56796 matches found
InterTech Co 1.0 - SQL Injection
No description provided by source. ------------------------------------------------------ ./SEC-R1Z / / / / /\ \ |/ / \ \ / / / / | | / | | / / \ / / / / | || / | | / / \ \ \ \2010 | \ | | / / / \ /\ / ||\ \ ||/ \ R.I.P MichaelJackson !!!!! ------------------------------------------------------ ?...
HyperStop WebHost Directory 1.2 Database Disclosure Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/31249/info HyperStop WebHost Directory is reported prone to an information-disclosure vulnerability. Successful exploits of this issue may allow an attacker to obtain sensitive information by downloading the full contents...
Muziic Player 2.0 (.mp3) Local Denial of Service (DoS)
No description provided by source. Exploit Title: Muziic Player .mp3 Local Denial of Service DoS Download : http://download.cnet.com/3001-204-10910117.html?spi=e0c701df9e16242fca1997f71350aba0 Author: Red-D3v1L sh0otz fly t0 : r1z , D3v1L-Fuck3r, SarBooT511 , Sas-Terr0risT , AnGeL25dZ ,H1s0k4 , H...
PHPDirector Game Edition 0.1 - Multiple Vulnerabilities (LFI/SQLi/Xss)
No description provided by source. Exploit Title: PHPDirector Game Edition Multiple Vulnerabilities LFI/SQLi/Xss Date: 2010-01-05 Author: Zer0 Thunder Site : http://www.play-online.bzh.be/forum/ Version: v0.1 Tested on: Windows XP sp2 WampServer 2.0i / LinuxBox Ubuntu Server 9.10 CVE : Code : Loc...
MidiCart PHP Search_List.PHP SearchString Parameter SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/13512/info MidiCart PHP is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation could...
mBlogger 1.0.04 (addcomment.php) Persistent XSS Exploit
No description provided by source. !/usr/bin/python Exploit Title: mBlogger v1.0.04 addcomment.php Persistent XSS Exploit Date : 04 September 2010 Author : Ptrace Security Gianni Gnesa gnix Contact : researchatptrace-securitydotcom Software Link: http://sourceforge.net/projects/mblogger/ Version ...
JFFNMS 0.8.3 admin/setup.php Direct Request Authentication Bypass
No description provided by source. source: http://www.securityfocus.com/bid/24414/info Just For Fun Network Management and Monitoring System JFFNMS is prone to multiple remote vulnerabilities, including a cross-site scripting issue, an SQL-injection issue, and multiple information-disclosure...
HLstatsX 1.65 - SQL Injection Vulnerability
No description provided by source. ==iNFO========================================== Software: HlstatsX Sql Injection Vulnerability: Remote Sql Injection Google Dork: hlstats.php?mode=dailyawardinfo&award= hlstatsx Off. site: www.hlstatsx.com ================================================...
IdeaBox <= 1.1 (gorumDir) Remote File Include Vulnerability
No description provided by source. $$$$$$$$$$$$$$$ DEVIL TEAM THE BEST POLISH TEAM $$$$$$$$$$$$$$$ $$ $$ IdeaBox = 1.1 gorumDir Remote File Include Vulnerability $$ script site: http://ideabox.phpoutsourcing.com/ $$ $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ $$ $$ Find by:...
Joomla Component com_start SQL Injection Vulnerability
No description provided by source. InformatioN Title : Joomla Component comstart SQL Injection Vulnerability Author : DevilZ TM By D3v1l Homepage : http://www.DEVILZTM.com Contact : [email protected] & [email protected] ExploiT Vulnerable File :...
RedHat Piranha Virtual Server Package passwd.php3 Arbitrary Command Execution
No description provided by source. $Id: piranhapasswdexec.rb 10729 2010-10-18 15:41:13Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms ...
PassWiki <= 0.9.16 RC3 (site_id) Local File Inclusion Vulnerability
No description provided by source. dork: powered by PassWiki example: http://w3.funsrv.com/konjo/passwiki/passwiki.php?siteid=../../../../../../../../../../../../../etc/passwd%00 http://inajob.no-ip.org/passwiki/passwiki.php?siteid=../../../../../../../../../../../../../etc/passwd%00...
