Mambo Component EstateAgent 0.1 - Remote SQL Injection Vulnerability

No description provided by source. joomla SQL Injectioncomestateagent AUTHOR : S@BUN HOME : http://www.hackturkiye.com/ DorK 1 : allinurl: allinurl: comestateagent EXPLOIT :...

Ganglia gmetad <= 3.0.6 'process_path()' Remote Stack Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/33299/info Ganglia is prone to a remote stack-based buffer-overflow vulnerability because the software fails to perform adequate boundary checks on user-supplied input. Attackers can leverage this issue to execute arbitra...

eStore 1.0.1/1.0.2 Settings.inc.PHP Path Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8220/info eStore is prone to a path disclosure vulnerability. It has been reported that a remote attacker may make a direct HTTP request for an eStore include script and in doing so trigger an error. The resulting error...

Joomla Component d3000 1.0.0 - Remote SQL Injection Vulnerability

No description provided by source. Powered by Download 3000 AUTHOR : S@BUN HOME : http://www.milw0rm.com/author/1334 BLOG : http://my.opera.com/SQL-Injection/blog/ MAiL : [email protected] DORK 1 : Powered by Download 3000 DORK 2 : allinurl: comd3000 EXPLOiT :...

Mac OSX Server DirectoryService Buffer Overflow

No description provided by source. Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ Mac OSX Server DirectoryService buffer overflow 1. Advisory Information Title: Mac OSX Server DirectoryService buffer overflow Advisory ID: CORE-2013-0103 Advisory URL:...

gridcc script 1.0 (sql/xss) Multiple Vulnerabilities

No description provided by source. +===================================================================================+ ./SEC-R1Z / / / / /\ \ |/ / \ \ / / / / | | / | | / / \ / / / / | || / | | / / \ \ \ \2009 | \ | | / / / \ /\ / ||\ \ ||/ \ R.I.P MichaelJackson !!!!!...

InterTech Co 1.0 - SQL Injection

No description provided by source. ------------------------------------------------------ ./SEC-R1Z / / / / /\ \ |/ / \ \ / / / / | | / | | / / \ / / / / | || / | | / / \ \ \ \2010 | \ | | / / / \ /\ / ||\ \ ||/ \ R.I.P MichaelJackson !!!!! ------------------------------------------------------ ?...

VamCart 0.9 CMS - Multiple Vulnerabilities

No description provided by source. Title: ====== VamCart v0.9 CMS - Multiple Web Vulnerabilities Date: ===== 2012-06-25 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=622 VL-ID: ===== 622 Common Vulnerability Scoring System: ==================================== 4...

Mambo Component Ricette 1.0 - Remote SQL Injection Vulnerability

No description provided by source. joomla SQL Injectioncomricette AUTHOR : S@BUN HOME : http://www.milw0rm.com/author/1334 MAİL : [email protected] DORK 1 : allinurl: comricette DORK 2 : allinurl: comricetteid EXPLOIT :...

MaticMarket 2.02 for PHP Nuke LFI Vulnerability

No description provided by source. MaticMarket 2.02 for PHP Nuke LFI Vulnerability Url: http://sourceforge.net/projects/maticmarket Author: xer0x Expl: http://localhost/modules/maticmarket/deco/blanc/haut.php?modulename=../../../../../../../../../../../../../../etc/passwd%00...

webERP 3.11.4 - Multiple Vulnerabilities

No description provided by source. Title: webERP Multiple Vulnerabilities Author: ADEO Security Published: 30/06/2010 Version: 3.11.4 Possible all versions Vendor: http://www.weberp.org Description: webERP is a complete web based accounting/ERP system that requires only a web-browser and pdf read...

com_hashcash Mambo Component <= 1.2.1 Include Vulnerability

No description provided by source. Hashcash Component Author : Ahmad Maulana a.k.a Matdhule Date : July 12th 2006 Location : Indonesia, Jakarta Web : http://advisories.echo.or.id/adv/adv38-matdhule-2006.txt Critical Lvl : Highly critical Impact : System access Where : From Remote...

Seotoaster SQL Injection Admin Login Bypass

No description provided by source. Advisory: Seotoaster SQL-Injection Admin Login Bypass Author: Stefan Schurtz Contact: [email protected] Affected Software: Successfully tested on Seotoaster v.1.9 Vendor URL: http://www.seotoaster.com/ Vendor Status: fixed ==========================...

AVCon DEP Bypass

No description provided by source. DEP Bypass for OptIn/OptOut all modules used are not aslr aware script produces a text file, copy the contents paste in the input field next to the call button discovered by Dillon Beresford import sys from struct import pack print \n===================== print...

Longshine Multiple Print Servers Cross-site Scripting Vulnerability

No description provided by source...

Campus Bulletin Board 3.4 - post3/view.asp id Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/29375/info Campus Bulletin Board is prone to multiple input-validation vulnerabilities, including multiple SQL-injection issues and a cross-site scripting issue, because it fails to sufficiently sanitize user-supplied dat...

