Tag : auth
Page 1 of 604 exploits
 |
Title | Author | Platform | Source | Description | Date |
|---|---|---|---|---|---|---|
|
phpMyAdmin Authenticated Remote Code Execution via preg_replace() | metasploit | php | exploit-db.com | This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 < Msf::Exploit | May 1 |
|
|
SAP ConfigServlet Remote Unauthenticated Payload Execution | Andras Kabai | windows | exploit-db.com | require 'msf/core' class Metasploit3 < Msf::Exploit include Msf::Exploit::Remote::HttpClient include Msf::Exploit::CmdStagerVBS def initialize(info = {}) super(update_info(info, 'Name' => 'SAP ConfigServlet OS Command Execution', 'Description' => %q{ This mo | April 25 |
|
|
Google Chrome Silent HTTP Authentication | T355 | multiple | exploit-db.com | Exploit Title: [Google Chrome Silent HTTP Authentication] Date: [2-5-2013] Exploit Author: [T355] Vendor Homepage: [http://www.google.com/chrome] Version: [24.0.1312.57] Tested on: [Tested on: Windows 7 & Mac OSX Mountain Lion] CVE : [n/a] VULNERABILITY DETAILS The latest ver | February 11 |
|
|
SpiceWorks 5.3.75941 Stored XSS and Post-Auth SQL Injection | dookie | windows | exploit-db.com | Product: SpiceWorks Version: 5.3.75941 Vendor Site: http://www.spiceworks.com/community/ Software Download Link: http://www.spiceworks.com/download/?utm_source=comm-secondary-link&utm_medium=website&utm_campaign=homepage Installer Filename: Spiceworks.exe MD5: 023bd361c0f9402dc07adbc5a72fe31d | July 23 |
|
|
Openfire <= 3.6.0a Admin Console Authentication Bypass | metasploit | jsp | exploit-db.com | This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' require 'rex/z | June 28 |
|
|
SoftPerfect Bandwidth Manager 2.9.10 Authentication Bypass | Gitsnik | windows | exploit-db.com | Authentication Bypass and Password disclosure. SoftPerfect Bandwidth Manager Authentication Bypass *Date:* 22-June-2012 *Author:* Gitsnik http://dracyrys.com/softperfect *Vendor Homepage:* http://www.softperfect.com/ *Software Link:* http://www.softperfect.com/products/bandwidth/ *Version:* | June 22 |
|
|
Huawei HG866 Authentication Bypass | hkm | hardware | exploit-db.com | Exploit Title: Huawei HG866 Authentication Bypass Date: Jun 14 2012 Exploit Author: hkm Vendor Homepage: http://www.huawei.com Version: V1R2C01SPC202, R3.2.4.92sbn - R3.4.2.257sbn, 3FE53864AOCB16 Tested on: HG866GTA_VER.C, 01, 02 Advisory: http://websec.mx/advisories/view/Evasion | June 16, 2012 |
|
|
MySQL Remote Root Authentication Bypass | David Kennedy (Re. | multiple | exploit-db.com | !/usr/bin/python This has to be the easiest "exploit" ever. Seriously. Embarassed to submit this a little. Title: MySQL Remote Root Authentication Bypass Written by: Dave Kennedy (ReL1K) http://www.secmaniac.com Original advisory here: seclists.org/oss-sec/2012/q2/493 im | June 12, 2012 |
|
|
F5 BIG-IP Remote Root Authentication Bypass Vulnerability | Florent Daigniere | hardware | exploit-db.com | Matta Consulting - Matta Advisory https://www.trustmatta.com F5 BIG-IP remote root authentication bypass Vulnerability Advisory ID: MATTA-2012-002 CVE reference: CVE-2012-1493 Affected platforms: BIG-IP platforms without SCCP Version: 11.x 10.x 9.x Date: 2012-February- | June 11, 2012 |
|
|
Mod_Auth_OpenID Session Stealing Vulnerability | Peter Ellehauge | linux | exploit-db.com | https://github.com/paranoid/mod_auth_openid/blob/master/CVE-2012-2760.markdown Security Advisory 1201 Summary : Session stealing Date : May 2012 Affected versions : all versions prior to mod_auth_openid-0.7 ID : mod_auth_openid-1201 | May 24, 2012 |
|
|
b2ePMS 1.0 Authentication Bypass Vulnerability | Jean Pascal Perei. | php | exploit-db.com |
b2ePMS 1.0 Authentication Bypass Vulnerability
Discovered by: Jean Pascal Pereira |
May 15, 2012 |
|
|
OpenConf <= 4.11 (author/edit.php) Remote Blind SQL Injection Exploit | EgiX | php | exploit-db.com | May 2, 2012 | |
|
|
WebCalendar 1.2.4 Pre-Auth Remote Code Injection | metasploit | linux | exploit-db.com | This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasp | April 29, 2012 |
|
|
Dolibarr ERP & CRM 3 Post-Auth OS Command Injection | metasploit | php | exploit-db.com | This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasp | April 9, 2012 |
|
|
PHP Grade Book 1.9.4 Unauthenticated SQL Database Export | Mark Stanislav | php | exploit-db.com | 'PHP Grade Book' Unauthenticated SQL Database Export (CVE-2012-1670) Mark Stanislav - mark.stanislav@gmail.com I. DESCRIPTION --------------------------------------- A vulnerability exists in admin/index.php that allows for an unauthenticated user to export the entire application database by accessi | March 22, 2012 |