56796 matches found
StatusNet/Laconica 0.7.4, 0.8.2, 0.9.0beta3 - Arbitrary File Reading
No description provided by source. +-------------------------------------------------------------------------------+ + StatusNet/Laconica = 0.7.4, = 0.8.2, = 0.9.0beta3 - arbitrary file reading + +-------------------------------------------------------------------------------+ Date: - 10/10/2013...
AWStats awstats.pl跨站脚本漏洞
BUGTRAQ ID: 30730 CVECAN ID: CVE-2008-3714 AWStats是一款流行的基于Web的网站流量分析软件。 AWStats的awstats.pl脚本没有正确地过滤config请求参数,如果用户跟随了恶意链接的话就可能导致在浏览器会话中注入并执行任意web脚本或HTML代码。 AWStats 6.8 Debian ------ Debian已经为此发布了一个安全公告(DSA-1679-1)以及相应补丁: DSA-1679-1:New awstats packages fix cross-site scripting...
PHPDug 2.0.0 - Cross Site Scripting Vulnerability
PHPDug 2.0.0 跨站脚本漏洞 存在漏洞文件: upcoming.php ----省略部分代码 $GET'id'和$GET'i'是一样的 ifisset$GET'id' $GET'i' = $GET'id'; elseifisset$GET'i' $GET'id' = $GET'i'; ----省略部分代码 $page = new HtmlTemplate "templates/" . $config'tplname' . "/catnoresults.html"; ----省略部分代码 $page-SetLoop 'PAGES',...
PHPizabi v0.848b C1 HFP3 Database Information Disclosure Vuln
No description provided by source. -------------------------------------------------------- PHPizabi v0.848b C1 HFP3 database information exposure -------------------------------------------------------- I would like to state that I am in no way responsible for how this information is used. It is...
boastMachine <= 3.1 (mail.php id) SQL Injection Vulnerability
No description provided by source. ...:::::boastMachine =3.1 SQL Injection Vulnerbility ::::.... Virangar Security Team www.virangar.org www.virangar.net -------- Discoverd By :virangar security teamhadihadi special tnx to:MR.nosrati,black.shadowes,MR.hesy,Zahra & all virangar members & all hacke...
easyLink 1.1.0 (detail.php) Remote SQL Injection Vulnerability
No description provided by source. ================================================================================ easyLink V1.1.0 detail.php Remote SQL Injection Vulnerability ================================================================================ Discovered By: Egypt Coder home :...
OpenSSH remote code execution vulnerability, CVE-2016-10009)
2016 12 on 19 May, the foreign vulnerability of the platform to publish the latest OpenSSH(CVE-2016-10009 remote code execution vulnerability.Since the problem is in ssh-agent, this process by default does not start, only in a multi-host Free the password the login will only be used to exploit...
WikkaWiki 1.3.2 Spam Logging PHP Injection
No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core'...
OpenSSH默认服务器配置拒绝服务漏洞(CVE-2010-5107)
BUGTRAQ ID: 58162 CVECAN ID: CVE-2010-5107 OpenSSH是SSH协议的开源实现。 OpenSSH的默认服务器配置在管理连接槽的实现上存在拒绝服务漏洞,远程攻击者可利用此漏洞耗尽服务器上连接槽,触发拒绝服务。 0 OpenSSH = 2.9.9 厂商补丁: OpenSSH ------- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://www.openssh.com/...
PHPizabi 0.848b C1 HFP1-3 - Remote Command Execution Exploit
No description provided by source. !/usr/bin/php ?php / Found this after getting my inet back and noticing this http://www.milw0rm.com/exploits/6085 . The only problem with the remote command execution there is that it actually requires registerglobals = on. I saw the GLOBAL keyword, and actually...
snetworks php classifieds 5.0 - Remote File Inclusion Vulnerability
No description provided by source. +By CrackersChild+ Script.......: SNETWORKS PHP CLASSIFIEDS Page.........: http://www.snetworks.biz/ Author.......: CrackersChild | [email protected] & [email protected] Class........: Remote File İnclude Vulnerability Demo.........:...
