Exploiting / Vulnerabilities [Arşiv] - HACKING.GEN.TR Certified Ethical Hacker (CEH)

BigAnt Server
Joomla com_mytube (user_id) Blind SQL Injection Exploit
WX Guest Book 1.1.208 (SQL/XSS) Multiple Remote Vulnerabilities
Snort < 2.8.5 Unified1 Output Denial of Service Exploit
Joomla com_jinc (newsid) Blind SQL Injection Vulnerability
ProdLer
Loggix Project
CMScontrol 7.x (index.php id_menu) SQL Injection Vulnerability
cP Creator 2.7.1 (Cookie tickets) Remote SQL Injection Exploit
BAROSmini 0.32.595 Remote File Inclusion Vulnerabilities
Winplot (.wp2 File) Local Buffer Overflow Exploit
Joomla com_jbudgetsmagic (bid) Remote SQL Injection Vulnerability
DDL CMS 1.0 Multiple Remote File Inclusion Vulnerabilities
Joomla com_surveymanager (stype) SQL Injection Vulnerability
FSphp 0.2.1 Multiple Remote File Inclusion Vulnerabilities
FanUpdate 2.2.1 (show-cat.php listingid) SQL Injection Vuln
Xerver HTTP Server 4.32 XSS / Directory Traversal Vulnerabilities
ClearSite 4.50 (cs_base_path) Remote File Inclusion Vulnerability
Xerver HTTP Server 4.32 Remote Denial of Service Vulnerability
Zainu (album_id) Remote SQL Injection Vulnerability
Mambo Component com_koesubmit 1.0.0 RFI Vulnerability
Joomla Component com_jreservation 1.5 (pid) Blind SQL Injection Exploit
Nephp Publisher Enterprise 4.5 (Auth Bypass) SQL Injection Vulnerability
FMyClone 2.3 Multiple SQL Injection Vulnerabilities
Changetrack 4.3-3 Local Privilege Escalation Vulnerability
CF Shopkart 5.3x (itemid) Remote SQL Injection Vulnerability
OpenSiteAdmin 0.9.7b (pageHeader.php path) RFI Vulnerability
Ease Audio Cutter 1.20 (.wav file) Local Crash PoC
Joomla Component com_album 1.14 Directory Traversal Vulnerability
Quiksoft EasyMail 6 (AddAttachment) Remote Buffer Overflow Exploit
Quiksoft EasyMail 6.0.3.0 imap connect() ActiveX BOF Exploit
phpPollScript
Elite Gaming Ladders 3.2 (platform) SQL Injection Vulnerability
Saphplesson 4.3 Remote Blind SQL Injection Exploit
Notepad++ 5.4.5 Local .C/CPP Stack Buffer Overflow PoC (0day)
MicroCMS 3.5 (SQL/LFI) Multiple Remote Vulnerabilities
Joomla Component com_jlord_rss (id) Blind SQL Injection Exploit
Joomla com_foobla_suggestions (idea_id) SQL Injection Vulnerability
AdsDX 3.05 (Auth Bypass) Remote SQL Injection Vulnerability
NaviCOPA Web Server 3.01 Remote Source Code Disclosure Vulnerability
BigAnt Server 2.50 SP1 (ZIP File) Local Buffer Overflow PoC
Joomla Component com_djcatalog SQL/bSQL Injection Vulnerabilities
MP3 Collector 2.3 (m3u File) Local Crash PoC
BigAnt Server 2.50 GET Request Remote BOF Exploit (SEH) Universal
DJ Studio Pro 4.2 (.PLS file) Local Crash Exploit
iBoutique.MALL 1.2 (cat) Remote Blind SQL Injection Vulnerability
NetAccess IP3 (ping option) Command Injection Vulnerability (auth)
SAP Player 0.9 (.pla) Universal Local Buffer Overflow Exploit (SEH)
