56796 matches found
Joomla component com_universal Remote File Inclusion Vulnerability exploit
No description provided by source. Joomla component comuniversal = Remote File Inclusion Vulnerability exploit +Software: Joomla component comuniversal UWCMS Universal Web CMS +Version: 1.0.0 +License: http://www.gnu.org/copyleft/gpl.html GNU/GPL +Source: http://uwcms.sourceforge.net +CWE ID : 98...
DeWeS 0.4.2 - Directory Traversal Vulnerability
0 0 0 0...
SIESTTA 2.0 (LFI/XSS) Multiple Vulnerabilities
No description provided by source. SIESTTA 2.0 LFI/XSS Multiple Vulnerabilities download: http://ramoncastro.es/siesttaold/ Author: Jose Luis Gongora Fernandez 'aka' JosS mail: sys-projectathotmaildotcom site: http://www.hack0wn.com/ team: Spanish Hackers Team - SHT Hack0wn Security Project!! Thi...
OpenLinux 2.3/2.4,RedHat 6.0/6.1,SCO eServer 2.3 - Denial of Service
No description provided by source. source: http://www.securityfocus.com/bid/1377/info gpm is a program that allows Linux users to use the mouse in virtual consoles. It communicates with a device, /dev/gpmctl, via unix domain STREAM sockets and is vulnerable to a locally exploitable denial of...
LinPHA <= 1.3.1 (new_images.php) Remote Blind SQL Injection Exploit
No description provided by source. ?php / LinPHA = 1.3.1 newimages.php Remote Blind SQL Injection Hash Fishing Exploit / BENCHMARK method author...: EgiX mail.....: n0b0d1esathotmaildotcom link.....: http://linpha.sourceforge.net/ dork.....: LinPHA Version 1.3.x or The LinPHA developers vulnerabl...
ABCPP 1.3 Directive Handler Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/12021/info abcpp is prone to a buffer overflow vulnerability. This issue is exposed when the program is used to handle directives in ABC music notation files. Since the ABC files may originate from an external or untruste...
FilePocket 1.2 - Local Proxy Password Disclosure Exploit
No description provided by source. / FilePocket v1.2 Local Proxy Password Disclosure Exploit by Kozan Application: FilePocket 1.2 probably prior versions Vendor: ExoticSoft - www.exoticsoft.com Vulnerable Description: FilePocket v1.2 discloses proxy passwords to local users. Discovered & Coded by...
Windows Media Player 7.1 <= 10 - BMP Heap Overflow PoC (MS06-005)
No description provided by source. / For Remote Exploration hint: http://www.spyinstructors.com/atmaca/research/wmpremotepoc.asx / / Windows Media Player BMP Heap Overflow MS06-005 Bug discovered by eEye - http://www.eeye.com/html/research/advisories/AD20060214.html Exploit coded by ATmaCA Web:...
lastRSS autoposting bot MOD 0.1.3 'phpbb_root_path' Parameter Remote File Include Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/33843/info lastRSS autoposting bot MOD is prone to a remote file-include vulnerability because the application fails to properly sanitize user-supplied input. An attacker can exploit this issue to include arbitrary remote...
Multiple Products 'banner.swf' Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/38732/info Multiple products are prone to a cross-site scripting vulnerability because the applications fail to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code i...
Ciamos CMS <= 0.9.6b (config.php) Remote File Include Exploit
No description provided by source. !/usr/bin/perl use LWP::UserAgent; ::::::::: :::::::::: ::: ::: ::::::::::: ::: :+: :+: :+: :+: :+: :+: :+: +:+ +:+ +:+ +:+ +:+ +:+ +:+ ++ +:+ +++:++ ++ +:+ ++ ++ ++ ++ ++ ++ ++ ++ ++ + + + +++ + + ::::::::::: :::::::::: ::: :::: :::: :+: :+: :+: :+: +:+:+: :+:+...
