41207 matches found
Apple Mac OSX (Lion) Kernel xnu-1699.32.7 except xnu-1699.24.8 NFS Mount - Local Privilege Escalation
Apple Mac OSX Lion Kernel xnu-1699.32.7 except xnu-1699.24.8 NFS Mount - Local Privilege Escalation / Apple Mac OS X Lion Kernel Notes: This exploit leverage a stack overflow vulnerability to escalate privileges. The vulnerable function nfsconvertoldnfsargs does not verify the size of a...
XCloner Standalone 3.5 - Cross-Site Request Forgery
XCloner Standalone 3.5 - Cross-Site Request Forgery Advisory ID: HTB23207 Product: XCloner Standalone Vendor: XCloner Vulnerable Versions: 3.5 and probably prior Tested Version: 3.5 Advisory Publication: March 14, 2014 without technical details Vendor Notification: March 14, 2014 Public Disclosur...
OpenSSL TLS Heartbeat Extension - Heartbleed Information Leak (1)
OpenSSL TLS Heartbeat Extension - Heartbleed Information Leak 1 / CVE-2014-0160 heartbleed OpenSSL information leak exploit ========================================================= This exploit uses OpenSSL to create an encrypted connection and trigger the heartbleed leak. The leaked information...
Orbit Open Ad Server 1.1.0 - SQL Injection
Orbit Open Ad Server 1.1.0 - SQL Injection Advisory ID: HTB23208 Product: Orbit Open Ad Server Vendor: OrbitScripts, LLC Vulnerable Versions: 1.1.0 and probably prior Tested Version: 1.1.0 Advisory Publication: March 19, 2014 without technical details Vendor Notification: March 19, 2014 Vendor...
Quick.CMS 5.4 - Multiple Vulnerabilities
Quick.CMS 5.4 - Multiple Vulnerabilities Exploit Title: QuickCms 5.4 Multiple Vulnerabilites Date: 04/08/2014 Author: shpendk Software Link: http://opensolution.org/download,en,18.html?sFile=Quick.Cms/Quick.Cmsv5.4.zip Version: 5.4 Tested on: Xampp on Windows Reflected XSS Vulnerability in Admin...
eazyCMS - index.php SQL Injection
eazyCMS - index.php SQL Injection source: https://www.securityfocus.com/bid/66769/info eazyCMS is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. A successful exploit may allow an attacker to compromise the...
OpenSSL 1.0.1f TLS Heartbeat Extension - Heartbleed Memory Disclosure (Multiple SSLTLS Versions)
OpenSSL 1.0.1f TLS Heartbeat Extension - Heartbleed Memory Disclosure Multiple SSLTLS Versions Exploit Title: OpenSSL TLS Heartbeat Extension - Memory Disclosure - Multiple SSL/TLS versions Date: 2014-04-09 Exploit Author: Csaba Fitzl Vendor Homepage: http://www.openssl.org/ Software Link:...
csUpload Script Site - Authentication Bypass
csUpload Script Site - Authentication Bypass Exploit Title: "csUpload Script Site" Authentication Bypass Google Dork: CSUpload.cgi?command= Date: 4/9/2014 Exploit Author: Satanic2000 Vendor Homepage: http://www.cgiscript.net Software Link:...
OpenSSL TLS Heartbeat Extension - Heartbleed Memory Disclosure
OpenSSL TLS Heartbeat Extension - Heartbleed Memory Disclosure !/usr/bin/python Quick and dirty demonstration of CVE-2014-0160 by Jared Stafford [email protected] The author disclaims copyright to this source code. import sys import struct import socket import time import select import re...
Joomla! Component Inneradmission - index.php SQL Injection
Joomla! Component Inneradmission - index.php SQL Injection source: https://www.securityfocus.com/bid/66708/info Inneradmission component for Joomla! is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting...