VLC Media Player < 0.9.6 (CUE) Local Buffer Overflow PoC
EasyMail Quicksoft 6.0.2.0 (CreateStore) ActiveX Code Execution PoC
EasyMail Quicksoft 6.0.2.0 ActiveX Remote Code Execution PoC
Novell Groupwise Client 7.0.3.1294 ActiveX Denial of Service PoC
efront
Protector Plus Antivirus 8/9 Local Privilege Escalation Vulnerability
HERO SUPER PLAYER 3000 .M3U File Buffer Overflow POC
Three Pillars Help Desk v3 (Auth Bypass) SQL Injection Vulnerability
HotWeb Rentals (details.asp PropId) Blind SQL Injection Vuln
BRS Webweaver 1.33 /Scripts Access Restriction Bypass Vulnerability
BigAnt Server 2.50 GET Request Remote BOF Exploit (SEH) 0day
PowerISO 4.0 Local Buffer Overflow PoC
Batch Picture Watemark 1.0 (.jpg File) Local Crash PoC
Bs Counter 2.5.3 (page) Remote SQL Injection Vulnerability
FotoTagger 2.12.0.0 (.XML File) Buffer Overflow PoC
Tuniac v.090517c (.PLS File) Local Crash PoC
Cerberus FTP Server 3.0.3 Remote Denial of Service Exploit
Apple Safari IPhone (using tel:) Remote Crash Exploit
PHP Pro Bid Remote Blind SQL Injection Exploit
FtpXQ FTP Server 3.0 Remote Denial of Service Exploit (auth)
Mozilla Firefox 2.0.0.16 UTF-8 URL Remote Buffer Overflow Exploit
IPSwitch IMAP Server
MP3 Studio 1.0 (.m3u File) Local Buffer Overflow Exploit
Techlogica HTTP Server 1.03 Arbitrary File Disclosure Exploit
Portable E.M Magic Morph 1.95b .MOR File Stack Buffer Overflow PoC
Neufbox NB4-R1.5.10-MAIN Persistent XSS Vulnerability
httpdx Web Server 1.4 (Host Header) Remote Format String DoS Exploit
Aurora CMS 1.0.2 (install.plugin.php) Remote File Inclusion Vulnerability
Invisible Browsing 5.0.52 (.ibkey) Local Buffer Overflow Exploit
Joomla Component AlphaUserPoints SQL Injection Exploit
Joomla Component Turtushout 0.11 (Name) SQL Injection Vulnerability
Oracle Secure Backup Server 10.3.0.1.0 Auth Bypass/RCI Exploit
Mozilla Firefox < 3.0.14 Multiplatform RCE via pkcs11.addmodule
Kolibri+ Web Server 2 Remote Arbitrary Source Code Disclosure #2
Xerver HTTP Server 4.32 Arbitrary Source Code Disclosure Vuln
Joomla Hotel Booking System XSS/SQL Injection Multiple Vulnerabilities
PHP-IPNMonitor (maincat_id) Remote SQL Injection Vulnerability
Siemens Gigaset SE361 WLAN Remote Reboot Exploit
IBM AIX 5.6/6.1 _LIB_INIT_DBG Arbitrary File Overwrite via Libc Debug
Kolibri+ Webserver 2 (GET Request) Remote SEH Overwrite Exploit
Kolibri+ Webserver 2 Directory Traversal Vulnerability
FreeRadius < 1.1.8 Remote Packet of Death Exploit (CVE-2009-3111)
Linux Kernel 2.4/2.6 sock_sendpage() Local Root Exploit [3]
Gyro 5.0 (SQL/XSS) Multiple Remote Vulnerabilities
Image voting 1.0 (index.php show) SQL Injection Vulnerability
Kolibri+ Webserver 2 Remote Source Code Disclosure Vulnerability
T-HTB Manager 0.5 Multiple Blind SQL Injection Vulnerabilities
An image gallery 1.0 (navigation.php) Local Directory Traversal Vuln
