56796 matches found
Généré par KDPics 1.18 - Remote Add Admin
No description provided by source. ============================================================================== » Généré par KDPics v1.18 Remote Add Admin ============================================================================== » Script: Généré par KDPics v1.18 http://www.kdland.org/kdpic...
wesoft /MainPage.aspx SQL注入漏洞
No description provided by source...
phpscripte24 Vor und Rückwärts Auktions System Blind SQL Injection Vulnerability
No description provided by source. ----------------------------Information------------------------------------------------ +Name : phpscripte24 Vor und Rückwärts Auktions System Blind SQL Injection auktion.php +Autor : Easy Laster +Date : 02.04.2010 +Script : phpscripte24Vor und Rückwärts Auktion...
53快服某系统MongoDB配置不当
简要描述: 53快服某系统 MongoDB 配置不当 详细说明: 60.12.147.136 60.191.223.39 不知道是什么系统,但是应该是53KF卖给客户的。 漏洞证明:...
maccms8 由于涉及缺陷可以再系统内部随意创建文件目录
简要描述: maccms8 由于涉及缺陷可以再系统内部随意创建文件目录(开启文件缓存!!!!!!) 详细说明: 今天在查看苹果cms的时候发现一个任意创建文件目录的代码,本想着可以任意创建文件,但是由于对于文件各方面的过滤,还有一些目录遍历方面的过滤,只能审计到此,啥也不说了,直接看代码 index.php41-42: $tpl-ifex; setPageCache$tpl-P'cp',$tpl-P'cn',$tpl-H; $tpl-run; echo $tpl-H; setPageCache这个函数功能就是把页面内容缓存起来,那么我们进入到缓存的函数里面查看 function...
CmsEasy最新 V5.5-UTF8 正式版暴力注入
简要描述: 官网下载最新版为20140605 注入+后台getshell 详细说明: cmseasy最新版后台无验证码,导致管理员账户可被暴力破解: 1.cmseasy后台无验证码导致可暴力破解管理员密码登陆后台; 2.后台模板编辑html文件,发现html里可执行php代码,利用php的写文件函数写shell。 漏洞证明: 0x01:爆破登陆后台 1.后台点击登陆后抓包: 2.burp爆破,通过回显得知管理员密码: 3.成功登陆后台: 0x02:后台模板编辑getshell 后台模板编辑处,我们先看left.html,点击编辑后发现是一堆代码。那我添加写文件的代码不就getshell了...
UranyumSoft Ýlan Servisi Database Disclosure Vulnerability
No description provided by source. ============================================================================== / \ | | | | / \ | | | | / \ | | | | / \ | || | / \ | | | | / \ | | // \ || || // \ || || ============================================================================== » Note : Mutlu...
Date & Sex Vor und Rückwärts Auktions System <= 2 - Blind SQL Injection Exploit
No description provided by source. ---------------------------Information------------------------------------------------ +Name : Date & Sex Vor und Rückwärts Auktions System = v2 Blind SQL Injection Exploit +Autor : Easy Laster +Date : 27.03.2010 +Script : Date & Sex Vor und Rückwärts Auktions...
phpscripte24 Countdown Standart Rückwärts Auktions System SQL Injection
No description provided by source. ----------------------------Information------------------------------------------------ +Name : phpscripte24 Countdown Standart Rückwärts Auktions System SQL Injection Vulnerability +Autor : Easy Laster +ICQ : 11-051-551 +Date : 08.05.2010 +Script : phpscripte24...
Adobe Acrobat Reader and Flash Player - “newclass” invalid pointer
No description provided by source. ''' | / |/ \ /\ | | | | \ | \ / | | | | / \ | | | | | | | |/| | | | |/ /\ | | | | Day 1 Binary Analysis | | | | || / \ || | | | || ||// \/|/ http://www.exploit-db.com/adobe-acrobat-newclass-invalid-pointer-vulnerability/...
华天动力OA任意文件删除
简要描述: Just another bug. 详细说明: 以官网http://demo.oa8000.com/为例, user:123456 登陆后, 向http://demo.oa8000.com/OAapp/bfapp//buffalo/oaPubptUploadService POST如下参数: \n removeFile\n C:/PROGRA1/htoa/Tomcat/webapps/OAapp/1.html\n 即可删除1.html 漏洞证明: 在删除前,利用wooyun-2014-065670看到的结果本来是这样的 删除后,...