PostNuke 0.72 Modules.PHP Cross Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/5809/info A cross site scripting vulnerability has been reported for PostNuke. An attacker may exploit this vulnerability by enticing a victim user to follow a malicious link. Attacker-supplied HTML and script code may be...
PHPLib Team PHPLIB 7.2 - Remote Script Execution Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/3079/info The PHP Base Library'PHPLIB' is a code library which provides support for session management in web applications. It is targeted to developers and is widely used in many web applications, so a strong possibility...
UBBCentral UBB.threads 3.4/3.5 Dosearch.PHP SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/11502/info It is reported that UBBCentral UBB.threads is prone to an SQL injection vulnerability. This issue is due to a failure of the application to properly validate user supplied URI input. Because of this, a maliciou...
TFTPGUI Long Transport Mode Overflow
No description provided by source. Exploit Title: TFTPGUI Long Transport Mode Overflow Date: 5/1/2010 Author: Jeremiah Talamantes Software Link: http://sourceforge.net/projects/tftputil/files/TFTPUtil/TFTPUtil%20Version%201.4.5/TFTPUtilGUIVersion1.4.5BinaryInstaller.exe/download Version: 1.4.5...
phpWebThings 0.4.4 Forum.PHP Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/15276/info phpWebThings is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary...
WebCortex WebStores2000 Error.ASP Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/9693/info It has been reported that WebStores2000 is prone to a cross-site scripting vulnerability. This issue is reportedly due to a failure to sanitize user input and so allow HTML and script code that may facilitate...
osCSS 1.2.1 (REMOTE FILE UPLOAD) Vulnerabilities
No description provided by source...
wordpress simplemail plugin 1.0.6 - Stored XSS
No description provided by source. !/usr/bin/python ''' Author: loneferret of Offensive Security Product: SimpleMail Version: 1.0.6 free version Vendor Site: http://codecanyon.net/item/wp-simplemail/1130008?ref=tinsley Software Download: http://wordpress.org/extend/plugins/wp-simplemail/ Timeline...
JAVA Web Start Arbitrary command-line injection
No description provided by source. Bye bye my little 0day :, Tavis Ormandy did a great job uncovering a big logic flaw within Java JRE. I discovered that bug and other that affects every browser few weeks ago and I posted the common 0day++ tweet. The method in which Java Web Start support has bee...
Interbase 6.0 GDS_Drop Interbase Environment Variable Buffer Overflow (2)
No description provided by source. source: http://www.securityfocus.com/bid/5044/info Interbase is a database distributed and maintained by Borland. It is available for Unix and Linux operating systems. A buffer overflow has been discovered in the gdsdrop program packaged with Interbase. This...
ExtCalendar 2 (calendar.php) SQL Injection Vulnerability
No description provided by source. Title : ExtCalendar 2 calendar.php SQL Injection Vulnerability Author : Lagripe-Dz Product: ExtCalendar 2 Download : http://sourceforge.net/projects/extcal/ Date: 10/01/2011 Dork : inurl:calendar.php?mode=cat...
DMXReady News Manager <= 1.1 Arbitrary Category Change Vuln
No description provided by source. Title : DMXReady News Manager = 1.1 Remote Category Change Vulnerability Author : ajann from Turkey Contact : : S.Page : http://www.dmxready.com $$ : 69.97 $ Dork : inurl:incnewsmanager.asp DorkEx :...
Linux x86 - ip6tables -F - 47 bytes
No description provided by source. / Linux x86 - ip6tables -F - 47 bytes Jonathan Salwan submit ! shell-storm.org ! DataBase of Shellcodes and you can share your shellcodes : http://www.shell-storm.org/shellcode/ ! The Gnuser Project Gnu Users Manager = http://www.gnuser.org Disassembly of sectio...
Jinzora Media Jukebox <= 2.8 (name) Local File Inclusion Vulnerability
No description provided by source. :::::::-. ... ::::::. :::. ;;, ';, ;; ;;;;;;;, ;;; ' . ' $$, $$$$ $$$ $$$ Y$c$$ 888,o8P'88 .d888 888 Y88 MMMMP YmmMMMM MMM YM Discovered by dun \ dunatstrcpy.pl Jinzora Media Jukebox = 2.8 Local File Inclusion Vulnerability Script site: http://jinzora.com/ ,...