Drunken:Golem Gaming Portal (admin_news_bot.php) RFI Vulnerability
Adult Portal escort listing (user_id) Remote SQL Injection Vulnerability
Bus Script (sitetext_id) Remote SQL Injection Vulnerability
Accommodation Hotel Booking Portal (hotel_id) SQL Injection Vuln
SIDVault 2.0e Windows Remote Buffer Overflow Exploit
PPstream 2.6.86.8900 PPSMediaList ActiveX Remote BOF PoC (1)
PPstream 2.6.86.8900 PPSMediaList ActiveX Remote BOF PoC (2)
PHPope
FreeSchool
SAP Player 0.9 (.m3u) Universal Local BOF Exploit (SEH)
Hamster Audio Player 0.3a (Associations.cfg) Local Buffer Exploit (SEH)
Adobe Acrobat/Reader < 7.1.1/8.1.3/9.1 Collab getIcon Universal Exploit
PHP Live! 3.3 (deptid) Remote SQL Injection Vulnerability
Discuz! Plugin JiangHu
Ve-EDIT 0.1.4 (highlighter) Remote File Inclusion Vulnerability
Linux Kernel < 2.6.19 udp_sendmsg Local Root Exploit (debian/etch)
Linux Kernel < 2.6.19 udp_sendmsg Local Root Exploit (x86/x64)
Ve-EDIT 0.1.4 (debug_php.php) Local File Inclusion Vulnerability
Joomla Component com_gameserver 1.0 (id) SQL Injection Vulnerability
DataLife Engine 8.2 dle_config_api Remote File Inclusion Vulnerability
dTunes 2.72 (Filename Processing) Local Format ****** PoC
phpBB3 addon prime_quick_style GetAdmin Vulnerability
akPlayer 1.9.0 (.plt File) Universal Buffer Overflow Exploit (SEH)
Hamster Audio Player 0.3a (Associations.cfg) Local Buffer Exploit (SEH)
Xstate Real Estate 1.0 (bSQL/XSS) Multiples Vulnerabilities
Kingcms 0.6.0 (menu.php) Remote File Inclusion Vulnerability
Joomla Component com_artportal 1.0 (portalid) SQL Injection Vulns
Joomla Component Agora 3.0.0b (com_agora) LFI Vulnerability
JSFTemplating, Mojarra Scales, GlassFish File Disclosure Vulnerabilities
AIMP2 Audio Converter
Soritong MP3 Player 1.0 (.m3u//UI.txt) Universal Local BOF Exploits
Microsoft IIS 5.0 FTP Server Remote Stack Overflow Exploit (win2k sp4)
SEO-CMS 1.3 (body.php) Remote File Inclusion Vulnerability
Basic PHP Events Lister 2 Reset Admin Pass/Add Admin Vulns
Mybuxscript PTC-BUX (spnews.php) SQL Injection Vulnerability
osCommerce Online Merchant 2.2 RC2a Code Execution Exploit
Apple iPhone 2.2.1/3.x (MobileSafari) Crash & Reboot Exploit (loop)
BandCMS 0.10 news.php Multiple SQL Injection Vulnerabilities
Re-Script v.0.99 Beta ( listings.php op ) SQL Injection Vulnerability
SolarWinds TFTP Server
Ultimate Player 1.56b (.m3u/upl) Universal Local BOF Exploit (SEH)
MailEnable 1.52 HTTP Mail Service Stack BOF Exploit PoC
Hex Workshop 4.23//5.1//6.0 (.hex) Universal Local BOF Exploits (SEH)
Media Jukebox 8 (.pls) Universal Local Buffer Exploit (SEH)
Swift Ultralite 1.032 (.M3U) Local Buffer Overflow PoC
Linux Kernel 2.4/2.6 sock_sendpage() Local Root Exploit (ppc)
Linux Kernel 2.6 < 2.6.19 (32bit) ip_append_data() ring0 Root Exploit
Linux Kernel < 2.6.31-rc7 AF_IRDA 29-Byte Stack Disclosure Exploit
