56796 matches found
Observer 0.3.2.1 - Multiple Remote Command Execution Vulnerabilities
No description provided by source. :::::::-. ... ::::::. :::. ;;, ';, ;; ;;;;;;;, ;;; ' . ' $$, $$$$ $$$ $$$ Y$c$$ 888,o8P'88 .d888 888 Y88 MMMMP YmmMMMM MMM YM Discovered by dun \ dunatstrcpy.pl observer = 0.3.2.1 Remote Command Execution Script: Observer is an autodiscovering PHP/MySQL/SNMP/CDP...
Fcron 3.0 Convert-FCronTab Local Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/16467/info Fcron is susceptible to a local buffer-overflow vulnerability. This issue is due to the application's failure to properly bounds-check user-supplied data before copying it to an insufficiently sized memory...
phpCommunityCalendar <= 4.0.3 - Multiple (XSS/SQL) Vulnerabilities
No description provided by source. phpCommunityCalendar 4.0.3 Multiple Vulnerabilites author : X0r1 release : 23.05.06 software : http://www.appideas.com/ googledork : Calendar progr...
Safenet IPSecDrv.sys <= 10.4.0.12 Local kernel ring0 SYSTEM Exploit
No description provided by source. / safenet-ipsec-call.c Copyright c 2008 by [email protected] Safenet IPSecDrv.sys = 10.4.0.12 local kernel ring0 indirect call SYSTEM exploit by mu-b - Thu 03 Jan 2008 - Tested on: IPSecDrv.sys 10.4.0.12 bundle with: SafeNET HighAssurance Remote, SoftRemote -...
Comdev eCommerce 3.0 INDEX.PHP Multiple Cross-Site Scripting Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/12382/info Comdev eCommerce is reported prone to multiple cross-site scripting vulnerabilities. These may facilitate theft of cookie-based authentication credentials as well as other attacks. Comdev eCommerce 3.0 is...
Radasm .rap file local buffer overflow vulnerability
No description provided by source. includestdio.h includewindows.h includegetopt.h void genrandomchar,const int; void printchar; unsigned int getFsizeFILE,char; void buildfilechar; int makebindshellunsigned short; void help; void printshell; DWORD SearchStreamconst char ,sizet,const char ,sizet;...
KaiBB 2.0.1 - SQL Injection vulnerability
No description provided by source. Advisory: KaiBB 2.0.1 XSS and SQL Injection vulnerabilities Advisory ID: SSCHADV2011-027 Author: Stefan Schurtz Affected Software: Successfully tested on KaiBB 2.0.1 Vendor URL: http://code.google.com/p/kaibb/ Vendor Status: informed CVE-ID: -...
Joomla Component JooBB 0.5.9 - Blind SQL Injection Exploit
No description provided by source. !/usr/bin/perl use LWP::UserAgent; use Getopt::Long; if!$ARGV1 print \n; print \n; print Joomla Component Joo!BB Blind SQL Injection Exploit \n; print Author:His0k4 ALGERIAN HaCkeR \n; print \n; print Conctact: His0k4.hlmatgamil.com \n; print Greetz: All friends...
qDecoder 4.x/5.x Remote Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/2329/info Improperly validated user-supplied input to the Content-Type header can create an overflow condition. As a result, excessive data copied onto the stack can overwrite critical parts of the stack frame such as the...
kaibb 1.0.1 - Multiple Vulnerabilities
No description provided by source. Vulnerability ID: HTB22749 Reference: http://www.htbridge.ch/advisory/bbcodexssinkaibb.html Product: KaiBB Vendor: Mi-Dia http://www.mi-dia.co.uk/ Vulnerable Version: 1.0.1 Vendor Notification: 09 December 2010 Vulnerability Type: BBcode XSS Status: Not Fixed,...
ezDatabase <= 2.0 (db_id) Remote Command Execution Exploit
No description provided by source. !/usr/bin/perl ezDatabase Remote Command Execution Exploit based on advisory by Pridels Team Copyright c 2006 cijfer cijfer@netti!fi All rights reserved. never ctrl+c again. cijfer$ http://target.com/dir host changed to 'http://target.com/dir' cijfer$ $Id:...
