安全文章 / 文章资料 / Exploits

首页 | 安全文章 | 安全工具 | Exploits | 本站原创 | 关于我们 | 网站地图 | 安全论坛

热门关键字：　shell 　88888 　art 　vitter 　linux

		当前位置：主页>安全文章>文章资料>Exploits>列表


	No-CMS 0.6.6 rev 1 - Admin Account Hijacking / RCE Exploit via Static Encryption
	日期：2014-04-23 10:32:34 点击：45 评论：0
?php /* * * Static encryption_key of No-CMS lead to Session Array Injection in order to * hijack administrator account then you will be able for upload php files to * server via theme/module upload. * * This exploit generates cookie for administrato


	Media Player Classic 1.3.1752.0 / 1.3.1249.0 Memory Corruption
	日期：2014-04-22 10:28:07 点击：46 评论：0
# Exploit Title: [Media Player Classic Memory Corruption]# Date: [2014/04/13]# Exploit Author: [Aryan Bayaninejad]# Linkedin : https://www.linkedin.com/profile/view?id=276969082# Vendor Homepage: [http://mpc-hc.org/]# Software Link: [http://sourcefo


	ATSEngine credential disclosure vulnerability
	日期：2014-04-22 10:24:30 点击：30 评论：0
?php $url = getURL(); if ( $url !== NULL) { $database = @ file_get_contents ( $url . '/db/database.db' ); if ( $database !== FALSE) { file_put_contents ( 'tmp.db' , $database ); $password_md5 = getOption( 'password_md5' ); $pkey = getOption( 'pkey'


	Adobe Flash Player Regular Expression Heap Overflow
	日期：2014-04-21 10:54:11 点击：48 评论：0
### This module requires Metasploit: http//metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework##require 'msf/core'class Metasploit3 Msf::Exploit::Remote Rank = NormalRanking include Msf::Exploit::Remote::BrowserEx


	Linux group_info refcounter - Overflow Memory Corruption
	日期：2014-04-21 10:53:26 点击：84 评论：0
/* * DoS poc for CVE-2014-2851 * Linux group_info refcounter overflow memory corruption * * https://lkml.org/lkml/2014/4/10/736 * * @Tohmaxx - http://thomaspollet.blogspot.be * * If the app doesn't crash your system, try a different count (argv[1])


	Sercomm TCP/32674 Backdoor Reactivation
	日期：2014-04-21 10:50:28 点击：93 评论：0
/*************************************** * PoC to reactivate Sercomm TCP/32674 backdoor * See http://www.synacktiv.com/ressources/TCP32764_backdoor_again.pdf * Eloi Vanderbeken - Synacktiv * * THIS SOFTWARE IS PROVIDED BY SYNACKTIV ''AS IS'' AND ANY


	Nagios Remote Plugin Executor 2.15 Remote Command Execution
	日期：2014-04-18 10:45:15 点击：79 评论：0
=============================================- Release date: 17.04.2014- Discovered by: Dawid Golunski- Severity: High============================================= I. VULNERABILITY-------------------------NRPE - Nagios Remote Plugin Executor = 2.15


	Ruby OpenSSL Private Key Spoofing
	日期：2014-04-18 10:44:35 点击：63 评论：0
require 'rubygems'require 'openssl'require 'digest/md5'key = OpenSSL::PKey::RSA.new(2048)cipher = OpenSSL::Cipher::AES.new(256, :CBC)ctx = OpenSSL::SSL::SSLContext.newputs Spoof must be in DER format and saved as root.cerraw = File.read root.cercert


	Jzip SEH Unicode Buffer Overflow (Denial of Service)
	日期：2014-04-18 10:43:06 点击：14 评论：0
#!/usr/bin/python ###################################################### # Exploit title: seh unicode buffer overflow (DOS) # Date: 16/04/2014 # Exploit Author: motaz reda [motazkhodair[at]gmail.com] # Software Link : http://www.jzip.com/ # Version:


	SAP Router Password Timing Attack
	日期：2014-04-17 14:53:37 点击：83 评论：0
Core Security - Corelabs Advisoryhttp://corelabs.coresecurity.com/SAP Router Password Timing Attack1. Advisory InformationTitle: SAP Router Password Timing AttackAdvisory ID: CORE-2014-0003Advisory URL:http://www.coresecurity.com/advisories/sap-ro