Modern Script
Microsoft IIS 5.0/6.0 FTP Server Remote Stack Overflow Exploit (win2k)
HTML Creator & Sender
uTorrent
Silurus Classifieds System (category.php) SQL Injection Vulnerability
Kaspersky 2010 Remote Memory Corruption / DoS PoC
Pıpl
Joomla Component com_digifolio 1.52 (id) SQL Injection Vulnerability
Uiga Church Portal (year) Remote SQL Injection Vulnerability
Open Auto Classifieds
PAD Site Scripts 3.6 (list.php string) SQL Injection Vulnerability
allomani 2007 (cat) Remote SQL Injection Vulnerability
phpSANE 0.5.0 (save.php) Remote File Inclusion Vulnerability
Discuz! Plugin Crazy Star
TFTPUtil GUI 1.3.0 Remote Denial of Service Exploit
Simple CMS FrameWork
Moa Gallery
TotalCalendar 2.4 (bSQL/LFI) Multiple Remote Vulnerabilities
Moa Gallery 1.2.0 (index.php action) SQL Injection Vulnerability
AiO ( All into One) Flash Mixer 3 (.afp File) Crash PoC
FLIP Flash Album Deluxe 1.8.407.1 (.fft File) Crash PoC
Geeklog
Joomla Component com_jtips 1.0.x (season) bSQL Injection Vuln
Huawei SmartAX MT880 Multiple XSRF Vulnerabilities
NaviCopa Web Server 3.01 Remote Buffer Overflow Exploit
Audacity
Joomla Component com_ninjamonial 1.x (testimID) SQL injection Vulnerability
New5starRating 1.0 (rating.php) SQL Injection Vulnerability
Netgear WNR2000 FW 1.2.0.8 Information Disclsoure Vulnerabilities
WAR-FTPD 1.65 (MKD/CD Requests) Denial of Service Vuln
ITechBids 8.0 (itechd.php productid) Blind SQL Injection Exploit
Fat Player 0.6b (.wav File) Universal Local Buffer Exploit
humanCMS (Auth Bypass) SQL Injection Vulnerability
Uebimiau Webmail 3.2.0-2.0 Arbitrary Database Disclosure Vuln
Multiple BSD Operating Systems setusercontext() Vulnerabilities
Lanai Core 0.6 Remote File Disclosure / Info Disclosure Vulns
BlazeDVD 5.1 Professional (.PLF File) Local BOF Exploit (SEH) (xp/vista)
Avast! 4.8.1335 Professional Local Kernel Buffer Overflow Exploit
FreeBSD
Faslo Player 7.0 (.m3u) Local Buffer Overflow PoC
KSP 2006 FINAL ( .M3U) Universal Local Buffer Exploit (SEH)
Cuteflow 2.10.3 edituser.php Security Bypass Vulnerability
Ed Charkow's Supercharged Linking Blind SQL Injection Exploit
Moa Gallery 1.1.0 (gallery_id) Remote SQL Injection Vulnerability
Arcade Trade Script 1.0b (Auth Bypass) Insecure Cookie Handling Vuln
Photodex ProShow Gold 4 (.psh File) Universal BOF Exploit XP SP3 (SEH)
PHP Dir Submit (aid) Remote SQL Injection Vulnerability
Linux Kernel 2.4/2.6 sock_sendpage() ring0 Root Exploit (simple ver)
Radix Antirootkit < 1.0.0.9 (SDTHLPR.sys) Privilege Escalation Exploit
ProSysInfo TFTP Server TFTPDWIN 0.4.2 Remote BOF Exploit
Ultimate Fade-in slideshow 1.51 Shell Upload Vulnerability
PHP Email Manager (remove.php ID) SQL Injection Vulnerability
CBAuthority - ClickBank Affiliate Management SQL Injection Vulnerability
Best Dating Script Arbitrary Shell Upload Vulnerability
