41207 matches found
Microsoft Internet Explorer 678 - Memory Corruption
Microsoft Internet Explorer 678 - Memory Corruption Internet Explorer Memory Corruption 0day Vulnerability CVE-2010-3962 Tested on Windows XP SP3 IE6 IE7 IE8 Coded by Matteo Memelli ryujin at offsec.com http://www.offensive-security.com/0day/ie-0day.txt Thx to dookie at offsec.com notes : This is...
digiSHOP 2.0.2 - SQL Injection
digiSHOP 2.0.2 - SQL Injection ----------------------------------- TM | | | Y | | | | |. 1 ||||.| | | | |. | -|. |-' | |: | | |: | | |::.|:. | |::.| | --- ---' ---' | Private Place Of 0days | ----------------------------------- ^Exploit Title : ^Date : 23/7/2010 ^Vendor Site :...
Platinum SDK Library - POST UPnP sscanf Buffer Overflow (PoC)
Platinum SDK Library - POST UPnP sscanf Buffer Overflow PoC / -POC CODE Remote Buffer Overflow - ========================================================================= ! Exploit Title: Platinum SDK library post upnp sscanf buffer overflow !...
Novell iPrint Client Browser Plugin - call-back-url Remote Stack Overflow
Novell iPrint Client Browser Plugin - call-back-url Remote Stack Overflow ''' | / |/ \ /\ | | | | \ | \ / | | | | / \ | | | | | | | |/| | | | |/ /\ | | | | shellcode = unescape'%uc931%ue983%ud9de%ud9ee%u2474%u5bf4%u7381%u3d13%u5e46%u8395'+...
Microsoft Word 2007 SP2 - sprmCMajority Buffer Overflow
Microsoft Word 2007 SP2 - sprmCMajority Buffer Overflow ''' | / |/ \ /\ | | | | \ | \ / | | | | / \ | | | | | | | |/| | | | |/ /\ | | | | | | | | || / \ || | | | || ||// \/|/ http://www.exploit-db.com/moaub11-microsoft-office-word-sprmcmajority-buffer-overflow/...
DMXready Polling Booth Manager - SQL Injection
DMXready Polling Booth Manager - SQL Injection Author: L0rd CrusAd3r aka VSN [email protected] Exploit Title: DMXready Polling Booth Manager SQLi Vulnerability Vendor url:http://www.dmxready.com Version:1 Price:79$ Published: 2010-09-6 GThanx to:r0073r inj3ct0r.com, Sid3^effects, MaYur, MA120...
HP Insight Diagnostics Online Edition 8.4 - survey.php?category Cross-Site Scripting
HP Insight Diagnostics Online Edition 8.4 - survey.php?category Cross-Site Scripting source: https://www.securityfocus.com/bid/42888/info HP Insight Diagnostics Online Edition is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An...
PHP-Nuke 8.1 SEO Arabic - Remote File Inclusion
PHP-Nuke 8.1 SEO Arabic - Remote File Inclusion Exploit Title: PHP-Nuke-8.1-seo-Arabic Remote File Include Date: 12-8-2010 Author: LoSt.HaCkEr Software Link: http://scripts.bdr130.net/faile/PHP-Nuke-8.1-seo-Arabic.zip Version: v 8.1 Tested on: Windows XP CVE : هكر المسيب Contact:...
Joomla! Component healthstats - Persistent Cross-Site Scripting
Joomla! Component healthstats - Persistent Cross-Site Scripting Name : Joomla Health & Fitness Stats Persistent XSS Vulnerability Date : july 12,2010 Critical Level : HIGH vendor URL :http://joomla-extensions.instantiate.co.uk/jcomponents/healthstats Author : Sid3^effects aKa HaRi special thanks ...
Inout Ad server Ultimate - Arbitrary File Upload
Inout Ad server Ultimate - Arbitrary File Upload ============================================================== Inout Ad server Ultimate -- Shell upload Vulnerabilty ============================================================== Name : Inout Ad server Ultimate Shell upload Vulnerabilty Date : jul...
SasCam WebCam Server 2.6.5 - ActiveX Overwrite (SEH)
SasCam WebCam Server 2.6.5 - ActiveX Overwrite SEH 'SEH Overwrite exploited by Blake 'Original EIP method by callAX 'Tested on XP SP3/IE7 in virtualbox '$ nc 192.168.1.155 4444 'Microsoft Windows XP Version 5.1.2600 'C Copyright 1985-2001 Microsoft Corp. ' 'C:\Documents and Settings\blake\Desktop...
I-Net MLM Script Engine - SQL Injection
I-Net MLM Script Engine - SQL Injection 1 1 0 I'm Sid3^effects member from Inj3ct0r Team 1 1 0 0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1 Vendor Url : http://www.i-netsolution.com/ Google Dork: inurl:/jobsearchengine/ Author : Sid3^effects aKa HaRi special thanks to ...