WikiNi 0.4.x Waka.PHP Multiple HTML-Injection Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/20688/info WikiNi is prone to multiple HTML-injection vulnerabilities because it fails to sufficiently sanitize user-supplied input data before using it in dynamically generated content. An attacker may leverage these...
CMScout 2.09 CSRF Vulnerability
No description provided by source. Vulnerability ID: HTB22719 Reference: http://www.htbridge.ch/advisory/xsrfcsrfincmscout.html Product: CMScout Vendor: CMScout Team http://www.cmscout.co.za/ Vulnerable Version: 2.09 and probably prior versions Vendor Notification: 25 November 2010 Vulnerability...
SNewsCMS 2.x - 'search.php' Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/28262/info SNewsCMS is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content. An attacker may leverage this issue to execu...
ICUII 7.0 - Local Password Disclosure Exploit
No description provided by source. / ICUII 7.0 Local Password Disclosure Exploit by Kozan Application: ICUII 7.0 and probably prior versions Procuder: Cybration - www.icuii.com Vulnerable Description: ICUII 7.0 discloses passwords to local users. Discovered & Coded by Kozan Credits to ATmaCA...
JiRo's Upload System 1.0 Login.ASP SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/13833/info JiRo's Upload System is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitati...
D.R. Software Audio Converter 8.1 - DEP Bypass Exploit
No description provided by source...
Sudo <= 1.6.9p18 - (Defaults setenv) Local Privilege Escalation Exploit
No description provided by source. !/bin/sh Sudo = 1.6.9p18 local r00t exploit by Kingcope/2008/www.com-winner.com Most lame exploit EVER! Needs a special configuration in the sudoers file: --- Defaults setenv so environ vars are preserved : --- May also need the current users password to be type...
Grayscale BandSite CMS 1.1 pastshows_content.php the_band Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/20137/info Grayscale BandSite CMS is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied input data. These issues may allow an attacker to access sensitive informatio...
PHPAuction 'profile.php' SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/29856/info PHPAuction is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise th...
AllMyGuests <= 0.3.0 (AMG_serverpath) Remote Inclusion Vulnerabilities
No description provided by source. AllMyGuests 3.0 Remote File Inclusion Vulnerability Software: AllMyGuests Version: 3.0 Download: http://download.php-resource.net/AllMyGuests/AllMyGuests0.3.0.zip Found By: beks Bug In: /include/submit.inc.php /admin/index.php /include/cmsubmit.inc.php...
Azaronline Design SQL Injection Vulnerability
No description provided by source. Name: Azaronline Design SQL Injection Vulnerability Vendor: http://azaronline.com Date: 2010-11-02 Author: XroGuE Thanks to: Inj3ct0r.com,Exploit-DB.com,SecurityReason.com,Hack0wn.com ! Contact: Xroguep3rsi4nhack3ratHotmailDotcom Home: Inj3ct0r.com + Dork:...
NC LinkList 1.3.1 - Remote Command Injection Exploit
No description provided by source. -------------------------------------------------------------- NC LinkList 1.3.1 Remote Command injection Exploit --------------------------------------------------------------- Founder :ThE g0bL!N Vendor:http://www.php-linkverzeichnis.de Thank You Very Much...
iPool <= 1.6.81 Local Password Disclosure Exploit
No description provided by source. / iPool = v1.6.81 Local Password Disclosure Exploit by Kozan Application: iPool 1.6.81 Vendor: Memir Software - memirsoftware.com and The Pool Club - thepoolclub.com Vulnerable Description: iPool 1.6.81 discloses passwords to local users. Discovered & Coded by...
Icona SpA C6 Messenger DownloaderActiveX Control Arbitrary File Download and Execute
No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core'...
PHP Links <= 1.3 smarty.php Remote File Inclusion Vulnerability
No description provided by source. ------------------------------------------------------------- ----- H-T Team HouSSaMix + ToXiC350 from MoroCCo -------- ------------------------------------------------------------- = Author : Houssamix From H-T Team = Script : PHP Links from DeltaScripts = 1.3 ...