Maian Guestbook <= 3.2 Insecure Cookie Handling Vulnerability
No description provided by source. -+================================================================================+- -+ Maian Guestbook = 3.2 Insecure Cookie Handling Vulnerability +- -+================================================================================+- Discovered By: S.W.A.T...
WikkaWiki <= 1.3.2 Multiple Security Vulnerabilities
No description provided by source. ---------------------------------------------------- WikkaWiki = 1.3.2 Multiple Security Vulnerabilities ---------------------------------------------------- author............: Egidio Romano aka EgiX mail..............: n0b0d13satgmaildotcom software link.....:...
Webid 1.0.6 - Multiple Vulnerabilities
No description provided by source. Title: Webid Blind SQL Injection / Local File Disclosure Vulnerability Google Dork: intext:Powered by WeBid Author: Ahmed Aboul-Ela Contact: Ahmed.Aboul3laatgmaildotcom Vendor: http://www.webidsupport.com/ Software Link:...
OpenSSH client Information Leak & Buffer Overflow
Since version 5.4 released on March 8, 2010, the OpenSSH client supports an undocumented feature called roaming: if the connection to an SSH server breaks unexpectedly, and if the server supports roaming as well, the client is able to reconnect to the server and resume the suspended SSH session...
Samba remote code execution vulnerability(CVE-2017-7494)
A vulnerability overview 1 vulnerability profile Samba is in the Linux and UNIX systems implement SMB Protocol one software, many IoT devices also use Samba. 2017 5 May 24, Samba released a 4. 6. 4 version, to fix a serious remote code execution vulnerability, the vulnerability number...
Pligg CMS 9.9.0 (story.php id) Remote SQL Injection Vulnerability
No description provided by source. || | | Pligg Beta 9.9.0 id Remote SQL Injection Vulnerability | | |---------------------Hussin X----------------------| | | Author: Hussin X | | Home : www.tryag.cc/cc | | email: darkangelg85atYahooDoTcom | | | | | | | | script : http://www.pligg.com/ | | DorK :...
WikkaWiki <= 1.3.2 - Multiple Security Vulnerabilities
No description provided by source. ---------------------------------------------------- WikkaWiki = 1.3.2 Multiple Security Vulnerabilities ---------------------------------------------------- author............: Egidio Romano aka EgiX mail..............: n0b0d13satgmaildotcom software link.....:...
Apache HTTP Server Denial of Service
No description provided by source. / This is a reverse engineered version of the exploit for CVE-2011-3192 made by ev1lut10n http://jayakonstruksi.com/backupintsec/rapache.tgz. Copyright 2011 Ramon de C Valle [email protected] Compile with the following command: gcc -Wall -pthread -o...
Devil's Ivy vulnerability(CVE-2017-9765)
When we began a security analysis of remote configuration services last year, we had no idea it would lead us to uncover vulnerabilities that affect so many users. We have been studying the prevalence and nature of the vulnerabilities that arise in remote configuration services, so when we...
UCenter Home 2.0某插件鸡肋注入漏洞(不知道是不是0day)
简要描述: 某个插件的问题,不知道是不是0day 详细说明: 影响版本:UCenter Home 2.0 关键词:inurl:musicbox.php?do= inurl:do=musicbox Powered by UCenter Home 2.0 inurl:space.php?do=musicbox 发生问题的插件是musicbox,通过上面的关键字进行检索后会找到一些启用了这个插件的站点,在网址后加“'”会报错,放入SQLmap中跑了下,几乎都存在注入。 漏洞证明:...
