID SQL Injection
2020 Applications Data Shed 1.0 - f-email.asp?itemID SQL Injection source: https://www.securityfocus.com/bid/21156/info 20/20 DataShed is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these...
phpBB Spider Friendly Module 1.3.10 - Remote File Inclusion
phpBB Spider Friendly Module 1.3.10 - Remote File Inclusion !/usr/bin/php -q -d shortopentag=on | | \\ | | | | | | \ //----------------------- | DEVIL TEAM - POLISH TEAM \/ http://www.rahim.webd.pl/ . .\ . \ / | | ||/ | || / \ | \ / /\ | | / | \ \ | |/ \ / \ | \ | || | | | | \ | / //\ |...
OpenSSL SSLv2 - Null Pointer Dereference Client Denial of Service
OpenSSL SSLv2 - Null Pointer Dereference Client Denial of Service source: https://www.securityfocus.com/bid/20246/info OpenSSL is prone to a denial-of-service vulnerability. A malicious server could cause a vulnerable client application to crash, effectively denying service. !/usr/bin/perl...
PBLang 4.66z - temppath Remote File Inclusion
PBLang 4.66z - temppath Remote File Inclusion ============================================================================================== Software PBLang = v4.66z temppath Remote File Inclusion Exploit...
Vivvo Article Manager 3.2 - classified_path File Inclusion
Vivvo Article Manager 3.2 - classifiedpath File Inclusion MercilessTurk [email protected] App Name: phpWordPress Vivvo Article Manager App Author: vivvo.net App Version: =3.2 Vulnerable Code in HTMLfunction.php function HTMLCategoryMenu : line 51:...
myEvent 1.21.3 - myevent.php Remote File Inclusion
myEvent 1.21.3 - myevent.php Remote File Inclusion source: https://www.securityfocus.com/bid/19246/info myEvent is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include arbitrary remote files containin...
Microsoft Internet Explorer - createTextRang Remote (Metasploit)
Microsoft Internet Explorer - createTextRang Remote Metasploit This file is part of the Metasploit Framework and may be redistributed according to the licenses defined in the Authors field below. In the case of an unknown or missing license, this file defaults to the same license as the core...
RealPlayer 10.5 (6.0.12.1040-1348) - SWF Buffer Overflow (PoC)
RealPlayer 10.5 6.0.12.1040-1348 - SWF Buffer Overflow PoC !/usr/bin/perl RealPlayer: Buffer overflow vulnerability / PoC CVE-2006-0323 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0323 RealNetworks Advisory http://service.real.com/realplayer/security/03162006player/en/ Federico L. Boss...
Web Host Automation Ltd. Helm 3.2.10 Beta - default.asp Multiple Cross-Site Scripting Vulnerabilities
Web Host Automation Ltd. Helm 3.2.10 Beta - default.asp Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/17263/info Helm is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize...
EnterpriseGS 1.0 rc4 - Remote Command Execution
EnterpriseGS 1.0 rc4 - Remote Command Execution works against PHP5 usage: launch from Apache, fill in requested fields, then go! Sun-Tzu: "Thus the energy developed by good fighting men is as the momentum of a round stone rolled down a mountain thousands of feet in height. So much on the subject ...
Web Host Automation Ltd. Helm 3.2.8 - ForgotPassword.asp Cross-Site Scripting
Web Host Automation Ltd. Helm 3.2.8 - ForgotPassword.asp Cross-Site Scripting source: https://www.securityfocus.com/bid/16234/info Helm is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may...
AppServ Open Project 2.4.5 - Remote File Inclusion
AppServ Open Project 2.4.5 - Remote File Inclusion source: https://www.securityfocus.com/bid/16166/info AppServ Open Project is prone to a remote file include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this...
PHPBook 1.x - Mail Field PHP Code Injection
PHPBook 1.x - Mail Field PHP Code Injection source: https://www.securityfocus.com/bid/16106/info phpBook is prone to a vulnerability that may let remote attackers inject arbitrary PHP code into the application. This code may then be executed by visiting pages that include the injected code. E-mai...
Limbo 1.0.4.2 - _SERVER[REMOTE_ADDR] Remote Command Execution
Limbo 1.0.4.2 - SERVERREMOTEADDR Remote Command Execution this works wtih registerglobals off & regardless of magicquotesgpc settings usage: launch from Apache, fill in requested fields, then go! Sun-Tzu: "Humble words and increased preparations are signs that the enemy is about to advance. Viole...
SoftBiz B2B trading Marketplace Script 1.1 - products.php?cid SQL Injection
SoftBiz B2B trading Marketplace Script 1.1 - products.php?cid SQL Injection source: https://www.securityfocus.com/bid/15652/info Softbiz B2B Trading Marketplace is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize...
Virtools Web Player 3.0.0.100 - Buffer Overflow (Denial of Service) (PoC)
Virtools Web Player 3.0.0.100 - Buffer Overflow Denial of Service PoC / by Luigi Auriemma / include include include include ifdef WIN32 include typedef unsigned char uchar; typedef unsigned int uint; define ftruncate chsize else include include endif define VER "0.1" define SIGN "Nemo" define FIL...