IBM AIX 3.2/4.1,SCO Unixware <= 7.1.1,SGI IRIX <= 5.3,Sun Solaris <= 2.5.1
No description provided by source. source: http://www.securityfocus.com/bid/127/info Statd is the RPC NFS status daemon. It is used to communicate status information to other services or host. The version of statd shipped with many unix implementations contains a buffer overflow condition. This...
QuickPayPro 3.1 subscribers.tracking.edit.php subtrackingid Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/15863/info QuickPayPro is prone to multiple input validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. Successful exploitation of these vulnerabilities...
Joomla Component com_K2 -q 1.0.1b (category) SQL Injection Vuln
No description provided by source. ---------------------------------------------------------------------- Joomla Component comk2 sectionid SQL injection Vulnerability ---------------------------------------------------------------------- + Author : Chip D3 Bi0s + Email : chipdebiosalt+64gmail.com...
PrivateWire Gateway 3.7 - Remote Buffer Overflow Exploit (win32)
No description provided by source. This file is part of the Metasploit Framework and may be redistributed according to the licenses defined in the Authors field below. In the case of an unknown or missing license, this file defaults to the same license as the core Framework dual GPLv2 and Artisti...
Winn Guestbook 2.4.8c - Stored XSS Vulnerability
No description provided by source. Exploit Title: Winn Guestbook v2.4.8c Stored XSS Date: 12/29/11 Author: G13 Software Link: http://code.google.com/p/winn-guestbook/, http://www.winn.ws Version: 2.4.8c Category: webapps php CVE: 2011-5026 Vulnerability There is no sanitation on the input of the...
BoastMachine 3.1 Index.PHP Cross Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/24156/info BoastMachine is prone to a cross-site scripting vulnerability. Exploiting this vulnerability may allow an attacker to perform cross-site scripting attacks on unsuspecting users in the context of the affected...
VUPlayer 2.49 - (.wax File) Local Buffer Overflow Exploit
No description provided by source. !/usr/bin/perl -w Author : Houssamix Download : http://vuplayer.com/files/vuplayersetup.exe tested in windows pro Sp 2 french -- Viva Gazza -- Viva Palestine -- print ===================================================================== \n; print Author :...
Digital Audio Editor 7.6.0.237 Local Crash PoC
No description provided by source. Exploit Title: Digital Audio Editor 7.6.0.237 Local Crash PoC Software Link: http://www.audioeditor.us/dae/index.htm Tested on: Win XP SP3 Date: 15-12-2010 Author: h1ch4m Email: [email protected] my $file= 1.cda; my $junk = \x41 x 1000; open$FILE,$file; print $FILE...
Alpin CMS 1.0 - SQL Injection Vulnerability
No description provided by source. -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= L0v3 To: R00T, R45c4l, Agent: 1c3c0ld, Big Kid, Luckywww.indishell.in -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=...
ColdBookmarks 1.22 SQL Injection Vulnerability
No description provided by source. ColdGen - coldbookmarks v1.22 Remote 0day SQL Injection vulnerability Vendor: http://www.coldgen.com/ Found by: mrme net-ninja.net PoC http://target/path/index.cfm?fuseaction=EditBookmark&BookmarkID=SQLi&CFID=XXXXXX&CFTOKEN=XXXXXXXX...
xt:Commerce Shopsoftware (fckeditor) Arbitrary File Upload Vulnerability
No description provided by source...
Joomla Component MS Comment 0.8.0b - LFI Vulnerability
No description provided by source...
