41207 matches found
PCMan FTP Server 2.0.7 - RENAME Remote Buffer Overflow
PCMan FTP Server 2.0.7 - RENAME Remote Buffer Overflow !/usr/bin/python Exploit Title: PCMan's FTP Server v2.0 - RENAME command remote buffer overflow Date: 29 Aug 2015 Exploit Author: Koby Vendor Homepage: http://pcman.openfoundry.org/ Software Link:...
MS SQL Server 20002005 - SQLNS.SQLNamespace COM Object Refresh() Unhandled Pointer
MS SQL Server 20002005 - SQLNS.SQLNamespace COM Object Refresh Unhandled Pointer % Function PaddingintLen Dim strRet, intSize intSize = intLen/2 - 1 For I = 0 To intSize Step 1 strRet = strRet & unescape"%u4141" Next Padding = strRet End Function Function PackDWORDstrPoint strTmp = replacestrPoin...
Pluck CMS 4.7.3 - Multiple Vulnerabilities
Pluck CMS 4.7.3 - Multiple Vulnerabilities Title: Pluck 4.7.3 - Multiple vulnerabilities Date: 28.08.15 Vendor: pluck-cms.org Affected versions: = 4.7.3 current Tested on: Apache2.2 / PHP5 / Deb32 Author: Smash | smaash.net Contact: smash at devilteam.pl Few vulnerabilities. Bugs: - local file...
freeSSHd 1.3.1 - Denial of Service
freeSSHd 1.3.1 - Denial of Service ''' Exploit title: freesshd 1.3.1 denial of service vulnerability Date: 28-8-2015 Vendor homepage: http://www.freesshd.com Software Link: http://www.freesshd.com/freeSSHd.exe Version: 1.3.1 Author: 3unnym00n Details: ---------------------------------------------...
WordPress Plugin Responsive Thumbnail Slider 1.0 - Arbitrary File Upload
WordPress Plugin Responsive Thumbnail Slider 1.0 - Arbitrary File Upload Exploit Title: Wordpress Responsive Thumbnail Slider Arbitrary File Upload Date: 2015/8/29 Exploit Author: Arash Khazaei Vendor Homepage: https://wordpress.org/plugins/wp-responsive-thumbnail-slider/ Software Link:...
Photo Transfer (2) 1.0 iOS - Denial of Service
Photo Transfer 2 1.0 iOS - Denial of Service Document Title: =============== Photo Transfer 2 v1.0 iOS - Denial of Service Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1580 Release Date: ============= 2015-08-20 Vulnerability Laboratory ...
Jenkins 1.626 - Cross-Site Request Forgery Code Execution
Jenkins 1.626 - Cross-Site Request Forgery Code Execution Title: Jenkins 1.626 - Cross Site Request Forgery / Code Execution Date: 27.08.15 Vendor: jenkins-ci.org Affected versions: = 1.626 current Software link: http://mirrors.jenkins-ci.org/war/latest/jenkins.war Tested on: win64 Author: Smash...
Wolf CMS - Arbitrary File Upload Execution
Wolf CMS - Arbitrary File Upload Execution Exploit Title : Wolf CMS 0.8.2 Arbitrary File Upload To Command Execution Reported Date : 05-May-2015 Fixed Date : 10-August-2015 Exploit Author : Narendra Bhati CVE ID : CVE-2015-6567 , CVE-2015-6568 Contact: Facebook :...
Invision Power Board (IP.Board) 4.x - Persistent Cross-Site Scripting
Invision Power Board IP.Board 4.x - Persistent Cross-Site Scripting Exploit Title: IP.Board 4.X Stored XSS Date: 27-08-2015 Software Link: https://www.invisionpower.com/ Exploit Author: snop. Contact: http://twitter.com/rabbitzorg Website: http://rabbitz.org Category: webapps 1. Description A...
Oracle GlassFish Server 4.1 - Directory Traversal
Oracle GlassFish Server 4.1 - Directory Traversal Trustwave SpiderLabs Security Advisory TWSL2015-016: Path Traversal in Oracle GlassFish Server Open Source Edition Published: 08/27/2015 Version: 1.0 Vendor: Oracle Corporation Project sponsored by Oracle Product: GlassFish Server Open Source...