HP-UX <= 11.11 lpd Remote Command Execution Exploit (meta)
No description provided by source. This file is part of the Metasploit Framework and may be redistributed according to the licenses defined in the Authors field below. In the case of an unknown or missing license, this file defaults to the same license as the core Framework dual GPLv2 and Artisti...
Cafelog b2 0.6 - Remote File Include Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/7738/info A remote file include vulnerability has been reported for Cafelog. Due to insufficient sanitization of some user-supplied variables by the 'blogger-2-b2.php' and 'gm-2-b2.php' scripts, it is possible for a remot...
Mac OS X - Java applet Remote Deserialization Remote PoC (updated)
No description provided by source. Critical Mac OS X Java Vulnerabilities Introduction Five months ago, CVE-2008-5353 and other vulnerabilities were publicly disclosed, and fixed by Sun. CVE-2008-5353 allows malicious code to escape the Java sandbox and run arbitrary commands with the permissions...
WFTPD Explorer Pro 1.0 - Remote Heap Overflow Exploit
No description provided by source. !/usr/bin/perl WFTPD Explorer Pro 1.0 Remote Heap Overflow Exploit --------------------------------------------------- Exploit by SkD [email protected] This is a remote heap overflow exploit for WFTPD Explorer Pro 1.0 by Texas Imperial Software. Vendors website...
Simplog 0.9.3.2 - Mutliple Vulnerabilities
No description provided by source. Mutliple Vulnerabilities in Simplog v0.9.3.2 Name Multiple vulnerabilities in Simplog Systems Affected Simplog 0.9.3.2 and possibly earlier versions Download http://sourceforge.net/projects/simplog/files/simplog/0.9.3.2/simplog-0.9.3.2.tar.gz/download Author Amo...
IdealBB 1.4.9 Error.ASP Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/8360/info IdealBB error.asp page has been reported prone to a cross-site scripting vulnerability. The issue presents itself due to a lack of sufficient sanitization performed by functions in the error.asp script on...
Escapade 0.2.1 Beta Scripting Engine PAGE Parameter Path Disclosure Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/8574/info Escapade is prone to a path disclosure vulnerability. It is possible to gain access to sensitive path information by issuing a request for an invalid resource, passed as a value for the PAGE parameter to the...
compactcms 1.4.1 - Multiple Vulnerabilities
No description provided by source. Exploit Title: CompactCMS 1.4.1 Multiple Vulnerabilities Google Dork: intext:Maintained with CompactCMS.nl intitle:Print: Date: 17-12-2010 Author: NLSecurity Software Link: http://files.compactcms.nl/stable/ Version: CompactCMS 1.4.1 Credits:...
Mackeitone Media Player (.m3u file) stack buffer Overflow
No description provided by source. ! /usr/bin/python Mackeitone Media Player .m3u file stack buffer Overflow download link: http://www.makeitone.net/downloads/MakeitOne-MediaPlayerv1.00.exe Tested in : Windows XP SP3 Credit : ItSecTeam mail : [email protected] Web: WwW.ITSecTeam.com Find by: PLAT...
easysite 2.3 - Multiple Vulnerabilities
No description provided by source. + EasySite v2.3 Multiple Remote Vulnerabilities + Discovered By SirGod + www.mortal-team.org + Greetz : E.M.I.N.E.M, Ras ,Puscasmarin ,ToxicBlood,MesSiAH,xZu,HrN + Local File Inclusion...
PortailPHP 2 mod_news/goodies.php chemin Parameter Traversal Arbitrary File Access
No description provided by source. source: http://www.securityfocus.com/bid/22381/info PortailPHP is prone to multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input. A successful exploit of these issues allows an attacker to execute arbitrary...
Midicart PHP Arbitrary File Upload Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/5855/info A problem with the default installation of Midicart PHP may make it possible for remote users to gain access to sensitive information. The default installation of Midicart PHP does not place sufficient access...
Cisco ACE XML Gateway <= 6.0 Internal IP disclosure
No description provided by source...