BlazeDVD Pro Player 6.1 - Stack Buffer Overflow Jump ESP
BlazeDVD Pro Player 6.1 - Stack Buffer Overflow Jump ESP Exploit-DB Note: XPSP3 - my $eip = pack'V',0x7c868667; jmp ESP on kernel32.dll Date: Tue Apr 8 2014 Vendor link: http://www.blazevideo.com/download.htmm Software Link: http://www.blazevideo.com/download.php?product=BlazeDVDPro App Version:...
Halon Security Router (SR) 3.2-winter-r1 - Multiple Vulnerabilities
Halon Security Router SR 3.2-winter-r1 - Multiple Vulnerabilities ADVISORY INFORMATION Advisory Name: Multiple Security Vulnerabilities in Halon Security Router Date published: 2014-04-07 Vendors contacted: Halon Security http://www.halon.se Researcher: Juan Manuel Garcia...
Bluetooth Text Chat 1.0 iOS - Code Execution
Bluetooth Text Chat 1.0 iOS - Code Execution Document Title: =============== Bluetooth Text Chat v1.0 iOS - Code Execution Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1250 Release Date: ============= 2014-04-07 Vulnerability Laboratory ...
Apple Mac OSX 10.9 - Hard Link Memory Corruption
Apple Mac OSX 10.9 - Hard Link Memory Corruption / MacOSX/XNU HFS Multiple Vulnerabilities Maksymilian Arciemowicz http://cxsecurity.com/ http://cifrex.org/ =================== On November 8th, I've reported vulnerability in hard links for HFS+ CVE-2013-6799...
XAMPP 3.2.1 phpMyAdmin 4.1.6 - Multiple Vulnerabilities
XAMPP 3.2.1 phpMyAdmin 4.1.6 - Multiple Vulnerabilities Title: XAMPP 3.2.1 & phpMyAdmin 4.1.6 = multiple vulnerabilities Date: 6/04/2014 Author: hackerDesk Software Link: http://www.apachefriends.org/en/xampp-windows.html Version: 3.2.1 & 4.1.6 Tested on: Windows 7 CVE : kuDos tO: Mayank...
InfraRecorder 0.53 - Memory Corruption (Denial of Service)
InfraRecorder 0.53 - Memory Corruption Denial of Service Exploit Title: InfraRecorder Memory Corruption Exploit DOS Author: sajith version: version 0.53 vulnerable app link: http://sourceforge.net/projects/infrarecorder/files/InfraRecorder/0.53/ir053.exe/download Tested in windows Xp sp3,english...
Notepad++ DSpellCheck 1.2.12.0 - Denial of Service
Notepad++ DSpellCheck 1.2.12.0 - Denial of Service Exploit Title: Notepad++ - DSpellCheck v1.2.12.0 pluginDOS Exploit Author: sajith Vendor Homepage: http://notepad-plus-plus.org/ Software Link: http://notepad-plus-plus.org/download/ vulnerable plugin Version: DSpellCheck v 1.2.12.0 Tested in:...
EagleGet 1.1.8.1 - Denial of Service
EagleGet 1.1.8.1 - Denial of Service Exploit Title: EagleGet 1.1.8.1 DoS Exploit Date: 03 April 2014 Exploit Author: Interference Security Vendor Homepage: http://www.eagleget.com/ Software Link: http://www.eagleget.com/download/ Version: 1.1.8.1 Tested on: Microsoft Windows XP SP3 print " Crash...
Puntopy - novedad.php SQL Injection
Puntopy - novedad.php SQL Injection source: https://www.securityfocus.com/bid/67241/info Puntopy is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. A successful exploit may allow an attacker to compromise the...
Private Photo+Video 1.1 Pro iOS - Persistent
Private Photo+Video 1.1 Pro iOS - Persistent Document Title: =============== Private Photo+Video v1.1 Pro iOS - Persistent Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1249 Release Date: ============= 2014-04-01 Vulnerability Laboratory ...