Xion Audio Player 1.5 build 155 - Stack Buffer Overflow
Xion Audio Player 1.5 build 155 - Stack Buffer Overflow Exploit Title: Xion Audio Player build 155 Stack Based BOF. Date: 8/19/2015 Exploit Author: UnN0n Software Vendor : http://www.xionplayer.com Software Link: http://www.xionplayer.com/page/download Version: 1.5 Build 155 Tested on: Windows 7...
FENIX 0.92 - Local Buffer Overflow
FENIX 0.92 - Local Buffer Overflow Exploit Author: Juan Sacco - http://www.exploitpack.com Program: fenix - development environment for making 2D games Tested on: GNU/Linux - Kali Linux 2.0 Description: FENIX v0.92 and prior is prone to a stack-based buffer overflow vulnerability because the...
QEMU - Programmable Interrupt Timer Controller Heap Overflow
QEMU - Programmable Interrupt Timer Controller Heap Overflow Source: https://code.google.com/p/google-security-research/issues/detail?id=419c4 The programmable interrupt timer PIT controller in QEMU does not correctly validate the channel number when performing IO writes to the device controller,...
FHFS - FTPHTTP File Server 2.1.2 Remote Command Execution
FHFS - FTPHTTP File Server 2.1.2 Remote Command Execution !/usr/bin/python FHFS - FTP/HTTP File Server 2.1.2 Remote Command Execution Author: Naser Farhadi Date: 26 August 2015 Version: 2.1.2 Tested on: Windows 7 SP1 32 bit Link : http://sourceforge.net/projects/fhfs/ Description : FHFS is a FTP...
BSIGN 0.4.5 - Local Buffer Overflow
BSIGN 0.4.5 - Local Buffer Overflow Exploit Author: Juan Sacco - http://www.exploitpack.com Program: bsign - embed and verify secure hashes and digital signatures Tested on: GNU/Linux - Kali Linux 2.0 Description: BSIGN v0.4.5 and prior is prone to a stack-based buffer overflow vulnerability...
Magento eCommerce - Remote Code Execution
Magento eCommerce - Remote Code Execution Exploit Title : Magento Shoplift exploit SUPEE-5344 Author : Manish Kishan Tanwar AKA error1046 Date : 25/08/2015 Love to : zero cool,Team indishell,Mannu,Viki,Hardeep Singh,Jagriti,Kishan Singh and ritu rathi Debugged At : Indishell Laboriginally develop...
ZSNES 1.51 - Local Buffer Overflow
ZSNES 1.51 - Local Buffer Overflow Exploit Author: Juan Sacco - http://www.exploitpack.comp Tested on: GNU/Linux - Kali Linux 2.0 Description: ZSNES v1.51 and prior is prone to a stack-based buffer overflow vulnerability because the application fails to perform adequate boundary-checks on...
VideoLAN VLC Media Player 2.2.1 - m3u8m3u Crash (PoC)
VideoLAN VLC Media Player 2.2.1 - m3u8m3u Crash PoC !/usr/bin/python VLC media player 2.2.1 m3u8/m3u Crash Proof Of Concept Author: Naser Farhadi Date: 25 August 2015 Version: 2.2.1 Tested on: Windows 7 SP1 32 bit """ ModLoad: 71ae0000 71b64000...
Linux Kernel 3.5.0-23 (Ubuntu 12.04.2 x64) - SOCK_DIAG SMEP Bypass Local Privilege Escalation
Linux Kernel 3.5.0-23 Ubuntu 12.04.2 x64 - SOCKDIAG SMEP Bypass Local Privilege Escalation / based on the exploit by SynQ Modified PoC for CVE-2013-1763 with SMEP bypass Presentation: Practical SMEP Bypass Techniques on Linux Vitaly Nikolenko [email protected] Target: Linux ubuntu 3.5.0-23-gener...
Microsoft Office 2007 - Malformed Document Stack Buffer Overflow
Microsoft Office 2007 - Malformed Document Stack Buffer Overflow Source: https://code.google.com/p/google-security-research/issues/detail?id=170&can=1 The following access violation was observed in Microsoft Office 2007 Word document: e24.e28: Access violation - code c0000005 first chance First...