BeroFTPD 1.3.4(1) - Remote Root Exploit (Linux x86)
No description provided by source. / BeroFTPD 1.3.41 Linux x86 remote root exploit by qitest1 - 5/05/2001 BeroFTPD is an ftpd derived from wuftpd sources. This code exploits the format bug of the site exec cmd, well known to be present in wuftpd-2.6.0 and derived daemons. BeroFTPD 1.3.41 is the...
TVT TD-2308SS-B DVR - Directory Traversal Vulnerability
No description provided by source. Exploit Title: TVT TD-2308SS-B DVR directory traversal Shodan Dork: Cross Web Server Date: 01 Dec 2013 Disclosure date: 10 Sep 2013 Exploit Author: Cesar Neira Vendor Homepage: http://en.tvt.net.cn/ Affected Firmware Versions: 3.1.43.B 3.1.43.P 3.1.6.P-1.0.2.1-0...
Windows 95/98 UNC Buffer Overflow Vulnerability (1)
No description provided by source. source: http://www.securityfocus.com/bid/779/info There is a overflowable buffer in the networking code for Windows 95 and 98 all versions. The buffer is in the part of the code that handles filenames. By specifying an exceptionally long filename, an attacker ca...
TeamHelpdesk Customer Web Service (CWS) 8.3.5 & Technician Web Access (TWA) 8.3.5 - Remote User Credential Dump
No description provided by source. Exploit Title: Team Helpdesk Customer Web Service CWS Remote User Credential Dump exploit Exploit Title: Team Helpdesk Technician Web Access TWA Remote User Credential Dump exploit Date: May 5, 2014 Exploit Author: bhamb [email protected] Vendor Homepage:...
ClanLite Config-PHP.PHP Remote File Include Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/20672/info ClanLite is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue may allow an attacker to compromise the application and the underlyin...
The Rat CMS viewarticle.php id Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/29959/info The Rat CMS is prone to multiple input-validation vulnerabilities, including SQL-injection issues and cross-site scripting issues, because it fails to sufficiently sanitize user-supplied data. Exploiting these...
CoolPlayer - m3u File Local Buffer Overflow Exploit
No description provided by source. !/usr/bin/perl ksOSe - 07/29/2008 use warnings; use strict; http://www.metasploit.com EXITFUNC=seh, CMD=c:\WINDOWS\system32\calc.exe x86/shikataganai succeeded, final size 169 my $shellcode = \xd9\xca\xd9\x74\x24\xf4\x5e\xb8\xf5\x65\x2d\xfb\x31\xc9\xb1...
Linksys Web Camera Software 2.10 Next_file Parameter Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/10533/info It is reported that Linksys Web Camera software is prone to a cross-site scripting vulnerability that may allow a remote attacker to steal cookie-based authentication credentials or carry out other attacks. The...
win32/xp sp3 (Ru) WinExec+ExitProcess cmd shellcode 12 bytes
No description provided by source. 68 9D 61 F9 77 push 0x77C01345 B8 C7 93 C1 77 mov eax,msvcrt.system FF D0 call eax In msvcrt.dll at 0x77C01344 We have string .cmd, that's the trick. Code will work in WinXP SP3 Pro Rus, in other versions you'd better search the string and systemchar address for...
Content2Web 1.0.1 - Multiple Input Validation Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/14862/info Content2Web is affected by multiple input validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this lack of...
Microsoft Cinepak Codec CVDecompress - Heap Overflow
No description provided by source. ''' | / |/ \ /\ | | | | \ | \ / | | | | / \ | | | | | | | |/| | | | |/ /\ | | | | | | | | || / \ || | | | || ||// \/|/ http://www.exploit-db.com/moaub-26-microsoft-cinepak-codec-cvdecompress-heap-overflow-ms10-055/ ''' ''' Title : Microsoft Cinepak Codec...
