56796 matches found
GV PostScript Viewer - Remote Buffer overflow Exploit (2)
No description provided by source. / there are at least 4 other stack buffer overflows, and 2 heap overflows. the first exploit i wrote exploited the one in the GLSA, and this one exploits that hole and four other ones as well. all of these are in the psscan function located in the ps.c file: 'gr...
Jax PHP Scripts 1.0/1.34/2.14/3.31 shrimp_petition.php Multiple Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/14481/info Jax PHP Scripts are affected by multiple cross-site scripting vulnerabilities. These issues are due to a failure in the applications to properly sanitize user-supplied input. An attacker may leverage any of the...
VirtuaSystems VirtuaNews 1.0.x Multiple Module Cross-Site Scripting Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/9812/info It has been reported that the VirtuaNews non-default modules 'Files' and 'Vulns' are prone to multiple cross-site scripting vulnerabilities. These problems surround the application's failure to properly validate...
PHP <= 5.2.0 (php_win32sti) Local Buffer Overflow PoC (win32)
No description provided by source. ?php // ================================================================================== // // phpwin32sti.dll PHP = 5.2.0 win32 Buffer Overflow // // x Discovery: boecke [email protected] // x Risk: Local Buffer Overflow Medium - High Risk // x Notes: EDX...
Polymorphic /bin/sh x86 linux shellcode
No description provided by source. / Title : Polymorphic /bin/sh x86 linux shellcode . Name : 116 bytes /bin/sh x86 linux polymorphic shellcode . Date : Tue Jun 29 22:08:59 WIT 2010 . Author : gunslinger yudha.gunslingeratgmail.com Web : http://devilzc0de.org blog :...
phpEventCalendar 0.2.3 - Multiple Vulnerabilities
No description provided by source. phpEventCalendar v.0.2.3 Multiple Vulnerabilities ==================================================================== .:. Author : AtT4CKxT3rR0r1ST .:. Contact : [email protected] , [email protected] .:. Home : http://www.iphobos.com/blog/ .:. Script :...
Xion Player 1.0.125 Stack Buffer Overflow Exploit
No description provided by source. !/usr/bin/python Title: Xion 1.0.125 Stack Buffer Overflow Date: August 13, 2010 Author: corelanc0d3r and dijital1 Grtz to dijital1 : I had a lot of fun working with you on this one ! : Grtz to dookie2000ca : Original Advisory:...
CuteNews <= 1.4.5 Admin Password md5 Hash Fetching Exploit
No description provided by source. ?php errorreportingEALL; /////////////////////////////////////////////////////////////////////// /////////////////////////////////////////////////////////////////////// // Cutenews = 1.4.5 admin password md5 hash fetching exploit // Version 1.0 // written by Jan...
Joomla! and Mambo 'com_most' Component - 'secid' Parameter SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/27922/info The Joomla! and Mambo 'commost' component is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could all...
ECTOOLS Onlineshop 1.0 Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/15891/info ECTOOLS Onlineshop is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have...
AppServ Open Project 2.4.5 - Remote File Include Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/16166/info AppServ Open Project is prone to a remote file include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this issue to execute...
PHProjekt 3.1 - Remote File Include Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/4284/info PHProjekt is a freely available, open source PHP Groupware package. It is actively maintained by the PHProjekt Development Team. It will run on most Linux and Unix variants, in addition to Microsoft Windows...
GNU groff 1.11 a,HP-UX 10.0/11.0,SGI IRIX <= 6.5.3 Malicious Manpage Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/540/info Versions of GNU groff prior to release 1.11a and standard troff contain vulnerabilities that can possibly lead to a local root compromise if the conditions are right and circumstances are somehow met. A malicious...
AIX 4.2/4.3 netstat -Z Statistic Clearing Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/1660/info A vulnerability exists in versions 4.x. x of AIX, from IBM. Any local user can utilize the -Z command to netstat, without needing to be root. This will cause interface statistics to be reset. This could...
Jax PHP Scripts 1.0/1.34/2.14/3.31 sign_in.php language Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/14481/info Jax PHP Scripts are affected by multiple cross-site scripting vulnerabilities. These issues are due to a failure in the applications to properly sanitize user-supplied input. An attacker may leverage any of the...
CMSQLITE 1.3.2 - Multiple Vulnerabiltiies
No description provided by source. Title: ====== CMSQLITE v1.3.2 - Multiple Web Vulnerabiltiies Date: ===== 2012-10-18 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=726 VL-ID: ===== 726 Common Vulnerability Scoring System: ==================================== 4.3...
SPlayer 3.7 Content-Type Buffer Overflow
No description provided by source. $Id: splayercontenttype.rb 12581 2011-05-11 00:18:11Z sinn3r $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and term...
Inktomi Traffic Server 4/5 Traffic_Manager Path Argument Buffer Overflow
No description provided by source. source: http://www.securityfocus.com/bid/5098/info Inktomi Traffic Server is a transparent web caching application. It is designed for use with Unix and Linux variants as well as Microsoft Windows operating environments. A buffer overflow vulnerability has been...