BSDI BSD/OS <= 2.1,Caldera OpenLinux Standard 1.0,Data General DG/UX <= 5.4 4.11,IBM AIX <= 4.3,ISC
No description provided by source. source: http://www.securityfocus.com/bid/134/info A buffer overflow exists in certain versions of BIND, the nameserver daemon currently maintained by the Internet Software Consortium ISC. BIND fails to properly bound the data recieved when processing an inverse...
Oracle JRE - java.net.URLConnection class – Same-of-Origin (SOP) Policy Bypass
No description provided by source. Description Security-Assessment.com discovered that a Java Applet making use of java.net.URLConnection class can be used to bypass same-of-origin SOP policy and domain based security controls in modern browsers when communication occurs between two domains that...
Conceptronic Grab’n’Go Network Storage Directory Traversal
No description provided by source. Security Advisory AA-003: Directory Traversal Vulnerability in Conceptronic Grab’n’Go Network Storage Severity Rating: High Discovery Date: July 29, 2012 Vendor Notification: July 30, 2012 Disclosure Date: September 3, 2012 Vulnerability Type= Directory Traversa...
Toms Gästebuch 1.00 form.php Multiple Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/25507/info Toms Gästebuch is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the...
Ibrahim Ã?AKICI Okul Portal 2.0 Haber_Oku.ASP SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/24379/info Ibrahim Ã?AKICI Okul Portal is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. An attacker can exploit this issue by...
Conceptronic Grab’n’Go and Sitecom Storage Center Password Disclosure
No description provided by source. Updated to include Sitecom MD-253 and MD254 Minor textual changes == Conceptronic Grab’n’Go and Sitecom Storage Center - Password disclosure Vulnerability - Security Advisory AA-002 Severity Rating: High Discovery Date: May 5, 2012 Vendor Notification: May 31,...
Toms Gästebuch 1.00 admin/header.php Multiple Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/25507/info Toms Gästebuch is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the...
ZeroCms 1.0 /zero_transact_article.php SQL注入漏洞
No description provided by source...
PerlSoft Gästebuch Version: 1.7b 'admincenter.cgi' Remote Command Execution Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/33525/info PerlSoft Gästebuch is prone to a vulnerability that attackers can leverage to execute arbitrary commands. This issue occurs because the application fails to adequately sanitize user-supplied input. Note that a...
Stem Innovation ‘IZON’ Hard-coded Credentials
No description provided by source. Stem Innovation ‘IZON’ Hard-coded Credentials CVE-2013-6236 Mark Stanislav - [email protected] I. DESCRIPTION --------------------------------------- Stem Innovation's IP camera called ‘IZON’ utilizes numerous hard-coded credentials within its Linux...
IBM Algorithmics RICOS 4.5.0 - 4.7.0 - Multiple Vulnerabilities
No description provided by source. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SEC Consult Vulnerability Lab Security Advisory 20140630-0 ======================================================================= title: Multiple severe vulnerabilities product: IBM Algorithmics RICOS vulnerable...
Mesut Manþet Haber 1.0 - Auth Bypass Vulnerability
No description provided by source. ============================================================================== » Note : LionTurk.Turkblog.com Resmi Web Sitem :D ============================================================================== »Mesut Manþet Haber V1.0 Auth Bypass Vulnerability...
PageAdmin最新版反射xss
简要描述: http://demo.pageadmin.net/ PageAdmin最新版反射xss 详细说明: 构造ID参数,双引号闭合前面。 即可植入html代码。 http://demo.pageadmin.net/e/aspx/advnew.aspx?id=1" http://demo.pageadmin.net/e/aspx/advnew.aspx?id=1%22%3C/div%3E%3Cimg/src=1%20onerror=alert%28/XSS/%29%3E 漏洞证明:...
Powie's PSCRIPT Gästebuch <= 2.09 SQL Injection Vulnerability
No description provided by source. ----------------------------Information------------------------------------------------ +Name : Powie's PSCRIPT Gästebuch = 2.09 SQL Injection Vulnerability +Autor : Easy Laster +Date : 29.03.2010 +Script : Powie's PSCRIPT Gästebuch = 2.09 +Download :...
