FarsiNews 2.1/2.5 show_archives.php template Parameter Traversal Arbitrary File Access

No description provided by source. source: http://www.securityfocus.com/bid/16580/info FarsiNews is prone to directory-traversal and local file-include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit the...

Portable AVS DVD Authoring 1.3.3.51 - Local Crash PoC

No description provided by source. C:\perl\bin Exploit Title: Portable AVS DVD Authoring Date: 2010/4pr/05 Author: R3d-D3v!L Version: v1.3.3.51 Tested on: windows XP sp3 Coded by x coder : my $file= crash.mp3; my $boom=...

PhpGedView 2.5/2.6 Individual.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/11882/info It is reported that PhpGedView is affected by a cross-site scripting vulnerability. This issue is due to a failure of the application to properly sanitize user-supplied URI input. This issue could permit a remo...

PHP <= 4.4.6 / 5.2.1 array_user_key_compare() ZVAL dtor Local Exploit

No description provided by source. ?php //////////////////////////////////////////////////////////////////////// // // // | || | | | | | | | || || \ // // | |/ || '|/ |/ -| ' \ / -/ |||| /| || / // // ||||,||| ,|||||||,| || |||||| // // // // Proof of concept code from the Hardened-PHP...

PostNuke pnFlashGames Module 1.5 - Remote SQL Injection Vulnerability

No description provided by source. ============================================================ PostNuke pnFlashGames Module v1.5 REmote SQL Injection ============================================================ Bulan: xoron xoron.biz + Love's the funeral of hearts The funeral of hearts And a ple...

SoftiaCom WMailserver 1.0 - Local Information Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/14212/info SoftiaCom WMailserver is prone to a local information disclosure vulnerability. The application stores passwords in the windows registry. A local attacker may exploit this issue to disclose potentially sensitiv...

WordPress 1.2 categories.php cat_ID Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/11268/info It is reported that Wordpress is affected by various cross-site scripting vulnerabilities. These issues are due to a failure of the application to properly sanitize user-supplied URI input. Wordpress 1.2 is...

PG MatchMaking browse_men.php show Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/35808/info PG Matchmaking is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in t...

Winace UnAce 2.2 Command Line Argument Buffer Overflow Vulnerability (2)

No description provided by source. source: http://www.securityfocus.com/bid/9002/info UnAce has been reported to be prone to a buffer overflow vulnerability. The issue presents itself when UnAce handles ace filenames that are of excessive length. When this filename is passed to the UnAce utility ...

bcoos 1.0.10 (lfi / SQL Injection) Multiple Vulnerabilities

No description provided by source. WwW.BugReport.ir AmnPardaz Security Research & Penetration Testing Group Title: Bcoos Multiple Vulnerabilities Vendor: http://www.bcoos.net/ Bugs: Local File Inclusion, Sql Injection Vulnerable Version: bcoos 1.0.10 prior versions also may be affected...

n@board <= 3.1.9e (naboard_pnr.php) Remote File Include Vulnerability

No description provided by source. n@board v3.1.9e, 3.1.8cgb ,3.1.8tc skin Remote File Include Vulnerability Turkish Hacker's Discovered By : mdx and TheBatHacker ------------------------------------------------------ Cyber-Warrior TIM Ay ve Y.ld.zlar Geceye Yak...r... the moon and the stars suit...

Microsoft Windows KTM Invalid Free with Reused Transaction GUID (MS10-047)

No description provided by source. Microsoft Windows KTM Invalid Free with reused transaction GUID ---------------------------------------------------------------------------- CVE-2010-1889 The Kernel Transaction Manager ktm was introduced in Windows Vista and has been included in subsequent...

iGaming CMS <= 1.3.1/1.5 - Remote SQL Injection Exploit

No description provided by source. !/usr/bin/perl use Tk; use Tk::BrowseEntry; use Tk::DialogBox; use LWP::UserAgent; $mw = new MainWindowtitle = UnderWHAT?! ; $mw-geometry '395x180' ; $mw-resizable0,0; $mw-Label-text = '', -font = 'Verdana 2',-foreground='red'-pack; $mw-Label-text = 'iGaming cms...

Colloquy <= 2.1.3545 (INVITE) Format String Denial of Service Exploit

No description provided by source. !/usr/bin/ruby c Copyright 2006 Lance M. Havok [email protected] Makes use of the Colloquy INVITE format string vulnerability. require 'socket' targetchannel = ARGV0 || whatever targetserver = ARGV1 || irc.server.org targetport = ARGV2 || 6667 randnick = spongeb...

PHP 5.2.10/5.3 'ini_restore()' Memory Information Disclosure Vulnerability (2)

No description provided by source. source: http://www.securityfocus.com/bid/36009/info PHP is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may lead to further attacks. ?php inisetopenbasedir, A; inirestoreopenbasedir;...

zervit webserver 0.4 - Directory Traversal / memory corruption PoC

No description provided by source. Zervit webserver 0.4 Directory Traversal & Memory Corruption By: e.wiZz! & shinnai Site: shinnai.net & balcansecurity.com Memory Corruption import socket host = 127.0.0.1 port = 8080 try: for i in range1,10: buff = a 3330 request = POST + buff + HTTP/1.0...

