56796 matches found
DUclassmate 1.x account.asp MM-recordId Parameter Arbitrary Password Modification
No description provided by source. source: http://www.securityfocus.com/bid/11363/info Multiple vulnerabilities have been identified in the software that may allow a remote attacker to carry out SQL injection and HTML injection attacks. An attacker may also gain unauthorized access to a user's...
Video Games Rentals Script - SQL Injection Vulnerability
No description provided by source. Exploit Title: video games rentals Script SQL injection Vulnerability Date: 11/02/2010 Author: JaMbA Software Link: N/A Version: all version Tested on: Windows & Linux CVE : ::::::::::::::::::::::::: Exploit Title : video games rentals Script SQL injection...
Polaring <= 0.04.03 (general.php) Remote File Include Vulnerability
No description provided by source. !/usr/bin/env python coding: utf-8 from pocsuite.net import req from pocsuite.poc import POCBase, Output from pocsuite.utils import register class TestPOCPOCBase: vulID = '64020' ssvid version = '1.0' author = '皮皮' vulDate = '2006-09-28' createDate = '2015-12-24...
Infopulse GateKeeper 3.5 - Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/1477/info Infopulse GateKeeper proxy server will crash if a string containing over 4096 characters is entered through port 2000. Arbitrary code execution is possible. Restarting the server is required in order to regain...
SimpCMS <= all (keyword) Remote SQL Injection Vulnerability
No description provided by source. SimpCMS = all Remote SQL Injection Vulnerability Found By : ú Cold z3ro , http://www.hackteach.org/ Script : http://www.simpcms.com/ ==================================== Exploit :...
Adobe SVG Viewer 3.0 postURL/getURL Restriction Bypass Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/8785/info Adobe SVG Viewer ASV is prone to an issue in the implementation of the getURL and postURL methods. These methods are designed to prevent access to URIs in a foreign domain or local files. However, by using a...
Firebird Relational Database SVC_attach() Buffer Overflow
No description provided by source. $Id: fbsvcattach.rb 9669 2010-07-03 03:13:45Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
SAS Hotel Management System user_login.asp SQL Injection Vulnerability
No description provided by source. 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ /'\ \ /\ \ \ \ /'\ 0 0 \ \ /\ /\ \ \ \ /\ \ \ /\ /\ \ \ \ \ \ \ / 1 1 \ \ \ \\ \ \ /\ \...
LoveCMS 1.4 install/index.php step Parameter Remote File Inclusion
No description provided by source. source: http://www.securityfocus.com/bid/22675/info LoveCMS is prone to multiple input-validation vulnerabilities, including an arbitrary-file-upload issue, a remote file-include issue, a local file-include issue, and a cross-site scripting issue. An attacker ca...
Trend Micro Internet Security Pro 2010 ActiveX extSetOwner Remote Code Execution
No description provided by source. !-- | / |/ \ /\ | | | | \ | \ / | | | | / \ | | | | | | | |/| | | | |/ /\ | | | | Day 3 Binary Analysis | | | | || / \ || | | | || ||// \/|/ Title : Trend Micro Internet Security Pro 2010 ActiveX extSetOwner Remote Code Execution Version : UfPBCtrl.DLL...
OReilly WebSite 1.x/2.0 win-c-sample.exe Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/2078/info O'Reilly WebSite Pro is a Windows 95/NT Web Server package. Versions 2.0 and below contained a vulnerable sample script, win-c-sample.exe, placed by default in /cgi-shl/ off the web root directory. This program ...
PowerShell XP 3.0.1 - Buffer Overflow 0day
No description provided by source. !/usr/bin/python vuln finders : kmkz, zadyree, hellpast author : m101 site : http://binholic.blogspot.com/ Exploit Title: PowerShell XP 3.0.1 0day Date: 11/12/2010 Author: m101 Software Link: http://www.softpedia.com/progDownload/PowerShell-XP-Download-22529.htm...