Internet Explorer 8 - Fixed Col Span ID Full ASLR, DEP & EMET 4.1.X Bypass
No description provided by source. !-- Internet Explorer 8 Fixed Col Span ID full ASLR, DEP and EMET 4.1.X bypass Offensive Security Research Team http://www.offensive-security.com/vulndev/disarming-enhanced-mitigation-experience-toolkit-emet Affected Software: Internet Explorer 8 Vulnerability:...
ZeroCms 1.0 /zero_view_article.php SQL注入漏洞
No description provided by source...
Flussonic Media Server 4.1.25 - 4.3.3 - Aribtrary File Disclosure
No description provided by source. Document Title: ============ Flussonic Media Server 4.3.3 Multiple Vulnerabilities Release Date: =========== June 29, 2014 Product & Service Introduction: ======================== Flussonic is a mutli-protocol streaming server with support for many protocols,...
CiMe - Citas Médicas - Multiple Vulnerabilities
No description provided by source. Exploit Title: Control de Citas 1.4 CIME - Multiple Vulnerabilities Date: 01/02/2014 Exploit Author: vinicius777 Contact: vinicius777 AT gmail / @vinicius777 Vendor Homepage: http://www.cgaredes.tk/ Software Link:...
wdlinux一处sql注射
简要描述: rt 详细说明: http://www.wdlinux.cn/bbs/faq.php?action=grouppermission&gids99=%27&gids1000=%20and%20select%201%20from%20select%20count,concatversion,floorrand02x%20from%20informationschema%20.tables%20group%20by%20xa%23 漏洞证明:...
E-Manage MySchool 7.02 SQL Injection Vulnerability
No description provided by source. Exploit Title: SQL Injection MySchool Version 7.02 Google Dork: MySchool Version 7.02 Date: 05-21-2011 Software Link: http://em.com.eg/ Version: Version 7.02 Author: az7rb Tested on : winxp sp3 Ar end bt5 Homepage : www.p0c.cc Greetz : p0c Team & Dr.NaNo & All M...
EkinBoard <= 1.1.0 - Remote File Upload / Auth Bypass Vulnerabilities
No description provided by source. ---- EkinBoard Remote File Upload / Auth Bypass ... ITDefence.ru Antichat.ru EkinBoard = 1.1.0 Remote File Upload / Auth Bypass Eugene Minaev [email protected] / \ \ \ / .\ / /// // / \ / \ // / / / /// /\ / / / / // / / / / / /\ / / / / / / / / / / / //...
redaxscript 0.3.2 - Multiple Vulnerabilities
No description provided by source. ================================== Vulnerability ID: HTB22805 Reference: http://www.htbridge.ch/advisory/pathdisclosureinredaxscript.html Product: Redaxscript Vendor: http://redaxscript.com/ http://redaxscript.com/ Vulnerable Version: 0.3.2 Vendor Notification: ...
SOOP Portal Raven 1.0b SQL Injection Vulnerability
No description provided by source. Exploit Title: SOOP Portal Raven 1.0b sql injection Google Dork: Powered by SOOP Portal Raven 1.0b Date: date Author: Evil-Thinker Version: Raven 1.0b Tested on: Windows Soft Technologie : ASP.net Exploit Details :...
mixedcms 1.0b (lfi/su/ab/fd) Multiple Vulnerabilities
No description provided by source. || || || -----------------------------------------\ == -- ----------- ---------------------------- ------------------/ ¡VIVA SPAIN!...¡GANAREMOS EL MUNDIAL!...o.O ¡PROUD TO BE SPANISH! ---------------------...
MYRE Realty Manager Multiple Vulnerabilities
No description provided by source. Exploit Title:MYRE Realty Manager Multiple Vulnerabilities Date: 13.10.201 Exploit Author: d3b4g Vendor Homepage:http://myrephp.com Software Link: http://myrephp.com/demo2/ Tested on: Windows 7 Blog: d3b4g.me...
SantriaCMS - SQL Injection Vulnerability
No description provided by source. I Think, I can, But i'm just loser Author : Troy Date : Thursday, Dec 08, 2011 Location : /home/troy -------- CMS info ----------- Vendor : http://www.jasawebsitemurah.info/cms/ Exploit title : SantriaCMS SQL Injection Vulnerability Dork : view.php?idArtikel=...
Time and Expense Management System Multiple Vulnerabilities
No description provided by source. ------------------------------------------------------------------------ Software................Time and Expense Management System Vulnerability...........Command Injection Threat Level............Very Critical 5/5...
