Joomla! Component Elite Experts - SQL Injection

Joomla! Component Elite Experts - SQL Injection +Title Joomla Component comeliteexperts SQL Injection Vulnerability +Author RoAdKiLlEr +Contact RoAdKiLlEratKhg-CrewdotWs +Tested on Win Xp Sp 2/3 --------------------------------------------------------------------------- Founded by RoAdKiLlEr Team...

Novell iPrint Client Browser Plugin - call-back-url Remote Stack Overflow

Novell iPrint Client Browser Plugin - call-back-url Remote Stack Overflow ''' | / |/ \ /\ | | | | \ | \ / | | | | / \ | | | | | | | |/| | | | |/ /\ | | | | shellcode = unescape'%uc931%ue983%ud9de%ud9ee%u2474%u5bf4%u7381%u3d13%u5e46%u8395'+...

Microsoft Windows - Tracing Registry Key ACL Privilege Escalation

Microsoft Windows - Tracing Registry Key ACL Privilege Escalation source: https://www.securityfocus.com/bid/42269/info Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successful...

ffdshow Video Codec - Denial of Service

ffdshow Video Codec - Denial of Service !/usr/bin/perl Exploit Title: Malformed MP4 Local DoS for ffdshow Video Codec tryouts rev. 3467 20100713 x86 Date: 08/08/2010 Author: Nishant Das Patnaik Web: http://nishantdaspatnaik.yolasite.com Software Link:...

Free PHP photo Gallery script - Remote Command Execution

Free PHP photo Gallery script - Remote Command Execution Exploit Title: Free PHP photo gallery script Remote Command Execution Vulnerability Date: 2010/07/21 Author: ViRuS Qalaa Email: [email protected] My Sites : www.pal-mafia.com & www.vbspiders.com Script home: http://www.phpgalleryscript.org...

Joomla! Component Rapid-Recipe - Persistent Cross-Site Scripting

Joomla! Component Rapid-Recipe - Persistent Cross-Site Scripting 1 1 0 I'm Sid3^effects member from Inj3ct0r Team 1 1 0 0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1 Name : Joomla Rapid Recipe Persistent XSS Vulnerability Date : july, 11 2010 Critical Level : HIGH Vendo...

Joomla! Component QuickFAQ 1.0.3 - Blind SQL Injection

Joomla! Component QuickFAQ 1.0.3 - Blind SQL Injection ----------------------------------------------------------------------------------------- Joomla Component comquickfaq BSQL-i Vulnerability ----------------------------------------------------------------------------------------- +Title Jooml...

SasCam WebCam Server 2.6.5 - ActiveX Overwrite (SEH)

SasCam WebCam Server 2.6.5 - ActiveX Overwrite SEH 'SEH Overwrite exploited by Blake 'Original EIP method by callAX 'Tested on XP SP3/IE7 in virtualbox '$ nc 192.168.1.155 4444 'Microsoft Windows XP Version 5.1.2600 'C Copyright 1985-2001 Microsoft Corp. ' 'C:\Documents and Settings\blake\Desktop...

I-Net MLM Script Engine - SQL Injection

I-Net MLM Script Engine - SQL Injection 1 1 0 I'm Sid3^effects member from Inj3ct0r Team 1 1 0 0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1 Vendor Url : http://www.i-netsolution.com/ Google Dork: inurl:/jobsearchengine/ Author : Sid3^effects aKa HaRi special thanks to ...

Yamamah Photo Gallery 1.00 - download.php Local File Disclosure

Yamamah Photo Gallery 1.00 - download.php Local File Disclosure |=---------------------------------------------------------------------------=| Yamamah Photo Gallery 1.00 download.php Local File Disclosure Vulnerability |=---------------------------------------------------------------------------...

phpplanner - Cross-Site Scripting SQL Injection

phpplanner - Cross-Site Scripting SQL Injection ================================== phpplanner XSS / SQL Vulnerability ================================== Script: php planner Date: 12-06-2010 Author: anT!-Tr0J4n My Home : www.Dev-PoinT.com Software Link:http://phpplanner.sourceforge.net/ Tested on:...

Nginx 0.7.650.8.39 (dev) - Source Disclosure Download

Nginx 0.7.650.8.39 dev - Source Disclosure Download TITLE: NGINX ENGINE X SERVER http://nginx.org/en/ ref-1 ======TESTED VERSIONS===== Unix versions are not vulnerable it only affects to NTFS file system Windows Stable versions: nginx/0.7.66 -- Not vulnerable nginx/0.7.65 -- Vulnerable nginx/0.7....