QuickPayPro 3.1 popups.edit.php popupid Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/15863/info QuickPayPro is prone to multiple input validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. Successful exploitation of these vulnerabilities...

TopperMod 2.0 - Remote SQL Injection Vulnerability

No description provided by source. Author: GiReX mySite: girex.altervista.org CMS: TopperMod v2.0 Site: rtcw.ch/mio/index.php Bug: SQL Injection Type: 1 - Priviledge Escalation from user to mod 2 - Remote user password change File: /account/index.php Var : $localita Need: magicquotesgpc = Off You...

Dell SonicWall EMail Security Appliance Application 7.4.5 - Multiple Vulnerabilities

No description provided by source...

Floosietek FTGate PRO 1.22 SMTP RCPT TO Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7508/info A buffer overflow vulnerability has been reported for Floosietek FTGate PRO mail server. The vulnerability exists when the mail server attempts to process overly long SMTP 'Rcpt To' arguments. Due to the nature ...

basebuilder <= 2.0.1 (main.inc.php) Remote File Inclusion Vulnerability

No description provided by source. :::::::-. ... ::::::. :::. ;;, ';, ;; ;;;;;;;, ;;; ' . ' $$, $$$$ $$$ $$$ Y$c$$ 888,o8P'88 .d888 888 Y88 MMMMP YmmMMMM MMM YM Discovered by dun \ dunatstrcpy.pl basebuilder = 2.0.1 Remote File Inclusion Vulnerability Script site:...

dMx READY (25 Products) Remote Database Disclosure Vulnerability

No description provided by source. ! ! ! OOOO O OOOOOOOOO ! ! O O O O O ! ! O O O ! ! O OOOO OOOO OOOOOO OOOO OOO OO O OOOO OO OO OOOO ! ! O OOO OOO O O O O OO O O O O OO O O O ! ! O OO OO O O OOOOOO O O O O O O OOOOOO ! ! O O OOOO O O O O O O O O O O O...

YapBB <= 1.2 (forumID) Blind SQL Injection Exploit

No description provided by source. --+++======================================================+++-- --+++====== YapBB = 1.2 Blind SQL Injection Exploit ======+++-- --+++======================================================+++-- !/usr/bin/perl use strict; use warnings; use IO::Socket; sub usage d...

SMC Router 1.2x Random UDP Packet Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8711/info A denial of service has been reported in the SMC SMC2404WBR BarricadeT Turbo 11/22 Mbps Wireless Cable/DSL Broadband Router. It is possible to trigger this condition by sending UDP packets randomly to ports...

eggBlog 4.1.2 - Arbitrary File Upload Vulnerability

No description provided by source. Exploit Title: eggBlog Arbitrary File Upload Vulnerability Google Dork:powered by eggBlog.net Date: 28/04/2013 Exploit Author: Pokk3rs Vendor Homepage: http://eggblog.net/ Software Link: http://sourceforge.net/projects/eggblog/files/eggBlog%204/v4.1.2/ Tested on...

Atrium Software Mercur Mail Server 3.2 - Multiple Buffer Overflows (1)

No description provided by source. source: http://www.securityfocus.com/bid/1051/info Atrium Software Mercur is a SMTP, POP3, and IMAP mail server. Insufficient boundary checking exists in the code that handles within the SMTP mail from command, the POP3 user command and the IMAP login command. T...

ABB MicroSCADA wserver.exe - Remote Code Execution

No description provided by source. This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 Msf::Exploit::Remote Rank = ExcellentRanking include Msf::Exploit::Remote::Tcp include...

Photodex ProShow Producer 5.0.3256 - Buffer Overflow

No description provided by source. Inshell Security Advisory http://www.inshell.net/ 1. ADVISORY INFORMATION ----------------------- Product: Photodex ProShow Producer Vendor URL: www.photodex.com Type: Stack-based Buffer Overflow CWE-121 Date found: 2012-06-06 Date published: 2012-07-02 CVSSv2...

singapore 0.9.x/0.10 Multiple Parameter Traversal Arbitrary File Access

No description provided by source. source: http://www.securityfocus.com/bid/18518/info singapore gallery is prone to directory-traversal and cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit...

SimpGB 1.0 Guestbook.PHP SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/12801/info SimpGB is reportedly affected by an SQL injection vulnerability. This issue is due to the application failing to properly sanitize user-supplied input passed to the 'guestbook.php' script before using it in a S...