Achievo <= 1.3.4 - SQL Injection
No description provided by source. Bonsai Information Security - Advisory http://www.bonsai-sec.com/research/ SQL Injection in Achievo 1. Advisory Information Title: SQL Injection in Achievo Advisory ID: BONSAI-2009-0102 Advisory URL:...
WINMOD 1.4 - (.lst) Local Stack Overflow Exploit XP SP3 (RET+SEH) (3)
No description provided by source. Winmod 1.4 .lst Local Stack Overflow Exploit RET overwrite+SEH http://www.software112.com/products/winmod+download.html Exploit for Windows XP SP3 en by corelan - c0d3r Greetings to Saumil and SK my $sploitfile = c:\program files\winmod\xplsp3.lst; my $buf=\x41...
zkfingerd 0.9.1 say() Format String Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/6404/info zkfingerd is prone to a format string vulnerability. The affected function does not perform sufficient checks when displaying user-supplied input. It is possible to corrupt memory by passing format strings throu...
Dotproject 2.0 /modules/public/calendar.php baseDir Parameter Remote File Inclusion
No description provided by source. source: http://www.securityfocus.com/bid/16648/info Dotproject is prone to multiple remote file-include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit these issues to includ...
Microsoft Internet Explorer 5 ShowHelp Arbitrary Command Execution Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/6780/info Microsoft Internet Explorer implements the showHelp function as a means of displaying help content contained in HTML pages. However, this function is capable of performing too many other actions outside of its...
PostNuke FormExpress Module Blind SQL Injection
No description provided by source. Date: 17/03/2010 Software Link: http://sourceforge.net/projects/pn-formexpress/ Version: 0.3.2 PostNuke ContentExpress Module Blind Sql Injection Reported by Sharif University of Technology CSIRT Vulnerability Analysis and Penetration Testing Group cert.sharif.e...
EasyFTP Server <= 1.7.0.11 MKD Command Stack Buffer Overflow
No description provided by source. $Id: easyftpmkdfixret.rb 9935 2010-07-27 02:25:15Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of...
QuickPayPro 3.1 sales.view.php customerid Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/15863/info QuickPayPro is prone to multiple input validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. Successful exploitation of these vulnerabilities...
Crystal Reports Viewer 12.0.0.549 - Activex Exploit (PrintControl.dll) 0day
No description provided by source. !-- Crystal Reports Viewer 12.0.0.549 Activex Exploit PrintControl.dll 0-day By = DrIDE File = C:\Program Files\BusinessObjects\Common\4.0\crystalreportviewers12\ActiveXControls\PrintControl.dll method = ServerResourceVersion progid =...
Linux Kernel 2.4.x/2.6.x Bluetooth Signed Buffer Index Vulnerability (4)
No description provided by source. source: http://www.securityfocus.com/bid/12911/info A local signed-buffer-index vulnerability affects the Linux kernel because it fails to securely handle signed values when validating memory indexes. A local attacker may leverage this issue to gain escalated...
myBloggie 2.1.2/2.1.3 deluser.php 'id' Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/17048/info MyBloggie is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have...
Linux x86 - execve("/bin/bash","-p",NULL) - 33 bytes
No description provided by source. / Title: Linux x86 - execve/bin/bash, /bin/bash, -p, NULL - 33 bytes Author: Jonathan Salwan Mail: [email protected] Web: http://www.shell-storm.org !Database of Shellcodes http://www.shell-storm.org/shellcode/ sh sets euid, egid to uid, gid if -p not...
MyBB HM My Country Flags - SQL Injection
No description provided by source. Exploit title: HM My Country Flags SQL Injection Author: JoinSe7en Contact: join7 +at+ riseup.net Tested on: Linux Category: Web Applications Software link: http://mods.mybb.com/view/hm-my-country-flags HM My Country Flags has a SQL Injection vulnerability. If w...
Frontbase <= 4.2.7 - POST-AUTH Remote Buffer Overflow Exploit (2.2)
No description provided by source. / Dreatica-FXP crew ---------------------------------------- Target : Frontbase = 4.2.7 for Windows Site : http://www.frontbase.com Found by : Netragard, L.L.C Advisory ---------------------------------------- Exploit : Frontbase = 4.2.7 POST-AUTH remote buffer...
phpBB Mod Small ShoutBox 1.4 - Remote Edit/Delete Messages Vuln
No description provided by source. / -------------------------------------------------------------- phpBB Mod Small ShoutBox 1.4 Remote Edit/Delete Messages Vuln -------------------------------------------------------------- Discovered By StAkeRathotmaildotit Download On...
PHPSlideShow 0.9.9 Directory Parameter Cross Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/26575/info PHPSlideShow is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue allows attackers to execute arbitrary HTML or script code in a...
