56796 matches found
HP OpenView Network Node Manager 6.10 SNMP DoS Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/1713/info The OverView5 CGI interface by default is shipped with HP Openview Node Manager. HP Openview Node Manager can be compromised due to an unchecked buffer. By sending a specially crafted GET request comprised of 13...
Tyger Bug Tracking System 1.1.3 Login.php PATH_INFO Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/22799/info Tyger Bug Tracking System is prone to multiple input-validation vulnerabilities, including one SQL-injection issue and two cross-site scripting issues, because the application fails to sufficiently sanitize...
Android 1.x/2.x - Local Root Exploit
No description provided by source. / android 1.x/2.x the real youdev feat. init local root exploit. C 2009/2010 by The Android Exploid Crew. Copy from sdcard to /sqlitestmtjournals/exploid, chmod 0755 and run. Or use /data/local/tmp if available thx to ioerror! It is important to to use...
SGI IRIX <= 6.4 datman/cdman Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/347/info A vulnerability exists in the datman/cdman program, as included with Irix 6.2 and 5.3 from Silicon Graphics Inc. The vulnerability would allow arbitrary users to execute commands as root. The datman/cdman program...
TikiWiki 2.2/3.0 'tiki-listpages.php' Cross Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/34107/info TikiWiki is prone to a cross-site scripting vulnerability. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site and to...
Microsoft ASP.NET 1.0/1.1 - Unicode Character Conversion Multiple Cross-Site Scripting Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/12574/info It is reported that ASP.NET is prone to various cross-site scripting attacks. These issues when ASP.NET converts Unicode characters ranging from U+ff00-U+ff60 to ASCII. Apparently, the application fails to...
CPanel 11 Beta Multiple Cross-Site Scripting Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/21287/info cPanel is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code execute in the...
KKE Info Media Kmita Gallery Multiple Cross-Site Scripting Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/31970/info Kmita Gallery is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the...
XMB Forum 1.8 u2uadmin.php uid Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/9726/info XMB Forum has been reported prone to multiple cross-site scripting, HTML injection and SQL injection vulnerabilities. The issues present themselves due to insufficient sanitization of remote user supplied data. ...
mail2forum phpBB Mod <= 1.2 (m2f_root_path) Remote Include Vulns
No description provided by source. Title : mail2forum = 1.2 Multiple Remote File Include Vulnerabilities Discovered By OLiBekaS ----------------------------------------------------------------------------- Affected software description : Application : mail for phpbb bulletin board/forum software...
Madwifi SIOCGIWSCAN Buffer Overflow
No description provided by source. $Id: madwifigiwscancb.rb 10394 2010-09-20 08:06:27Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms o...
Oracle Database 10.1.0.5 - 10.2.0.4 - AUTH_SESSKEY Length Validation Remote Buffer Overflow Vulnerability
No description provided by source. include winsock2.h include stdio.h include string.h include windows.h include assert.h include string void ssend SOCKET s, char msg, DWORD size int sent; printf ssend: begin: %d bytes\n, size; sent=send s, charmsg, size, 0; if sent==SOCKETERROR printf send -...
OpenEMR 4.1.1 (ofc_upload_image.php) Arbitrary File Upload Vulnerability
No description provided by source. ??php / OpenEMR 4.1.1 ofcuploadimage.php Arbitrary File Upload Vulnerability Vendor: OpenEMR Product web page: http://www.open-emr.org Affected version: 4.1.1 Summary: OpenEMR is a Free and Open Source electronic health records and medical practice management...
Samba trans2open Overflow (Linux x86)
No description provided by source. $Id: trans2open.rb 9828 2010-07-14 17:27:23Z hdm $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
Oracle Internet Directory 10.1.2.0.2 'oidldapd' Remote Memory Corruption Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/37833/info Oracle Internet Directory is prone to a remote memory-corruption vulnerability. Exploits may allow attackers to execute arbitrary code in the context of the vulnerable application. Failed exploit attempts will...
LHA 1.x - Buffer Overflow/Directory Traversal Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/10243/info LHA has been reported prone to multiple vulnerabilities that may allow a malicious archive to execute arbitrary code or corrupt arbitrary files when the archive is operated on. The first issues reported have be...
WebTrends Enterprise Reporting Server 1.5 Negative Content Length DoS Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/569/info Specifying a negative content-length in a POST operation to the WebTrends Enterprise Reporting Server will crash the web server. !/usr/bin/perl -w Example DoS against WebTrends Enterprise Reporting Server 8/8/99...
e107 <= 0.6172 - (resetcore.php) Remote SQL Injection Exploit
No description provided by source. ?php 0.27 18/10/2005 ---e017xpl.php e107 0.617 resetcore.php SQL Injection & remote code execution all-in-one by rgod site: http://rgod.altervista.org make these changes in php.ini if you have troubles to launch this script: allowcalltimepassreference = on...
PlatinumFTPServer 1.0.6 Information Disclosure Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/6492/info It has been reported that PlatinumFTPserver fails to properly sanitize some FTP commands. By sending a malicious request to the vulnerable server, using directory traversal sequences, it is possible for a remote...
