Exploits | Information Security News and Exploits

[webapps / 0day] – PHP CGI Argument Injection Remote Exploit (PHP Version)

May.21, 2012 in Exploits

<?php
######################################### www.bugreport.ir ########################################
#
# Title: PHP CGI Argument Injection Remote Exploit V0.3 – PHP Version
# Vendor: [...]

Leave a Comment

[webapps / 0day] – Concrete CMS v5.5 <= Multiple Vulnerabilities

May.21, 2012 in Exploits

1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0 _ __ __ __ [...]

Leave a Comment

[webapps / 0day] – Ajaxmint-Gallery v1.0 <= CSRF Change Admin Password

May.21, 2012 in Exploits

1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0 _ __ __ __ [...]

Leave a Comment

[dos / poc] – Mozilla FireFox 12.0 Memory Corruption (with ROP)

May.21, 2012 in Exploits

1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0 _ __ __ __ [...]

Leave a Comment

[remote exploits] – HP StorageWorks P4000 Virtual SAN Appliance Command Execution

May.21, 2012 in Exploits

##
# This file is part of the Metasploit Framework and may be subject to
# redistribution and commercial restrictions. Please see the Metasploit
# Framework web site for more information on licensing and terms of use.
# http://metasploit.com/framework/
[...]

Leave a Comment

[local exploits] – Foxit Reader 3.0 Open Execute Action Stack Based Buffer Overflow

May.21, 2012 in Exploits

##
# This file is part of the Metasploit Framework and may be subject to
# redistribution and commercial restrictions. Please see the Metasploit
# Framework web site for more information on licensing and terms of use.
# http://metasploit.com/framework/
##
[...]

Leave a Comment

[webapps / 0day] – Vanilla Forums About Me Plugin Persistant XSS

May.21, 2012 in Exploits

# Title: Vanilla About Me Plugin Persistant XSS Vulnerability
# Date: 18/5/12
# Author: Henry Hoggard
# Author URL: henryhoggard.co.uk
# Author Twitter: @henryhoggard
# Software: Vanilla Version 2.0.18.4 + About Me 1.1.1
# http://vanillaforums.org/addon/aboutme-plugin
[...]

Leave a Comment

[dos / poc] – DVD-Lab Studio 1.25 DAL File Open Crash

May.21, 2012 in Exploits

DVD-Lab Studio 1.25 DAL File Open Crash
===================================================================================
# Exploit Title:DVD-Lab Studio 1.25 Malicious DAL File Denial of service
# Download link:http://download.cnet.com/DVD-Lab-Studio/3000-7970_4-10391372.html
# Author: Ahmed Elhady Mohamed
# Email : ahmed.elhady.mohamed@gmail.com
# Website: www.infosec4all.tk
[...]

Leave a Comment

[dos / poc] – Real-DRAW PRO 5.2.4 Import File Crash

May.21, 2012 in Exploits

Real-DRAW PRO 5.2.4 Import File Crash
===================================================================================
# Exploit Title:Real-DRAW PRO 5.2.4 Malicious PNG File Denial of service
# Vendor : http://www.mediachance.com/
# Author: Ahmed Elhady Mohamed
# Email : ahmed.elhady.mohamed@gmail.com
# Website: www.infosec4all.tk
[...]

Leave a Comment

[dos / poc] – PHP <= 5.4.3 (com_event_sink) Denial of Service

May.21, 2012 in Exploits

<?php
/*
PHP <= 5.4.3 (com_event_sink) Code Execution Proof of Concept
Found by condis
Website: http://cond.psychodela.pl
Tested on:
PHP 5.3.8 + Windows XP SP3 Professional PL
[...]

Leave a Comment

[dos / poc] – PHP <= 5.4.3 wddx_serialize_* / stream_bucket_* Object Null Ptr Dereference

May.21, 2012 in Exploits

<?php
/*
PHP <= 5.4.3 wddx_serialize_* / stream_bucket_* Variant Object Null Ptr Derefernce
Author : condis
Date : 10.04.2012 AD
Website : http://cond.psychodela.pl
—-
Download : http://php.net/downloads.php
Tested on:
[...]

Leave a Comment

[webapps / 0day] – Aholattafun Creative Solutions SQL Injection Vulnerabilities

May.21, 2012 in Exploits

================================================
# Exploit Title: Aholattafun Creative Solutions SQL Injection Vulnerabilities
# Author: Becax
# Home : CrimeIRCD
# Vendor :http://www.aholattafun.com/
———————————————————————!
# Email : tomier2010@yahoo.com
# Category: [webapps]
# Version: n/a
[...]

Leave a Comment

[remote exploits] – Firefox 7/8 (<= 8.0.1) nsSVGValue Out-of-Bounds Access Vulnerability

May.20, 2012 in Exploits

##
# This file is part of the Metasploit Framework and may be subject to
# redistribution and commercial restrictions. Please see the Metasploit
# Framework web site for more information on licensing and terms of use.
# http://metasploit.com/framework/
[...]