Joomla! Component com_ybggal 1.0 - catid SQL Injection
Joomla! Component comybggal 1.0 - catid SQL Injection ----------------------------------------------------------------------- Joomla Component comybggal 1.0 catid SQL Injection Vulnerability ----------------------------------------------------------------------- Author : v3n0m Site :...
Yamamah Photo Gallery 1.00 - download.php Local File Disclosure
Yamamah Photo Gallery 1.00 - download.php Local File Disclosure |=---------------------------------------------------------------------------=| Yamamah Photo Gallery 1.00 download.php Local File Disclosure Vulnerability |=---------------------------------------------------------------------------...
fusebox - ProductList.cfm?CatDisplay SQL Injection
fusebox - ProductList.cfm?CatDisplay SQL Injection ----------------------------------------------------------------------------------------- AJSADVISORIES01&2010 fusebox ProductList.cfm?CatDisplay Remote SQL Injection Vulnerability...
PHP Gamepage - SQL Injection
PHP Gamepage - SQL Injection , | ,---. , . |---. ,---. ,---. ,---. ,---. ,---. , . , | --- | | | | | |---' | | | |---' | | | | ---' ---| ---' ---' ---' ---' ------ ---' V PHP Gamepage SQL Injection Vulnerability --== Author ==-- + Author : v4lc0m87 + Contact : valcom87atgmaildotcom + Group :...
Administrador de Contenidos - Admin Authentication Bypass
Administrador de Contenidos - Admin Authentication Bypass Administrador de Contenidos Admin Login Bypass vulnerability Prodcut: Administrador de Contenidos Home : www.DZ4All.cOm/Cc Vunlerability : Admin Bypass Risk : High Dork : "Diseño Web Hernest Consulting S.L." Discovred by: Ra3cH From :...
Ucenter Projekt 2.0 - Insecure crossdomain (Cross-Site Scripting)
Ucenter Projekt 2.0 - Insecure crossdomain Cross-Site Scripting ======================================================================================== | Title : Ucenter Projekt 2.0 Insecure crossdomain XSS Vulnerability | Author : indoushka | email : [email protected] | Home :...
clipak - Arbitrary File Upload
clipak - Arbitrary File Upload ======================================================================================== | Title : clipak Upload Vulnerability | Author : indoushka | email : [email protected] | Home : www.iqs3cur1ty.com/vb | Tested on: windows SP2 Français V.Pnx2 2.0 + Lunix...
Powered by iNetScripts - Arbitrary File Upload
Powered by iNetScripts - Arbitrary File Upload ==================================================== Powered by iNetScripts: Shell Upload Vulnerability ==================================================== Contact :Sec-q8 [email protected] Published: 2010-04-25 Home : http://Sec-Senter.com/vb...
Template Seller Pro 3.25 - tempid SQL Injection
Template Seller Pro 3.25 - tempid SQL Injection !/usr/bin/perl -w Template Seller Pro 3.25 tempid Remote SQL Injection Vulnerability Author : v3n0m Contact : v3n0m666atlivedotcom Site : http://yogyacarderlink.web.id/ Group : YOGYACARDERLINK Date : April, 23-2010 GMT +7:00 Jakarta, Indonesia...
Java Deployment Toolkit - Performs Insufficient Validation of Parameters
Java Deployment Toolkit - Performs Insufficient Validation of Parameters Java Deployment Toolkit Performs Insufficient Validation of Parameters ------------------------------------------------------------------------- Java Web Start henceforth, jws provides java developers with a way to let users...
Joomla! Component Agenda Address Book 1.0.1 - id SQL Injection
Joomla! Component Agenda Address Book 1.0.1 - id SQL Injection !/usr/bin/perl -w Joomla Component comagenda 1.0.1 id Remote SQL Injection Vulnerability Author : v3n0m Site : http://yogyacarderlink.web.id/ Group : YOGYACARDERLINK Date : April, 10-2010 INDONESIA Software : comagenda Version : 1.0.1...
Microsoft Internet Explorer Tabular Data Control - ActiveX Remote Code Execution
Microsoft Internet Explorer Tabular Data Control - ActiveX Remote Code Execution CVE : CVE-2010-0805 Trigger for ZDI-10-034 by ZSploit.com The ZSploit Team...
Lexmark Multiple Laser printers - Remote Stack Overflow
Lexmark Multiple Laser printers - Remote Stack Overflow Application: Lexmark Multiple Laser printer Remote Stack Overflow Platforms: Lexmark Multiple Laser printer Exploitation: Remote Exploitable CVE Number: CVE-2010-0619 Discover Date: 2010-01-06 Author: Francis Provencher Protek Research Lab's...