MA Lighting Technology grandMA onPC 6.808 - Remote Denial of Service
MA Lighting Technology grandMA onPC 6.808 - Remote Denial of Service / MA Lighting Technology grandMA onPC v6.808 Remote Denial of Service Exploit Vendor: MA Lighting Technology GmbH Product web page: http://www.malighting.com Affected version: grandMA series 1 onPC Software 6.808 6.801 Summary:...
PHPFox - Access Control Security Bypass
PHPFox - Access Control Security Bypass source: https://www.securityfocus.com/bid/66677/info PHPFox is prone to a security-bypass vulnerability that may allow attackers to perform actions without proper authorization. Attackers can leverage this issue to bypass security restrictions and perform...
A10 Networks ACOS 2.7.0-P2 (Build 53) - Buffer Overflow (PoC)
A10 Networks ACOS 2.7.0-P2 Build 53 - Buffer Overflow PoC -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 === Details === Advisory: http://www.quantumleap.it/a10-networks-remote-buffer-overflow-softax/ Affected Product: ACOS Version: 2.7.0-P2build: 53 older versions may be affected too Tested on...
WordPress Plugin XCloner 3.1.0 - Cross-Site Request Forgery
WordPress Plugin XCloner 3.1.0 - Cross-Site Request Forgery Advisory ID: HTB23206 Product: XCloner Wordpress plugin Vendor: XCloner Vulnerable Versions: 3.1.0 and probably prior Tested Version: 3.1.0 Advisory Publication: March 12, 2014 without technical details Vendor Notification: March 12, 201...
CMS Made Simple 1.11.10 - Multiple Cross-Site Scripting Vulnerabilities
CMS Made Simple 1.11.10 - Multiple Cross-Site Scripting Vulnerabilities Exploit Title : CMS Made Simple 1.11.10 Multiple XSS Vulnerability Google dork : N/A Date : 02/04/2014 Exploit Author : Blessen Thomas Vendor Homepage : http://www.cmsmadesimple.org/ Software Link : N/A Version : 1.11.10 Test...
Oracle Identity Manager 11g R2 SP1 (11.1.2.1.0) - Unvalidated Redirects
Oracle Identity Manager 11g R2 SP1 11.1.2.1.0 - Unvalidated Redirects Unvalidated Redirects on Oracle Identity Manager ======================================================================= ADVISORY INFORMATION Title: Unvalidated Redirects on Oracle Identity Manager Discovery date: 10/12/2013...
CIS Manager CMS - SQL Injection
CIS Manager CMS - SQL Injection + Sql Injection on CIS Manager CMS + Date: 01/04/2014 + Risk: High + Author: Felipe Andrian Peixoto + Vendor Homepage: http://www.construtiva.com.br/ + Contact: [email protected] + Tested on: Windows 7 and Linux + Vulnerable File: default.asp + Dork :...
ZamFoo - Multiple Remote Command Execution Vulnerabilities
ZamFoo - Multiple Remote Command Execution Vulnerabilities source: https://www.securityfocus.com/bid/67215/info ZamFoo is prone to multiple remote command-execution vulnerabilities. Remote attackers can exploit these issues to execute arbitrary commands within the context of the vulnerable...
Kloxo 6.1.18 Stable - Cross-Site Request Forgery
Kloxo 6.1.18 Stable - Cross-Site Request Forgery Exploit Title :Kloxo 6.1.18 Stable CSRF Vulnerability Vendor Homepage :http://lxcenter.org/software/kloxo Version :6.1.18 Exploit Author :Necmettin COSKUN =@babayarisi Blog :http://www.ncoskun.com http://www.grisapka.org Discovery date :03/12/2014...