Adobe Photoshop CS4 Extended 11.0 - .GRD File Handling Remote Buffer Overflow (PoC)

Adobe Photoshop CS4 Extended 11.0 - .GRD File Handling Remote Buffer Overflow PoC / Title: Adobe Photoshop CS4 Extended 11.0 GRD File Handling Remote Buffer Overflow PoC Summary: The Adobe® Photoshop® family of products is the ultimate playground for bringing out the best in your digital images,...

Adobe Photoshop CS4 Extended 11.0 - .ASL File Handling Remote Buffer Overflow (PoC)

Adobe Photoshop CS4 Extended 11.0 - .ASL File Handling Remote Buffer Overflow PoC / Title: Adobe Photoshop CS4 Extended 11.0 ASL File Handling Remote Buffer Overflow PoC Summary: The Adobe® Photoshop® family of products is the ultimate playground for bringing out the best in your digital images,...

Open-AudIT - Multiple Vulnerabilities

Open-AudIT - Multiple Vulnerabilities GVI-2010-02 : Multiple vulnerabilities in Open-AudIT ==================================================== 1 Overview ---------- Excerpt from http://www.open-audit.org : "Open-AudIT is an application to tell you exactly what is on your network, how it is...

I-Vision CMS - Cross-Site Scripting SQL Injection

I-Vision CMS - Cross-Site Scripting SQL Injection Title: XSS, SQL injection vulnerability in I-Vision CMS Date: 17.05.2010 Author: Ariko-Security Software Link: http://international-vision.com/inner.php?id=14&type=2 Version: ALL ============ Ariko-Security - Advisory 2/5/2010 ============= XSS, S...

VMware View Portal 3.1 - Cross-Site Scripting

VMware View Portal 3.1 - Cross-Site Scripting DSECRG-09-058 Vmware View - XSS vulnerability Source:http://www.dsecrg.com/pages/vul/show.php?id=158 Linked XSS in VMware Portal Digital Security Research Group DSecRG Advisory DSECRG-09-058 Application: VMware View Portal Versions Affected:...

B2B Classic Trading Script - offers.php SQL Injection

B2B Classic Trading Script - offers.php SQL Injection / / / \ \ \ \ \ / / \\ \ \ \ \ // /// \ \ / / \ //|\ / \ \ \ \ \ \ / / \ \ / / \ | | | \ | | || | | |/ / \ V / || |\ V / / \ | / \ | /| | | || / | | | | . | ' || / | || // \ // \|||/|||||||||\ .WEB.ID...

PHP Quick Arcade 3.0.21 - Multiple Vulnerabilities

PHP Quick Arcade 3.0.21 - Multiple Vulnerabilities PHP Quick Arcade 3.0.21 Multiple Vulnerabilites ----------------------------------------------------------- Title: PHP-Quick-Arcade 3.0.21 Multiple Vulnerabilites Vendor: http://quickarcade.jcink.com/...

Template Seller Pro 3.25 - tempid SQL Injection

Template Seller Pro 3.25 - tempid SQL Injection !/usr/bin/perl -w Template Seller Pro 3.25 tempid Remote SQL Injection Vulnerability Author : v3n0m Contact : v3n0m666atlivedotcom Site : http://yogyacarderlink.web.id/ Group : YOGYACARDERLINK Date : April, 23-2010 GMT +7:00 Jakarta, Indonesia...

Joomla! Component iNetLanka Multiple root 1.0 - Local File Inclusion

Joomla! Component iNetLanka Multiple root 1.0 - Local File Inclusion =============================================================================================================== o Joomla Component Multiple Root Local File Inclusion Vulnerability Software : commultiroot version 1.0 Vendor :...

Elite Gaming Ladders 3.5 - match SQL Injection

Elite Gaming Ladders 3.5 - match SQL Injection ----------------------------Information------------------------------------------------ +Name : Elite Gaming Ladders = v3.5 SQL injection Vulnerability & Exploit +Autor : Easy Laster +Date : 11.04.2010 +Script : Elite Gaming Ladders = v3.5 +Demo :...

Joomla! Component com_ticketbook - Local File Inclusion

Joomla! Component comticketbook - Local File Inclusion ================================================================================================================ o Joomla Component Ticketbook Local File Inclusion Vulnerability Software : comticketbook version 1.0.1 Vendor :...

mygamingladder MGL Combo System 7.5 - SQL Injection

mygamingladder MGL Combo System 7.5 - SQL Injection ----------------------------Information------------------------------------------------ +Name : mygamingladder MGL Combo System = 7.5 SQL injection Vulnerability & SQL injection Exploit +Autor : Easy Laster +Date : 10.04.2010 +Script :...

Joomla! Component Agenda Address Book 1.0.1 - id SQL Injection

Joomla! Component Agenda Address Book 1.0.1 - id SQL Injection !/usr/bin/perl -w Joomla Component comagenda 1.0.1 id Remote SQL Injection Vulnerability Author : v3n0m Site : http://yogyacarderlink.web.id/ Group : YOGYACARDERLINK Date : April, 10-2010 INDONESIA Software : comagenda Version : 1.0.1...

