MW6 Technologies MaxiCode - ActiveX Data Buffer Overflow (PoC)

MW6 Technologies MaxiCode - ActiveX Data Buffer Overflow PoC !-- =========================================================================== Problem: The Data parameter is subject to a buffer overflow DEFINITELY leading to arbitrary code execution. COM Object - 2355C601-37D1-42B4-BEB1-03C773298DC...

Joomla! Component JV Comment 3.0.2 - id SQL Injection

Joomla! Component JV Comment 3.0.2 - id SQL Injection Advisory ID: HTB23195 Product: JV Comment Joomla Extension Vendor: joomlavi.com Vulnerable Versions: 3.0.2 and probably prior Tested Version: 3.0.2 Advisory Publication: January 2, 2014 without technical details Vendor Notification: January 2,...

XOS Shop - goto SQL Injection

XOS Shop - goto SQL Injection source: https://www.securityfocus.com/bid/65121/info XOS Shop is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the...

Cells Blog 3.3 - Reflected Cross-Site Scripting Blind SQLite Injection

Cells Blog 3.3 - Reflected Cross-Site Scripting Blind SQLite Injection + Exploit: Cells v3.3 XSS Reflected & Blind SQLite Injection + Author: vinicius777 + Contact: vinicius777 AT gmail @vinicius777 + version: Cells Blog 3.3 + Vendor Homepage: http://cells.tw + 14/01/2014 vendor contacted +...

Adult WebMaster PHP - Password Disclosure

Adult WebMaster PHP - Password Disclosure + Exploit:Adult Webmaster PHP - Password Disclosure + Author: vinicius777 + Email/Twitter: vinicius777 AT gmail @vinicius777 + Vendor Homepage: http://sourceforge.net/projects/adultweb/ 1 Administrative Credential Disclosure PoC: root@kali:/ curl...

PizzaInn_Project - SQL Injection

PizzaInnProject - SQL Injection + Exploit: PizzaInnProject - SQL Injection + Author: vinicius777 + Contact: vinicius777 AT gmail @vinicius777 + Vendor Homepage: http://sourceforge.net/projects/restaurantmis/ 1 Sql Injection Time Based Blind PoC: http://127.0.0.1/reserve-exec.php?id=1' SQL Injecti...

iTechClassifieds 3.03.057 - SQL Injection

iTechClassifieds 3.03.057 - SQL Injection Exploit Title: iTechClassifieds v3.03.057 - SQL Injection Date: 23/01/2014 Exploit Author: vinicius777 Vendor Homepage: http://itechscripts.com/download.html Software Link: http://itechscripts.com/downloads/downloaditechclassifieds.html Version: 3.03.057 ...

Easy POS System - login.php SQL Injection

Easy POS System - login.php SQL Injection + Exploit: Easy POS System - SQL Injection + Author: vinicius777 + Contact: vinicius777 AT gmail @vinicius777 + Vendor Homepage: http://sourceforge.net/projects/easypossystem/ 1 Sql Injection POST Time Based Blind Note: Time based Injection on POST reques...

godontologico 5 - SQL Injection

godontologico 5 - SQL Injection + Exploit: 0day godontologico v5 - SQL Inject + Author: vinicius777 + Contact: vinicius777 AT gmail - @vinicius777 + Vendor Homepage: http://sourceforge.net/projects/godontologico/ + Google D0rks: "Smile Odonto - Enhancing your smile - www.smileodonto.com.br" +...

Simple E-document 1.31 - Authentication Bypass

Simple E-document 1.31 - Authentication Bypass + Exploit: Simple e-document v1.31 Login Bypass + Author: vinicius777 + Contact: vinicius777 AT gmail @vinicius777sec + version: Simple e-document v1.31 + Vendor Homepage: http://sourceforge.net/projects/simplee-doc/files/ 1 Sql Injection on username...

mySeatXT 0.2134 - SQL Injection

mySeatXT 0.2134 - SQL Injection + Exploit: mySeatXT 0.2134 + Author: vinicius777 + Contact: vinicius777 AT gmail @vinicius777 + Vendor Homepage: http://sourceforge.net/projects/myseat 1 Sql Injection PoC: http://localhost/mySeatXT/web/ajax/autocompleteres.php?term=99' 'SQL INJECT' Vulnerable Code...