Firebird 1.0 - Remote Pre-Authentication Database Name Buffer Overrun Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/10446/info Firebird is reported prone to a remote buffer-overrun vulnerability. The issue occurs because the application fails to perform sufficient boundary checks when the database server is handling database names. A...
ASPNuke 0.80 Language_Select.ASP HTTP Response Splitting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/14063/info ASPNuke is prone to an HTTP response splitting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. A remote attacker may exploit this vulnerability to...
Borland InterBase isc_create_database() Buffer Overflow
No description provided by source. $Id: ibisccreatedatabase.rb 9669 2010-07-03 03:13:45Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms...
HP OpenView NNM - webappmon.exe execvp_nc Remote Code Execution
No description provided by source. ''' | / |/ \ /\ | | | | \ | \ / | | | | / \ | | | | | | | |/| | | | |/ /\ | | | | | | | | || / \ || | | | || ||// \/|/ ''' ''' Title : HP OpenView NNM webappmon.exe execvpnc Remote Code Execution Version : OpenView Network Node Manager 7.53 Analysis :...
Duyuru Scripti Goster.ASP SQL injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/22910/info Duyuru Scripti is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query. Exploiting this vulnerability could permit remot...
PHP 5.2.6 'create_function()' Code Injection Weakness (2)
No description provided by source. source: http://www.securityfocus.com/bid/31398/info PHP is prone to a code-injection weakness because it fails to sufficiently sanitize input to 'createfunction'. Note that the anonymous function returned need not be called for the supplied code to be executed. ...
Borland InterBase 2007 - PWD_db_aliased Buffer Overflow
No description provided by source. $Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require...
DoceboLMS <= 2.0.5 (help.php) Remote File Include Vulnerability
No description provided by source. Vulnerable Script: Docebo LMS 2.05 Discovered: beford xbefordx gmail com Noobs: %22Based+on+DoceboLMS+2.0%22 Vulnerable Files doceboLMS205/modules/credits/business.php = include$GET'lang'.'/language.php'; doceboLMS205/modules/credits/credits.php =...
linux chroot()/execve() code
No description provided by source. / This is Linux chroot/execve code.It is 80 bytes long.I have some ideas how to make it smaller, but till then use this one. signed predator linux registered user : 181116 preedatoratsendmaildotru / char...
Joomla Component Expose <= RC35 Remote File Upload Vulnerability
No description provided by source. HHHHHHH HHHHHH HH HHHHHHHH HHHHHH HHHHHHHH IHHI HH HH HHHHHHHH HH HH HH HH HH HHHHHHHH HH IHHI HH HHH HH HHHHHHHH HH HH HH HH HH HH HH HH HH HHHH HH HH HHHHHHH HHHHHH HH HHHHHHH HHHHHH HH HH HH HH HH HHHHHHHH HH HH HH HH HH HH HH HH HH HHHH HH HH HH HH HH HHHHHH...
ABC2PS/JCABC2PS 1.2 Voice Field Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/12024/info abc2ps and jcabc2ps are prone to a buffer overflow vulnerability. This issue is exposed when the program is used to process the voice field in ABC music notation files. Since the ABC files may originate from an...
Firebird Relational Database isc_attach_database() Buffer Overflow
No description provided by source. $Id: fbiscattachdatabase.rb 9669 2010-07-03 03:13:45Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms...
Solution Scripts Home Free 1.0 search.cgi Directory Traversal Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/921/info Home Free is a suite of Perl cgi scripts that allow a website to support user contributions of various types. One of the scripts, search.cgi, accepts a parameter called letter which can be any text string. The...
WebHost Automation Helm Control Panel 3.1.x Multiple Input Validation Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/11586/info Helm Control Panel is reported prone to multiple vulnerabilities. These include an SQL injection issue and an HTML injection vulnerability. A remote attacker can execute arbitrary HTML and script code in a user...