Pre E-Smart Cart Authentication Bypass

No description provided by source. Exploit Title:Pre E smart cart authentication bypass Date: 16th july 2010 Author: D4rk357 Critical:high contact:d4rk357atyahoodotin Price : 49$ Software Link:http://preproject.com/smartcart.asp Greetz to :b0nd, Fbih2s,Beenu,rockey killer,The empty,...

PHP-Update <= 2.7 (admin/uploads.php) Remote Code Execution Exploit

No description provided by source. !/usr/bin/perl rgod u fucking little piece of shit faggot. way to ruin a private exploit, scumbag use strict; use IO::Socket; use MIME::Base64; use Getopt::Std; my $app = PHP-Update 2.7; my $type = Remote Code Execution; my $author = undefined1; my $date =...

UUSee 2008 UUUpgrade ActiveX Control 'Update' Method Arbitrary File Download Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/29963/info UUSee is prone to a vulnerability that can cause malicious files to be downloaded and saved to arbitrary locations on an affected computer. Attackers may exploit this issue to overwrite sensitive files with...

Md-Pro <= 1.0.8x (Topics topicid) Remote SQL Injection Vulnerability

No description provided by source. !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! Site: http://www.maxdev.com Download: http://www.maxdev.com/mod-Areafiles-display-lid-510-cid-1.phtml Dork: Powered by Md-Pro !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!...

Kingsoft Webshield 1.1.0.62 Cross Site scripting and Remote Command Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/35038/info The Webshield feature of Kingsoft Internet Security 9 is prone to a remote cross-site scripting and command-execution vulnerability. Remote attackers may exploit this vulnerability to compromise an affected...

Ruby <= 1.9 Safe Level Multiple Function Restriction Bypass

No description provided by source. source: http://www.securityfocus.com/bid/30644/info Ruby is prone to multiple vulnerabilities that can be leveraged to bypass security restrictions or cause a denial of service: - Multiple security-bypass vulnerabilities occur because of errors in the 'safe leve...

BSI Hotel Booking System Admin 1.4 & 2.0 - Login Bypass Vulnerability

No description provided by source. ----------------------------------------------------------------------------------------- ECHOADV113$2010 BSI Hotel Booking System Admin Login Bypass Vulnerability ----------------------------------------------------------------------------------------- Author :...

phpMyAdmin 3.5.2.2 server_sync.php Backdoor

No description provided by source. $Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit...

Broadcom DoS on BCM4325 and BCM4329 Devices

No description provided by source...

HP OpenView Network Node Manager Snmp.exe CGI Buffer Overflow

No description provided by source. $Id: hpnnmsnmp.rb 10998 2010-11-11 22:43:22Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

KMPlayer 3.7.0.109 (.wav) - Crash PoC

No description provided by source. Exploit Title: KMPlayer 3.7.0.109 Integer division by zero DoS. Date: 29-9-2013 Exploit Author: xboz Vendor Homepage: http://www.kmpmedia.net/ Software Link: http://update.kmpmedia.net/player/download/28 Version: 3.7.0.109 Tested on: Windows 7,8 header =...

phpCMS 1.1.7 include/class.http_indexer_phpcms.php PHPCMS_INCLUDEPATH Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/21768/info phpCMS is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to compromise the application and the...

Openfire Server <= 3.6.0a (Auth Bypass/SQL/XSS) Multiple Vulnerabilities

No description provided by source. Advisory: Openfire Server Multiple Vulnerabilities Advisory ID: AKADV2008-001 Release Date: 2008/11/07 Revision: 1.0 Last Modified: 2008/11/07 Date Reported: 2008/05/17 Author: Andreas Kurtz mail at andreas-kurtz.de Affected Software: Openfire Server = 3.6.0a...

Microsoft PowerPoint Viewer TextBytesAtom Stack Buffer Overflow

No description provided by source. $Id: ms10004textbytesatom.rb 10477 2010-09-25 11:59:02Z mc $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms ...

Camtron CMNC-200 IP Camera Denial of Service Vulnerability

No description provided by source. Finding 5: Camera Denial of Service CVE: CVE-2010-4234 The CMNC-200 IP Camera has a built-in web server that is vulnerable to denial of service attacks. Sending multiple requests in parallel to the web server may cause the camera to reboot. Requests with long...

oracle application server discussion forum portlet Multiple Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/16048/info Oracle Application Server Discussion Forum Portlet is affected by multiple remote vulnerabilities. The following specific vulnerabilities were identified: The application is prone to a cross-site scripting...

MySQL AB Eventum 1.x list.php release Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/14436/info MySQL Eventum is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of these issu...

agXchange ESM 'ucschcancelproc.jsp' Open Redirection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/38879/info agXchange ESM is prone to an open-redirection vulnerability because the application fails to properly sanitize user-supplied input. A successful exploit may aid in phishing attacks; other attacks are possible...

Active PHP Bookmarks 1.1.2 APB_SETTINGS['apb_path'] Multiple Remote File Include Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/21263/info Active PHP Bookmarks application is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to compromis...

Ossigeno CMS 2.2_pre1 upload/xax/ossigeno/admin/install_module.php level Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/26654/info Ossigeno CMS is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to compromise the application an...

