My PDF Creator and DE DM version 1.4 suffers from local file inclusion and file upload vulnerabilities.
cc81c0b63733f6dd75f11423ad214819b47b184980b8f221c00c8841c9555a0d
This Metasploit module uses two vulnerabilities in Oracle forms and reports to get remote code execution on the host. The showenv url can be used to disclose information about a server. A second vulnerability that allows arbitrary reading and writing to the host filesystem can then be used to write a shell from a remote url to a known local path disclosed from the previous vulnerability. The local path being accessible from an URL then allows us to perform the remote code execution using for example a .jsp shell. Tested on Windows and Oracle Forms and Reports 10.1.
0ae51161a01d969079b5ae31c9e558381714eaaed892cb6da032845477f29e85
Office Assistant Pro version 2.2.2 suffers from a local file inclusion vulnerability.
30cb2b510b5e639ac51997a9817262bd51d72ac919a3800bdeb9af06a3f2976e
Proof of concept exploit used by the recent Linksys worm (known as "Moon"). Exploits blind command injection in tmUnblock.cgi.
ae7d5127e7b3b8fa46d888c48b1a569122f9a4eb074e9be265ffb8853f9989d3
HP Data Protector EXEC_BAR remote command execution exploit that affects versions 6.10, 6.11, and 6.20.
61724438d24f7c3fae1f27461fbde907581b70b0ea7feeb0605890476a22853c
Open Web Analytics (OWA) is open source web analytics software that can track and analyze how visitors use websites and applications. OWA is vulnerable to SQL injection that allows an attacker to execute arbitrary SQL statements in the context of the configured OWA database user without authenticating to the web application. This vulnerability affects Open Web Analytics version 1.5.4.
33fdc3435e7222254bf0a84debe464683ce87c332c33bea4a6d45b428d72c3e2
mbDriveHD version 1.0.7 suffers from local file inclusion and command injection vulnerabilities.
0defc0dabaff7f035a35e570bac2932c3ed3359b798d8fef709339759dcd991e
Pina CMS suffers from cross site scripting and remote SQL injection vulnerabilities.
cc20e5401576a2ab22f58f1619da4ecf79fe33e2b0a925c31896dc3c7d7c65a8
DSMS suffers from cross site scripting and content spoofing vulnerabilities.
a532f56dcb6a02581fb990ea71eac48b12052295b174c9a01efdf3d1bc99fea3
This code abuses PJL functionality on HP network printers to print documents and also change the "ReadyMessage". Useful for avoiding printer payment systems in universities. Scan for port 9100 to find printers.
0cfc418101360d5c0f8ce242ec0a13b08842bfc2efb02f687606c41de85db95f
Joomla Wire Immogest component suffers from a remote SQL injection vulnerability.
00f576b8ef70f91d67d4a0cdd53e86330293ac059312acb206cf9b1dee235766
phpMyBackupPro version 2.4 suffers from a cross site scripting vulnerability.
6767817fe5860950f41ec819032f9c3840f6da224c3da044c7046a905e269882
Linksys E-Series unauthenticated remote command execution exploit that leverages the same vulnerability as used in the "Moon" worm.
78e82ca781d0bf202c1592072afde4056c2f49e9ef54f2deb4e6b7ae0a5203ab
H K Digital Online suffers from a remote SQL injection vulnerability.
57529e1228897e3e3426a9220d1201a76f6dfe5e211e8fab8ef65dd630347e2b
Symantec PGP Universal Web Messenger versions prior to 3.3.2 suffer from an unauthorized access vulnerability.
3232c190e9c3b61290c9500712c00ed512bdaaceabaa23ecf04aebb226a5dba7
This Metasploit module exploits a vulnerability found in the command and control panel used to control Dexter (Point of Sale malware). This is done by accessing the PHP page used by bots to report in (gateway.php) which does not sanitize input. Input is encrypted and encoded, but the key is supplied by the bot connecting. The 'page' parameter is used in this case. The command and control panel designates a location to upload files, and can be used as a reliable location to write a PHP shell. Authentication is not needed to exploit this vulnerability.
dce8241e9805e316fba94ae258cb1d530cdf76424afa2b06b216ab421407282c
TomatoCart version 1.1.8.6 suffers from a local file inclusion vulnerability.
0db04e2aa39556df8a1625587d835afcc627d919a44f82e78ca794ed5802b291
WordPress Better WP Security plugin version 3.6.3 suffers from information disclosure and cross site scripting vulnerabilities.
bafa2024f4c45430b34ad1a7bf7281c235b2ac9d77bc18d543a0ac4ec5aa3b0e
Acunetix WordPress WP Security Make Backup plugin version 4.0.3 suffers from a cross site request forgery vulnerability.
b252718580ee023413cc606be9290cfbd4802abfc7c7fe6ae15564dab7317941
Proof of concept SQL injection exploit for the panel in Dexter CasinoLoader. It exploits the gateway for bots to connect in, which sanitizes none of its input. This version of the exploit just dumps database data, and can create a GEXF file to make a graph in Gephi.
e23bf1f6bf9d448ec21c0e08084f86886e247080217d33e730242930b073b444
WordPress Buddypress plugin versions 1.9.1 and below suffer from a privilege escalation vulnerability.
fa0ee4897fffef374ba31d9600f656b4b67d282b9dee8e74e5f06db89ccd0ac0
WordPress Buddypress plugin versions 1.9.1 and below suffer from a persistent cross site scripting vulnerability.
cb6e6a7f1e53ac871ca5f03ab6a3fb79940b35b8a9e403602f1639a1c1c52a7b
Boxcryptor.com suffered from a cross site scripting vulnerability.
aab48458247a4d57f3545b2250a6b9478315321df0e69c78e7b61de5f2d118d3
This Metasploit module exploits a stack-based buffer overflow vulnerability in Easy CD-DA Recorder 2007, caused by a long string in a playlist entry. By persuading the victim to open a specially-crafted .PLS file, a remote attacker could execute arbitrary code on the system or cause the application to crash. This Metasploit module has been tested successfully on Windows XP SP3 and Windows 7 SP1.
c9daf2bd49e0d41a84aba9c84b5e15a725fb5951f463b99f9505e1ba8d5f5f1e
CA 2E Web Option version 8.1.2 suffers from an unauthenticated privilege escalation vulnerability that can allow for a denial of service condition.
cb6ba2704a2a0e3d944bde61fec01be38663ee9a4892d786234c64e6316d2156