Online Grades & Attendance 3.2.6 - Blind SQL Injection Exploit
No description provided by source. !/usr/bin/perl || || || -----------------------------------------\ == -- ----------- ---------------------------- ------------------/ ¡VIVA SPAIN!...¡GANAREMOS EL MUNDIAL!...o.O ¡PROUD TO BE SPANISH!...
PHPBB2 Admin_Ug_Auth.PHP Administrative Security Bypass Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/22730/info PHPBB2 is prone to a vulnerability that will let attackers gain administrative access to the application because it fails to properly validate access. Successful exploits may result in a complete compromise of...
Racer 0.5.3 beta 5 - Remote Buffer Overflow Exploit
No description provided by source. !/usr/bin/perl Credit's to n00b. Racer v0.5.3 beta 5 12-03-07 remote exploit. Racer is also prone to a buffer over flow in the server and client.Automatically the game open's Udp port 26000 and is waiting for a msg buffer. If we send an overly long buffer we are...
mini_httpd <= 1.18 HTTP Request Escape Sequence Terminal Command Injection
No description provided by source. source: http://www.securityfocus.com/bid/37714/info Acme 'thttpd' and 'minihttpd' are prone to a command-injection vulnerability because they fail to adequately sanitize user-supplied input in logfiles. Attackers can exploit this issue to execute arbitrary...
Joomla Component Saber Cart com_sebercart Local File Inclusion Vulnerability
No description provided by source. ========================================================================================================= o Joomla Component Saber Cart Local File Inclusion Vulnerability Software : comsebercart version 1.0.0.12 Vendor : http://www.seber.com.au/ Author :...
nuseo php enterprise 1.6 - Remote File Inclusion Vulnerability
No description provided by source. Vulnerability Type: Remote File Inclusion Vulnerable file: /NuSEO PHP Enterprise.v1.6 Nulled by DGT/NuSEO.PHP.Enterprise.v1.6.PHP.NULL-DGT/nuseo/admin/nuseoadmind.php Exploit URL:...
Multiple Vendor Telnet Client Env_opt_add Heap-Based Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/12919/info Multiple vendors' Telnet client applications are reported prone to a remote buffer-overflow vulnerability. This vulnerability reportedly occurs in the 'envoptadd' function in the 'telnet.c' source file, which i...
K-Lite Mega Codec Pack 3.5.7.0 - Local Windows Explorer DoS PoC
No description provided by source. K-Lite Mega Codec Pack based Local Windows Explorer DOS PoC. Version:3.5.7.0 vsfilter.dllVersion 1.0.1.4 that comes bundled with the above Codec Pack crashes when we try to use,select or even highlight the attached Test7.flv file in Windows Explorer,causing...
Aperto Blog 0.1.1 - Local File Inclusion / SQL Injection Vulnerabilities
No description provided by source. =========================================================================================================== o Aperto Blog 0.1.1 Local File Inclusion and SQL Injection Vulnerabilities Software : Aperto Blog version 0.1.1 Vendor :...
phpsyncml <= 0.1.2 - Remote File Include Vulnerabilities
No description provided by source. ======================================================================== || || || || || || || || || || || || ======================================================================== ======================================================================== phpsync...
Scratcher (SQL/XSS) Multiple Remote Vulnerability
No description provided by source. + Scratcher SQL/XSS Multiple Remote Vulnerability 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ /'\ \ /\ \ \ \ /'\ 0 0 \ \ /\ /\ \ \ \ /\ \ \ /...
Joomla Component equotes 0.9.4 - Remote SQL injection Vulnerability
No description provided by source. /---------------------------------------------------------------\ \ / / Joomla Component equotes Remote SQL injection \ \ / ---------------------------------------------------------------/ Author : His0k4 ALGERIAN HaCkEr Dork : inurl:comeQuotes POC :...
91 bytes nc -lp 31337 -e /bin//sh polymorphic linux shellcode .