Log1CMS 2.0 (ajax_create_folder.php) Remote Code Execution

No description provided by source. ?php / +-----------------------------------------------------------+ + Log1CMS 2.0ajaxcreatefolder.php Remote Code Execution + +-----------------------------------------------------------+ Web-App : Log1CMS 2.0 Vendor : http://log1cms.sourceforge.net/...

PCMAN FTP 2.07 STOR Command - Buffer Overflow Exploit

No description provided by source. !/usr/bin/python Exploit Title: PCMAN FTP 2.07 STOR Command - buffer overflow Date: 18 Agosto 2013 Exploit Author: Christian Polunchis Ramirez https://intrusionlabs.org Contact: [email protected] Version: PCMAN FTP 2.07 STOR Command Tested on: Windows ...

AspPired2Poll <= 1.0 (MoreInfo.asp) Remote SQL Injection Exploit

No description provided by source. !/usr/bin/perl Script Name: AspPired2 Poll = 1.0 MoreInfo.asp Remote SQL Injection Exploit Coded by : ajann Author : ajann Contact : : use IO::Socket; if@ARGV 3 print ======================================================================== // AspPired2 Poll = 1....

Gearbox Software Halo Game Server 1.06/1.07 Infinite Loop Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/13728/info The Halo Game Server is prone to a denial-of-service condition. The issue arises when malformed data is sent to the game server, causing it to enter an infinite loop. This issue was reported to affect Halo Game...

pkexec Race Condition Privilege Escalation Exploit

No description provided by source. / Exploit Title: pkexec Race condition CVE-2011-1485 exploit Author: xi4oyu Tested on: rhel 6 CVE : 2011-1485 Linux pkexec exploit by xi4oyu , thx [email protected] Have fun �� U can reach us @ http://www.wooyun.org : / include include include include include include...

Easyzip 2000 3.5 - (.zip) 0day stack buffer overflow PoC exploit

No description provided by source. ?php / Easyzip 2000 v3.5 .zip 0day stack buffer overflow PoC exploit Author: mrme - http://net-ninja.net/ Download: http://www.thefreesite.com/ezip35.exe Platform: Windows XP sp3 Advisory: http://www.corelan.be:8800/advisories.php?id=10-032 Greetz to: Corelan...

Star Downloader Free <= 1.45 (.dat) Universal SEH Overwrite Exploit

No description provided by source. / :::::::-. ... ::::::. :::. ;;, ';, ;; ;;;;;;;, ;;; ' . ' $$, $$$$ $$$ $$$ Y$c$$ 888,o8P'88 .d888 888 Y88 MMMMP YmmMMMM MMM YM Discovered and Exploited by dun Star Downloader Free = v1.45 .dat Universal SEH Overwrite Exploit Vendor: http://www.stardownloader.co...

w1l3d4 philboard 1.2 (blind sql/xss) Multiple Vulnerabilities

No description provided by source. + Script Name : philboard v 1.14 Multiple Remote Exploits |+| Team : InjEct0r5 + Author : Bl@ckbe@rD 'Tunisian TerrorisT' ; + Contact : blackbeard-sqlA.Thotmail.fr ; + Dork : Powered by v1.14 powered by philboard v1.14 --//-- + Expl0iT : Remote SQL Injection : -...

ADN Forum <= 1.0b Blind SQL Injection Exploit

No description provided by source. !/usr/bin/perl -------------------------------------------------- ADN Forum = 1.0b Blind SQL Injection Exploit Discovered By: StAkeR - StAkeRathotmaildotit Discovered On: 01/10/2008 Download: http://sourceforge.net/projects/adnforum/...

TCPDF 4.5.036/4.9.5 'params' Attribute Remote Code Execution Weakness

No description provided by source. source: http://www.securityfocus.com/bid/39315/info TCPDF is prone to a security weakness that may allow attackers to execute arbitrary code. An attacker can exploit this issue in conjunction with other latent vulnerabilities to execute arbitrary code with the...

RASPcalendar 1.01 - [ASP] Admin Login Vlunerabilities

No description provided by source. --------------------------------------------------- RASPcalendar 1.01 ASP Admin Login Vlunerabilities --------------------------------------------------- Author : Hackeri-AL Date : 06-11-2013 Vendor Homepage : http://www.rttucson.com/files.html Software link :...

TeamSpeak Server 2.0.23 Multiple Scripts Multiple Cross-Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/23933/info TeamSpeak Server is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary scri...

HP Operations Dashboard 2.1 Portal Default Manager Account Remote Security Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/36258/info HP Operations Dashboard is prone to a remote security vulnerability. Operations Dashboard 2.1 for Windows is vulnerable; other versions may also be vulnerable. Attackers can exploit this issue using readily...

Softek MailMarshal 4,Trend Micro ScanMail 1.0 SMTP Attachment Protection Bypass

No description provided by source. source: http://www.securityfocus.com/bid/3097/info At least two SMTP gateway products have been identified which contain flaws in the handling of restricted filetypes as attachments. An attacker can insert extraneous characters in the filename extension of a...