安全文章 / 文章资料 / Exploits

首页 | 安全文章 | 安全工具 | Exploits | 本站原创 | 关于我们 | 网站地图 | 安全论坛

热门关键字：　shell 　88888 　art 　vitter 　linux

		当前位置：主页>安全文章>文章资料>Exploits>列表


	Microsoft Internet Explorer 11 MSHTML - CMapElement::Notify Use-After-Free (MS15
	日期：2016-11-15 17:59:43 点击：14 评论：0
!-- Source: http://blog.skylined.nl/20161114001.html Synopsis A specially crafted web-page can cause MSIE 11 to interrupt the handling of one readystatechange event with another. This interrupts a call to one of the various CElementElement::Notify fu


	Boonex Dolphin 7.3.2 - Authentication Bypass / Remote Code Execution
	日期：2016-11-15 17:59:03 点击：91 评论：0
#!/usr/bin/env python # -- coding: utf-8 -- ''' Software : Dolphin = 7.3.2 Auth bypass / RCE exploit Vendor : www.boonex.com Author : Ahmed sultan (0x4148) Home : 0x4148.com \| https://www.linkedin.com/in/0x4148 Email : 0x4148@gmail.com Auth bypass


	Schoolhos CMS 2.29 - Remote Code Execution / SQL Injection
	日期：2016-11-14 15:36:09 点击：49 评论：0
?php /* Software : Schoolhos CMS 2.29 Home : http://www.schoolhos.com/ Author : Ahmed sultan (0x4148) Email : 0x4148@gmail.com Home : 0x4148.com Intro Schoolhos CMS is alternative to developing School Website. It's Free and Open Source under GPL Lice


	InvoicePlane 1.4.8 - Password Reset
	日期：2016-11-14 15:35:29 点击：31 评论：0
# Exploit Title: InvoicePlane v1.4.8 Incorrect Access Control for password = reset # Date: 12-11-2016 # Exploit Author: feedersec # Contact: feedersec@gmail.com # Vendor Homepage: https://invoiceplane.com # Software Link: https://invoiceplane.com/dow


	Office OLE DLL Hijacking
	日期：2016-11-14 15:31:39 点击：51 评论：0
require 'zip' require 'base64' require 'msf/core' require 'rex/ole' class MetasploitModule Msf::Exploit::Remote Rank = NormalRanking include Msf::Exploit::FILEFORMAT include Msf::Exploit::EXE def initialize(info = {}) super(update_info(info, 'Name'


	PCMan FTP Server 2.0.7 LIST Buffer Overflow
	日期：2016-11-11 16:32:55 点击：26 评论：0
#!/usr/bin/env python#-- coding: utf-8 -- # Exploit Title: PCMan FTP Server 2.0.7 - 'LIST' Command Buffer Overflow # Date: 07/11/2016# Author: Yunus YILDIRIM (Th3GundY)# Team: CT-Zer0 (@CRYPTTECH) - https://www.crypttech.com# Website: http://yildi


	PCMan FTP Server 2.0.7 HELP Buffer Overflow
	日期：2016-11-11 16:31:35 点击：21 评论：0
#!/usr/bin/env python#-- coding: utf-8 -- # Exploit Title: PCMan FTP Server 2.0.7 - 'HELP' Command Buffer Overflow # Date: 07/11/2016# Author: Yunus YILDIRIM (Th3GundY)# Team: CT-Zer0 (@CRYPTTECH) - https://www.crypttech.com# Website: http://yildi


	Microsoft Internet Explorer 9-11 MSHTML - PROPERTYDESC::HandleStyleComponentProp
	日期：2016-11-11 16:30:57 点击：14 评论：0
!-- Source: http://blog.skylined.nl/20161109001.html Synopsis A specially crafted web-page can cause Microsoft Internet Explorer to assume a CSS value stored as a string can only be true or false. To determine which of these two values it is, the cod


	Microsoft WININET.dll - CHttpHeaderParser::ParseStatusLine Out-of-Bounds Read (M
	日期：2016-11-11 16:30:21 点击：45 评论：0
!-- Source: http://blog.skylined.nl/20161110001.html Synopsis A specially crafted HTTP response can cause the CHttp::Parse method in WININET to read data beyond the end of a buffer. The size of the read can be controlled through the HTTP response. An


	e107 CMS 2.1.2 - Privilege Escalation
	日期：2016-11-11 16:29:37 点击：28 评论：1
# Exploit Title: e107 CMS 2.1.2 Privilege Escalation # Date: 09-11-2016 # Software Link: http://e107.org/ # Exploit Author: Kacper Szurek # Contact: http://twitter.com/KacperSzurek # Website: http://security.szurek.pl/ # Category: webapps 1. Descript