GoToMeeting for Android - Multiple Local Information Disclosure Vulnerabilities

GoToMeeting for Android - Multiple Local Information Disclosure Vulnerabilities source: https://www.securityfocus.com/bid/65123/info GoToMeeting for Android is prone to multiple local information-disclosure vulnerabilities. Local attackers can exploit these issues to obtain sensitive information,...

Web Video Streamer - Multiple Vulnerabilities

Web Video Streamer - Multiple Vulnerabilities source: https://www.securityfocus.com/bid/65350/info Web Video Streamer is prone to following multiple security vulnerabilities: 1. Multiple cross-site scripting vulnerabilities 2. A directory-traversal vulnerability 3. A command-injection vulnerabili...

Imageview - upload.php Arbitrary File Upload

Imageview - upload.php Arbitrary File Upload source: https://www.securityfocus.com/bid/65059/info Imageview is prone to a vulnerability that lets attackers upload arbitrary files. The issue occurs because the application fails to adequately sanitize user-supplied input. An attacker may leverage...

Teracom Modem T2-B-Gawv1.4U10Y-BI - Persistent Cross-Site Scripting

Teracom Modem T2-B-Gawv1.4U10Y-BI - Persistent Cross-Site Scripting Exploit Title: Teracom Modem Stored XSS Vulnerability Date: 19-01-2014 Author: Rakesh S Software Link: http://www.teracom.in/ Version: T2-B-Gawv1.4U10Y-BI Tested on: Windows 7 Code : GET...

AfterLogic Pro and Lite 7.1.1.1 - Persistent Cross-Site Scripting

AfterLogic Pro and Lite 7.1.1.1 - Persistent Cross-Site Scripting Click Me, Please...\r\n NOTE: javascript html char encode = javaScRipt then you will be able to get into the victim's mailbox via the url: http://WebSite/AfterLogic/Default.aspx Phpmailer class is included in the exploit so you nee...

Doodle4Gift - Multiple Vulnerabilities

Doodle4Gift - Multiple Vulnerabilities Exploit Title : Doodle4Gift alert'Dr.nano' 2 information disclosure: http://localhost/path/data/doodle4gift.xml = there are Id,Password,Email : A special gift for: P0c Team,V4-Team:إهداءً خاصاً لـ...

MuPDF 1.3 - xps_parse_color() Stack Buffer Overflow

MuPDF 1.3 - xpsparsecolor Stack Buffer Overflow ============================================================= 0day - MuPDF Stack-based Buffer Overflow in xpsparsecolor ============================================================= Date of discovery: 2013-01-26 Software Links: http://www.mupdf.com/...

BLUE COM Router 536052018 - Password Reset

BLUE COM Router 536052018 - Password Reset Exploit Title: BLUE COM Router - 5360/52018 Password Reset Exploit Date: 20/1/2013 Exploit Author: KAI kaisai12 Home: CEH.VN Version: BCOM - 5360 vulnerability - change password easy ! no protect ! var loc = 'password.cgi?'; switch idx case 2: loc +=...

ASUS RT-N56U - Remote Buffer Overflow (ROP)

ASUS RT-N56U - Remote Buffer Overflow ROP !/usr/bin/env python from time import sleep from sys import exit import urllib2, signal, struct, base64, socket, ssl Title: ASUS RT-N56U Remote Root Shell Exploit - appsname Discovered and Reported: October 2013 Discovered/Exploited By: Jacob Holcomb/Gimp...

