41207 matches found
OpenSupports 2.x - Authentication Bypass Cross-Site Request Forgery
OpenSupports 2.x - Authentication Bypass Cross-Site Request Forgery + Author: TUNISIAN CYBER + Exploit Title: OpenSupports v2.x AuthBypass/CSRF Vulnerabilities + Date: 15-03-2014 + Category: WebApp + Version: 2.x + Tested on: KaliLinux/Windows 7 Pro + CWE: CWE-302/CWE-89 + Vendor:...
Free Download Manager - Stack Buffer Overflow
Free Download Manager - Stack Buffer Overflow RCE Security Advisory http://www.rcesecurity.com 1. ADVISORY INFORMATION ----------------------- Product: Free Download Manager Vendor URL: www.freedownloadmanager.org Type: Stack-based Buffer Overflow CWE-121 Date found: 2014-02-20 Date published:...
Joomla! Component AJAX Shoutbox 1.6 - SQL Injection
Joomla! Component AJAX Shoutbox 1.6 - SQL Injection Joomla AJAX Shoutbox remote SQL Injection vulnerability - Author: Ibrahim Raafat - Contact: https://twitter.com/RaafatSEC - Discovery date: 1 April 2010 4 years ago - Reported to vendor : 12 March 2014 - Response: Quick response from the...
OpenX 2.8.x - Multiple Cross-Site Request Forgery Vulnerabilities
OpenX 2.8.x - Multiple Cross-Site Request Forgery Vulnerabilities source: https://www.securityfocus.com/bid/66251/info OpenX is prone to multiple cross-site request-forgery vulnerabilities. Exploiting these issues may allow a remote attacker to perform certain unauthorized actions. This may lead ...
Nginx 1.4.0 (Generic Linux x64) - Remote Overflow
Nginx 1.4.0 Generic Linux x64 - Remote Overflow nginx = 1.4.0 exploit for CVE-2013-2028 by sorbo Fri Jul 12 14:52:45 PDT 2013 ./brop.rb 127.0.0.1 for remote hosts: ./frag.sh ip ./brop.rb ip rm state.bin when changing host or relaunching nginx with canaries scan.py will find servers, reading IPs...
Church Edit - Blind SQL Injection
Church Edit - Blind SQL Injection Exploit Title: Church Edit Blind SQL Injection Google Dork: inurl:This website is powered by Church Edit Date: 15/3/2013 Exploit Author: ThatIcyChill Vendor Homepage: http://www.churchedit.co.uk/ Version: Initial Release...
MicroP 0.1.1.1600 - .mppl Local Stack Buffer Overflow
MicroP 0.1.1.1600 - .mppl Local Stack Buffer Overflow !/usr/bin/env ruby Exploit Title:MicroP.mppl Local Stack Based Buffer Overflow Author:Necmettin COSKUN = twitter.com/babayarisi Blog : http://www.ncoskun.com http://www.grisapka.org Vendor :http://sourceforge.net/projects/microp/ Software...
Synology DSM 4.3-3827 - article.php Blind SQL Injection
Synology DSM 4.3-3827 - article.php Blind SQL Injection Title: Synology DSM Blind SQL Injection Version affected: :80/ Cookie: PHPSESSID=; visitday= Host: Connection: Keep-alive Accept-Encoding: gzip,deflate User-Agent: Mozilla/5.0 Windows NT 6.1; WOW64 AppleWebKit/537.36 KHTML, like Gecko...
Fonality trixbox - mac Remote Code Injection
Fonality trixbox - mac Remote Code Injection App : Trixbox all versions vendor : trixbox.com Author : i-Hmx mail : [email protected] Home : security arrays inc , sec4ever.com ,exploit4arab.net Well well well , we decided to give schmoozecom a break and have a look @ fonality products do you think...
