MS Word 95/97/98/2000/2002 Excel 2002 INCLUDETEXT Document Sharing File Disclosure

No description provided by source. source: http://www.securityfocus.com/bid/5586/info The Microsoft Word and Excel INCLUDETEXT Field Code may be used to insert an arbitrary local file into a document. The INCLUDETEXT Field Code is reported to, under some circumstances, present a security threat. ...

MP3Info 0.8.5a - SEH Buffer Overflow Exploit

No description provided by source. Exploit Title: mp3info SEH exploit Date: 18 March 2014 Exploit Author: Ayman Sagy aymansagy at gmail.com Vendor Homepage: http://ibiblio.org/mp3info/ Software Link:...

BigAnt Server 2.52 SP5 - SEH Stack Overflow ROP-based exploit (ASLR + DEP bypass)

No description provided by source. Exploit Title: BigAnt Server 2.52 SP5 SEH Stack Overflow ROP-based exploit ASLR + DEP bypass Date: 03/11/2012 Exploit Author: Lorenzo Cantoni Vendor Homepage: http://www.bigantsoft.com/ Version: BigAnt Console 2.52 SP5 Tested on: Windows 7 SP0 x86 Italian -...

HomeSeer HS2 and HomeSeer PRO Multiple Vulnerabilities

No description provided by source. HomeSeer Home Automation Software Multiple Web Vulnerabilities 0day Date: 3/6/12 Author: SilentDream Software Link: http://www.homeseer.com/pub/setuphs25049.exe Version: 2.5.0.49 Tested on: Win XP CERT VU796883: http://www.kb.cert.org/vuls/id/796883 Note: This...

Mutiny Remote Command Execution

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3...

AlienVault OSSIM 3.1 Reflected XSS and Blind SQL Injection

No description provided by source. !/usr/bin/python ''' AlienVault has a reflected XSS vulnerability in the url parameter of top.php. Proof of Concept: Enticing a logged in user to visit the following URL where an attacker is hosting an cookie grabber will allow for the hijacking of the user...

KingView Log File Parsing Buffer Overflow

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core'...

smartermail free 9.2 - Stored XSS

No description provided by source. !/usr/bin/python ''' Author: loneferret of Offensive Security Product: SmarterMail Version: Free 9.2 Vendor Site: http://www.smartertools.com Software Download: http://smartertools.com/smartermail/mail-server-software.aspx Timeline: 29 May 2012: Vulnerability...

EType EServ 2.98/2.99/3.0 Resource Exhaustion Denial of Service Vulnerability (1)

No description provided by source. source: http://www.securityfocus.com/bid/7552/info A denial of service vulnerability has been reported for EServ. The vulnerability exists due to the way the server handles connections. Specifically, memory allocated for open connections are not properly freed...

H0tturk Panel 'gizli.php' Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/30468/info H0tturk Panel is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote file containing malicio...

CoDeSys SCADA 2.3 - Remote Exploit

No description provided by source. / See Also: http://aluigi.altervista.org/adv/codesys1-adv.txt CoDeSys v2.3 Industrial Control System Development Software Remote Buffer Overflow Exploit for CoDeSys Scada webserver Author : Celil UNUVER, SignalSEC Labs www.signalsec.com Tested on WinXP SP1 EN TH...

OpenFiler 2.99.1 - Arbitrary Code Execution

No description provided by source. Exploit Title: Arbitrary Code Execution in Openfiler Exploit author: Dolev Farhi @f1nhack Date 07/05/2014 Vendor homepage: http://www.openfiler.com Affected Software version: 2.99.1 Alerted vendor: 7.5.14 Software Description ===================== Openfiler is a...

Microsoft Internet Explorer 5.0.1 Frameset Memory Corruption Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/18277/info Microsoft Internet Explorer is affected by a memory-corruption vulnerability. This issue arises because the application fails to handle exceptional conditions in a proper manner. An attacker may exploit this...