Keeper IP Camera 3.2.2.10 - Authentication Bypass
Keeper IP Camera 3.2.2.10 - Authentication Bypass Exploit Title: Keeper IP Camera - Authentication Bypass Date: 25/08/2015 Exploit Author: RAT - ThiefKing Vendor Homepage: http://www.keeper.cn/en/Camera-ip.asp Version: 3.2.2.10 WEB Version: 6.1.17.192 Tested on: QB200W, QB130W, QA130W,... Exploit...
Microsoft Office 2007 - OneTableDocumentStream Invalid Object
Microsoft Office 2007 - OneTableDocumentStream Invalid Object Source: https://code.google.com/p/google-security-research/issues/detail?id=171&can=1 The following access violation was observed in Microsoft Office 2007 Word document: 8c0.e68: Access violation - code c0000005 first chance First chan...
vBulletin 3.6.0 4.2.3 - ForumRunner SQL Injection
vBulletin 3.6.0 4.2.3 - ForumRunner SQL Injection Exploit Title : vBulletin = 4.2.3 SQL Injection CVE-2016-6195 Author : Manish Kishan Tanwar AKA error1046 https://twitter.com/IndiShell1046 Date : 25/08/2015 Love to : zero cool,Team indishell,Mannu,Viki,Hardeep Singh,Jagriti,Kishan Singh and ritu...
WordPress Theme GeoPlaces3 - Arbitrary File Upload
WordPress Theme GeoPlaces3 - Arbitrary File Upload Description : Wordpress Themes GeoPlaces3 - Arbitrary File Upload vulnerbility Google Dork: inurl:/wp-content/themes/GeoPlaces3/ Date: 23 August 2015 Vendor Homepage: http://templatic.com/app-themes/geo-places-city-directory-wordpress-theme Teste...
Mock SMTP Server 1.0 - Remote Crash (PoC)
Mock SMTP Server 1.0 - Remote Crash PoC !/usr/bin/python Exploit Title: Mock SMTP Server 1.0 Remote Crash PoC Date: 23-08-2015 Exploit Author: Shankar Damodaran Author's Twitter : @sh4nx0r Vendor Homepage: http://mocksmtpserver.codeplex.com Software Link:...
GOM Audio 2.0.8 - .gas Crash (PoC)
GOM Audio 2.0.8 - .gas Crash PoC Exploit Title: GOM Audio 2.0.8 Crash POC Date: 8/24/2015 Exploit Author: UnN0n Software Vendor : http://audio.gomlab.com/ Software Link: http://audio.gomlab.com/downloadlog.gom Version: 2.0.8 2015/06/17 Tested on: Windows 7 x8632 BIT Steps to Produce the Crash: 1-...
Easy File Sharing Web Server 6.9 - USERID Remote Buffer Overflow
Easy File Sharing Web Server 6.9 - USERID Remote Buffer Overflow !/usr/bin/python Exploit Title: Easy File Sharing Web Server v6.9 - USERID Remote Buffer Overflow Version: 6.9 Date: 2015-08-22 Author: Tracy Turben [email protected] Software Link: http://www.efssoft.com/ Tested on:...
Easy Address Book Web Server 1.6 - USERID Remote Buffer Overflow
Easy Address Book Web Server 1.6 - USERID Remote Buffer Overflow !/usr/bin/python Exploit Title: Easy Address Book Web Server 1.6 - USERID Remote Buffer Overflow Version: 1.6 Date: 2015-08-23 Author: Tracy Turben [email protected] Software Link: http://www.efssoft.com/ Tested on:...
Pligg CMS 2.0.2 - Cross-Site Request Forgery (Add Admin)
Pligg CMS 2.0.2 - Cross-Site Request Forgery Add Admin Admin input name="password" type="text" class="form-control" id="password" value="hacker123" onchange="checkPasswordthis.va...
Microsoft Windows - ATMFD.DLL Out-of-Bounds Read Due to Malformed Name INDEX in the CFF Table
Microsoft Windows - ATMFD.DLL Out-of-Bounds Read Due to Malformed Name INDEX in the CFF Table Source: https://code.google.com/p/google-security-research/issues/detail?id=386&can=1 We have encountered a number of Windows kernel crashes in the ATMFD.DLL OpenType driver while processing corrupted OT...