	Microsoft Windows Kernel - win32k Denial of Service (MS16-135)
	日期：2016-11-10 14:26:28 点击：170 评论：0
/* Source: https://github.com/tinysec/public/tree/master/CVE-2016-7255 Full Proof of Concept: https://github.com/tinysec/public/tree/master/CVE-2016-7255 https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/40745.zip


	VBScript 5.8.7600.16385 / 5.8.9600.16384 - RegExpComp::PnodeParse Out-of-Bounds
	日期：2016-11-10 14:25:51 点击：65 评论：0
!-- Source: http://blog.skylined.nl/20161108001.html Synopsis A specially crafted script can cause the VBScript engine to read data beyond a memory block for use as a regular expression. An attacker that is able to run such a script in any applicatio


	Avira Antivirus 15.0.21.86 - '.zip' Directory Traversal / Command Execution
	日期：2016-11-09 14:29:08 点击：42 评论：0
# Title : Avira Antivirus = 15.0.21.86 Command Execution (SYSTEM) # Date : 08/11/2016 # Author : R-73eN # Tested on: Avira Antivirus 15.0.21.86 in Windows 7 # Vendor : https://www.avira.com/ # Disclosure Timeline: # 2016-06-28 - Reported to Vendor t


	Eir D1000 Wireless Router - WAN Side Remote Command Injection (Metasploit)
	日期：2016-11-09 14:28:27 点击：212 评论：0
# Exploit Title: Eir D1000 Wireless Router - WAN Side Remote Command Injection # Date: 7th November 2016 # Exploit Author: Kenzo # Website: https://devicereversing.wordpress.com # Tested on Firmware version: 2.00(AADU.5)_20150909 # Type: Webapps # P


	Linux Kernel - TCP Related Read Use-After-Free
	日期：2016-11-09 14:27:21 点击：48 评论：0
// Source: https://marcograss.github.io/security/linux/2016/08/18/cve-2016-6828-linux-kernel-tcp-uaf.html // to build clang derp4.c -o derp4 -static #include unistd.h #include sys/syscall.h #include string.h #include stdint.h #include pthread.h #inc


	Solaris 8/9 passwd(1) - 'circ()' Stack-Based Buffer Overflow Privilege Escalatio
	日期：2016-11-09 14:25:24 点击：22 评论：0
/* * $Id: raptor_passwd.c,v 1.1 2004/12/04 14:44:38 raptor Exp $ * * raptor_passwd.c - passwd circ() local, Solaris/SPARC 8/9 * Copyright (c) 2004 Marco Ivaldi raptor@0xdeadbeef.info * * Unknown vulnerability in passwd(1) in Solaris 8.0 and 9.0 allo


	Solaris 7/8/9 CDE libDtHelp - Buffer Overflow Non-Exec Stack Privilege Escalatio
	日期：2016-11-09 14:24:34 点击：15 评论：0
/* * $Id: raptor_libdthelp2.c,v 1.1 2004/12/04 14:44:38 raptor Exp $ * * raptor_libdthelp2.c - libDtHelp.so local, Solaris/SPARC 7/8/9 * Copyright (c) 2003-2004 Marco Ivaldi raptor@0xdeadbeef.info * * Buffer overflow in CDE libDtHelp library allows


	Solaris 7/8/9 CDE libDtHelp - Buffer Overflow dtprintinfo Privilege Escalation
	日期：2016-11-09 14:23:49 点击：35 评论：0
/* * $Id: raptor_libdthelp.c,v 1.1 2004/12/04 14:44:38 raptor Exp $ * * raptor_libdthelp.c - libDtHelp.so local, Solaris/SPARC 7/8/9 * Copyright (c) 2003-2004 Marco Ivaldi raptor@0xdeadbeef.info * * Buffer overflow in CDE libDtHelp library allows lo


	Solaris 8/9 ps - Environment Variable Information leak
	日期：2016-11-09 14:23:11 点击：13 评论：0
#!/bin/sh # # $Id: raptor_ucbps,v 1.1 2006/07/26 12:15:42 raptor Exp $ # # raptor_ucbps - information leak with Solaris /usr/ucb/ps # Copyright (c) 2006 Marco Ivaldi raptor@0xdeadbeef.info # # A security vulnerability in the /usr/ucb/ps (see ps(1B))


	Linux Kernel 2.6.x < 2.6.7-rc3 - 'sys_chown()' Privilege Escalation
	日期：2016-11-09 14:22:06 点击：21 评论：0
/* * $Id: raptor_chown.c,v 1.1 2004/12/04 14:44:38 raptor Exp $ * * raptor_chown.c - sys_chown missing DAC controls on Linux * Copyright (c) 2004 Marco Ivaldi raptor@0xdeadbeef.info * * Unknown vulnerability in Linux kernel 2.x may allow local users

共637页/12733条记录首页上一页 [98] [99] [100] 101 [102] [103] [104] 下一页末页

本月热点文章

本月推荐文章

相关分类

Exploits

CopyRight © 2002-2022 VFocuS.Net All Rights Reserved