Sagem Fast is an ADSL Router using a web management interface in order to change configuration settings. The router is vulnerable to an authentication bypass bug which allows unprivileged users to modify the preconfigured root password then log in with administrator permissions.
22949d840ab867cf6603792f10c2fe512c4dd7337b959b8e1cc56ae6e862bc96
QuickCms version 5.4 suffers from cross site request forgery and cross site scripting vulnerabilities.
77eab728345f155d905fd86af5dad89e8d24897cf985afdf2915d8fa61b866c9
csUpload from cgiscript.net suffers from an authentication bypass vulnerability.
735e30938f02765f8496c0e66fc35e514faf5d375041331fcaf86ea5113eb8c6
This Metasploit module creates a malicious RTF file that when opened in vulnerable versions of Microsoft Word will lead to code execution. The flaw exists in how a listoverridecount field can be modified to treat one structure as another. This bug was originally seen being exploited in the wild starting in April 2014. This Metasploit module was created by reversing a public malware sample.
dc312c58b345cdc30586c860d412b91fcac1d29d8b039194c3e389f62ccf5683
This python script is a modification of the heartbleed proof of concept exploit that looks for cookies, specifically user sessions.
6be146c172695396122c8d40d4638e904f2ee1a827bd6f5062014ed22f051f9f
This Perl script listens on TCP port 443 and responds with completely bogus SSL heartbeat responses, unless it detects the start of a byte pattern similar to that used in Jared Stafford's (jspenguin@jspenguin.org) demo for CVE-2014-0160 'Heartbleed'. Run as root for the privileged port. Outputs IPs of suspected heartbleed scan to the console. Rickrolls scanner in the hex dump.
796ad9cc3fad4c720764e5e9bf2d2d16466658b294a8ea3c9c7312235cba21cd