Campsite 2.6.1 IPAccess.php g_documentRoot Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/23874/info Campsite is prone to multiple remote file-include vulnerabilities. Exploiting this issue allows remote attackers to execute code in the context of the webserver. This issue affects Campsite 2.6.1. Earlier...

FusionForge 5.0 - Multiple Remote File Include Vulnerability

No description provided by source. + FusionForge 5.0 Multiple Remote File Include Vulnerability 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ /'\ \ /\ \ \ \ /'\ 0 0 \ \ /\ /\ \ \ ...

Openurgence vaccin 1.03 (RFI/LFI) Multiple File Include Vulnerability

No description provided by source. ===================================================================== Openurgence vaccin 1.03 RFI/LFI Multiple File Include Vulnerability ===================================================================== + Openurgence vaccin 1.03 RFI/LFI Multiple File Includ...

e107 <= 0.6172 - (resetcore.php) Remote SQL Injection Exploit

No description provided by source. ?php 0.27 18/10/2005 ---e017xpl.php e107 0.617 resetcore.php SQL Injection & remote code execution all-in-one by rgod site: http://rgod.altervista.org make these changes in php.ini if you have troubles to launch this script: allowcalltimepassreference = on...

PWSPHP 1.1/1.2 Profil.PHP SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/13563/info PwsPHP is prone to an SQL-injection vulnerability because it fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to compromise the...

Darwin Streaming Server <= 4.1.2 (parse_xml.cgi) Code Execution Exploit

No description provided by source. !/usr/bin/perl QTTS REMOTE ROOT exploit by FOXMULDER [email protected] FOXMULDER PRESENTS foxmulderatabv.bg DarwinOSX4.x? 5.X QTSSQuick Time Stream Server 3.X The bug in Darwin 5.X with unpatched QTSS in parsexml.cgi which lead to remote root compromise: $filenam...

Zoom VoIP Phone Adapater ATA1+1 1.2.5 - CSRF Exploit

No description provided by source. Written By Michael Brooks Special thanks to str0ke! Zoom VoIP Phone Adapater ATA1+1 XSRF voip provider change xsrf version 1.2.5 html form action=http://10.1.1.165/callwzd.html method=post input name=DIRTYPAGE value=3 input name=HELPPAGE value=html.html input...

Active Calendar 1.2 data/m_3.php css Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/22705/info Active Calendar is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the...

DM Guestbook <= 0.4.1 - Multiple Local File Inclusion Vulnerabilities

No description provided by source. DM Guestbook = 0.4.1 Multiple Local File Include Vulnerabilities http://sourceforge.net/project/showfiles.php?groupid=101364 /guestbook.0.4.1/ POC : /guestbook.php?lng=../../../../../../../etc/passwd%00...

Monit <= 4.1 - Remote Root Buffer Overflow Exploit

No description provided by source. !/usr/bin/perl monit = 4.1 remote root exploit coded by gsicht 09.04.04 use IO::Socket::INET; $socket = 0; my $shellcode = 8 + 88 = 96 bytes portbind 31337 \x90\x90\x90\x90\x90\x90\x90\x90 . \x90\x90\x90\x90\x90\x90\x90\x90 . \x31\xc0\x31\xdb\xb0\x17\xcd\x80...

os-x/ppc sync(), reboot() 32 bytes

No description provided by source. / MacOSX/PowerPC Shellcode for: sync, reboot 32 bytes hophet at gmail.com http://www.nlabs.com.br/hophet/ / include stdio.h include string.h char shellcode = \x7c\x63\x1a\x79 \x39\x40\x01\x06 \x38\x0a\xff\x1e \x44\xff\xff\x02 \x60\x60\x60\x60 \x39\x40\x01\x19...

NinkoBB CSRF Vulnerability

No description provided by source...