Linux Kernel <= 2.6.17.4 - (proc) Local Root Exploit
No description provided by source. / Author: h00lyshit Vulnerable: Linux 2.6 ALL Type of Vulnerability: Local Race Tested On : various distros Vendor Status: unknown Disclaimer: In no event shall the author be liable for any damages whatsoever arising out of or in connection with the use or sprea...
WaveMax Sound Editor 4.5.1 - Denial of Service PoC
No description provided by source. Exploit Title: WaveMax Sound Editor 4.5.1 Local Crash PoC Software Link: http://www.wave-max.com/wavemax/ Tested on: Win XP SP3 Date: 04-12-2010 Author: h1ch4m Email: [email protected] my $file= 1.cda; my $junk = \x41 x 1000; open$FILE,$file; print $FILE $junk;...
Mandrake 7/8/9,RedHat 6.x/7 Bonobo EFSTool Commandline Argument Buffer Overflow (1)
No description provided by source. source: http://www.securityfocus.com/bid/5125/info Bonobo is a set of tools and CORBA interfaces included as part of the Gnome infrastructure. It is designed for use on the Linux and Unix operating systems. A boundry condition error has been discovered in the...
Ophcrack 3.5.0 - Local Code Execution BOF
No description provided by source. Exploit Title: ophcrack v3.5.0 - Local Code Execution BOF Date: 21.05.2013 Exploit Author: xisone@STM Solutions Vendor Homepage: http://ophcrack.sourceforge.net/ Software Link: http://downloads.sourceforge.net/ophcrack/ophcrack-win32-installer-3.5.0.exe Version:...
csUpload Script Site - Authentication Bypass
No description provided by source. Exploit Title: csUpload Script Site Authentication Bypass Google Dork: CSUpload.cgi?command= Date: 4/9/2014 Exploit Author: Satanic2000 Vendor Homepage: http://www.cgiscript.net Software Link:...
Immunity Debugger 1.85 - Stack Overflow Vulnerabil?ity (PoC)
No description provided by source. / Filename : CrashPOC.cpp Exploit Title: title Date: 20 March 2014 Exploit Author: Veysel HATAS [email protected] - Web Page : www.binarysniper.net Vendor Homepage: https://www.immunityinc.com/ Software Link: https://www.immunityinc.com/products-immdbg.shtml...
Okul Otomasyon Portal 2.0 - Remote SQL Injection Vulnerability
No description provided by source. Dumenci v19.1 Okul Otomasyon Portal v2.0 remote sql injection AUTHOR : Okulumun sitesi Script Download : http://www.okulumunsitesi.com/ DORK: inurl:/k12.tr/?part= Injection Adress : http://site.com/default.asp?islem=1&id=sql code my COD :...
XlentCMS 1.0.4 - (downloads.php?cat) SQL Injection Vulnerability
No description provided by source. Script : XlentCMS V1.0.4 downloads.php?cat SQL Injection Vulnerability Script site : http://sphere.xlentprojects.se/portal.php AUTHOR : Gamoscu HOME : http://www.1923turk.biz Blog : http://gamoscu.wordpress.com/ Greetz : Manas58 Baybora Delibey Tiamo Psiko Turco...
Drupal <= 5.2 PHP Zend Hash Vulnerability Exploitation Vector
No description provided by source. Drupal = 5.2 PHP Zend Hash Vulnerability Exploitation Vector Example: http://www.example.com/drupal/?menucallbacks1callback=drupaleval&menuitemstype=-1&-312030023=1&q=1/?phpinfo; milw0rm.com 2007-10-10...
XRMS 1.99.2 - companies/some.php company_name Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/31008/info XRMS CRM is prone to multiple input-validation vulnerabilities, including an unspecified SQL-injection issue, an HTML-injection issue, and multiple cross-site scripting issues. The vulnerabilities occur because...
BookReview 1.0 suggest_review.htm node Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/13783/info BookReview is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have...
Huawei SNMPv3 Service - Multiple Buffer Overflow Vulnerabilities
No description provided by source. Multiple buffer overflows on Huawei SNMPv3 service ================================================== ADVISORY INFORMATION Title: Multiple buffer overflows on Huawei SNMPv3 service Discovery date: 11/02/2013 Release date: 06/05/2013 Credits: Roberto Paleari...