5327 matches found
Musicbox vuln.
Musicbox vuln. Vuln. discovered by : r0t Date: 16 april 2006 vendorlink:http://www.musicboxv2.com/ affected versions:2.3.3 and previous orginal advisory:http://pridels.blogspot.com/2006/04/musicbox-vuln.html Vuln. Description: 1. Input passed to the "term" parameter when performing a search isn't...
osCommerce "extras/" information/source code disclosure
---- osCommerce = 2.2 "extras/" information/source code disclosure ------------ software site: http://www.oscommerce.com/ if extras/ folder is placed inside the www path, you can see all files on target system, including php source code with database details, poc:...
osCommerce <= 2.2 (extras) Source Code Disclosure Vulnerability
No description provided by source. ---- osCommerce = 2.2 "extras/" information/source code disclosure ------------ software site: http://www.oscommerce.com/ if extras/ folder is placed inside the www path, you can see all files on target system, including php source code with database details, po...
osCommerce 2.2 - 'extras' Source Code Disclosure
---- osCommerce \n"; print nl2brhtmlentitiesimplode$readme, ' '; print "Continue\n"; print "\n"; exit; ... google search: inurl:"extras/update.php" intext:mysql.php -display -------------------------------------------------------------------------------- rgod site: http://retrogod.altervista.org...
osCommerce <= 2.2 (extras) Source Code Disclosure Vulnerability
Exploit for unknown platform in category web applications =============================================================== osCommerce \n"; print nl2brhtmlentitiesimplode$readme, ' '; print "Continue\n"; print "\n"; exit; ... google search: in...
osCommerce 2.2 - extras Source Code Disclosure
osCommerce 2.2 - extras Source Code Disclosure ---- osCommerce \n"; print nl2brhtmlentitiesimplode$readme, ' '; print "Continue\n"; print "\n"; exit; ... google search: inurl:"extras/update.php" intext:mysql.php -display...
[SA19601] dnGuestbook admin.php SQL Injection Vulnerability
TITLE: dnGuestbook admin.php SQL Injection Vulnerability SECUNIA ADVISORY ID: SA19601 VERIFY ADVISORY: http://secunia.com/advisories/19601/ CRITICAL: Moderately critical IMPACT: Manipulation of data WHERE: From remote SOFTWARE: dnGuestbook 2.x http://secunia.com/product/9270/ DESCRIPTION: snatche...
ShopXS v4.0 XSS vuln.
ShopXS v4.0 XSS vuln. Vuln. discovered by : r0t Date: 10 april 2006 vendor:MK Internet-Service GmbH vendorlink:http://www.shopxs.de/ affected versions:ShopXS-Version 4.00 and previous orginal advisory:http://pridels.blogspot.com/2006/04/shopxs-v40-xss-vuln10.html Vuln. Description: Input passed t...
ecotwo Shopsystem vuln.
ecotwo Shopsystem vuln. Vuln. discovered by : r0t Date: 9 april 2006 vendor:http://www.i-webshop.de/6-0-shopsysteme.html affected versions: 1.0-192 and previous orginal advisory: http://pridels.blogspot.com/2006/04/ecotwo-shopsystem-vuln.html Vuln. description: Input passed to the "lang" paramete...
Shopweezle 2.0 multiple vuln.
Shopweezle 2.0 multiple vuln. Vuln. discovered by : r0t Date: 9 april 2006 vendor:http://shopweezle.de/ affected versions: ShopWeezle PERSONAL ShopWeezle PROFESSIONAL ShopWeezle PROFESSIONAL+ orginal advisory: http://pridels.blogspot.com/2006/04/shopweezle-20-multiple-vuln.html Vuln. description:...
APT-webshop-system vuln.
APT-webshop-system vuln. Vuln. discovered by : r0t Date: 9 april 2006 vendor:http://www.apt-webservice.de/shopsoftware/ affected versions: 4.0 PRO 3.0 BASIC 3.0 LIGHT orginal advisory: http://pridels.blogspot.com/2006/04/apt-webshop-system-vuln.html Vuln. description: 1. SQL injection vuln...
Kept in purdah who did not know: FU_Rootkit-vulnerability warning-the black bar safety net
I in 2 0 0 4 year 1 1 period of black anti-posted on the gadgets clever to delete the Guest/Administrator accounts on this article, there are a lot of friends asking about tools is how to write, in fact this tool inside most of the code is my copy FURootkit over. Since friends like, these days I'...
CVE-2006-1598
AN HTTPD 1.42n, and possibly other versions before 1.42p, allows remote attackers to obtain source code of scripts via crafted requests with 1 dot and 2 space characters in the file extension...
Design/Logic Flaw
AN HTTPD 1.42n, and possibly other versions before 1.42p, allows remote attackers to obtain source code of scripts via crafted requests with 1 dot and 2 space characters in the file extension...
CVE-2006-1598
AN HTTPD 1.42n, and possibly other versions before 1.42p, allows remote attackers to obtain source code of scripts via crafted requests with 1 dot and 2 space characters in the file extension...
CVE-2006-1598
Summary: CVE-2006-1598 affects AN HTTPD 1.42n and possibly earlier versions (before 1.42p). Vulnerability: Remote attackers can obtain the source code of scripts by sending crafted requests that exploit specific dot and space characters in the file extension. Impact: Information disclosure (confi...
Bugzero XSS vuln.
Bugzero XSS vuln. Vuln. discovered by : r0t unsecured-systems Date: 1 april 2006 vendor:http://www.websina.com/bugzero/ affected versions:V.4.3.1 and also development version. Bugzero contains a flaws that allows a remote cross site scripting attacks. Those flaws exists because input passed to...
[Full-disclosure] ExplorerXP : Directory Traversal and Cross Site Scripting
ExplorerXP : Directory Traversal and Cross Site Scripting Software : ExplorerXP Description : Two vulnerabilities have been discovered in ExploreXP, which can be exploited by malicious people to conduct directory traversal and Cross Site Scripting attacks. Directory Traversal :...
CVE-2006-1483
Blazix Web Server before 1.2.6, when running on Windows, allows remote attackers to obtain the source code of JSP files via 1 . dot, 2 space, and 3 slash characters in the extension of a URL...
CVE-2006-1483
Blazix Web Server before 1.2.6, when running on Windows, allows remote attackers to obtain the source code of JSP files via 1 . dot, 2 space, and 3 slash characters in the extension of a URL...