Microsoft Internet Explorer Tabular Data Control - ActiveX Remote Code Execution

Microsoft Internet Explorer Tabular Data Control - ActiveX Remote Code Execution CVE : CVE-2010-0805 Trigger for ZDI-10-034 by ZSploit.com The ZSploit Team...

bispage - Bypass

bispage - Bypass Exploit Title: bispage Bypass Vulnerability Author: SaMir-BonD [email protected] Organization : TEAM-DZ Formal sites : t00ls.org - h4kz.com Software Link: N/A Script's Language: ASP Tested on: Windows PHP/4.3.11 os Dork :"Developed by Bispage.com" CVE : if exists Code : exploit cod...

Samba 3.4.5 - Symlink Directory Traversal (Metasploit)

Samba 3.4.5 - Symlink Directory Traversal Metasploit source: https://www.securityfocus.com/bid/38111/info Samba is prone to a directory-traversal vulnerability because the application fails to sufficiently sanitize user-supplied input. Exploits would allow an attacker to access files outside of t...

KubeLabs PHPDug 2.0 - upcoming.php Cross-Site Scripting

KubeLabs PHPDug 2.0 - upcoming.php Cross-Site Scripting source: https://www.securityfocus.com/bid/40554/info KubeLabs PHPDug is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script...

PHP Uploader Downloader 2.0 - Arbitrary File Upload

PHP Uploader Downloader 2.0 - Arbitrary File Upload ======================================================================================== | Title : PHP Uploader Downloader Upload Shell Vulnerability | | Author : indoushka | | email : [email protected] | | Home : Souk Naamane - 04325 - Oum ...

SoftBiz B2B trading Marketplace Script - SQL Injection

SoftBiz B2B trading Marketplace Script - SQL Injection + B2B Trading Marketplace SQL Injection Vulnerability + Software : B2B Trading Marketplace Script + Author : AnGrY BoY + Contact : [email protected] & [email protected] + Home : http://www.kurd-security.com http://www.h4kurd.com...

Joomla! Component com_mediaslide - Directory Traversal

Joomla! Component commediaslide - Directory Traversal Joomla Component commediaslide Directory Traversal Vuln author : Mr.tro0oqy from Yemen mail : [email protected] fuck 2 community college sanaa exp : http://server/components/commediaslide/viewer.php?path=/../.. dork :...

Smart ASPad - campaignEdit.asp?CCam Blind SQL Injection

Smart ASPad - campaignEdit.asp?CCam Blind SQL Injection ? ?????????????????????????In The Name Of Allah The Mercifull?????????????????????? ? Tybe:campaignEdit.asp CCam Blind SQL Injection Vulnerability Vendor: www.smartasp.net Software: Smart ASPad author: R3d-D3v!L Date: 17.dec.2009 T!ME: 3:03 ...

oBlog - Persistent Cross-Site Scripting Cross-Site Request Forgery Admin Brute Force

oBlog - Persistent Cross-Site Scripting Cross-Site Request Forgery Admin Brute Force ------------------------------------------------------------------------------------------------- Application: oBlog Version: the only one there is : Download: http://www.dootzky.com/images/projects/oBlog.zip...

Snitz Forums 2000 3.4.7 - pop_send_to_friend.asp?url Cross-Site Scripting

Snitz Forums 2000 3.4.7 - popsendtofriend.asp?url Cross-Site Scripting source: https://www.securityfocus.com/bid/36710/info Snitz Forums 2000 is prone to a cross-site scripting vulnerability and an HTML-injection vulnerability because it fails to sufficiently sanitize user-supplied data...

Microsoft Internet Explorer 567 - Memory Corruption (MS09-054)

Microsoft Internet Explorer 567 - Memory Corruption MS09-054 MSIE Content-Encoding: deflate memory corruption vulnerability a.k.a. MSRC 8769, MS09-054, CVE-2009-1547, “Data Stream Header Corruption Vulnerability” Microsoft fixed a bug in Internet Explorer’s “Content-Encoding:deflate”...

Quick Heal 10.00 SP1 - Local Privilege Escalation

Quick Heal 10.00 SP1 - Local Privilege Escalation ShineShadow Security Report 13102009-11 TITLE Quick Heal Local Privilege Escalation Vulnerability BACKGROUND Quick Heal Technologies is leading provider of AntiVirus and Internet Security tools and is leader in Anti-Virus Technology in India. A...

CF Shopkart 5.3x - itemID SQL Injection

CF Shopkart 5.3x - itemID SQL Injection CF ShopKart SQL vulnerability By learn3r hacker from Nepal [email protected] Product name: CF ShopKart Version: 5.4 beta or may be lower Product home: www.cfshopkart.com Affected variable: item SQLi examples:...