No description provided by source. / Title : nc -lp 31337 -e /bin//sh polymorphic linux shellcode . Name : 91 bytes nc -lp 31337 -e /bin//sh polymorphic linux shellcode . Date : Mon Jul 5 16:58:50 WIT 2010 Author : gunslinger yudha.gunslingeratgmail.com Web : http://devilzc0de.org blog :...
phpmygallery 1.0beta2 (rfi/lfi) Multiple Vulnerabilities
No description provided by source. PHPmyGallery v1.0beta2 RFi/LFi Multiple Remote Vuln. download: http://phpmygallery.kapierich.net/en/downloads/?dir=PHP/&getfile=PKphpmygallery-1.0beta2.zip ---------------------------------------------------------- Discovered By: ZoRLu msn: [email protected]...
MyYoutube MyBB Plugin 1.0 - SQL Injection
No description provided by source. Exploit Title: MyYoutube MyBB plugin SQL UPDATE injection. Google Dork: inurl:member.php intext:Youtube Video intitle:Profile of Date: 12.10.2012 Exploit Author: Zixem Vendor Homepage: http://www.mybb-es.com Software Link: http://mods.mybb.com/view/myyoutube...
PHP Link Manager 1.7 - Url Redirection Bug
No description provided by source. PHP Link Manager Version 1.7 Url Redirection Bug Title: PHP link manager Version 1.7 Vendor: http://www.phpjunkyard.com/php-link-manager.php AUTHOR: ITSecTeam Email: [email protected] Website: http://www.itsecteam.com Forum : http://forum.ITSecTeam.com Original...
Yektaweb Academic Web Tools CMS 1.4.2.8/1.5.7 Multiple Cross Site Scripting Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/33944/info Yektaweb Academic Web Tools CMS is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input. Attacker-supplied HTML and script code would execute in t...
Joomla Component MMS Blog com_mmsblog Local File Inclusion Vulnerability
No description provided by source. ============================================================================================================= o Joomla Component MMS Blog Local File Inclusion Vulnerability Software : commmsblog version 2.3.0 Vendor : http://mms.pipp.no/ Author : AntiSecurity No...
FreeBSD 3.5.1/4.2 ports package xklock local root exploit
No description provided by source. / xklock - FreeBSD 3.5.1 & 4.2 ports package local root exploit The X key lock program contain several exploitable buffer overflows in command line arguments aswell as the 'JNAME' environment variable. xklock is installed setuid root by default. This POC exploit...
ardeacore 2.2 - Remote File Inclusion Vulnerability
No description provided by source. 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ /'\ \ /\ \ \ \ /'\ 0 0 \ \ /\ /\ \ \ \ /\ \ \ /\ /\ \ \ \ \ \ \ / 1 1 \ \ \ \\ \ \ /\ \...
IBM Lotus Domino iCalendar MAILTO Buffer Overflow
No description provided by source. $Id: dominoicalendarorganizer.rb 12236 2011-04-04 17:43:34Z sinn3r $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing an...
clanlite 2.x (SQL Injection/xss) Multiple Vulnerabilities
No description provided by source. CANAKKALE GECiLMEZ yildirimordulari.org z0rlu.ownspace.org ClanLite V2 SQL inj. & XSS dork: Créé par Narfight, ClanLite V2.2006.05.20 © 2000-2005 dork: Themed By Ray © 2003, 2004 iOptional readme script / Fichier : Copyright : C 2004 ClanLite V2 Email :...
snetworks php classifieds 5.0 - Remote File Inclusion Vulnerability
No description provided by source. +By CrackersChild+ Script.......: SNETWORKS PHP CLASSIFIEDS Page.........: http://www.snetworks.biz/ Author.......: CrackersChild | [email protected] & [email protected] Class........: Remote File İnclude Vulnerability Demo.........:...
Windows XP Pro Sp2 English "Message-Box" Shellcode
No description provided by source. +-----------------------------------------------------+ | Windows XP Pro Sp2 English Message-Box Shellcode. | +-----------------------------------------------------+ Size : 16 Bytes, Null-Free. Author : Aodrulez. Email : [email protected] Shellcode =...