Subdreamer 3.0.1 - CMS upload
Subdreamer 3.0.1 - CMS upload ======================================================================================== | Title : Subdreamer.v3.0.1 cms upload Vulnerability | Author : indoushka | email : [email protected] | Home : www.h4kz.com | Web Site : | Dork : Website powered by Subdreame...
bispage - Bypass
bispage - Bypass Exploit Title: bispage Bypass Vulnerability Author: SaMir-BonD [email protected] Organization : TEAM-DZ Formal sites : t00ls.org - h4kz.com Software Link: N/A Script's Language: ASP Tested on: Windows PHP/4.3.11 os Dork :"Developed by Bispage.com" CVE : if exists Code : exploit cod...
SolarisOpen Solaris UCODE_GET_VERSION IOCTL - Denial of Service
SolarisOpen Solaris UCODEGETVERSION IOCTL - Denial of Service / cve-2010-0453.c -- Patroklos Argyroudis, argp at domain census-labs.com Denial of service kernel panic PoC exploit for the UCODEGETVERSION ioctl NULL pointer dereference vulnerability on Solaris/OpenSolaris:...
Samba 3.4.5 - Symlink Directory Traversal (Metasploit)
Samba 3.4.5 - Symlink Directory Traversal Metasploit source: https://www.securityfocus.com/bid/38111/info Samba is prone to a directory-traversal vulnerability because the application fails to sufficiently sanitize user-supplied input. Exploits would allow an attacker to access files outside of t...
Asp VevoCart Control System 3.0.4 - Database Disclosure
Asp VevoCart Control System 3.0.4 - Database Disclosure ======================================================================================== | Title : Asp VevoCart Control System Version 3.0.4 DB Download Vulnerability | Author : indoushka | email : [email protected] | Home : Souk Naamane...
Sun Java System Directory Server 7.0 - core_get_proxyauth_dn Denial of Service
Sun Java System Directory Server 7.0 - coregetproxyauthdn Denial of Service source: https://www.securityfocus.com/bid/37699/info Sun Java System Directory Server is prone to a denial-of-service vulnerability. An attacker can exploit this issue to crash the effected application, denying service to...
PPVChat - Multiple Vulnerabilities
PPVChat - Multiple Vulnerabilities andresg888 Exploit Title : Exotic-Cams --LFI & XSS-- Date : 2010-01-09 Author : andresg888 Vendor : http://www.ppvchat.com/ Contact : andresg8884tgmaildotcom Dork : No DoRk f0R ScRipT KiDDieS Example LFI: http://server/registration/model.php Example XSS: Go to...
Uguestbook - Database Disclosure
Uguestbook - Database Disclosure ======================================================================================== | Title : Asp Uguestbook DB Download Vulnerability | | Author : indoushka | | email : [email protected] | | Home : Souk Naamane - 04325 - Oum El Bouaghi - Algeria...
Joomla! Component com_mediaslide - Directory Traversal
Joomla! Component commediaslide - Directory Traversal Joomla Component commediaslide Directory Traversal Vuln author : Mr.tro0oqy from Yemen mail : [email protected] fuck 2 community college sanaa exp : http://server/components/commediaslide/viewer.php?path=/../.. dork :...
Smart ASPad - campaignEdit.asp?CCam Blind SQL Injection
Smart ASPad - campaignEdit.asp?CCam Blind SQL Injection ? ?????????????????????????In The Name Of Allah The Mercifull?????????????????????? ? Tybe:campaignEdit.asp CCam Blind SQL Injection Vulnerability Vendor: www.smartasp.net Software: Smart ASPad author: R3d-D3v!L Date: 17.dec.2009 T!ME: 3:03 ...
HMS HICP Protocol + Intellicom - NetBiterConfig.exe Remote Buffer Overflow
HMS HICP Protocol + Intellicom - NetBiterConfig.exe Remote Buffer Overflow More info http://reversemode.com/index.php?option=comcontent&task=view&id=65&Itemid=1 ----- 1st PART "HMS HICP Protocol" AFAIK there is no public documentation about this protocol, if not so please let me know and I'll...
oBlog - Persistent Cross-Site Scripting Cross-Site Request Forgery Admin Brute Force
oBlog - Persistent Cross-Site Scripting Cross-Site Request Forgery Admin Brute Force ------------------------------------------------------------------------------------------------- Application: oBlog Version: the only one there is : Download: http://www.dootzky.com/images/projects/oBlog.zip...