ProjectApp 3.3 default.asp skin_number Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/16011/info ProjectApp is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have...
Pligg 9.9.5 'CAPTCHA' Registration Automation Security Bypass Weakness
No description provided by source. source: http://www.securityfocus.com/bid/30518/info Pligg is prone to a security-bypass weakness. Successfully exploiting this issue will allow an attacker to register multiple new users through an automated process. This may lead to other attacks. Pligg 9.9.5 i...
Linux Kernel NFS and EXT3 Combination Remote Denial of Service Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/19396/info The Linux kernel is susceptible to a remote denial-of-service vulnerability because the EXT3 filesystem code fails to properly handle unexpected conditions. Remote attackers may trigger this issue by sending...
mount.cifs chdir() Arbitrary root File Identification
No description provided by source...
phpwcms <= 1.1-RC4 (spaw) Remote File Include Vulnerability
No description provided by source. PhpwCMS 1.2.6 = Multiple Remote file inclusion vulnerabilities Discovered by : |/| . .. | || ||| | | Vuln In : include $spawroot.'class/lang.class.php'; Affected Files : include/incext/spaw/dialogs/table.php include/incext/spaw/dialogs/a.php...
Solaris 2.6/7.0 lpset -r Buffer Overflow Vulnerability (3)
No description provided by source. source: http://www.securityfocus.com/bid/1138/info A vulnerability exists in the handling of the -r option to the lpset program, as included in Solaris 7 from Sun Microsystems. The -r option is undocumented. As such, its use in unknown. However, when supplied a...
Sun SunVTS 4.x PTExec Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/2898/info SunVTS is the Sun Validation Test Suite, distributed and maintained by Sun Microsystems. The SunVTS is used to test various components of OEM Sun hardware, and can also be used to stress-test components and...
Pre Classified Listings 1.0 'detailad.asp' SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/32566/info Pre Classified Listings is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to...
Lynx Message Server Multiple Vulnerabilities
No description provided by source. 1. Summary The Micro Technology Services Inc. Lynx Message Server 7.11.10.2 and/or LynxTCPService version 1.1.62 web interface is vulnerable to SQL Injection, Cross-Site Scripting, and other security problems. 2. Description Lynx is a Facility wide Duress and...
iSupport <= 1.8 XSS/LFI Exploit
No description provided by source. --------------------------------------------- ++ iSupport = 1.8 ++ XSS/Local File Include Exploit --------------------------------------------- Discovered by : Stink' & Essandre DATE : 16/12/09 ////////////////////////////////////////////////////////////////////...
Izumi <= 1.1.0 (RFI/LFI) Multiple Include Vulnerability
No description provided by source. + Izumi = 1.1.0 RFI/LFI Multiple Include Vulnerability + Discovered by cr4wl3r cr4wl3r!linuxmail.org + Download : http://sourceforge.net/projects/izumi/files/ + Code : page.php requireonce$dirinstall . $dirsrc . common.php; + Example : x RFI :...
Joomla Com_Ca SQL Injection Vulnerability
No description provided by source. Exploit Title: Joomla ComCa SQL Injection Vulnerability Date: 10.04.2010 Author: DigitALL Tested on: DigiXp Version 1.0 Code : /index.php?option=comca&id=SQL INJECT?ON Dork: For Script Kidde DigitALL Efe KroNicKq NoFearx38 And All 1923Turk.com Members...
Cafelog b2 0.6 - Remote File Include Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/7738/info A remote file include vulnerability has been reported for Cafelog. Due to insufficient sanitization of some user-supplied variables by the 'blogger-2-b2.php' and 'gm-2-b2.php' scripts, it is possible for a remot...
MTCMS <= 2.0 - Remote SQL Injection Vulnerabilities
No description provided by source...
Novell ZenWorks 10 & 11 TFTPD Remote Code Execution Vulnerability
No description provided by source. !/usr/bin/perl Source: http://www.protekresearchlab.com/index.php?option=comcontent&view=article&id=22&Itemid=22 use Getopt::Std; use IO::Socket::INET; $SIGINT = \ my $host = '192.168.100.24'; my $port = 69; my $proto = 'udp'; my $sockType = SOCKDGRAM; my $timeo...
