56796 matches found
Wordpress BP Group Documents Plugin 1.2.1 - Multiple Vulnerabilities
No description provided by source...
ISC INN <= 2.2,RedHat Linux <= 6.0 inews Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/616/info INN versions 2.2 and earlier have a buffer overflow-related security condition in the inews program. inews is a program used to inject new postings into the news system. It is used by many news reading programs a...
SolidState <= 0.4 - Multiple Remote File Include Vulnerabilities
No description provided by source. !/usr/bin/env python coding: utf-8 from pocsuite.net import req from pocsuite.poc import POCBase, Output from pocsuite.utils import register class TestPOCPOCBase: vulID = '64010' ssvid version = '1.0' author = 'kikay' vulDate = '2006-09-27' createDate =...
YUI Images Script Shell Upload Vulnerability
No description provided by source. Title: YUI Images Script Shell Upload Vulnerability Version: 1.0 Author: Mr.P3rfekT Software Link: http://momche.net/res/YUI-upload/html/momche-yui-upload.zip Tested on Lunix CVE : N/A Founded By Mr.P3rfekT Helllo Allz Exploit : http://127.0.0.1/YUI-upload/html...
IBM BladeCenter Management Module - DoS vulnerability
No description provided by source. DSECRG-09-049 IBM BladeCenter Management Module - DoS vulnerability Source: http://www.dsecrg.com/pages/vul/show.php?id=149 This device can be remotely rebooted by sending a malformed TCP packets Digital Security Research Group DSecRG Advisory DSECRG-09-049...
ntpd 4.0.99j-k readvar - Buffer Overflow
No description provided by source. $Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require...
HD FLV Player Component for Joomla! 'id' Parameter SQL Injection Vulnerability
No description provided by source. !/usr/bin/env python coding: utf-8 from pocsuite.net import req from pocsuite.poc import POCBase, Output from pocsuite.utils import register import re class TestPOCPOCBase: vulID = '86873' ssvid version = '1.0' author = 'kikay' vulDate = '2010-04-13' createDate ...
MySQLNewsEngine Affichearticles.PHP3 Remote File Include Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/22431/info MySQLNewsEngine is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied input. Exploiting this issue may allow an attacker to compromise the application and the...
PHPBB-Auction Module 1.0/1.2 Auction_Rating.PHP SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/13283/info phpbb-auction module is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitati...
Microsoft Print Spooler Service Impersonation Vulnerability
No description provided by source. $Id: ms10061spoolss.rb 11766 2011-02-17 19:22:11Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of...
GLPI 0.71.3 - Multiple Remote SQL Injection VUlnerabilities
No description provided by source. + Application : GLPI v 0.71.3 + App'z URI : http://glpi-project.org + Bug : Multiple Remote SQL Injections + Author : Zigma + Home : http://NullArea.Net Let's have a look on the Security System GLPI uses : --- \inc\includes.php --- // Security system if isset$PO...
Novell iPrint Client ActiveX Control Date/Time Buffer Overflow
No description provided by source. $Id: novelliprintdatetime.rb 9262 2010-05-09 17:45:00Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and term...
David Bagley xlock 4.16 User Supplied Format String Vulnerability (2)
No description provided by source. source: http://www.securityfocus.com/bid/1585/info A vulnerability exists in versions of the xlockmore program, originally written by David Bagley. It is believed to affect all versions of xlock derived from xlockmore. This includes the xlock shipped with a numb...
PHP-Proxima 6.0 BB_Smilies.PHP Local File Include Vulnerability
No description provided by source...
Adobe ColdFusion Server <= 8.0.1 administrator/enter.cfm Query String XSS
No description provided by source. source: http://www.securityfocus.com/bid/36046/info Adobe ColdFusion is prone to multiple HTML-injection vulnerabilities because it fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script...
MS IE 5.0,Netscape Communicator 4.0/4.5/4.6 Javascript STYLE Vulnerability
No description provided by source. Microsoft Internet Explorer 5.0 for Windows 2000/Windows 95/Windows 98/Windows NT 4,Netscape Communicator 4.0/4.5/4.6 Javascript STYLE Vulnerability source: http://www.securityfocus.com/bid/630/info The HTML STYLE command can be used to embed Javascript into...
PHProjekt <= 5.1 - Multiple Remote File Include Vulnerabilities
No description provided by source. / + + - - - DEVIL TEAM THE BEST POLISH TEAM - - + + + - Script name: PHProjekt v. 5.1 - Script site: http://www.phprojekt.com/ + + + - Find by: Kacper a.k.a Rahim + - Contact: [email protected] - or - http://www.devilteam.yum.pl + + + - Greetz: DragonHeart - a...