Microsoft Office 2007 - MSPTLS Heap Index Integer Underflow (MS15-081)
Microsoft Office 2007 - MSPTLS Heap Index Integer Underflow MS15-081 Source: https://code.google.com/p/google-security-research/issues/detail?id=431&can=1 The following crash was observed in Microsoft Office 2007 with Microsoft Office File Validation Add-In disabled and Application Verifier enabl...
Microsoft Windows - ATMFD.DLL CFF table (ATMFD+0x34072 ATMFD+0x3407b) Invalid Memory Access
Microsoft Windows - ATMFD.DLL CFF table ATMFD+0x34072 ATMFD+0x3407b Invalid Memory Access Source: https://code.google.com/p/google-security-research/issues/detail?id=383&can=1 We have encountered a Windows kernel crash in the ATMFD.DLL OpenType driver while processing a corrupted OTF font file: -...
Microsoft Windows - win32k.sys TTF Font Processing win32k!fsc_BLTHoriz Out-of-Bounds Pool Write
Microsoft Windows - win32k.sys TTF Font Processing win32k!fscBLTHoriz Out-of-Bounds Pool Write Source: https://code.google.com/p/google-security-research/issues/detail?id=402&can=1 We have encountered a Windows kernel crash in the win32k!fscBLTHoriz function while processing corrupted TTF font...
Microsoft Windows - win32k.sys TTF Font Processing win32k!fsc_RemoveDups Out-of-Bounds Pool Memory Access
Microsoft Windows - win32k.sys TTF Font Processing win32k!fscRemoveDups Out-of-Bounds Pool Memory Access Source: https://code.google.com/p/google-security-research/issues/detail?id=401&can=1 We have encountered a Windows kernel crash in the win32k!fscRemoveDups function while processing corrupted...
Microsoft Office 2007 - OGL.dll DpOutputSpanStretch::OutputSpan Out of Bounds Write (MS15-080)
Microsoft Office 2007 - OGL.dll DpOutputSpanStretch::OutputSpan Out of Bounds Write MS15-080 Source: https://code.google.com/p/google-security-research/issues/detail?id=420&can=1 The following crash was observed in Microsoft Office 2007 with Microsoft Office File Validation Add-In disabled and...
Mozilla - Maintenance Service Log File Overwrite Privilege Escalation
Mozilla - Maintenance Service Log File Overwrite Privilege Escalation Source: https://code.google.com/p/google-security-research/issues/detail?id=427&can=1 Mozilla Maintenance Service: Log File Overwrite Elevation of Privilege Platform: Windows Version: Mozilla Firefox 38.0.5 Class: Elevation of...
Microsoft Office 2007 - wwlib.dll Type Confusion (MS15-081)
Microsoft Office 2007 - wwlib.dll Type Confusion MS15-081 Source: https://code.google.com/p/google-security-research/issues/detail?id=423&can=1 The following crash was observed in Microsoft Office 2007 with Microsoft Office File Validation Add-In disabled and Application Verifier enabled for...
Microsoft Windows - ATMFD.dll CFF table (ATMFD+0x3440b ATMFD+0x3440e) Invalid Memory Access
Microsoft Windows - ATMFD.dll CFF table ATMFD+0x3440b ATMFD+0x3440e Invalid Memory Access Source: https://code.google.com/p/google-security-research/issues/detail?id=384&can=1 We have encountered a number of Windows kernel crashes in the ATMFD.DLL OpenType driver while processing corrupted OTF fo...
Microsoft Windows - win32k.sys TTF Font Processing win32k!scl_ApplyTranslation Pool-Based Buffer Overflow
Microsoft Windows - win32k.sys TTF Font Processing win32k!sclApplyTranslation Pool-Based Buffer Overflow Source: https://code.google.com/p/google-security-research/issues/detail?id=370&can=1 We have encountered a number of Windows kernel crashes in the win32k!sclApplyTranslation function while...
Microsoft Windows - ATMFD.DLL Write to Uninitialized Address Due to Malformed CFF Table
Microsoft Windows - ATMFD.DLL Write to Uninitialized Address Due to Malformed CFF Table Source: https://code.google.com/p/google-security-research/issues/detail?id=385&can=1 We have encountered a number of Windows kernel crashes in the ATMFD.DLL OpenType driver while processing corrupted OTF font...