Elite Gaming Ladders 3.2 - platform SQL Injection

Elite Gaming Ladders 3.2 - platform SQL Injection -------------------------------------------------------- Elite Gaming Ladders v3.2 Remote SQL Injection Vulnerability -------------------------------------------------------- Discovered By: Snakespc ALGERIAN HaCkEr Mail: [email protected]...

Linux Kernel 2.4.x2.6.x (CentOS 4.85.3 RHEL 4.85.3 SuSE 10 SP211 Ubuntu 8.10) (PPC) - sock_sendpage() Local Privilege Escalation

Linux Kernel 2.4.x2.6.x CentOS 4.85.3 RHEL 4.85.3 SuSE 10 SP211 Ubuntu 8.10 PPC - socksendpage Local Privilege Escalation / Linux socksendpage NULL pointer dereference Copyright 2009 Ramon de Carvalho Valle This program is free software; you can redistribute it and/or modify it under the terms of...

Discuz! Plugin Crazy Star 2.0 - fmid SQL Injection

Discuz! Plugin Crazy Star 2.0 - fmid SQL Injection ============================================================ Discuz! Plugin Crazy Star = 2.0 Sql injection Vulnerability ============================================================ ========================Author============================ +...

Plume CMS 1.2.3 - Multiple SQL Injections

Plume CMS 1.2.3 - Multiple SQL Injections Plume CMS Multiple SQL Injection Vulnerabilities - Security Advisory - SOS-09-006 Release Date. 12-Aug-2009 Last Update. - Vendor Notification Date. 16-Jun-2009 Product. Plume CMS Platform. Independent Affected versions. 1.2.3 verified, possibly others...

Geeklog 1.5.2 - SEC_authenticate() SQL Injection

Geeklog 1.5.2 - SECauthenticate SQL Injection = 5.0 google dorks: "By Geeklog" "Created this page in" +seconds +powered "By Geeklog" "Created this page in" +seconds +powered inurl:publichtml vulnerability, see /publichtml/webservices/atom/index.php near lines 34-53: ... requireonce...

saspcms 0.9 - Multiple Vulnerabilities

saspcms 0.9 - Multiple Vulnerabilities www.BugReport.ir AmnPardaz Security Research Team Title: SASPCMS Multiple Vulnerabilities Vendor: http://www.lgasoft.com Vulnerable Version: 0.9 prior versions also may be affected Exploitation: Remote with browser Fix: N/A - Description: SASPCMS is an ASP...

Simple PHP NewsLetter 1.5 - Local File Inclusion

Simple PHP NewsLetter 1.5 - Local File Inclusion --:local file include:-- --------------------------------- script:Simple PHP Newsletter 1.5 ---------------------------------------------- download from:http://quirm.net/download/23/ ----------------------------------------------...

Samba 3.0.20 - Remote Heap Overflow

Samba 3.0.20 - Remote Heap Overflow // / Samba 3.0.20 heap overflow / / per Debian 3.0.14a Debian e altre versioni / / per versionare il sorgente: / / usare l'opzione DEBUG / / usare free dalla GOT non funziona su Mandriva,RHEL e Fedora / / da qualche parte nel 3°/4° pacchetto di risposta dice ...

PHPmotion 2.1 - Cross-Site Request Forgery

PHPmotion 2.1 - Cross-Site Request Forgery PHPmotion Source of pwned.html file: Once your victim has visited your evil page, You may now be able to log into their PHP...

Simple Text-File Login script (SiTeFiLo) 1.0.6 - File Disclosure Remote File Inclusion

Simple Text-File Login script SiTeFiLo 1.0.6 - File Disclosure Remote File Inclusion START 0x01 Informations: Script : Simple Text-File Login script 1.0.6 Download : http://www.hotscripts.com/jump.php?listingid=36777&jumptype=1 Vulnerability : Remote File Inclusion / Sensitive Data Disclosure...

Rapid Classified 3.1 - Database Disclosure

Rapid Classified 3.1 - Database Disclosure --------------------------------------------------------------------------- Script Name: Rapid Classified Version: v3.1 Google Dork: intext:©2003-2008 RC v3.1 Developed by: GA Soft Author: CoBRa21 My Web Site: www.ipbul.org...

Booking Centre 2.01 - HotelID SQL Injection

Booking Centre 2.01 - HotelID SQL Injection ----------------------------بسم الله الرحمن الرحيم------------------------------ Tybe: hotelhabitaciones.php HotelID Remote SQL Injection Vulnerability Vendor: www.bookingcentre.eu Software: Hotels Group author: я3d D3v!L Date:...