Leave a Comment

[webapps / 0day] – Kerio WinRoute Firewall Web Server < 6 Source Code Disclosure

May.20, 2012 in Exploits

# Exploit Title: Kerio WinRoute Firewall Embedded Web ServerVersion: Source
Code Disclosure
# Google Dork:
# Date: 10.05.2012
# Author: Eugene Salov, Andrey Komarov (Group-IB, http://group-ib.ru)
# Software Link: http://winroute.ru/kerio_winroute_firewall.htm
# Version: prior to 6
[...]

Leave a Comment

[webapps / 0day] – Sockso <=1.51 Persistent XSS Vulnerability

May.20, 2012 in Exploits

#######################################################################
Application: Sockso
http://sockso.pu-gh.com
Versions: <= 1.5
Platforms: Windows, Mac, Linux
Bug: Persistant XSS
[...]

Leave a Comment

[webapps / 0day] – phpThumb() v1.7.11 (dir & title) Cross-Site Scripting Vulnerability

May.20, 2012 in Exploits

phpThumb() v1.7.11 (dir & title) Cross-Site Scripting Vulnerability
Vendor: SiliSoftware
Product web page: http://www.silisoftware.com
Affected version: 1.7.11-201108081537
Summary: phpThumb() uses the GD library to create thumbnails from
images (JPEG, PNG, GIF, BMP, etc) on the fly. The output size is
[...]

Leave a Comment

[local exploits] – Linux Kernel 3.3.x <= 3.3.4 Buffer overflow in HFS plus filesystem

May.20, 2012 in Exploits

* Affected product: Linux Kernel 3.3.x <= 3.3.4
2.6.x <= 2.6.35.13
* Impact: code execution / privilege escalation
* Origin: HFS plus file system
* Credit: Timo Warns (PRESENSE Technologies GmbH)
* CVE Identifier: CVE-2012-2319
Summary
[...]

Leave a Comment

[webapps / 0day] – Web Evolution 1.0 => 1.6 XSS Presistent Vulnerability

May.20, 2012 in Exploits

1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0 _ __ __ __ [...]

Leave a Comment

[remote exploits] – Active Collab “chat module” <= 2.3.8 Remote PHP Code Injection Exploit

May.20, 2012 in Exploits

##
# This file is part of the Metasploit Framework and may be subject to
# redistribution and commercial restrictions. Please see the Metasploit
# web site for more information on licensing and terms of use.
# http://metasploit.com/
[...]

Leave a Comment

[webapps / 0day] – PHP Address Book 7.0.0 XSS / SQL Injection Vulnerabilities

May.20, 2012 in Exploits

##############################################################################
####
# Advisory: PHP Address Book 7.0.0 Multiple security vulnerabilities
# Advisory ID: SSCHADV2012-013
# Author: Stefan Schurtz
# Affected Software: Successfully tested on PHP Address Book 7.0.0
# Vendor URL: http://sourceforge.net/projects/php-addressbook/
# Vendor Status: informed
[...]

Leave a Comment

Information Security News and Exploits

Providing you with Security News and Exploits from all over the web.

Entries for the ‘Exploits’ Category

[webapps / 0day] – PHP CGI Argument Injection Remote Exploit (PHP Version)

[webapps / 0day] – Concrete CMS v5.5 <= Multiple Vulnerabilities

[webapps / 0day] – Ajaxmint-Gallery v1.0 <= CSRF Change Admin Password

[dos / poc] – Mozilla FireFox 12.0 Memory Corruption (with ROP)

[remote exploits] – HP StorageWorks P4000 Virtual SAN Appliance Command Execution

[local exploits] – Foxit Reader 3.0 Open Execute Action Stack Based Buffer Overflow

[webapps / 0day] – Vanilla Forums About Me Plugin Persistant XSS

[dos / poc] – DVD-Lab Studio 1.25 DAL File Open Crash

[dos / poc] – Real-DRAW PRO 5.2.4 Import File Crash

[dos / poc] – PHP <= 5.4.3 (com_event_sink) Denial of Service

[dos / poc] – PHP <= 5.4.3 wddx_serialize_* / stream_bucket_* Object Null Ptr Dereference

[webapps / 0day] – Aholattafun Creative Solutions SQL Injection Vulnerabilities

[remote exploits] – Firefox 7/8 (<= 8.0.1) nsSVGValue Out-of-Bounds Access Vulnerability

[webapps / 0day] – Kerio WinRoute Firewall Web Server < 6 Source Code Disclosure

[webapps / 0day] – Sockso <=1.51 Persistent XSS Vulnerability

[webapps / 0day] – phpThumb() v1.7.11 (dir & title) Cross-Site Scripting Vulnerability

[local exploits] – Linux Kernel 3.3.x <= 3.3.4 Buffer overflow in HFS plus filesystem

[webapps / 0day] – Web Evolution 1.0 => 1.6 XSS Presistent Vulnerability

[remote exploits] – Active Collab “chat module” <= 2.3.8 Remote PHP Code Injection Exploit

[webapps / 0day] – PHP Address Book 7.0.0 XSS / SQL Injection Vulnerabilities

Quote

Categories

Calendar

Recent Posts

May 2012
M	T	W	T	F	S	S
« Apr
	1	2	3	4	5	6
7	8	9	10	11	12	13
14	15	16	17	18	19	20
21	22	23	24	25	26	27
28	29	30	31