Ubee EVW3200 - Multiple Persistent Cross-Site Scripting Vulnerabilities
Ubee EVW3200 - Multiple Persistent Cross-Site Scripting Vulnerabilities Exploit Title: Ubee EVW3200 - Multiple Persistent Cross Site Scripting Google Dork: N/A Date: 02-03-2014 Exploit Author: Jeroen - IT Nerdbox Vendor Homepage: http://www.ubeeinteractive.com/ Software Link:...
Fonality trixbox - SQL Injection
Fonality trixbox - SQL Injection Exploit Title: SQL injection in Trixbox All Versions Date: 13/03/2014 Exploit Author: Sc4nX Email : Sec744atyahoo.com - r1zathackermail.com Software Link: http://trixbox.org/downloads Tested on: Linux / Win 7 Example : Grab users / password hashes from ampusers�...
Ubee EVW3200 - Cross-Site Request Forgery
Ubee EVW3200 - Cross-Site Request Forgery Exploit Title: Ubee EVW3200 - Multiple Cross Site Request Forgery Google Dork: N/A Date: 02-03-2014 Exploit Author: Jeroen - IT Nerdbox Vendor Homepage: http://www.ubeeinteractive.com/ Software Link:...
FreePBX 2.11.0 - Remote Command Execution
FreePBX 2.11.0 - Remote Command Execution !/usr/bin/perl use strict; use warnings; use IO::Socket::INET; Exploit Title: FreePBX 2.9,2.10,2.11,12 Remote Command Execution Google Dork: n/a Date: 2/25/14 Exploit Author: @0x00string Vendor Homepage: http://www.freepbx.org/ Software Link:...
GNUPanel 0.3.5_R4 - Multiple Vulnerabilities
GNUPanel 0.3.5R4 - Multiple Vulnerabilities Exploit Title :GNUpanel 0.3.5R4 - Multiple Vulnerabilities Vendor Homepage :http://wp.geeklab.com.ar/gl-en/gnupanel/ GNUPanel Version :0.3.5R4 Server :Centos 6.4 Exploit Author :Necmettin COSKUN =@babayarisi Blog :http://www.ncoskun.com...
LuxCal 3.2.2 - Cross-Site Request Forgery Blind SQL Injection
LuxCal 3.2.2 - Cross-Site Request Forgery Blind SQL Injection + Author: TUNISIAN CYBER + Exploit Title: LuxCal v3.2.2 CSRF/Blind SQL Injection Vulnerabilities + Date: 09-03-2014 + Category: WebApp + Tested on: KaliLinux/Windows 7 Pro + CWE: CWE-352/CWE-89 + Vendor: http://www.luxsoft.eu/ + Friend...
Procentia IntelliPen 1.1.12.1520 - data.aspx Blind SQL Injection
Procentia IntelliPen 1.1.12.1520 - data.aspx Blind SQL Injection CVE: CVE-2014-2043 Vendor: Procentia Product: IntelliPen Affected version: 1.1.12.1520 Fixed version: 1.1.18.1658 Reported by: Jerzy Kramarz Details: SQL injection has been found and confirmed within the software as an authenticated...
Oracle VM VirtualBox - 3D Acceleration Multiple Vulnerabilities
Oracle VM VirtualBox - 3D Acceleration Multiple Vulnerabilities Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ Oracle VirtualBox 3D Acceleration Multiple Memory Corruption Vulnerabilities 1. Advisory Information Title: Oracle VirtualBox 3D Acceleration Multiple Memory...
Huawei Technologies eSpace Meeting Service 1.0.0.23 - Local Privilege Escalation
Huawei Technologies eSpace Meeting Service 1.0.0.23 - Local Privilege Escalation Huawei Technologies eSpace Meeting Service 1.0.0.23 Local Privilege Escalation Vendor: Huawei Technologies Co., Ltd. Product web page: http://www.huawei.com Affected version: 1.0.0.23 V100R001C03SPC201B050 Summary:...