Micro CMS 3.5 - SQL Injection Local File Inclusion
Micro CMS 3.5 - SQL Injection Local File Inclusion Micro CMS File inclusion Vuln Micro CMS SQLi login bypass By learn3r hacker from Nepal [email protected] Affected version: v 3.5 or may be lower... File Inclusion Vuln Requires register globals to be on... Vuln file: microcms-inlude.php...
JSFTemplating Mojarra Scales GlassFish - File Disclosure
JSFTemplating Mojarra Scales GlassFish - File Disclosure SEC Consult Security Advisory ======================================================================= title: File disclosure vulnerability in JSFTemplating, Mojarra Scales and GlassFish Application Server v3 Admin console products:...
Plume CMS 1.2.3 - Multiple SQL Injections
Plume CMS 1.2.3 - Multiple SQL Injections Plume CMS Multiple SQL Injection Vulnerabilities - Security Advisory - SOS-09-006 Release Date. 12-Aug-2009 Last Update. - Vendor Notification Date. 16-Jun-2009 Product. Plume CMS Platform. Independent Affected versions. 1.2.3 verified, possibly others...
Mozilla Firefox 3.5 - Font tags Remote Buffer Overflow
Mozilla Firefox 3.5 - Font tags Remote Buffer Overflow Firefox 3.5 Vulnerability Firefox 3.5 Heap Spray Vulnerabilty Author: SBerry aka Simon Berry-Byrne Thanks to HD Moore for the insight and Metasploit for the payload Loremipsumdoloregkuw Loremipsumdoloregkuwiert Loremikdkw / Calc.exe / var...
HTC Windows Mobile OBEX FTP Service - Directory Traversal
HTC Windows Mobile OBEX FTP Service - Directory Traversal I shall complete the information related to Bugtraq ID: 33359 Title: HTC / Windows Mobile OBEX FTP Service Directory Traversal Author: Alberto Moreno Tablado Vendor: HTC Vulnerable Products: - HTC devices running Windows Mobile 6 - HTC...
cPanel - (Authenticated) lastvisit.html Domain Arbitrary File Disclosure
cPanel - Authenticated lastvisit.html Domain Arbitrary File Disclosure +===================================================================================+ ./SEC-R1Z / / / / /\ \ |/ / \ \ / / / / | | / | | / / \ / / / / | || / | | / / \ \ \ \2009 | \ | | / / / \ /\ / ||\ \ ||/ \ R.I.P...
SiteX 0.7.4.418 - THEME_FOLDER Local File Inclusion
SiteX 0.7.4.418 - THEMEFOLDER Local File Inclusion =-=-local file include-=-= -=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-=-=-=-=-=-=-=-= script:SiteX074build418.zip ------------------------------------------------- Author: ahmadbady my site :Coming Soon =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=...
projectCMS 1.1b - Multiple Vulnerabilities
projectCMS 1.1b - Multiple Vulnerabilities || || || -----------------------------------------\ == -- ----------- ---------------------------- ------------------/ ¡VIVA SPAIN!...¡GANAREMOS EL MUNDIAL!...o.O ¡PROUD TO BE SPANISH!...
Joomla! Component com_bookJoomlas 0.1 - SQL Injection
Joomla! Component combookJoomlas 0.1 - SQL Injection Salvatore "drosophila" Fresta + Application: Joomla Component combookjoomlas + Version: 0.1 + Website: http://www.alikonweb.it + Bugs: A SQL Injection + Exploitation: Remote + Dork: inurl:"index.php?option=combookjoomlas" + Date: 06 Apr 2009 +...
taifajobs 1.0 - jobid SQL Injection
taifajobs 1.0 - jobid SQL Injection \ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /\ / / / / / .OR.ID ECHOADV103$2009 ----------------------------------------------------------------------------------------- ECHOADV103$2009 taifajobs = 1.0 jobid Remote SQL Injection Vulnerability...
MDPro Module My_eGallery - pid SQL Injection
MDPro Module MyeGallery - pid SQL Injection !/usr/bin/perl $host, PeerPort = 80, Proto = 'tcp' or die $!;...
Ghostscript 8.64 - gdevpdtb.c Local Buffer Overflow
Ghostscript 8.64 - gdevpdtb.c Local Buffer Overflow Ghostscript is prone to a remote buffer-overflow vulnerability because it fails to properly bounds-check user-supplied input before copying it into a finite-sized buffer. Exploiting this issue allows remote attackers to overwrite a sensitive...
D-Bus Daemon 1.2.4 - libdbus Denial of Service
D-Bus Daemon 1.2.4 - libdbus Denial of Service / cve-2008-3834.c D-Bus Daemon Denial of Service http://jon.oberheide.org Usage: $ gcc pkg-config dbus-1 --cflags cve-2008-3834.c pkg-config dbus-1 --libs -o cve-2008-3834 $ ./cve-2008-3834 Information:...