WordPress Plugin Global Flash Gallery - swfupload.php Arbitrary File Upload

WordPress Plugin Global Flash Gallery - swfupload.php Arbitrary File Upload source: https://www.securityfocus.com/bid/65060/info The Global Flash Gallery plugin for WordPress is prone to a vulnerability that lets attackers upload arbitrary files. The issue occurs because it fails to properly...

haneWIN DNS Server 1.5.3 - Denial of Service

haneWIN DNS Server 1.5.3 - Denial of Service Exploit Title: haneWIN DNS Server 1.5.3 - Denial of service Author: sajith version: haneWIN DNS Server 1.5.3 Vendor Homepage: http://www.hanewin.net/ vulnerable app link:http://www.hanewin.net/dns-e.htm Tested in windows Xp sp3 POC by sajith shetty...

SmarterMail Enterprise and Standard 11.x - Persistent Cross-Site Scripting

SmarterMail Enterprise and Standard 11.x - Persistent Cross-Site Scripting Click Me, Please...\r\n NOTE: javascript html char encode = then you will be able to get into the victim's mailbox via the url: http://WebSite/Smarter/Default.aspx I used phpmailer class for beside of the ex...

BloofoxCMS 0.5.0 - fileurl Local File Inclusion

BloofoxCMS 0.5.0 - fileurl Local File Inclusion source: https://www.securityfocus.com/bid/65019/info bloofoxCMS is prone to the following security vulnerabilities: 1. Multiple SQL-injection vulnerabilities 2. Multiple cross-site request forgery vulnerabilities 3. A local file-include vulnerabilit...

BloofoxCMS 0.5.0 - Multiple Vulnerabilities

BloofoxCMS 0.5.0 - Multiple Vulnerabilities bloofoxCMS V0.5.0 - Multiple Vulnerabilties =================================================================== .:. Author : AtT4CKxT3rR0r1ST .:. Contact : [email protected] , [email protected] .:. Home : http://www.iphobos.com/blog/ .:. Script :...

BloofoxCMS - bloofoxadminindex.php?Username SQL Injection

BloofoxCMS - bloofoxadminindex.php?Username SQL Injection source: https://www.securityfocus.com/bid/65019/info bloofoxCMS is prone to the following security vulnerabilities: 1. Multiple SQL-injection vulnerabilities 2. Multiple cross-site request forgery vulnerabilities 3. A local file-include...

BloofoxCMS - bloofoxindex.php?Username SQL Injection

BloofoxCMS - bloofoxindex.php?Username SQL Injection source: https://www.securityfocus.com/bid/65019/info bloofoxCMS is prone to the following security vulnerabilities: 1. Multiple SQL-injection vulnerabilities 2. Multiple cross-site request forgery vulnerabilities 3. A local file-include...

BloofoxCMS - adminindex.php Cross-Site Request Forgery (Add Admin)

BloofoxCMS - adminindex.php Cross-Site Request Forgery Add Admin source: https://www.securityfocus.com/bid/65019/info bloofoxCMS is prone to the following security vulnerabilities: 1. Multiple SQL-injection vulnerabilities 2. Multiple cross-site request forgery vulnerabilities 3. A local...

Joomla! Component Sexy polling 1.0.8 - answer_id SQL Injection

Joomla! Component Sexy polling 1.0.8 - answerid SQL Injection source: https://www.securityfocus.com/bid/64991/info Sexy polling extension for Joomla! is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting...

PHPJabbers Hotel Booking System 3.0 - Multiple Vulnerabilities

PHPJabbers Hotel Booking System 3.0 - Multiple Vulnerabilities Hotel Booking System V3.0 - Multiple Vulnerabilties ==================================================================== .:. Author : HackXBack .:. Contact : [email protected] .:. Home : http://www.iphobos.com/blog/ .:. Script :...