Mozilla Browsers - 0xAD (HOST:) Remote Heap Buffer Overrun (2)
Mozilla Browsers - 0xAD HOST: Remote Heap Buffer Overrun 2 / SSSSSSS, SSSSSSS' PwnZilla 5 - One sploit fits all. FireFox optimized iSY iS; .sS Exploit for IDN host name heap buffer overrun in .SSSSSSS .sS Mozilla browsers FireFox, Mozilla and Netscape iS; .sS Copyright C 2003-2005 by Berend-Jan...
Wireless Tools 26 (IWConfig) - Local Privilege Escalation
Wireless Tools 26 IWConfig - Local Privilege Escalation // if the iwconfig executable is setuid /str0ke include include include include / 45 Byte /bin/sh http://www.milw0rm.com/id.php?id=1169 https://www.exploit-db.com/exploits/1169/ / char shellcode= "\x31\xc0\x31\xdb\x50\x68\x2f\x2f"...
DameWare Mini Remote Control 4.0 4.9 - Client Agent Remote Overflow
DameWare Mini Remote Control 4.0 4.9 - Client Agent Remote Overflow / / / / / / / / \ / / // / / / / // // / / / .// //// ///====================== DameWare Mini Remote Control Client Agent Service Another Pre-Authentication Buffer Overflow By Jackson Pollocks No5 www.jpno5.com Summary...
Multiple OS (Win32AixCisco) - Crafted ICMP Messages Denial of Service (MS05-019)
Multiple OS Win32AixCisco - Crafted ICMP Messages Denial of Service MS05-019 / HOD-icmp-attacks-poc.c: 2005-04-15: PUBLIC v.0.2 Copyright c 2004-2005 houseofdabus. MS05-019 CISCO:20050412 ICMP attacks against TCP Proof-of-Concept .:: houseofdabus ::. for more details:...
Apple Mac OSX 10.3.x - Multiple Vulnerabilities
Apple Mac OSX 10.3.x - Multiple Vulnerabilities // source: https://www.securityfocus.com/bid/12863/info Multiple security vulnerabilities are reported to affect Apple Mac OS X. These issues were disclosed in the referenced vendor advisory. Insecure permissions are reported to be set on certain...
Microsoft Windows XP2003 - Remote Denial of Service
Microsoft Windows XP2003 - Remote Denial of Service / Added Line 1 - BSDSOURCE!!!! /str0ke / define BSDSOURCE include include include include include include include include include include include / Windows Server 2003 and XP SP2 remote DoS exploit Tested under OpenBSD 3.6 at WinXP SP 2 Vuln by...
Linux Kernel 2.4 - uselib() Local Privilege Escalation (2)
Linux Kernel 2.4 - uselib Local Privilege Escalation 2 / EDB Note: There's is an updated version https://www.exploit-db.com/exploits/895/ / / Linux kernel 2.4 uselib privilege elevation exploit. original exploit source from http://isec.pl reference:...
Invision Power Board (IP.Board) 1.3.1 - Design Error
Invision Power Board IP.Board 1.3.1 - Design Error IP.Board Design Error Vendor: Invision Power Services Product: IP.Board Version: = 1.3.1 Website: http://www.invisionpower.com/ BID: 10559 Description: Invision Power Board IPB is a professional forum system that has been built from the ground up...
OpenBB 1.0.6 - Multiple Vulnerabilities
OpenBB 1.0.6 - Multiple Vulnerabilities OpenBB Multiple Vulnerabilities Vendor: OpenBB Group Product: OpenBB Version: getrow; $ftype = $querytype-field'type'; As we can se...
Monit 4.2 - Remote Buffer Overflow
Monit 4.2 - Remote Buffer Overflow / THE EYE ON SECURITY RESEARCH GROUP - INDIA www eos-india net poc 305monit.c Remote Root Exploit for Monit include include include include define BUFFSIZE 2048 define PADDING 40 define EXPSIZE 256+4+PADDING define MAXARCH 2 struct eos char arch; unsigned long...
Microsoft Windows XP2000 - showHelp .CHM File Execution (MS03-004)
Microsoft Windows XP2000 - showHelp .CHM File Execution MS03-004 source: https://www.securityfocus.com/bid/9320/info Microsoft Windows is prone to a security flaw in the implementation of the showHelp function. Microsoft previously released patches that provide security measures to prevent abuse ...
Epic 1.0.11.0.x - CTCP Nickname Server Message Buffer Overrun
Epic 1.0.11.0.x - CTCP Nickname Server Message Buffer Overrun // source: https://www.securityfocus.com/bid/8999/info A remotely exploitable buffer overrun has been reported in Epic. This issue may reportedly be exploited by a malicious server that supplies an overly long nickname in a CTCP...