Microsoft Windows - ATMFD.DLL Out-of-Bounds Read Due to Malformed FDSelect Offset in the CFF Table
Microsoft Windows - ATMFD.DLL Out-of-Bounds Read Due to Malformed FDSelect Offset in the CFF Table Source: https://code.google.com/p/google-security-research/issues/detail?id=392&can=1 We have encountered a number of Windows kernel crashes in the ATMFD.DLL OpenType driver while processing corrupt...
WordPress Plugin MDC Private Message 1.0.0 - Persistent Cross-Site Scripting
WordPress Plugin MDC Private Message 1.0.0 - Persistent Cross-Site Scripting Exploit Title: WordPress MDC Private Message Persistent XSS Date: 8/20/15 Exploit Author: Chris Kellum Vendor Homepage: http://medhabi.com/ https://wordpress.org/plugins/mdc-private-message/ Version: 1.0.0...
WordPress Plugin Googmonify 0.8.1 - Cross-Site Scripting Cross-Site Request Forgery
WordPress Plugin Googmonify 0.8.1 - Cross-Site Scripting Cross-Site Request Forgery + Exploit Title : Wordpress Googmonify Plug-in XSS/CSRF + Exploit Author : Ehsan Hosseini + Date: 2015-08-21 + Vendor Homepage : https://wordpress.org/plugins/googmonify/ + Software Link :...
Microsoft Windows - ATMFD.dll CharString Stream Out-of-Bounds Reads (MS15-021)
Microsoft Windows - ATMFD.dll CharString Stream Out-of-Bounds Reads MS15-021 Source: https://code.google.com/p/google-security-research/issues/detail?id=382&can=1 We have encountered a number of Windows kernel crashes in the ATMFD.DLL OpenType driver while processing corrupted OTF font files, suc...
Konica Minolta FTP Utility 1.0 - Remote Denial of Service (PoC)
Konica Minolta FTP Utility 1.0 - Remote Denial of Service PoC !/usr/bin/python Exploit Title: Konica Minolta FTP Utility 1.0 Remote DoS PoC Date: 21-08-2015 Exploit Author: Shankar Damodaran Vendor Homepage: http://www.konicaminolta.com/ Software Link:...
Netsweeper 4.0.9 - Arbitrary File Upload Execution
Netsweeper 4.0.9 - Arbitrary File Upload Execution +--------------------------------------------------------+ + Netsweeper 4.0.9 - Arbitrary File Upload and Execution + +--------------------------------------------------------+ Affected Product: Netsweeper Vendor Homepage : www.netsweeper.com...
Microsoft Office 2007 - mso.dll Use-After-Free (MS15-081)
Microsoft Office 2007 - mso.dll Use-After-Free MS15-081 Source: https://code.google.com/p/google-security-research/issues/detail?id=414&can=1 The following crash was observed in MS Office 2007 running under Windows 2003 x86. Microsoft Office File Validation Add-In is disabled and application...
Microsoft Windows - win32k.sys TTF Font Processing IUP[] Program Instruction Pool-Based Buffer Overflow
Microsoft Windows - win32k.sys TTF Font Processing IUP Program Instruction Pool-Based Buffer Overflow Source: https://code.google.com/p/google-security-research/issues/detail?id=368&can=1 We have encountered a number of Windows kernel crashes in the win32k!itrpIUP function a handler of the IUP TT...
Microsoft Office 2007 - mso.dll Arbitrary Free (MS15-081)
Microsoft Office 2007 - mso.dll Arbitrary Free MS15-081 Source: https://code.google.com/p/google-security-research/issues/detail?id=417&can=1 The following crash was observed in Microsoft Office 2007 with Microsoft Office File Validation Add-In disabled and Application Verifier enabled for testin...
Microsoft Office 2007 - wwlib.dll fcPlcfFldMom Uninitialized Heap Usage
Microsoft Office 2007 - wwlib.dll fcPlcfFldMom Uninitialized Heap Usage Source: https://code.google.com/p/google-security-research/issues/detail?id=424&can=1 The following crash was observed in Microsoft Office 2007 with Microsoft Office File Validation Add-In disabled and Application Verifier...