PHPJabbers Vacation Rental Script 3.0 - Multiple Vulnerabilities

PHPJabbers Vacation Rental Script 3.0 - Multiple Vulnerabilities Vacation Rental Script V3.0 - Multiple Vulnerabilties ==================================================================== .:. Author : HackXBack .:. Contact : [email protected] .:. Home : http://www.iphobos.com/blog/ .:. Script :...

Collabtive 1.1 - managetimetracker.php SQL Injection

Collabtive 1.1 - managetimetracker.php SQL Injection =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ || || || Advisory : Collabtive Sql Injection || || Affected Version : 1.1 || || Vendor : http://collabtive.o-dyn.de/index.php || || Risk : Medium || || CVE-ID : 2013-6872 || ||...

PHPJabbers Property Listing Script 2.0 - Cross-Site Request Forgery (Add Admin)

PHPJabbers Property Listing Script 2.0 - Cross-Site Request Forgery Add Admin Property Listing Script V2.0 - Add Admin CSRF Vulnerability ==================================================================== .:. Author : HackXBack .:. Contact : [email protected] .:. Home : http://www.iphobos.com/blog/ ....

PHPJabbers Vacation Packages Listing 2.0 - Multiple Vulnerabilities

PHPJabbers Vacation Packages Listing 2.0 - Multiple Vulnerabilities Vacation Packages Listing V2.0 - Multiple Vulnerabilities ==================================================================== .:. Author : HackXBack .:. Contact : [email protected] .:. Home : http://www.iphobos.com/blog/ .:. Script :...

PHPJabbers Pet Listing Script 1.0 - Multiple Vulnerabilities

PHPJabbers Pet Listing Script 1.0 - Multiple Vulnerabilities Pet Listing Script V1.0 - Multiple Vulnerabilities ==================================================================== .:. Author : HackXBack .:. Contact : [email protected] .:. Home : http://www.iphobos.com/blog/ .:. Script :...

Atmail Webmail Server - Email Body HTML Injection

Atmail Webmail Server - Email Body HTML Injection source: https://www.securityfocus.com/bid/64779/info Atmail Webmail Server is prone to an HTML-injection vulnerability. Successful exploits will allow attacker-supplied HTML and script code to run in the context of the affected browser, potentiall...

Feixun Wireless Router FWR-604H - Remote Code Execution

Feixun Wireless Router FWR-604H - Remote Code Execution Exploit Title: Feixun FWR-604H Wireless Router Remote Code Execution Date: 2014-01-09 Exploit Author: Arash Abedian http://www.exploit-db.com/author/?a=6187 Vendor Homepage: http://feixun.com.cn Version: Hardware Version 1.0, Firmware Build:...

SoapUI 4.6.3 - Remote Code Execution

SoapUI 4.6.3 - Remote Code Execution Exploit Title: SoapUI Remote Code Execution Date: 25.12.13 Exploit Author: Barak Tawily Vendor Homepage: http://www.soapui.org/ Software Link: http://www.soapui.org/Downloads/download-soapui-pro-trial.html Version: vulnerable before 4.6.4 Tested on: Windows,...

Horizon QCMS 4.0 - Multiple Vulnerabilities

Horizon QCMS 4.0 - Multiple Vulnerabilities Advisory ID: HTB23191 Product: Horizon QCMS Vendor: Horizon QCMS Vulnerable Versions: 4.0 and probably prior Tested Version: 4.0 Advisory Publication: December 18, 2013 without technical details Vendor Notification: December 18, 2013 Vendor Patch:...

PHPJabbers Car Rental Script - Multiple Vulnerabilities

PHPJabbers Car Rental Script - Multiple Vulnerabilities Car Rental Script - Multiple Vulnerabilities ==================================================================== .:. Author : HackXBack .:. Contact : [email protected] .:. Home : http://www.iphobos.com/blog/ .:. Script :...