ZYXEL P-660HN-T1A Router - Authentication Bypass
ZYXEL P-660HN-T1A Router - Authentication Bypass Exploit Title: ZyXEL Router P-660HN-T1A - Login Bypass Date: 11/03/2013 Exploit Author: Michael Grifalconi Vendor Homepage: http://www.zyxel.com/productsservices/p660hntxaseries.shtml?t=p Version: 3.40BYF.5 - Last avaiable If someone is logged on t...
vTiger CRM 5.4.06.0 RC6.0.0 GA - browse.php Local File Inclusion
vTiger CRM 5.4.06.0 RC6.0.0 GA - browse.php Local File Inclusion CVE: CVE-2014-1222 Vendor: Vtiger Product: CRM Affected version: Vtiger 5.4.0, 6.0 RC & 6.0.0 GA Fixed version: Vtiger 6.0.0 Security patch 1 Reported by: Jerzy Kramarz Details: A local file inclusion vulnerability was discovered in...
Kentico CMS 7.0.75 - User Information Disclosure
Kentico CMS 7.0.75 - User Information Disclosure Exploit Title: Kentico CMS User Enumeration Bug Google Dork: inurl:/CMSPages/logon.aspx -- enumerates several Kentico CMS sites Date: 02-25-2014 Exploit Author: Charlie Campbell and Lyndon Mendoza Vendor Homepage: http://www.kentico.com/ Software...
iCAM Workstation Control 4.8.0.0 - Authentication Bypass
iCAM Workstation Control 4.8.0.0 - Authentication Bypass Exploit Title: iCAM Workstation Control Software Local Authentication Bypass Google Dork: Vendor: Insight Media Internet Limited is based in the North West of England, and has 10 years experience in developing both internet and software...
MeiuPic 2.1.2 - ctl Local File Inclusion
MeiuPic 2.1.2 - ctl Local File Inclusion source: https://www.securityfocus.com/bid/66317/info MeiuPic is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to obtain potentially sensitive information an...
QNX 6.4.x6.5.x pppoectl - Information Disclosure
QNX 6.4.x6.5.x pppoectl - Information Disclosure QNX 6.4.x/6.5.x pppoectl disclose /etc/shadow by cenobyte 2013 - vulnerability description: QNX setuid root /sbin/pppoectl allows any user to gain access to privileged information such as the root password hash. The vulnerability exists because of ...
QNX 6.5.0 x86 phfont - Local Privilege Escalation
QNX 6.5.0 x86 phfont - Local Privilege Escalation / QNX 6.5.0 x86 phfont local root exploit by cenobyte 2013 - vulnerability description: Setuid root /usr/photon/bin/phfont on QNX is prone to a buffer overflow. The vulnerability is due to insufficent bounds checking of the PHOTONHOME environment...
Apple iOS 4.2.1 - facetime-audio: Security Bypass
Apple iOS 4.2.1 - facetime-audio: Security Bypass source: https://www.securityfocus.com/bid/66108/info Apple iOS is affected by a security-bypass vulnerability. Successfully exploiting this issue may allow an attacker to bypass certain security warnings. This may aid in further attacks. These...
QNX 6.4.x6.5.x ifwatchd - Local Privilege Escalation
QNX 6.4.x6.5.x ifwatchd - Local Privilege Escalation !/bin/sh QNX 6.4.x/6.5.x ifwatchd local root exploit by cenobyte 2013 - vulnerability description: Setuid root ifwatchd watches for addresses added to or deleted from network interfaces and calls up/down scripts for them. Any user can launch...
QNX - .Phgrafx File Enumeration
QNX - .Phgrafx File Enumeration source: www.securityfocus.com/bid/66098/info QNX Phgrafx is prone to a file-enumeration weakness. An attacker can exploit this issue to enumerate the files present in the system's root directory; this may aid in further attacks. QNX 6.5.0 SP1, 6.5.0, 6.4.1, 6.3.0,...
ownCloud 4.0.x4.5.x - upload.php?Filename Remote Code Execution
ownCloud 4.0.x4.5.x - upload.php?Filename Remote Code Execution Vulnerability title: Remote Code Execution in ownCloud CVE: CVE-2014-2044 Vendor: ownCloud Product: ownCloud Affected version: 4.0.x & 4.5.x Fixed version: 5.0 Reported by: Alejo Murillo Moya Details: A remote code execution has been...