PHP Decoda 3.3.1 - Local File Inclusion

No description provided by source. Exploit Title: php-decoda local file inclusion Date: 16/06/2012 Author: Number 7 Software Link: http://milesj.me/code/php/decoda Version: 3.3.1 Tested on: linux Exp: http://localhost/milesj-php-decoda/index.php?view=../../../../../../../etc/passwd%00 Line 111 in...

OvBB 0.x thread.php threadid Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/15566/info OvBB is prone to multiple SQL injection vulnerabilities. Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit...

ASP-Nuke Community <= 1.5 Cookie Privilege Escalation Vulnerability

No description provided by source. Title : ASP-Nuke Community = v1.5 Cookie Modification Privilege Escalation Vulnerability Author : ajann S.Page : http://www.rot.dk D.Page : http://www.rot.dk/aspnuke/downloads.asp Greetz : Nukedx Cookie ---------- Open the Cookie Editor= Find cookie informations...

phpStat <= 1.5 (setup.php) Authentication Bypass Exploit (perl)

No description provided by source. !/usr/bin/perl T r a p - S e t U n d e r g r o u n d H a c k i n g T e a m EXPLOIT FOR - PHPStat Setup.PHP Authentication Bypass Vulnerability Exploit By : A l p h a P r o g r a m m e r Sirus-v E-Mail : [email protected] This Xpl Change Admin's Pass in...

JaMP Player 4.2.2.0 - Denial of Service Vulnerability

No description provided by source. Exploit Title: JaMP Player v4.2.2.0 .m3u DoS Date: 12 / 8 / 2010 Author: Oh Yaw Theng Software Link: http://www.topdownloads.net/software/jamp-player2219088.html?hl=&ia=0 Version: v4.2.2.0 Tested on: Windows XP SP 2 CVE : N / A !/usr/bin/python filename =...

CMS Faethon 1.3.2 - Multiple Remote File Include Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/18489/info CMS Faethon is prone to multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input to the application. An attacker may leverage these issues to have an arbitrary remo...

CuteNews 0.88 comments.php Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/6935/info CuteNews is prone to an issue that may allow remote attackers to include files located on remote servers. Under some circumstances, it is possible for remote attackers to influence the include path for several...

Joomla Component com_zina SQL Injection Vulnerability

No description provided by source. Exploit Title: Joomla Component comzina SQL Injection Vulnerability Date: 21-08-2010 Author: Th3 RDX Software Link:http://www.pancake.org/zina/ Version: 2.x Tested on: Demo Site category: webapp Code : n/a...

D-Link DIR-615 Hardware rev D3 / DIR-300 - Hardware rev A - Multiple Vulnerabilities

No description provided by source...

Asus VideoSecurity Online 3.5 Web Server Authentication Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/15279/info Asus VideoSecurity Online is prone to a buffer overflow in the authentication mechanism of the included Web server. This issue only exists if authentication is enabled on the Web server. The Web server included...

IWConfig Local ARGV Command Line Buffer Overflow Vulnerability (2)

No description provided by source. source: http://www.securityfocus.com/bid/8901/info A problem has been identified in the iwconfig program when handling strings on the commandline. Because of this, a local attacker may be able to gain elevated privileges. / Name: iw-config.c Copyright: !sh2k+!tc...

WordPress 2.1.3 Akismet Plugin Unspecified Vulnerability

source: http://www.securityfocus.com/bid/23965/info The WordPress Akismet plugin is prone to an unspecified vulnerability. Few technical details are currently available. We will update this BID as more information emerges...

Webmin 1.5 - BruteForce + Command Execution

No description provided by source. !/usr/bin/perl Webmin BruteForce + Command execution v1.0:By Di42lo - [email protected] v1.5:By ZzagorR - [email protected] - www.rootbinbash.com add script: 1.wordlist func. 2.log line:41 usage: ./webmin1.pl host command wordlist ./webmin1.pl...

68 Classifieds 4.1 category.php cat Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/36208/info '68 Classifieds' is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in th...