PHPJabbers Appointment Scheduler 2.0 - Multiple Vulnerabilities

PHPJabbers Appointment Scheduler 2.0 - Multiple Vulnerabilities Appointment Scheduler V2.0 - Multiple Vulnerabilities ========================================================================= .:. Author : HackXBack .:. Contact : [email protected] .:. Home : http://www.iphobos.com/blog/ .:. Script :...

PHPJabbers Job Listing Script - Multiple Vulnerabilities

PHPJabbers Job Listing Script - Multiple Vulnerabilities Job Listing Script - Multiple Vulnerabilties ==================================================================== .:. Author : HackXBack .:. Contact : [email protected] .:. Home : http://www.iphobos.com/blog/ .:. Script :...

Conceptronic Wireless Pan Tilt Network Camera - Cross-Site Request Forgery

Conceptronic Wireless Pan Tilt Network Camera - Cross-Site Request Forgery General Details Affected Product: Conceptronic camera CIPCAMPTIWL Tested Firmware: 21.37.2.49 Tested Web UI Firmware: 0.61.4.18 Assigned CVE: CVE-2013-7204 CVSSv2 Base Score: 5.8 AV:N/AC:M/AU:N/C:P/I:P/A:N Vulnerability...

Oracle Supply Chain Products Suite - Remote Security

Oracle Supply Chain Products Suite - Remote Security source: https://www.securityfocus.com/bid/64836/info Oracle Supply Chain Products Suite is prone to a remote vulnerability in Oracle Demantra Demand Management. The vulnerability can be exploited over the 'HTTP' protocol. The 'DM Others' sub...

Burden 1.8 - Authentication Bypass

Burden 1.8 - Authentication Bypass Advisory ID: HTB23192 Product: Burden Vendor: Josh Fradley Vulnerable Versions: 1.8 and probably prior Tested Version: 1.8 Advisory Publication: December 18, 2013 without technical details Vendor Notification: December 18, 2013 Vendor Patch: December 18, 2013...

PHPJabbers Event Booking Calendar 2.0 - Multiple Vulnerabilities

PHPJabbers Event Booking Calendar 2.0 - Multiple Vulnerabilities Event Booking Calendar V2.0 - Multiple Vulnerabilities ==================================================================== .:. Author : HackXBack .:. Contact : [email protected] .:. Home : http://www.iphobos.com/blog/ .:. Script :...

Linux Kernel (Ubuntu 11.1012.04) - binfmt_script Stack Data Disclosure

Linux Kernel Ubuntu 11.1012.04 - binfmtscript Stack Data Disclosure Source: http://www.halfdog.net/Security/2012/LinuxKernelBinfmtScriptStackDataDisclosure/ Introduction Problem description: Linux kernel binfmtscript handling in combination with CONFIGMODULES can lead to disclosure of kernel stac...

Auto Classifieds Script 2.0 - Cross-Site Request Forgery (Add Admin)

Auto Classifieds Script 2.0 - Cross-Site Request Forgery Add Admin Auto Classifieds Script v2.0 - CSRF Vulnerabilty Add Admin ==================================================================== .:. Author : HackXBack .:. Contact : [email protected] .:. Home : http://www.iphobos.com/blog/ .:. Script :...

Apache Struts2 2.0.0 2.3.15 - Prefixed Parameters OGNL Injection

Apache Struts2 2.0.0 2.3.15 - Prefixed Parameters OGNL Injection CVE Number: CVE-2013-2251 Title: Struts2 Prefixed Parameters OGNL Injection Vulnerability Affected Software: Apache Struts v2.0.0 - 2.3.15 Credit: Takeshi Terada of Mitsui Bussan Secure Directions, Inc. Issue Status: v2.3.15.1 was...

Dell Kace 1000 Systems Management Appliance DS-2014-001 - Multiple SQL Injections

Dell Kace 1000 Systems Management Appliance DS-2014-001 - Multiple SQL Injections source: https://www.securityfocus.com/bid/65029/info Dell Kace 1000 Systems Management Appliance is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied input befor...