	MS14-012 Microsoft Internet Explorer CMarkup Use-After-Free
	日期：2014-04-16 10:14:49 点击：379 评论：0
### This module requires Metasploit: http//metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework##require 'msf/core'class Metasploit3 Msf::Exploit::Remote Rank = NormalRanking include Msf::Exploit::Remote::BrowserEx


	Unitrends Enterprise Backup 7.3.0 - Unauthenticated Root RCE
	日期：2014-04-16 10:04:09 点击：52 评论：0
Unitrends Enterprise Backup 7 . 3 . 0 Multiple vulnerabilities exist within this piece of software. The largest one is likely the fact that the auth string used for authorization isnt random at all. After authentication, any requests made by the bro


	PDF Album 1.7 Local File Inclusion
	日期：2014-04-15 10:56:20 点击：31 评论：0
Document Title:===============PDF Album v1.7 iOS - File Include Web VulnerabilityReferences (Source):====================http://www.vulnerability-lab.com/get_content.php?id=1255Release Date:=============2014-04-11Vulnerability Laboratory ID (VL-ID):


	Adobe Reader For Android Javascript Insecure
	日期：2014-04-15 10:55:29 点击：468 评论：0
------------------------------------------------------------------------Adobe Reader for Android exposes insecure Javascript interfaces------------------------------------------------------------------------Yorick Koster, April 2014-----------------


	WhatsApp < v2.11.7 - Remote Crash
	日期：2014-04-15 10:51:18 点击：75 评论：0
#!/usr/bin/python #-- coding: utf-8 - # Title: WhatsApp Remote Crash on non-printable characters # Product: WhatsApp # Vendor Homepage: http://www.whatsapp.com # Vulnerable Version(s): 2.11.7 and prior on iOS # Tested on: WhatsApp v2.11.7 on iPhon


	Internet Explorer 10 & Adobe Flash Player (12.0.0.70, 12.0.0.77) - CMarkup Use-A
	日期：2014-04-15 10:44:55 点击：130 评论：0
!-- MS14-012 Internet Explorer CMarkup Use-After-Free Vendor Homepage: http://www.microsoft.com Version: IE 10 Date: 2014-03-31 Exploit Author: Jean-Jamil Khalife Tested on: Windows 7 SP1 x64 (fr, en) Flash versions tested: Adobe Flash Player (12.0.


	eScan Web Management Console Command Injection
	日期：2014-04-14 11:23:33 点击：40 评论：0
### This module requires Metasploit: http//metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework##require 'msf/core'class Metasploit3 Msf::Exploit::Remote Rank = ExcellentRanking include Msf::Exploit::Remote::HttpCl


	Apple Mac OS X Lion Kernel xnu Privilege Escalation
	日期：2014-04-14 11:11:10 点击：52 评论：0
/* * Apple Mac OS X Lion Kernel = xnu-1699.32.7 except xnu-1699.24.8 NFS Mount Privilege Escalation Exploit * CVE None * by Kenzley Alphonse kenzley [dot] alphonse [at] gmail [dot] com * * * Notes: * This exploit leverage a stack overflow vulnerabil


	OpenSSL Heartbeat (Heartbleed) Information Leak
	日期：2014-04-11 11:05:39 点击：145 评论：0
### This module requires Metasploit: http//metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework##require 'msf/core'class Metasploit3 Msf::Auxiliary include Msf::Exploit::Remote::Tcp include Msf::Auxiliary::Scanner


	Sophos Web Protection Appliance Command Execution
	日期：2014-04-10 10:18:05 点击：90 评论：0
### This module requires Metasploit: http//metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework##require 'msf/core'class Metasploit3 Msf::Exploit::Remote Rank = ExcellentRanking include Msf::Exploit::Remote::HttpCl

共637页/12733条记录首页上一页 [177] [178] [179] 180 [181] [182] [183] 下一页末页

本月热点文章

本月推荐文章

相关分类

Exploits

CopyRight © 2002-2022 VFocuS.Net All Rights Reserved