Linux Kernel 2.x sock_sendpage() Local Root Exploit (Android Edition)
VUPlayer
asaher pro 1.0.4 Remote Database Backup Vulnerability
Traidnt UP 2.0 Remote SQL Injection Exploit
ZTE ZXDSL 831 II Modem Arbitrary Configuration Access Vulnerability
Best Dating Script Arbitrary Shell Upload Vulnerability
MyWeight 1.0 Remote Shell Upload Vulnerability
DS CMS 1.0 (nFileId) Remote SQL Injection Vulnerability
VLC Media Player
PHP Competition System
Ignition 1.2 (comment) Remote Code Injection Vulnerability
Linux Kernel 2.x sock_sendpage() Local Root Exploit #2
Linux Kernel 2.x sock_sendpage() Local Ring0 Root Exploit
THOMSON ST585 (user.ini) Arbitrary Download Vulnerability
Gazelle CMS 1.0 Remote Arbitrary Shell Upload Vulnerability
TGS CMS (XSS/SQL/FD/XPath Injection) Multiple Vulnerabilities
Wordpress Plugin WP-Syntax
JBLOG 1.5.1 Remote SQL Table Backup Exploit
EmbedThis Appweb v3.0B.2-4 Multiple Remote Buffer Overflow PoC
VLC Media Player 1.0.0/1.0.1 smb:// URI Handling BOF PoC
pIPL 2.5.0 (.PLS /.PL) Universal Local Buffer Exploit (SEH)
FTPShell Client 4.1 RC2 Name Session Stack Overflow Exploit
Gazelle CMS 1.0 Multiple Vulnerabilities / RCE Exploit
Plume CMS 1.2.3 Multiple SQL Injection Vulnerabilities
MS Wordpad on winXP SP3 Local Crash Exploit
2WIRE Gateway Authentication Bypass & Password Reset Vulnerabilities
Gallarific 1.1 (gallery.php) Arbitrary Delete/Edit Category Vuln
Shorty 0.7.1b (Auth Bypass) Insecure Cookie Handling Vulnerability
Easy Music Player 1.0.0.2 (wav) Universal Local Buffer Exploit (SEH)
Easy Music Player 1.0.0.2 (wav) Universal Local Buffer Exploit (SEH) #2
MS Windows 2003 (EOT File) BSOD Crash Exploit
OCS Inventory NG 1.2.1 (systemid) SQL Injection Vulnerability
Embedthis Appweb 3.0b.2-4 Remote Buffer Overflow PoC
Easy Music Player 1.0.0.2 (wav) Universal Local Buffer Exploit (SEH)
Joomla Component idoblog 1.1b30 (com_idoblog) SQL Injection Vuln
Wordpress
MediaCoder 0.7.1.4490 (.lst/.m3u) Universal BOF Exploit (SEH)
Joomla Component Kunena Forums (com_kunena) bSQL Injection Exploit
Mini-CMS 1.0.1 (page.php id) SQL Injection Vulnerability
CMS Made Simple
Papoo CMS 3.7.3 Authenticated Arbitrary Code Execution Vulnerability
Linux Kernel 2.6.x SCTP FWD Memory Corruption Remote Exploit
SmilieScript
Spiceworks 3.6 Accept Parameter Overflow Crash Exploit
PhotoPost PHP 3.3.1 (XSS/bSQL) Multiple Remote Vulnerabilities
Logoshows BBS 2.0 (DD/ICH) Multiple Remote Vulnerabilities
Logoshows BBS 2.0 (Auth Bypass) SQL Injection Vulnerability
Arab Portal 2.2 (Auth Bypass) Blind SQL Injection Exploit
PHPCityPortal (Auth Bypass) Remote SQL Injection Vulnerability
Facil Helpdesk (RFI/LFI/XSS) Multiples Remote Vulnerabilities
IsolSoft Support Center 2.5 (RFI/LFI/XSS) Multiples Vulnerabilities
Joomla Component com_pms 2.0.4 (Ignore-List) SQL Injection Exploit