There is no place like 127.0.0.1

This Metasploit module exploits various flaws in The Uploader to upload a PHP payload to target system. When run with defaults it will search possible URIs for the application and exploit it automatically. Works against both English and Italian language versions. Notably it disables pre-emptive email warnings before uploading the payload, though it leaves lo […]

This Metasploit module exploits a vulnerability in the CmdProcessor.exe component of Trend Micro Control Manager up to version 5.5. The specific flaw exists within CmdProcessor.exe service running on TCP port 20101. The vulnerable function is the CGenericScheduler::AddTask function of cmdHandlerRedAlertController.dll. When processing a specially crafted IPC […]

This Metasploit module exploits a flaw in the Web Start component of the Sun Java Runtime Environment. The arguments passed to Java Web Start are not properly validated, allowing injection of arbitrary arguments to the JVM. By utilizing the lesser known -J option, an attacker can take advantage of the -XXaltjvm option, as discussed previously by Ruben Santam […]

This Metasploit module exploits a stack-based buffer overflow in Orbit Downloader. The vulnerability is due to Orbit converting an URL ascii string to unicode in a insecure way with MultiByteToWideChar. The vulnerability is exploited with a specially crafted metalink file that should be opened with Orbit through the "File->Add Metalink..." optio […]

e-Rapido version 3.3.2 suffers from a remote SQL injection vulnerability.

Redtienda E-Commerce version 2.0 suffers from a remote SQL injection vulnerability.

Mobile MP3 Search Engine version 2.0 suffers from a HTTP response splitting vulnerability.

phpDenora versions 1.4.6 and below suffer from multiple remote SQL injection vulnerabilities.

YVS Image Gallery version 0.0.0.1 suffers from a remote SQL injection vulnerability.

The D-Link DSL-2640B ADSL router suffers from a simple authentication bypass vulnerability by spoofing the MAC address of a logged in administrator.

AlegroCart versions 1.2.7 and below suffer from a remote command execution vulnerability.

All versions of Snop IP Phone prior to 8.4.35 suffer from a privilege escalation vulnerability.

The Joomla Dtregister component suffers from a remote SQL injection vulnerability.

Interspire Shopping Cart forces poor permissions on config.php by design and by doing so leaks information like the database login and password to any local user.

Sagem F@ST 2604 suffers from a cross site request forgery vulnerability.

BRIM versions prior to 2.0.0 suffer from a remote SQL injection vulnerability.

WordPress Magn WP Drag and Drop suffers from a shell upload vulnerability.

DFLabs PTK versions 1.0.5 and below suffer from a cross site request forgery vulnerability.

Philip Abbey suffers from a cross site scripting vulnerability.

Limesurvey version 1.91+ build 11804 suffers from a remote blind SQL injection vulnerability.