Winace 2.2 Malformed Filename Remote Denial of Service Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/33049/info Winace is prone to a denial-of-service vulnerability. Attackers can exploit this issue to crash Windows Explorer, denying service to legitimate users. Given the nature of this issue, attackers may also be able ...
CoolPlayer 2.17 - .m3u Playlist Stack Overflow Exploit
No description provided by source. CoolPlayer, Latest Build: 217 Web:: http://coolplayer.sourceforge.net/ Playlist.m3u File Local Buffer Overflow Exploit Vuln: http://www.securityfocus.com/bid/21396 Greetz: Luigi Auriemma que ha descubierto una nueva vulnerabilidad en este software junto a esta...
Cobalt RaQ 2.0/3.0/4.0 XTR MultiFileUpload.php Authentication Bypass Vulnerability (2)
No description provided by source. source: http://www.securityfocus.com/bid/4252/info Cobalt RaQ is a server appliance for Internet-based services. It is distributed and maintained by Sun Microsystems. The 'MultiFileUpload.php' script is not sufficiently protected from outside access. While other...
Web Wiz Forum 6.34/7.0/7.5 Unauthorized Private Forum Access Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/8957/info A vulnerability has been reported in Web Wiz Forum that could allow unauthorized access to private forums. The problem occurs when handling malformed requests that make use of 'quote' mode. When this mode is use...
Ascend CascadeView/UX 1.0 tftpd - Symbolic Link Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/910/info The tftpd bundled with CascadeView for Ascend's B-STDX 8000/9000 network devices creates a log in /tmp called tftpdxferstatus.log. If /tmp/tftpdxferstatus.log already exists as a symbolic link, tftpd will follow ...
ProFTPD mod_sftp Integer Overflow DoS PoC
No description provided by source. ProFTPD modsftp Integer Overflow by Kingcope reference: http://www.castaglia.org/proftpd/modules/modsftp.html Exploit Title: ProFTPD modsftp Integer Overflow Date: 7 February 2011 Author: Kingcope Software Link:...
MayGion IP Cameras Firmware 09.27 - Multiple Vulnerabilities
Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ MayGion IP Cameras multiple vulnerabilities 1. Advisory Information Title: MayGion IP Cameras multiple vulnerabilities Advisory ID: CORE-2013-0322 Advisory URL:...
myphpPageTool 0.4.3 -1 Remote File Include Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/6744/info myphpPageTool is prone to an issue which may allow remote attackers to include files located on remote servers. This issue is present in several PHP script files in the /doc/admin folder. Under some circumstance...
Big Forum 5.2v Arbitrary File Upload & LFI Vulnerability
No description provided by source. = Big Forum 5.2v Arbitrary File Upload & Local File Inclusion Vulnerability = Author : Zer0 Thunder = Home : http://colombohackers.com = Download : http://sourceforge.net/projects/npage-bigforum/files/bigforum%205.2/bf5.2.zip/download = Date : 06/24/2010 Arbitra...
NOCC 1.0 no_mail.php html_no_mail Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/16793/info NOCC Webmail is prone to multiple input-validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit these issues to inject...
Joomla Component com_joomdocs XSS Vulnerability
No description provided by source...
Gallarific - search.php query Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/28163/info Gallarific is prone to a cross-site scripting vulnerability and multiple authentication-bypass vulnerabilities. An attacker may leverage these issues to execute arbitrary script code in the browser of an...
w3blabor CMS 3.0.5 - Arbitrary File Upload & LFI Exploit
No description provided by source. !/usr/bin/perl use LWP::UserAgent; use HTTP::Request::Common qwPOST; use Getopt::Long; '/ -.- ------------------oOO------OOo----------------- | | | / / / / | | / / / / / / / / / / / | | // // / / / // / // / // | | ///,// /./,/, // | | Security Research...