FreeBSD 2.x,HP-UX 9/10/11,kernel 2.0.3,Windows NT 4.0/Server 2003,NetBSD 1 loopback (land.c) DoS (1)
No description provided by source. source: http://www.securityfocus.com/bid/2666/info A number of TCP/IP stacks are vulnerable to a loopback condition initiated by sending a TCP SYN packet with the source address and port spoofed to equal the destination source and port. When a packet of this sor...
httpdx <= 0.5b Multiple Remote Denial of Service Vulnerabilities
No description provided by source. OSCP TEAM Vuln Discovery sico2819 http://offensive-security.com httpdx = 0.5b multiple remote DOS POC sourceforge.net/projects/httpdx/ SYSTEM USED : WinXP SP3 FR POC POC POC POC httpdx = 0.5b is vulnerable to multiple remote DOS, in both HTTP and FTP server. FTP...
PMachine Pro 2.4 - Remote File Include Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/12597/info PMachine Pro is reported prone to a remote file include vulnerability. This issue affects the 'mailautocheck.php' script. An attacker may leverage this issue to execute arbitrary server-side script code on an...
WebFS 1.x Long Pathname Buffer Overrun Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/8726/info It has been discovered that WebFS is prone to a buffer overrun vulnerability when handling path names of excessive length. As a result, an attacker may be capable of triggering the condition and overwriting...
phpBB <= 2.0.12 Session Handling Authentication Bypass (tutorial)
No description provided by source. 1. Register at forum? 2. Log in with account + UNCHECK Log in automatically 3. Close browser to be sure a cookie is made. 4. Locate cookie firefox: X:\Documents and Settings\Name\Application Data\Mozilla\Firefox\Profiles\profile.default\cookies.txt -- search the...
ITechClassifieds ViewCat.php CatID Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/27574/info iTechClassifieds is prone to an input-validation vulnerability that may be exploited as a cross-site scripting issue or an SQL-injection issue. This issue occurs because the application fails to adequately...
7-Technologies IGSS <= 9.00.00 b11063 - IGSSdataServer.exe Stack Overflow
No description provided by source. $Id: igss9igssdataserverlistall.rb 12639 2011-05-16 19:30:17Z sinn3r $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing...
LokiCMS <= 0.3.4 (index.php page) Arbitrary Check File Exploit
官网链接: http://www.lokicms.com/ 影响版本:= 0.3.4 概述: LokiCMS 0.3.4及之前版本中的index.php存在目录遍历漏洞。当magicquotesgpc被中止时,远程攻击者可以借助页参数中的"..",来检查任意文件是否存在。 漏洞页面: vuln file: index.php 漏洞代码: if isset $GET && isset $GET'page' $pagename = stripslashes trim $GET'page' ; // load the page if $pagename == '' $name =...
AVG Internet Security 9.0.851 - Local Denial of Service Exploit
No description provided by source. / Exploit Title: AVG Internet Security 0day Local DoS Exploit Date: 2010-11-01 Author: Nikita Tarakanov CISS Research Team Software Link: http://www.avg.com Version: up to date, version 9.0.851, avgtdix.sys version 9.0.0.832 Tested on: Win XP SP3 CVE :...
pilot cart 7.3 - Multiple Vulnerabilities
No description provided by source. Title: ASPilot Pilot Cart 7.3 multiple vulnerabilities Date: 07.11.2010 Author: Ariko-Security Software Link: http://www.pilotcart.com Version: 7.3 CVE Reference: CVE-2008-2688 only 1 SQL injection EDB-ID: 5765 only 1 SQL injection Ariko-Security: Security Audit...
Internet Explorer Unsafe Scripting Misconfiguration
No description provided by source. $Id: ieunsafescripting.rb 10394 2010-09-20 08:06:27Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms ...
Microsoft Internet Explorer 5.0.1 Frameset Memory Corruption Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/18277/info Microsoft Internet Explorer is affected by a memory-corruption vulnerability. This issue arises because the application fails to handle exceptional conditions in a proper manner. An attacker may exploit this...
Microsoft Agent agentdpv.dll ActiveX Control Malformed URL Stack Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/25566/info Microsoft Agent agentsvr.exe is prone to a stack-based buffer-overflow vulnerability because the application fails to adequately bounds-check user-supplied data. Successfully exploiting this issue allows remote...
Elastic Path 4.1 - manager/getImportFileRedirect.jsp file Parameter Traversal Arbitrary File Access
No description provided by source. source: http://www.securityfocus.com/bid/28352/info Elastic Path is prone to multiple input-validation vulnerabilities because it fails to properly sanitize user-supplied input. These issues include: - A local file-include vulnerability. - An arbitrary file-uplo...