Mac OS X <= 10.3.8 (CF_CHARSET_PATH) Local BOF Exploit (2)

No description provided by source. !/usr/bin/perl http://www.digitalmunition.com written by kf kflistsatdigitalmunitiondotcom Variant of CFCHARSETPATH a local root exploit by v9atfakehalo.us I was in the mood for some retro shit this morning, and I need root on some old ass G3 iMacs for a demo. I...

Group Office Remote Command Execution Vulnerability

No description provided by source. Title Group Office Remote Command Execution Vulnerability Author ADEO Security Published 16/07/2010 Version 3.5.9 Possible all versions Vendor http://www.group-office.com Download...

PScript PForum 1.24/1.25 User Profile HTML Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/10954/info PScript PForum is reported prone to a HTML injection vulnerability. The vulnerability presents itself due to a lack of sufficient sanitization performed on data submitted through input fields of the PForum user...

Berlios GPSD Format String Vulnerability

No description provided by source. $Id: gpsdformatstring.rb 9179 2010-04-30 08:40:19Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of...

Portable UPnP SDK unique_service_name() Remote Code Execution

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3...

Windows Media Player 10 - .avi Integer Division By Zero Crash PoC

No description provided by source. !/usr/bin/perl Souhail Hammou - Independant Security Researcher & Penetration Tester . Facebook : www.facebook.com/dark.puzzle.sec E-mail : [email protected] Greetings to all moroccan researchers and white hats . Title : Windows Media Player 10 - .avi Integer...

Jurpopage 0.2.0 - SQL Injection

No description provided by source. ========================================================= Jurpopage SQL Injection ========================================================= Exploit Title : Jurpopage SQL Injection Date : 24 Noveber 2010 Author : Suddendeath [email protected] Platform/Test...

PHPBB 1.x/2.0.x Knowledge Base Module KB.PHP SQL Injection Vulnerability

No description provided by source...

Armida Databased Web Server 1.0 - Remote GET Request Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8017/info Armida Databased Web Server is reportedly prone to a remote denial of service when process malicious GET requests. The problem occurs when processing requests containing excessive data. Exploitation of this...

DVBBS 7.1 ShowErr.ASP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/14223/info Dvbbs is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script...

V3 Chat Instant Messenger - mail/reply.php id Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/18543/info V3 Chat Instant Messenger is prone to multiple cross-site scripting and SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker...

WebSPELL <= 4.01.02 (picture.php) File Disclosure Vulnerability

No description provided by source. WebSPELL = 4.01.02 picture.php Remote File Disclosure Vulnerability Discovered by: Trex Visit: www.Trex-Online.net / www.UnderGround.ag Comment: Happy easter! / \ / \ / / / \ \ / \ /\ // / GIVE ME A CARROT OR I WILL \ \O O/ \ BLOW UP YOUR HOUSE / / ^ \ / / /...

Oracle 9i Multiple Unspecified Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/10871/info Reportedly, multiple unspecified Oracle products contain multiple unspecified vulnerabilities. The reported vulnerabilities include SQL-injection issues, buffer-overflow issues, and others. There have also been...

Ghostscript < 8.64 'gdevpdtb.c' Buffer Overflow Vulnerability

No description provided by source. Ghostscript is prone to a remote buffer-overflow vulnerability because it fails to properly bounds-check user-supplied input before copying it into a finite-sized buffer. Exploiting this issue allows remote attackers to overwrite a sensitive memory buffer with...

Debian suidmanager 0.18 Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/94/info /usr/bin/suidexec will execute arbitrary commands as root, as soon as just one suid root shell script can be found on the system: Just invoke /usr/bin/suidexec your program /path/to/script - it will happily execut...

Synactis PDF In-The-Box ConnectToSynactic Stack Buffer Overflow

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core'...

Benjamin Lefevre Dobermann Forum 0.x entete.php subpath Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/6057/info Dobermann Forum is prone to an issue which may allow remote attackers to include arbitrary files located on remote servers. This issue is present in several PHP script files provided with Dobermann. An attacker...

Novell iPrint Client ActiveX Control 'debug' Buffer Overflow Exploit

No description provided by source. novelliprintexecuterequestdbg.rb Novell iPrint Client ActiveX Control 'debug' Buffer Overflow exploit for the Metasploit Framework Exploit successfully tested on the following platforms: - Novell iPrint Client 5.32 on Internet Explorer 7, Windows XP SP3 - Novell...

ZoneAlarm 3.7 .202/PRO 4.0/PRO 4.5 Random UDP Flood Denial of Service Vulnerability (1)

No description provided by source. source: http://www.securityfocus.com/bid/8525/info A denial of service vulnerability has been alleged in ZoneAlarm. It is reportedly possible to reproduce this condition by sending a flood of UDP packets of random sizes to random ports on a system hosting the...

Joomla JE Directory Component SQL Injection Vulnerability

No description provided by source. ----------------------------Information------------------------------------------------ +Name : joomla JE Directory = SQL injection Vulnerability Exploit +Autor : Easy Laster +Date : 30.09.2010 +Script : joomla JE Directory +Demo :...