KMPlayer 3.8.0.117 - Local Buffer Overflow
KMPlayer 3.8.0.117 - Local Buffer Overflow !/usr/bin/python KMPlayer 3.8.0.117 Buffer Overflow Author: metacom Tested on: Windows Xp pro-sp3 En Download link :http://www.chip.de/downloads/KMPlayer33859258.html Version: 3.8.0.117 Kmp Plus Howto / Notes: Run KMPlayer Playlist Editor New Album and...
QNX 6.5.0 x86 io-graphics - Local Privilege Escalation
QNX 6.5.0 x86 io-graphics - Local Privilege Escalation / QNX 6.5.0 x86 io-graphics local root exploit by cenobyte 2013 - vulnerability description: Setuid root /usr/photon/bin/io-graphics on QNX is prone to a buffer overflow. The vulnerability is due to insufficent bounds checking of the...
Huawei E5331 MiFi Mobile Hotspot 21.344.11.00.414 - Multiple Vulnerabilities
Huawei E5331 MiFi Mobile Hotspot 21.344.11.00.414 - Multiple Vulnerabilities SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Unauthenticated access & manipulation of settings product: Huawei E5331 MiFi mobile hotspot...
ET - Chat Password Reset Security Bypass
ET - Chat Password Reset Security Bypass source: https://www.securityfocus.com/bid/66149/info ET - Chat is prone to a security bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions; this may aid in launching further...
ClipSharePro 4.1 - Local File Inclusion
ClipSharePro 4.1 - Local File Inclusion Exploit Title : ClipSharePro 0 $configfile = $GET'configfile'; else showAlertMessage"ERROR: Failed to find configfile parameter", 1; else $configfile = $DEFAULTCONFIG; // Load config file require $configfile; //including arbitrary file $GET'configfile' echo...
GetGo Download Manager 4.9.0.1982 - HTTP Response Header Buffer Overflow Remote Code Execution
GetGo Download Manager 4.9.0.1982 - HTTP Response Header Buffer Overflow Remote Code Execution !/usr/bin/python Exploit Title: GetGo Download Manager HTTP Response Header Buffer Overflow Remote Code Execution Version: v4.9.0.1982 CVE: CVE-2014-2206 Date: 2014-03-09 Author: Julien Ahrens @MrTuxrac...
Professional Designer E-Store - id Multiple SQL Injections
Professional Designer E-Store - id Multiple SQL Injections source: https://www.securityfocus.com/bid/66100/info E-Store is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. A successful exploit may allow a...
Ajax File Manager - Directory Traversal
Ajax File Manager - Directory Traversal Exploit Title: Ajax File Manager DirectoryTraversal Google Dork: inurl: "plugins/ajaxfilemanager" Date: 03/07/2014 Exploit Author: Eduardo Alves edudx9 Vendor Homepage: phpletter.com Software Link: http://phpletter.com/Demo/Ajax-File--Manager/ Version: app...
WordPress Plugin Premium Gallery Manager - Arbitrary File Upload
WordPress Plugin Premium Gallery Manager - Arbitrary File Upload source: https://www.securityfocus.com/bid/66044/info Premium Gallery Manager plugin for WordPress is prone to a vulnerability that lets attackers upload arbitrary files. An attacker can exploit this vulnerability to upload arbitrary...
Ilch CMS 2.0 - Persistent Cross-Site Scripting
Ilch CMS 2.0 - Persistent Cross-Site Scripting Advisory ID: HTB23203 Product: Ilch CMS Vendor: http://ilch.de Vulnerable Versions: 2.0 and probably prior Tested Version: 2.0 Advisory Publication: February 12, 2014 without technical details Vendor Notification: February 12, 2014 Public Disclosure:...