Apache < 1.3.37, 2.0.59, 2.2.3 (mod_rewrite) Remote Overflow PoC
No description provided by source. !/bin/sh Exploit for Apache modrewrite off-by-one. Vulnerability discovered by Mark Dowd. CVE-2006-3747 by jack jack\x40gulcas\x2Eorg 2006-08-20 Thx to xuso for help me with the shellcode. I suppose that you've the RewriteRule kung/. $1 rule if not you must...
pixelpost 1.7.3 - Multiple Vulnerabilities
No description provided by source. 1 +Exploit Title: pixelpostv1.7.3 Multiple vulnerabilities 0 0 +Date: 15/09/2010 1 1 +Author: Sweet 0 0 +Contact : [email protected] 0 1 +Software Link: http://www.pixelpost.org/ 0 0 +Download: http://www.pixelpost.org/ 1 1 +Version: 1.7.3 0 0 +Tested on: WinX...
Sami FTP Server 2.0.x Multiple Commands Remote Denial Of Service Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/27817/info Sami FTP Server is prone to multiple remote denial-of-service vulnerabilities because the application fails to handle exceptional conditions. An attacker can exploit these issues to crash the affected...
Sami FTP Server 2.0.1 - Remote Stack Based Buffer Overflow PoC
No description provided by source...
Weblord.it MS-TopSites Unauthorized Access Vulnerability and HTML Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/26358/info MS-TopSites is prone to an unauthorized-access vulnerability and an HTML-injection vulnerability because the application fails to sufficiently sanitize user-supplied data. An attacker can exploit these issues t...
HP Intelligent Management Center UAM Buffer Overflow
No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3...
CGIScript.net csNews 1.0 Double URL Encoding Unauthorized Administrative Access
No description provided by source. source: http://www.securityfocus.com/bid/4993/info csNews is a script for managing news items on a website. It will run on most Unix and Linux variants, as well as Microsoft Windows operating systems. Users with public access to the system may be able to view an...
Microsoft Windows Kernel Intel x64 SYSRET PoC
No description provided by source. Source: http://packetstormsecurity.org/files/115908/sysret.rar This is proof of concept code that demonstrates the Microsoft Windows kernel Intel/x64 SYSRET vulnerability as described in MS12-042. The shellcode disables code signing and will grant NT SYSTEM...
Helpdesk Pilot Knowledge Base 4.4.0 - SQL Injection Vulnerability
No description provided by source. Helpdesk Pilot Knowledge Base SQL injection vulnerability - articleid Author : kaMtiEz [email protected] Homepage : http://www.indonesiancoder.com Date : Desember 29, 2009 Software Information + Vendor : http://www.helpdeskpilot.com/ + Download : - + version :...
Ipswitch WhatsUp Professional 2005 SP1 LOGIN.ASP SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/14039/info WhatsUp Professional is prone to an SQL injection vulnerability affecting its Web-based front end. This issue is due to a failure in the application to properly sanitize user-supplied input to the 'login.asp'...
Netscape Enterprise Server 4.0/sparc/SunOS 5.7 - Remote Exploit
No description provided by source. !/usr/bin/perl Remote sploit for Netscape Enterprise Server 4.0/sparc/SunOS 5.7 usage: ns-shtml.pl 'command line' | nc victim port Sometimes server may hang or coredump.. eek ;- [email protected] $cmdline=echo 'ingreslock stream tcp nowait root /bin/sh sh -i...
MS Internet Explorer <= 6.x (IMG / XML elements) Denial of Service
No description provided by source. !-- Discovered by Inge Henriksen [email protected] http://ingehenriksen.blogspot.com/ -- table tr tdIMG align=leftX X X?xml:namespace prefix=v v:X style=HEIGHT:1/td /tr /table milw0rm.com 2006-01-18...
CamShot 1.2 - SEH Overwrite Exploit
No description provided by source. CamShot SEH overwrite by tecnik import socket, sys if lensys.argv!=2: print Usage: camshot.py target exit s = socket.socketsocket.AFINET, socket.SOCKSTREAM s.connectsys.argv1,80 print Sending Exploit to: + sys.argv1 GET request + overflow string request =GET /...
Logitech VideoCall ActiveX Control Buffer Overflow
No description provided by source. $Id: logitechvideocallstart.rb 9262 2010-05-09 17:45:00Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and...
Oracle Document Capture 10.1.3.5 Insecure Method / Buffer Overflow
No description provided by source. Source: http://packetstormsecurity.org/files/view/97871/DSECRG-11-006.txt ActiveX components contain insecure methods. Digital Security Research Group DSecRG Advisory DSECRG-11-006 internal DSECRG-09-066 Application: Oracle Document Capture Versions Affected:...
Pacer Edition CMS 2.1 (l param) Local File Inclusion Vulnerability
No description provided by source. Pacer Edition CMS 2.1 l param Local File Inclusion Vulnerability Vendor: The Pacer Edition Product web page: http://www.thepaceredition.com Affected version: RC 2.1 SVN: 867 Summary: The 'Pacer Edition' is a Content Management SystemCMS written using PHP 5.2.9 a...
AwStats <= 6.4 - Denial of Service
No description provided by source. !/usr/bin/perl Summarized the advisory www.ghc.ru GHC: /str0ke 0 Exploitable example raw log plugin: Attacker can read sensitive information http://server/cgi-bin/awstats-6.4/awstats.pl?pluginmode=rawlog&loadplugin=rawlog 1 Perl code execution. This script...