HTTP OPTIONS method can leak Apache's server memory(CVE-2017-9798) (Optionsbleed)
If you're using the HTTP protocol in everday Internet use you are usually only using two of its methods: GET and POST. However HTTP has a number of other methods, so I wondered what you can do with them and if there are any vulnerabilities. One HTTP method is called OPTIONS. It simply allows aski...
php weby directory software 1.2 - Multiple Vulnerabilities
No description provided by source. =========================================== Vulnerable Software: PHP Weby directory software version 1.2 Vendor: http://phpweby.com Download: htp://phpweby.com/down/phpwebydirectory.zip Vuln: Blind SQL injection && CSRF Dork: intext:Powered by PHP weby software...
Shutter 0.1.1 - Multiple Remote SQL Injection Vulnerabilities
No description provided by source. || || || -----------------------------------------\ == -- ----------- ---------------------------- ------------------/ ¡VIVA SPAIN!...¡GANAREMOS EL MUNDIAL!...o.O ¡PROUD TO BE SPANISH! --...
Nginx Remote Integer Overflow Vulnerability(CVE-2017-7529 )
A security issue was identified in nginx range filter. A specially crafted request might result in an integer overflow and incorrect processing of ranges, potentially resulting in sensitive information leak CVE-2017-7529. When using nginx with standard modules this allows an attacker to obtain a...
vlbook 1.21 (xss/lfi) Multiple Vulnerabilities
No description provided by source. vlBook 1.21 ALL VERSION Multiple Remote Vulnerabilities LFI/XSS AUTHOR : IRCRASH Dr.Crash Or Khashayar Fereidani Discovered by : IRCRASH Dr.Crash Or Khashayar Fereidani Our Site : Http://IRCRASH.COM IRCRASH Team Members : Dr.Crash Or Khashayar Fereidani - Hadi...
MySQL / MariaDB / PerconaDB elevation of privilege vulnerability, CVE-2016-6664)
I. VULNERABILITY ------------------------- MySQL / MariaDB / PerconaDB - Root Privilege Escalation MySQL = 5.5.51 = 5.6.32 = 5.7.14 MariaDB All current Percona Server 5.5.51-38.2 5.6.32-78-1 5.7.14-8 Percona XtraDB Cluster 5.6.32-25.17 5.7.14-26.17 5.5.41-37.0 II. BACKGROUND...
myUPB <= 2.2.6 - Multiple Vulnerabilities
No description provided by source. =============== altbta ====================== Name: myUPB = v2.2.6 Multiple Vulnerabilities Download: http://sourceforge.net/projects/textmb/files/UPB/ Vulnerability: CSRF privilege escalation Tested on: 2.2.6 Author : altbta [email protected] Dork: Powered by myUP...
Apache Tomcat Remote Code Execution(CVE-2016-8735)
Update 12/04 : the need to note that in conf/server,xml to increase the configuration, you need the catalina-jmx-remote. the jar and the groovy-2.3.9. jar package into lib directory And modify the CATALINAOPTS"-Dcom. sun. management. jmxremote. ssl=false-Dcom. sun. management. jmxremote...
Microsoft IIS FastCGI请求头远程溢出漏洞(MS10-065)
BUGTRAQ ID: 43138 CVE ID: CVE-2010-2730 Microsoft Internet信息服务(IIS)是Microsoft Windows自带的一个网络信息服务器,其中包含HTTP服务功能。 对于启用了FastCGI功能的IIS服务器,远程攻击者可以通过提交特制的HTTP请求触发缓冲区溢出,导致执行任意代码。 Microsoft IIS 7.5 临时解决方法: 禁用FastCGI。 厂商补丁: Microsoft --------- Microsoft已经为此发布了一个安全公告(MS10-065)以及相应补丁: MS10-065:Vulnerabiliti...
IBM Informix Dynamic Server Open Admin Tool RCE (CVE-2017-1092)
Vulnerabilities Summary The following advisory describes six 6 vulnerabilities found in Informix Dynamic Server and Informix Open Admin Tool. IBM Informix Dynamic Server Exceptional, low maintenance online transaction processing OLTP data server for enterprise and workgroup computing. IBM Informi...