OpenDocMan 1.2.7 - Multiple Vulnerabilities
OpenDocMan 1.2.7 - Multiple Vulnerabilities Advisory ID: HTB23202 Product: OpenDocMan Vendor: Free Document Management Software Vulnerable Versions: 1.2.7 and probably prior Tested Version: 1.2.7 Advisory Publication: February 12, 2014 without technical details Vendor Notification: February 12,...
Cory Jobs Search - cid SQL Injection
Cory Jobs Search - cid SQL Injection source: https://www.securityfocus.com/bid/65969/info Cory Jobs Search is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied input. Exploiting this issue could allow an attacker to compromise the application, access ...
WordPress Plugin Relevanssi - category_name SQL Injection
WordPress Plugin Relevanssi - categoryname SQL Injection source: https://www.securityfocus.com/bid/65960/info Relevanssi plugin for WordPress is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query. A...
Calavera UpLoader 3.5 - Local Buffer Overflow (SEH)
Calavera UpLoader 3.5 - Local Buffer Overflow SEH exploit por Daniel - La Calavera Email: [email protected] Para CracksLatinoS relleno rell = "\x41" 477 rell1 = "\x42" 4000 head = "\x41" 8 head += "\x0d\x0a\x31\x0d\x0a" head1 = "\x0d\x0a" head2 = "170.1.1.0" head2 +="\x0d\x0a" head2 +="\x22"...
SpagoBI 4.0 - Arbitrary Cross-Site Scripting Arbitrary File Upload
SpagoBI 4.0 - Arbitrary Cross-Site Scripting Arbitrary File Upload 01. Advisory Information Title: XSS File Upload Date published: 2014-03-01 Date of last update: 2014-03-01 Vendors contacted: Engineering Group Discovered by: Christian Catalano Severity: Medium 02. Vulnerability Information CVE...
ALLPlayer 5.8.1 - .m3u Local Buffer Overflow (SEH)
ALLPlayer 5.8.1 - .m3u Local Buffer Overflow SEH ----------------------------------------------------------------------------- Exploit Title: ALLPlayer 5.8.1 - .m3u Buffer Overflow SEH Date: Mar 1 2014 Exploit Author: Gabor Seljan Software Link: http://www.allplayer.org/download/allplayer Version...
couponPHP CMS 1.0 - Multiple Persistent Cross-Site Scripting SQL Injections
couponPHP CMS 1.0 - Multiple Persistent Cross-Site Scripting SQL Injections couponPHP CMS 1.0 Multiple Stored XSS and SQL Injection Vulnerabilities Vendor: couponPHP Product web page: http://www.couponphp.com Affected version: 1.0 Summary: couponPHP is a revolutionary content management system fo...
SpagoBI 4.0 - Persistent Cross-Site Scripting
SpagoBI 4.0 - Persistent Cross-Site Scripting 01. Advisory Information Title: Persistent Cross-Site Scripting XSS in SpagoBI Date published: 2014-03-01 Date of last update: 2014-03-01 Vendors contacted: Engineering Group Discovered by: Christian Catalano Severity: High 02. Vulnerability Informati...
SpagoBI 4.0 - Persistent HTML Script Insertion
SpagoBI 4.0 - Persistent HTML Script Insertion 01. Advisory Information Title: Persistent HTML Script Insertion permits offsite-bound forms Date published: 2014-03-01 Date of last update: 2014-03-01 Vendors contacted: Engineering Group Discovered by: Christian Catalano Severity: Medium 02...
Oracle Demantra 12.2.1 - SQL Injection
Oracle Demantra 12.2.1 - SQL Injection Details: Application is vulnerable to SQL injection. Impact: An attacker with access to the vulnerable pages could manipulate the queries being sent to the database, potentially enabling them to: - Extract sensitive information, including but not limited to...
Oracle Demantra 12.2.1 - Persistent Cross-Site Scripting
Oracle Demantra 12.2.1 - Persistent Cross-Site Scripting Details: The TaskSender area is vulnerable to a stored cross-site scripting vulnerability. Impact: An attacker could exploit this flaw to get active HTML or script code executed in an authenticated user’s browser. Cross-site Scripting may b...