GhostScript PostScript File Stack Overflow Exploit
No description provided by source. Check Point Software Technologies - Vulnerability Discovery Team VDT Rodrigo Rubira Branco - rbranco noSPAM checkpoint.com GhostScript Stack Overflow bsd/x86/shellbindtcp - 214 bytes http://www.metasploit.com Encoder: x86/alphaupper AppendExit=false,...
xt:Commerce Gambio 2008 - 2010 ERROR Based SQL Injection "reviews.php"
No description provided by source. / / / / / / / / / / // / / / / ///// // Exploit Title: xt:Commerce Gambio 2008 - 2010 ERROR Based SQL Injection reviews.php Date: 2010-09-18 Author: secret Contact : [email protected] / ICQ : 17-33-77 Site : swissfaking.net/board Software Link:...
WaveMax Sound Editor 4.5.1 - Denial of Service PoC
No description provided by source. Exploit Title: WaveMax Sound Editor 4.5.1 Local Crash PoC Software Link: http://www.wave-max.com/wavemax/ Tested on: Win XP SP3 Date: 04-12-2010 Author: h1ch4m Email: [email protected] my $file= 1.cda; my $junk = \x41 x 1000; open$FILE,$file; print $FILE $junk;...
G Data TotalCare 2011 0day Local Kernel Exploit
No description provided by source. / Exploit Title: G Data TotalCare 2011 0day Local Kernel Exploit Date: 2010-11-08 Author: Nikita Tarakanov CISS Research Team Software Link: http://www.gdata.de/ Version: up to date, version 21.1.0.5, MiniIcpt.sys version 1.0.8.9 Tested on: Win XP SP3 CVE :...
Comcast DOCSIS 3.0 Business Gateways Multiple Vulnerabilities
No description provided by source. Trustwave's SpiderLabs Security Advisory TWSL2011-002: Vulnerabilities in Comcast DOCSIS 3.0 Business Gateways D3G-CCR https://www.trustwave.com/spiderlabs/advisories/TWSL2011-002.txt Published: 2011-02-04 Version: 1.0 Vendor: Comcast http://comcast.com Product:...
YaPig 0.94.0u - Remote File Inclusion Vulnerability
No description provided by source. |=-----------------------------------------------------=| |=-------------= JIKO |No-exploit.Com| =-----------=| |=-----------------------------------------------------=| -----------|00| NAme :JIKO JAWAD Home :No-exploit.Com Mail : !x! -----------|01| -Script nam...
BES-CMS 0.4/0.5 message.php File Include Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/9268/info It has been reported that BES-CMS is vulnerable to a remote file include vulnerability that may allow an attacker to include malicious files containing arbitrary code to be executed on a vulnerable system. The...
Joomla Component com_perchagallery SQL Injection Vulnerability
No description provided by source. Joomla Component comperchagallery SQL Injection Vulnerability Author :FL0RiX Name : comperchagallery Bug Type : SQL Injection Infection : Admin login bilgileri alinabilir. Demo Vuln : http://localhost/index.php?option=comperchagallery&view=editunidad&id=EXPLOIT...
Word Splash Pro <= 9.5 - Buffer Overflow
No description provided by source. Exploit Title: Word Splash Pro = 9.5 Buffer Overflow -EggHunter- Software Link: http://www.chronasoft.com/software/wordsplashpro Version: = 9.5 Tested on: Win XP SP3 French Date: 20/12/2010 Author: h1ch4m Email: [email protected] Home: Net-Effects.blogspot.com Gree...
Microsoft OWC Spreadsheet msDataSourceObject Memory Corruption
No description provided by source. $Id: ms09043owcmsdso.rb 9893 2010-07-20 23:28:47Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of...
DomPHP <= v0.83 - Local Directory Traversal Vulnerability
No description provided by source. ------------------------------------------------------------- DomPHP = v0.83 Local Directory Traversal Vulnerability ------------------------------------------------------------- = Author : Houssamix = Script : DomPHP = v0.83 = Download :...
Entertainment Directory <= 1.1 - SQL Injection Vulnerability
No description provided by source. --==+================================================================================+==-- --==+ Entertainment Directory = 1.1 SQL Injection Vulnerbility +==-- --==+================================================================================+==-- Discovered...