Kloxo-MR 6.5.0 - Cross-Site Request Forgery
Kloxo-MR 6.5.0 - Cross-Site Request Forgery Exploit Title :Kloxo-MR 6.5.0 CSRF Vulnerability Vendor Homepage :https://github.com/mustafaramadhan/kloxo/tree/dev Version :Kloxo-MR 6.5.0.f-2014020301 Tested on :Centos 6.4 Exploit Author :Necmettin COSKUN =@babayarisi Blog :http://www.ncoskun.com...
iShare Your Moving Library 1.0 iOS - Multiple Vulnerabilities
iShare Your Moving Library 1.0 iOS - Multiple Vulnerabilities Document Title: =============== iShare Your Moving Library 1.0 iOS - Multiple Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1240 Release Date: ============= 2014-03-31...
PhonerLite 2.14 SIP Soft Phone - SIP Digest Disclosure
PhonerLite 2.14 SIP Soft Phone - SIP Digest Disclosure -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 I. Advisory Summary Title: SIP Digest Leak Information Disclosure in PhonerLite 2.14 SIP Soft Phone Date Published: March 30, 2014 Vendors contacted: Heiko Sommerfeldt, PhonerLite author...
Alienvault 4.5.0 - (Authenticated) SQL Injection (Metasploit)
Alienvault 4.5.0 - Authenticated SQL Injection Metasploit The following request is vulnerable to a SQL injection attack from authenticated users. GET /ossim/report/BusinessAndComplianceISOPCI/ISO27001Bar1.php?datefrom=2014-02-28&dateto=2014-03-30 HTTP/1.1 Host: 172.31.16.150 User-Agent: Mozilla/5...
Horde Webmail 5.1 - Open Redirect
Horde Webmail 5.1 - Open Redirect + Horde webmail - Open Redirect Vulnerability + Date: 31/03/2014 + Risk: Low + Remote: Yes + Author: Felipe Andrian Peixoto + Vendor Homepage: http://www.horde.org/apps/webmail + Contact: [email protected] + Tested on: Windows 7 and Linux + Vulnerable Fil...
EMC Cloud Tiering Appliance 10.0 - XML External Entity Arbitrary File Read (Metasploit)
EMC Cloud Tiering Appliance 10.0 - XML External Entity Arbitrary File Read Metasploit EMC Cloud Tiering Appliance v10.0 Unauthed XXE The following authentication request is susceptible to an XXE attack: POST /api/login HTTP/1.1 Host: 172.31.16.99 User-Agent: Mozilla/5.0 X11; Ubuntu; Linux x8664;...
PhotoWIFI Lite 1.0 iOS - Multiple Vulnerabilities
PhotoWIFI Lite 1.0 iOS - Multiple Vulnerabilities Document Title: =============== PhotoWIFI Lite v1.0 iOS - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1239 Release Date: ============= 2014-03-27 Vulnerability Laboratory ...
Primo Interactive CMS - pcm.cgi Remote Command Execution
Primo Interactive CMS - pcm.cgi Remote Command Execution source: https://www.securityfocus.com/bid/66549/info Primo Interactive CMS is prone to a remote command-execution vulnerability because the application fails to sufficiently sanitize user-supplied input data. An attacker may leverage this...
plexusCMS 0.5 - Cross-Site Scripting Remote Shell Credentials Leak
plexusCMS 0.5 - Cross-Site Scripting Remote Shell Credentials Leak Exploit Title: plexusCMS 0.5 XSS Remote Shell Exploit Google Dork: allinurl: plx-storage Date: 22.02.2013 Exploit Author: neglomaniac Vendor Homepage: http://plexus-cms.org/ Version: 0.5 --- FILES backdoor.php simple commend execu...
Vanctech File Commander 1.1 iOS - Multiple Vulnerabilities
Vanctech File Commander 1.1 iOS - Multiple Vulnerabilities Document Title: =============== Vanctech File Commander 1.1 iOS - Multiple Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1235 Release Date: ============= 2014-03-28 Vulnerabilit...