Comodo Firewall 2.3.6 CMDMon.SYS Multiple Denial of Service Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/22357/info Comodo Firewall is prone to multiple denial-of-service vulnerabilities because it fails to adequately validate user supplied data. Exploiting these issues may permit attackers to cause system crashes and deny...
FreeBSD ftpd and ProFTPd on FreeBSD Remote r00t Exploit
No description provided by source. / KCOPE2011 - x86/amd64 bsd ftpd remote root exploit KINGCOPE CONFIDENTIAL - SOURCE MATERIALS This is unpublished proprietary source code of KINGCOPE Security. C COPYRIGHT KINGCOPE Security, 2011 All Rights Reserved bug found by Kingcope thanks to noone except...
phpTrafficA 1.4.1 banref.php lang Parameter Traversal Local File Inclusion
No description provided by source...
Ilia Alshanetsky FUDForum 1.2.8/1.9.8/2.0.2 File Disclosure Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/5501/info Reportedly, FUDForum may disclose contents of arbitrary files to attackers. The vulnerability is the result of FUDForum failing to check the path of the file that is being requested. By simply making malicious...
H-Sphere 2.x HTML Template Inclusion Cross-Site Scripting Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/7855/info H-Sphere is prone to multiple cross-site scripting vulnerabilities via the HTML template feature in the Hosting Control Panel. HTML and script code will not be filtered from pages which are generated when a...
ZBServer Pro 1.5 - Buffer Overflow Vulnerability (2)
No description provided by source. source: http://www.securityfocus.com/bid/889/info ZBSoft ZBServer Pro is an Internet and Intranet server that supports HTTP, Gopher, FTP and Chat Services. ZBServer is available for Microsoft Windows operating systems. ZBServer Pro 1.5 has an unchecked buffer in...
Surfboard httpd 1.1.9 - Remote Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/9299/info It has been reported that Surfboard httpd is prone to a remote buffer overflow condition that may allow an attacker to gain unauthorized access to a system running the vulnerable software. The issue presents...
FreeBSD LiteSpeed Web Server 4.0.17 with PHP - Remote Exploit
No description provided by source. LiteSpeed Web Server 4.0.17 w/ PHP Remote Exploit for FreeBSD bug discovered & exploited by Kingcope Dec 2010 Lame Xploit Tested with success on FreeBSD 8.0-RELEASE - LiteSpeed WebServer 4.0.17 Standard & Enterprise x86 FreeBSD 6.3-RELEASE - LiteSpeed WebServer...
@lex Guestbook 5.0 Multiple Cross Site Scripting Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/37706/info @lex Guestbook is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in t...
AKY Blog SQL Injection Vulnerability
No description provided by source. =================================================== AKY Blog SQL ?njection =================================================== Author : Madconfig Homepage : www.worldhackerz.com Mail : adminatworldhackerzdot.com Script :...
Plogger Remote File Disclosure Vulnerability
No description provided by source. Plogger Remote File Disclosure Vulnerability http://www.plogger.org/ dork : Powered by Plogger! author: Mr.tro0oqy yemeni hacker email : [email protected] exp : Line 117: if $fpsource = @fopen$GET'src','rb'...
Linux kernel 2.0/2.1/2.2 autofs Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/312/info The autofs module provides support for the automount filesystem, as well as the interface between the kernel and the automountd daemon, which is responsible for the actual mounting. Calls such as chdir executed i...
RealPlayer <= 14.0.1.633 Heap Overflow Vulnerability
No description provided by source. Luigi Auriemma Application: RealPlayer http://www.real.com Versions: = 14.0.1.633 Platforms: Windows, Macintosh OSX, Linux, Symbian, Palm Bug: heap overflow Exploitation: remote Date: 21 Mar 2011 found 17 Feb 2011 Author: Luigi Auriemma e-mail:...
Tektronix Phaser Network Printer 740/750/750DP/840/930 PhaserLink Webserver Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/806/info Certain versions of the Tektronix PhaserLink printer ship with a webserver designed to help facilitate configuration of the device. This service is essentially administrator level access as it can completely modi...
CMS Firebrand Tec Local File Inclusion Vulnerability
No description provided by source. ====================================================================== L.F.I Firebrand Technologies L.F.I ====================================================================== Exploit Title : CMS Firebrand Tec Local File Inclusion Vulnerability Date : 04/24/201...
WebChat 2.0 Users.PHP Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/7779/info WebChat has been reported prone to a cross-site scripting vulnerability. WebChat does not adequately filter script code from URI parameters, making it prone to cross-site scripting attacks. Attacker-supplied...