Online Guestbook Pro (display) Blind SQL Injection Vulnerability
No description provided by source. Online Guestbook Pro display Blind SQL Injection Vulnerability Author: Hussin X Home : WwW.IQ-TY.CoM email: darkangelg85atYahooDoTcom script : http://www.esoftpro.com/webscriptsonlineguestbookpro.php DorK : Powered by Online Guestbook Pro Demo :...
glFusion <= 1.1.2 COM_applyFilter()/order SQL Injection Exploit
No description provided by source. ?php / glFusion = 1.1.2 COMapplyFilter/order sql injection exploit by Nine:Situations:Group::bookoo working against Mysql = 4.1 php.ini independent our site: http://retrogod.altervista.org/ software site: http://www.glfusion.org/ google dork: "Page created in"...
Maian Guestbook <= 3.2 Insecure Cookie Handling Vulnerability
No description provided by source. -+================================================================================+- -+ Maian Guestbook = 3.2 Insecure Cookie Handling Vulnerability +- -+================================================================================+- Discovered By: S.W.A.T...
Shenzhen TVT Digital Technology Co. Ltd & OEM {DVR/NVR/IPC} API RCE
Subject: Shenzhen TVT Digital Technology Co. Ltd & OEM DVR/NVR/IPC API RCE Attack vector: Remote Authentication: Anonymous no credentials needed Researcher: bashis December 2017 PoC: https://github.com/mcw0/PoC Python PoC: https://github.com/mcw0/PoC/blob/master/TVT-PoC.py Release date: April 9,...
DZCP (deV!Lz Clanportal) 1.5.4 - Local File Inclusion Vulnerability
No description provided by source. Vulnerability ID: HTB22656 Reference: http://www.htbridge.ch/advisory/lfiindzcp.html Product: DZCP Vendor: dzcp.de http://www.dzcp.de Vulnerable Version: 1.5.4 Vendor Notification: 13 October 2010 Vulnerability Type: Local File Inclusion Status: Fixed by Vendor...
DokuWiki <= 2006-03-09b (dwpage.php) System Disclosure Exploit
No description provided by source. !/usr/bin/php -q -d shortopentag=on ? printr' -------------------------------------------------------------------------------- DokuWiki = 2006-03-09b release bin/dwpage.php system disclosure exploit by rgod [email protected] site: http://retrogod.altervista.org...
deV!Lz Clanportal [DZCP] <= 1.4.9.6 Blind SQL Injection Exploit
No description provided by source. use HTTP::Cookies; use LWP::UserAgent; my $ua = LWP::UserAgent-new cookiejar = HTTP::Cookies-new,; $ua-agent 'Mozilla/5.0 Gecko/20061206 Firefox/1.5.0.9' ; usage; print "\n"; $server = $ARGV0; $dir = $ARGV1; $username = $ARGV2; $password = $ARGV3; if !$password...
Microsoft Windows Kernel 'Win32k.sys' Local Privilege Escalation Vulnerability(CVE-2018-8120)
作者:bigric3 作者博客: 5月15日ESET发文其在3月份捕获了一个 pdf远程代码执行(cve-2018-4990)+windows本地权限提升(cve-2018-8120)的样本。ESET发文后,我从vt上下载了这样一份样本()。初步逆向,大致明确如外界所传,该漏洞处于开发测试阶段,不慎被上传到了公网样本检测的网上,由ESET捕获并提交微软和adobe修补。测试特征字符串如下 定位样本中关键的代码并调试分析...
VidiScript SQL Injection Vulnerability
No description provided by source. ====================================== VidiScript Sql Injection Vulnerability ====================================== + Title: VidiScript Sql Injection Vulnerability + Date: 23.02.2011 + Author: ThEtA.Nu + Software Link: VidiScript.com + Where : From Remote Found...
PHPizabi v0.848b C1 HFP1-3 Remote Command Execution Exploit
No description provided by source. !/usr/bin/php ?php / Found this after getting my inet back and noticing this http://www.milw0rm.com/exploits/6085 . The only problem with the remote command execution there is that it actually requires registerglobals = on. I saw the GLOBAL keyword, and actually...