WordPress Plugin Ajax Pagination 1.1 - Local File Inclusion
WordPress Plugin Ajax Pagination 1.1 - Local File Inclusion Details ================ Software: Ajax Pagination twitter Style Version: 1.1 Homepage: http://wordpress.org/plugins/ajax-pagination/ CVSS: 9.3 High; AV:N/AC:M/Au:N/C:C/I:C/A:C Description ================ End-user exploitable local file...
AudioCoder 0.8.29 - Memory Corruption (SEH)
AudioCoder 0.8.29 - Memory Corruption SEH Exploit Title: AudioCoder-0.8.29 Memory Corruption to Code executionSEH Author: sajith version: AudioCoder-0.8.29 vulnerable app link: http://www.mediacoderhq.com/getfile.htm?site=dl.mediacoderhq.com&file=AudioCoder-0.8.29.exe Tested in windows Xp...
ASP-Nuke 2.0.7 - gotourl.asp Open Redirect
ASP-Nuke 2.0.7 - gotourl.asp Open Redirect + ASP-Nuke 2.0.7 - Open Redirect Vulnerability in gotourl + Date: 28/03/2014 + Risk: Low + Remote: Yes + Author: Felipe Andrian Peixoto + Vendor Homepage: http://www.aspnuke.it/ + Contact: [email protected] + Tested on: Windows 7 and Linux +...
Fitnesse Wiki - Remote Command Execution (Metasploit)
Fitnesse Wiki - Remote Command Execution Metasploit This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Fitnesse Wiki Remote Command Execution', 'Description' = %q This module exploits ...
iStArtApp FileXChange 6.2 iOS - Multiple Vulnerabilities
iStArtApp FileXChange 6.2 iOS - Multiple Vulnerabilities Document Title: =============== iStArtApp FileXChange v6.2 iOS - Multiple Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1237 Release Date: ============= 2014-03-26 Vulnerability...
FTP Drive + HTTP 1.0.4 iOS - Code Execution
FTP Drive + HTTP 1.0.4 iOS - Code Execution Document Title: =============== FTP Drive + HTTP 1.0.4 iOS - Code Execution Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1231 Release Date: ============= 2014-03-20 Vulnerability Laboratory ID...
Dell SonicWALL EMail Security Appliance Application 7.4.5 - Multiple Vulnerabilities
Dell SonicWALL EMail Security Appliance Application 7.4.5 - Multiple Vulnerabilities Document Title: =============== Dell SonicWall EMail Security Appliance Application v7.4.5 - Multiple Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=119...
Easy FileManager 1.1 iOS - Multiple Vulnerabilities
Easy FileManager 1.1 iOS - Multiple Vulnerabilities Document Title: =============== Easy FileManager 1.1 iOS - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1234 Release Date: ============= 2014-03-25 Vulnerability Laborato...
Lazybone Studios WiFi Music 1.0 iOS - Multiple Vulnerabilities
Lazybone Studios WiFi Music 1.0 iOS - Multiple Vulnerabilities Document Title: =============== Lazybone Studios WiFi Music 1.0 iOS - Multiple Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1233 Release Date: ============= 2014-03-21...
Joomla! Component Kunena 3.0.4 - Persistent Cross-Site Scripting
Joomla! Component Kunena 3.0.4 - Persistent Cross-Site Scripting Persistent XSS in Joomla::Kunena 3.0.4 26. February 2014 by Qoppa +++ Description "Kunena is the leading Joomla forum component. Downloaded more than 3,750,000 times in nearly 6 years." Kunena is written in PHP. Users can post a...
LinEx - Password Reset
LinEx - Password Reset Exploit Title: LinEx All Versions Password Reset Vulnerability Google Dork: linkex.dk 2006-2011 Date: 15/01/2014 Exploit Author: N B Sri Harsha Reconnect Gray hat Vendor Homepage: http://linkex.dk/ Software Link: http://linkex.dk/releases/linkex.20120508.zip Version: All...