3D-FTP 8.01 - 'LIST' and 'MLSD' Directory Traversal Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/29749/info 3D-FTP is prone to multiple directory-traversal vulnerabilities because it fails to sufficiently sanitize user-supplied input data. Exploiting these issues allows an attacker to write arbitrary files to locatio...
ID Software Quake 1.9 - Denial of Service Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/3051/info Quake is a very popular 3D first-person-shooter game from ID software. A flaw has been identified in the product's network play features which allows a maliciously designed client to prevent legitimate players...
Light Audio Mixer 1.0.12 - (.wav) Crash PoC
No description provided by source. Exploit Title: Light Audio Mixer Version 1.0.12 .wav - Crash POC Date: 14-07-2013 Exploit Author: ariarat Software Link: http://download.cnet.com/Light-Audio-Mixer/3000-21394-10791607.html Version: 1.0.12 Tested on: Windows XP sp3...
PHP Advanced Transfer Manager 1.10 - Shell Upload Vulnerability
No description provided by source...
Cisco Packet Tracer 5.2 DLL Hijacking Exploit (wintab32.dll)
No description provided by source. / Title: Cisco Packet Tracer 5.2 DLL Hijacking Exploit wintab32.dll Date:05/08/2010 Author: CCNA Tested on: Windows XP SP 2 Extension: .pkt .pkz Greets: xokaido, hex, hektor, classical / include windows.h define DllExport declspec dllexport DllExport void WTInfo...
TuttoPHP Morris Guestbook 'view.php' Cross Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/36415/info Morris Guestbook is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser o...
good/bad vote (xss/lfi) Multiple Vulnerabilities
No description provided by source. -----------------------------I AM MUSLIM !!------------------------------ ============================================================================== / \ | | | | / \ | | | | / \ | | | | / \ | || | / \ | | | | / \ | | IN THE NAME OF // \ || || // \ || ||...
Apple iOS pdf Jailbreak Exploit
No description provided by source. The files contained in the archive link below are those that make use of a pdf exploit in order to jailbreak devices running Apple iOS. These pdf's are of interest in that they originate in userland and give root access to the devices...
Red Hat Linux 7.0 Apache Remote Username Enumeration Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/3335/info Versions of Apache webserver shipping with Red Hat Linux 7.0 and possibly other Apache distributions install with a default misconfiguration which could allow remote users to determine whether a give username...
VSO Medoa Player 1.0.2.2 - Local Denial of Services PoC
No description provided by source. !usr/bin/perl Exploits title :VSO Medoa Player Version 1.0.2.2 Local Denial Of Services poc Date : 2010/01/02 Aouther : SarBoT511 downloads :www.vso-software.fr tested on :win xp sp2 VSO Medoa Player Version 1.0.2.2 $file=SarBoT511.ape; $boom=A x 2000;...
PHPCMS 1.1/1.2 Cross-Site Scripting Vulnerability
No description provided by source...
@cid Stats 2.3 Install.PHP3 Remote File Include Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/20925/info The '@cid stats' program is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue may allow an attacker to compromise the application a...
Apache Struts 1.2.7 Error Response Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/15512/info Struts is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code execute in the...
3D-FTP Client 4.0 - Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/7451/info It has been reported that 3D-FTP client may be prone to a buffer overflow condition. This issue is due to the client not implementing sufficient bounds checking on banner data copied into local memory buffers. I...
Microsoft Internet Explorer 6.0 DirectAnimation.DAUserData Denial of Service Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/18902/info Microsoft Internet Explorer is prone to a denial-of-service vulnerability. This issue is triggered when an attacker convinces a victim user to visit a malicious website that uses the 'DirectAnimation.DAUserData...
FlashChat <= 4.5.7 (aedating4CMS.php) Remote File Include Vulnerability
No description provided by source. !/usr/bin/env python coding: utf-8 from pocsuite.net import req from pocsuite.poc import POCBase, Output from pocsuite.utils import register class TestPOCPOCBase: vulID = '63921' ssvid version = '1.0' author = 'kikay' vulDate = '2006-09-06' createDate =...
Polycom IP Phone Web Interface Data Diclosure Vulnerability
No description provided by source. / / / / / // | / // \ | / / / / / /// / / / / / / / // / / / |/ / // / , / / // / / / / / //// //|///||/,/ / /// Live by the byte |// Members: Pr0T3cT10n -=M.o.B.=- TheLeader Sro Debug Contact: [email protected] -----------------------------------...