PhpLinkExchange 1.02 - XSS/Upload Vulerability
No description provided by source. PhpLinkExchange v1.02 - XSS/Upload Vulerability Discovered by : Stink' Date : 2009-12-16 Dork : PhpLinkExchange v1.02 Website Publisher : http://www.idevspot.com/PhpLinkExchange.php -- XSS in URL -- http://server/links/PhpLinkExchange/index.php?page=home&catid=X...
PHPay 2.2 Cross Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/7310/info It has been reported that user-supplied input to phPay is not sufficiently sanitized. This lack of sanitization provides an opportunity for an attacker to launch cross-site scripting attacks. It is possible for ...
phpArcadeScript 2.0 index.php submissionstatus Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/16957/info phpArcadeScript is prone to multiple cross-site scripting vulnerabilities. These issues are due to a lack of proper sanitization of user-supplied input. An attacker may leverage these issues to have arbitrary...
smbind <= 0.4.7 - SQL Injection Vulnerability
No description provided by source. smbind = v.0.4.7 Sql Injection Site: https://sourceforge.net/projects/smbind/files/ Reported on 28/08/2010 Author: IHTeam Buggy code: ifisset$POST'username' && isset$POST'password' if!filteralphanum, $POST'username' or !filteralphanum, $POST'password' dieUsernam...
SUMON <= 0.7.0 (chg.php host) Command Execution Vulnerability
No description provided by source. :::::::-. ... ::::::. :::. ;;, ';, ;; ;;;;;;;, ;;; ' . ' $$, $$$$ $$$ $$$ Y$c$$ 888,o8P'88 .d888 888 Y88 MMMMP YmmMMMM MMM YM Discovered by dun \ dunatstrcpy.pl sumon = 0.7.0 Remote Command Execution Vulnerability Script: Simple Unix MONitor sumon Script Site:...
ownrs blog beta3 (sql/xss) Multiple Vulnerabilities
No description provided by source. ============================================================== OwnRS Blog beta3 SQL/XSS Multiple Remote Vulnerabilities ============================================================== ,--^----------,--------,-----,-------^--, | ||||||||| --------' | O .. CWH...
BitchX 1.1 Final - MODE Remote Heap Overflow Exploit (0day)
No description provided by source. !/usr/bin/env ruby BitchX-1.1 Final MODE Heap Overflow 0-day By bannedit Discovered May 16th 2007 - Yet another overflow which can overwrite GOT I found this vuln after modifying ilja's ircfuzz code. Currently this exploit attempts to overwrite the GOT with the...
phpWebThings <= 1.5.2 MD5 Hash Retrieve/File Disclosure Exploit
No description provided by source. !/usr/bin/perl phpWebThings = 1.5.2 MD5 Hash Retrieve / File Disclosure Remote Exploit by staker ------------------------------ mail: stakerathotmaildotit url: http://phpwebthings.nl ------------------------------ NOTE: 1. it works regardless of php.ini settings...
Joomla com_autartimonial Sqli Vulnerability
No description provided by source. Name : Joomla comautartimonial Sqli Vulnerability Date : july 6,2010 Critical Level : HIGH vendor URL :http://www.autartica.be/ Author : Sid3^effects aKa HaRi special thanks to : r0073r inj3ct0r.com,L0rd CruSad3r,MaYur,MA1201,KeDar,Sonic,gunslinger greetz to...
DynPG CMS 4.1.0 - Multiple Vulnerability (popup.php and counter.php)
No description provided by source. DynPG CMS v4.1.0 Multiple Vulnerability fucking the Web Apps attack edition /\ \ /\ \ /\ /\ \ \ \ \L\ \ \ /'\ /\ \ \ ,\ \ \ \ \ /\ /\ \ /'\ \ , /\ \ /' \ /' \ \ \ /\ \ \ /'\ \ \ /\ \ \ /\ /\ \ \\ \ /\ /\ /\ \L\ \ \ \ \ \ \ \ /\ / \ \ \ /\ \...
boastMachine <= 3.1 - CSRF Add Admin Vulnerability
No description provided by source. Exploit Title: boastMachine v3.1 = CSRF Add Admin Vulnerability Date: 28/3/2012 Author: Dr.NaNo Software Link: http://boastology.com/pages/dload.php?id=bmachine-3.1.zip Version: 3.1 Tested on: Linux-Red-Hat Google Dork: Powered by boastMachine v3.1 Exploit html...