PHP-Ultimate Webboard 2.0 'admindel.php' Multiple Input Validation Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/30822/info PHP-Ultimate Webboard is prone multiple-input validation vulnerabilities because the application fails to sufficiently sanitize user-supplied input. Successful exploits will allow unauthorized attackers to dele...

Active Business Directory 2 - Remote blind SQL Injection Vulnerability

No description provided by source. -----------------------------OffensiveTrack------------------------------ found by : OffensiveTrack Author : AlpHaNiX website : www.offensivetrack.org contact on mail & msn : [email protected] script : Active Business Directory v 2 €xploit :...

PHP < 4.4.5 / 5.2.1 php_binary Session Deserialization Information Leak

No description provided by source. ?php //////////////////////////////////////////////////////////////////////// // // // | || | | | | | | | || || \ // // | |/ || '|/ |/ -| ' \ / -/ |||| /| || / // // ||||,||| ,|||||||,| || |||||| // // // // Proof of concept code from the Hardened-PHP...

KingView 6.5.3 SCADA HMI Heap Overflow PoC

No description provided by source. Exploit Title: KingView 6.53 SCADA HMI Heap Overflow PoC Date: 9/28/2010 Author: Dillon Beresford Software Link: http://download.kingview.com/software/kingview%20English%20Version/kingview6.53EN.rar Version: 6.53 English Tested on: Windows XP SP1 works on SP2 an...

Mambo Site Server 4.0.11 PHPInfo.PHP Information Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/6376/info Mambo Site Server is a freely available, open source web content management tool. It is written in PHP, and available for Unix, Linux, and Microsoft Windows operating systems. It has been reported that Mambo...

BlazeDVD Pro player 6.1 - Stack Based Buffer Overflow (Direct Ret)

No description provided by source. !/usr/bin/perl BlazeDVD Pro player 6.1 Local stack based buffer overflow Author: PuN1sh3r Email: [email protected] Date: Mon Jul 15 03:01:37 EDT 2013 Vendor link: http://www.blazevideo.com/download.htmm Software Link:...

douran portal <= 3.9.0.23 Multiple Vulnerabilities

No description provided by source. Abysssec Inc Public Advisory Description : these vulnerabilites found one year ago and new version of this portal is not affect whith these vulnerabilites anymore but still lots of web site uses of old version and are vulnerable and also new version is not fully...

AuraCMS <= 2.2.1 (online.php) Remote Blind SQL Injection Exploit

No description provided by source. !/usr/bin/perl -w Indonesian Newhack Security Advisory ------------------------------------ AuraCMS 2.x online.php - Remote Blind SQL Injection Exploit Waktu : Feb 15 2008 01:00PM Software : AuraCMS Versi : 2.0 2.1 2.2.1 Vendor : http://www.auracms.org/...

Linux Kernel 2.6.x - ptrace_attach Local Privilege Escalation Exploit

No description provided by source. / ptraceattach privilege escalation exploit by s0m3b0dy tested on Gentoo 2.6.29rc1 grataz: Tazo, rassta, nukedclx, maciek, D0hannuk, mivus, wacky, nejmo, filo... email: s0m3b0dy1 at gmail.com / include grp.h include stdio.h include fcntl.h include errno.h includ...

Monit <= 4.2 Basic Authentication Remote Root Exploit

No description provided by source. / THE EYE ON SECURITY RESEARCH GROUP - INDIA http://www.eos-india.net/poc/305monit.c Remote Root Exploit for Monit = 4.2 Vulnerability: Buffer overflow in handling of Basic Authentication informations. Server authenticates clients through: Authentication: Basic...

Linux/ARM - add root user with password - 151 bytes

No description provided by source. / Title: Linux/ARM - add root user with password - 151 bytes Date: 2010-11-25 Tested on: ARM926EJ-S rev 5 v5l Author: Jonathan Salwan - twitter: @shellstorm http://shell-storm.org Informations: ------------- - user: shell-storm - pswd: toor - uid : 0 / include...