Write-to-file Shellcode (Win32)
No description provided by source. ; Write-to-file Shellcode ; ; This shellcode was used in the exploit for: CVE-2010-0425 ; Supported: Windows 2000, WinXP, Server 2003, Server 2008, Vista, Windows 7 ; ; Size: 278 bytes ;...
Microsoft IIS Server XSS Vulnerability(CVE-2017-0055)
During a penetration test against the infrastructure of one of our clients we discovered a reflected Cross Site Scripting/HTML injection vulnerability in Microsoft Internet Information Services web server. The vulnerability could be exploited, with the help of user interaction, to inject javascri...
deV!Lz Clanportal [DZCP] <= 1.4.9.6 - Blind SQL Injection Exploit
No description provided by source. use HTTP::Cookies; use LWP::UserAgent; my $ua = LWP::UserAgent-new cookiejar = HTTP::Cookies-new,; $ua-agent 'Mozilla/5.0 Gecko/20061206 Firefox/1.5.0.9' ; usage; print \n; $server = $ARGV0; $dir = $ARGV1; $username = $ARGV2; $password = $ARGV3; if !$password di...
The Wireless IP Camera (P2P) WIFICAM Multiple vulnerabilities
Product Description The Wireless IP Camera P2P WIFICAM is a Chinese web camera which allows to stream remotely. Vulnerabilities Summary The Wireless IP Camera P2 WIFICAM is a camera overall badly designed with a lot of vulnerabilities. This camera is very similar to a lot of other Chinese cameras...
Drupal core Remote Code Execution(CVE-2018-7600) (Drupalgeddon2)
Two weeks ago, a highly critical 21/25 NIST rank vulnerability, nicknamed Drupalgeddon 2 SA-CORE-2018-002 / CVE-2018-7600, was disclosed by the Drupal security team. This vulnerability allowed an unauthenticated attacker to perform remote code execution on default or common Drupal installations...
boastMachine 3.1 - Remote File Upload Vulnerability
No description provided by source. :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: Exploit Title : boastMachine v3.1 Remote File Upload Vulnerability Author: alnjm33 Software Link: http://boastology.com/pages/dload.php?id=bmachine-3.1.zip Software...
Apache HTTP Server mod_session_dbd 远程安全漏洞(CVE-2013-2249)
BUGTRAQ ID: 61379 CVECAN ID: CVE-2013-2249 Apache HTTP Server是开源HTTP服务器。 Apache HTTP Server 2.4.6之前版本的modsessiondbd模块在保存会话过程中处理“脏旗标”时出错,存在远程安全漏洞,影响目前未知。 0 Apache 2.4.2 厂商补丁: Apache Group ------------ Apache Group已经为此发布了一个安全公告(Announcement2.4)以及相应补丁: Announcement2.4:Apache HTTP Server 2.4.6 Releas...
Shutter 0.1.1 Multiple Remote SQL Injection Vulnerabilities
No description provided by source. || || || -----------------------------------------\ == -- ----------- ---------------------------- ------------------/ ¡VIVA SPAIN!...¡GANAREMOS EL MUNDIAL!...o.O ¡PROUD TO BE SPANISH! ------------------...
Bash 4.3 远程命令执行漏洞 (破壳)
更新情况版本时间描述第一版2014/9/26 中午第一版完成。第二版2014/9/26 下午1. 新增:加速乐防御平台的攻击统计细节;2. 完善:修复建议;第三版2014/9/27 下午1. 破壳漏洞官网出现:shellshocker.net2. 更新:漏洞概要;3. 新增:补丁绕过后(CVE-2014-7169)的漏洞源码级分析;4. 新增:ZoomEye第四组数据:QNAP NAS漏洞情况;5. 新增:ZoomEye第五组数据:CheckPoint安全网关漏洞情况;6. 完善:修复建议;7. 新增:相关资源链接;第四版2014/10/14 晚1...