Snort 1.9.1 - p7snort191.sh Remote Command Execution
Snort 1.9.1 - p7snort191.sh Remote Command Execution !/bin/sh p7snort191.sh by truff [email protected] Snort 1.9.1 and below remote exploit Tested on Slackware 8.0 with Snort 1.9.1 from sources Usage: 1/ Launch a listening netcat to listen for the shell nc -p 45295 -l 2/ p7snort119.sh yourIP...
InstaBoard 1.3 - index.cfm SQL Injection
InstaBoard 1.3 - index.cfm SQL Injection source: https://www.securityfocus.com/bid/7338/info It has been reported that multiple input validation errors exist in the index.cfm file included with InstaBoard. Because of this issue, remote attackers may launch SQL injection attacks through the...
Sendmail 8.12.6 - Compromised Source Backdoor
Sendmail 8.12.6 - Compromised Source Backdoor source: https://www.securityfocus.com/bid/5921/info Reportedly, the server hosting sendmail, ftp.sendmail.org, was compromised recently. It has been reported that the intruder made modifications to the source code of sendmail to include Trojan Horse...
Cisco CBOS 2.x - Broadband Operating System TCPIP Stack Denial of Service
Cisco CBOS 2.x - Broadband Operating System TCPIP Stack Denial of Service source: https://www.securityfocus.com/bid/4815/info Cisco Broadband Operating System CBOS is the operating system used on Cisco 600 series routers. When the CBOS TCP/IP stack is forced to process a high number of unusually...
Critical Path InJoin Directory Server 4.0 - File Disclosure
Critical Path InJoin Directory Server 4.0 - File Disclosure source: https://www.securityfocus.com/bid/4718/info Critical Path provides an LDAP Lightweight Directory Access Protocol Directory Server called InJoin. InJoin Directory Server is provided for Microsoft Windows operating systems and Unix...
National Instruments LabVIEW 5.1.16.06.1 - HTTP Request Denial of Service
National Instruments LabVIEW 5.1.16.06.1 - HTTP Request Denial of Service source: https://www.securityfocus.com/bid/4577/info A vulnerability has been reported in some versions of National Instruments LabVIEW for Linux and Microsoft Windows. LabVIEW includes an integrated HTTP server. If a...
Amtote Homebet - Account Information Brute Force
Amtote Homebet - Account Information Brute Force source: https://www.securityfocus.com/bid/3371/info Homebet is an internet based betting application that is developed by Amtote International. A vulnerability exists in Homebet which could enable a non-registered user to confirm the validity of...
Sun SunVTS 4.x - PTExec Buffer Overflow
Sun SunVTS 4.x - PTExec Buffer Overflow source: https://www.securityfocus.com/bid/2898/info SunVTS is the Sun Validation Test Suite, distributed and maintained by Sun Microsystems. The SunVTS is used to test various components of OEM Sun hardware, and can also be used to stress-test components an...
News Update 1.1 - Change Admin Password
News Update 1.1 - Change Admin Password / newsexp.c - description ------------------- begin : Sat Oct 21 2000 copyright : C 2000 by Morpheusbd email : [email protected] advisory : www.brightdarkness.de Exploit code for the News Update 1.1 by Morpheusbd For more information see my advisory which...
McMurtreyWhitaker Associates Cart32 3.03.13.5 - Full Path Disclosure
McMurtreyWhitaker Associates Cart32 3.03.13.5 - Full Path Disclosure source : https://www.securityfocus.com/bid/1932/info Cart32 is a shopping cart application for e-commerce enabled sites. Cart32 contains a vulnerability which reveals server information. Requesting a specially crafted URL, by wa...
LBL Traceroute 1.4 a5 - Heap Corruption (1)
LBL Traceroute 1.4 a5 - Heap Corruption 1 // source: https://www.securityfocus.com/bid/1739/info Traceroute is a well-known network diagnostic tool used for analyzing the path on a network between two hosts. On unix systems, traceroute is typically installed setuid root because of its use of raw...
RobTex Viking Server 1.0.6 Build 355 - Remote Buffer Overflow
RobTex Viking Server 1.0.6 Build 355 - Remote Buffer Overflow // source: https://www.securityfocus.com/bid/1614/info A number of unchecked buffers exists in Robotex Viking Server. This enables a malicious user to either crash the application or execute arbitrary code, depending on the data...
Tomcat 3.03.1 Snoop Servlet - Information Disclosure
Tomcat 3.03.1 Snoop Servlet - Information Disclosure source: https://www.securityfocus.com/bid/1532/info A vulnerability exists in the snoop servlet portion of the Tomcat package, version 3.1, from the Apache Software Foundation. Upon hitting an nonexistent file with the .snp extension, too much...
RedHat 6.2 Piranha Virtual Server Package - Default Account and Password
RedHat 6.2 Piranha Virtual Server Package - Default Account and Password source: https://www.securityfocus.com/bid/1148/info A default username and password has been discovered in the Piranha virtual server and load balancing package from RedHat. Version 0.4.12 of the piranha-gui program contains...