Jax PHP Scripts 1.0/1.34/2.14/3.31 guestbook_ips2block Banned IP List Disclosure
No description provided by source. source: http://www.securityfocus.com/bid/14482/info Jax PHP Scripts are affected by multiple cross-site scripting vulnerabilities. These issues are due to a failure in the applications to properly sanitize user-supplied input. An attacker may leverage any of the...
Free WMA MP3 Converter 1.1 - Buffer Overflow Exploit (SEH)
No description provided by source. !/usr/bin/env python Free WMA MP3 Converter 1.1 Buffer Overflow Exploit SEH Coded By: DrIDE Date: November 10, 2010 Download: http://www.eusing.com/freewmaconverter/mp3wmaconverter.htm Tested on: Windows XPSP3 Greets: edb team Notes: Egghunter was for fun, not...
Soulseek 157 NS < 13e/156.x - Remote Peer Search Code Execution PoC
No description provided by source. Soulseek 157 NS 13e & 156. Remote Peer Search Code Execution ============================================= - Release date: July 02, 2009 - Discovered by: Laurent Gaffié ; http://g-laurent.blogspot.com/ - Severity: critical...
AlstraSoft Template Seller Pro 3.25 Remote File Include Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/15441/info Template Seller Pro is prone to a remote file include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this issue to execute...
QuickZip 4.x (.zip) 0day Local Universal Buffer Overflow PoC Exploit
No description provided by source. !/usr/bin/python Exploit Title : QuickZip 4.x .zip 0day Local Universal Buffer Overflow PoC Exploit Date : 9/3/2010 Author : corelanc0d3r & mrme Bug found by : corelanc0d3r http://corelan.be:8800/ Software Link : http://www.quickzip.org/downloads.html Version :...
Solaris 2.5/2.6/7.0/8 tip Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/2475/info tip is a utility included with Sun Microsystems Solaris Operating Environment. tip allows a user to establish a full duplex terminal connection with a remote host. A problem with tip could lead to a buffer...
Epic 1.0.1/1.0.x CTCP Nickname Server Message Buffer Overrun Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/8999/info A remotely exploitable buffer overrun has been reported in Epic. This issue may reportedly be exploited by a malicious server that supplies an overly long nickname in a CTCP messages, potentially allowing for...
Polymorph 0.4 Filename Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/7663/info Polymorph for Linux has been reported prone to a buffer overflow vulnerability. The issue is reportedly due to a lack of sufficient bounds checking performed on user-supplied data before it is copied into an...
MS Windows 2000/NT 4/XP Network Share Provider SMB Request Buffer Overflow (1)
No description provided by source. source: http://www.securityfocus.com/bid/5556/info Microsoft Windows operating systems use the Server Message Block SMB protocol to support services such as file and printer sharing. A buffer overflow vulnerability has been reporting in the handling of some...
smartermail free 9.2 - Stored XSS
No description provided by source. !/usr/bin/python ''' Author: loneferret of Offensive Security Product: SmarterMail Version: Free 9.2 Vendor Site: http://www.smartertools.com Software Download: http://smartertools.com/smartermail/mail-server-software.aspx Timeline: 29 May 2012: Vulnerability...
DmxReady Contact Us Manager 1.2 - SQL Injection Vulnerability
No description provided by source. Exploit Title:DmxReady Contact Us Manager v1.2 SQL Injection Vulnerability Google Dork: inurl:inccontactusmanager.asp Date: 03.07.2011 Author: Bellatrix Software Link: http://www.dmxready.com/?product=contact-us-manager Version: v1.2 Language: ASP Price : $99.97...
Microsoft IIS 4.0/5.0 Device File Local DoS Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/2973/info Microsoft IIS is prone to denial of service attacks by local users. This issue is exploitable if the local attacker can create an .asp file which makes calls to various devices names. The local attacker must of...
DmxReady Links Manager 1.2 - SQL Injection Vulnerability
No description provided by source. Exploit Title: DmxReady Links Manager v1.2 SQL Injection Vulnerability Google Dork: inurl:inclinksmanager.asphttp://demo.dmxready.com/applications/CatalogManager/inccatalogmanager.asp Date: 03.07.2011 Author: Bellatrix Software Link:...
Hunkaray Okul Portaly 1.1 Haberoku.ASP SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/24288/info Hünkaray Okul Portalý is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. An attacker can exploit this issue by manipulating...
CUPS <= 1.3.7 'HP-GL/2' Filter Remote Code Execution Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/31688/info CUPS is prone to a remote code-execution vulnerability caused by an error in the 'HP-GL/2 filter. Attackers can exploit this issue to execute arbitrary code within the context of the affected application. Faile...
Mailtraq 2.x Administration Console Local Privilege Escalation Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/11708/info Mailtraq allows a user to activate the Mailtraq administration console software by easily launching the software from an icon in the Windows system tray. It is reported that a local user may exploit the...