22 matches found
EUVD-2008-3558
Malware in sbrugna...
EUVD-2008-3559
Malware in sbrugna...
PT-2023-14963 · Tecrail · Tecrail Responsive Filemanager
Name of the Vulnerable Software and Affected Versions: Tecrail Responsive FileManager versions 9.9.5 and below Description: An issue in Tecrail Responsive FileManager allows attackers to bypass the file extension check mechanism and upload a crafted PHP file, leading to arbitrary code execution...
CyberArk Password Vault Web Access .NET Object Deserialization
The version of CyberArk Password Vault Web Access running on the remote host is prior to 9.9.5, 9.10.x prior to 9.10.1, or is version 10.1. It is, therefore, vulnerable to a remote code execution vulnerability. Note that Nessus has not tested for this issue but has instead relied only on the...
CVE-2018-5735
The Debian backport of the fix for CVE-2017-3137 leads to assertion failure in validator.c:1858; Affects Debian versions 9.9.5.dfsg-9+deb8u15; 9.9.5.dfsg-9+deb8u18; 9.10.3.dfsg.P4-12.3+deb9u5; 9.11.5.P4+dfsg-5.1 No ISC releases are affected. Other packages from other distributions who did similar...
Debian Security Advisory DSA 3680-1 (bind9 - security update)
Two vulnerabilities were reported in BIND, a DNS server. CVE-2016-2775 The lwresd component in BIND which is not enabled by default could crash while processing an overlong request name. This could lead to a denial of service. CVE-2016-2776 A crafted query could crash the BIND name server daemon,...
Debian DSA-3350-1 : bind9 - security update
Hanno Boeck discovered that incorrect validation of DNSSEC-signed records in the Bind DNS server could result in denial of service. Updates for the oldstable distribution wheezy will be released shortly. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks ...
Pligg 9.9.5 - CSRF Protection Bypass and Captcha Bypass
No description provided by source. Written By Michael Brooks Special thanks to str0ke! Pligg - XSRF Protection Bypass and Captcha Bypass affects 9.9.5 XSRF Protection Bypass html !-- Remove this iframe from this file and place it on a site that you want to force people to vote for. Change these...
Pligg 9.9.5 'CAPTCHA' Registration Automation Security Bypass Weakness
No description provided by source. source: http://www.securityfocus.com/bid/30518/info Pligg is prone to a security-bypass weakness. Successfully exploiting this issue will allow an attacker to register multiple new users through an automated process. This may lead to other attacks. Pligg 9.9.5 i...
CVE-2008-6968
CVE-2008-6968 affects Pligg CMS 9.9.5. The vulnerability path is in submit.php, where multiple SQL injection flaws allow remote attackers to execute arbitrary SQL commands via the (1) category and (2) id parameters. The NVD description explicitly states these parameters as injection vectors. Impa...
Pligg 9.9.5 Cross Site Request Forgery
Written By Michael Brooks Special thanks to str0ke! Pligg - XSRF Protection Bypass and Captcha Bypass affects 9.9.5 XSRF Protection Bypass ' width="0%" height="0%" var pliggstorytovotefor="/story.php?title=pliggxss"; function r var Z=false; ifwindow.XMLHttpRequest try Z=new XMLHttpRequest...
Pligg CMS 9.9.5 - Cross-Site Request Forgery Protection Bypass Captcha Bypass
Pligg CMS 9.9.5 - Cross-Site Request Forgery Protection Bypass Captcha Bypass Written By Michael Brooks Special thanks to str0ke! Pligg - XSRF Protection Bypass and Captcha Bypass affects 9.9.5 XSRF Protection Bypass ' width="0%" height="0%" var pliggstorytovotefor="/story.php?title=pliggxss";...
Pligg 9.9.5 XSRF Protection Bypass and Captcha Bypass
No description provided by source. Written By Michael Brooks Special thanks to str0ke! Pligg - XSRF Protection Bypass and Captcha Bypass affects 9.9.5 XSRF Protection Bypass html !-- Remove this iframe from this file and place it on a site that you want to force people to vote for. Change these...
Pligg 9.9.5 XSRF Protection Bypass and Captcha Bypass
Exploit for unknown platform in category web applications ===================================================== Pligg 9.9.5 XSRF Protection Bypass and Captcha Bypass ===================================================== Written By Michael Brooks Pligg - XSRF Protection Bypass and Captcha Bypass...
Pligg 9.9.5b Upload Shell / SQL Injection Exploit
!/usr/bin/perl =about Pligg 9.9.5 Beta Perl exploit AUTHOR discovered & written by Ams ax330d doggy gmail dot com VULN. DESCRIPTION: Vulnerability hides in 'evb/checkurl.php' unfiltered $GET'url' parameter. Actually, it has filtration. Filtration strips tags and converts html special chars , but ...
Pligg 9.9.5b - Arbitrary File Upload SQL Injection
Pligg 9.9.5b - Arbitrary File Upload SQL Injection !/usr/bin/perl =about Pligg 9.9.5 Beta Perl exploit AUTHOR discovered & written by Ams ax330d doggy gmail dot com VULN. DESCRIPTION: Vulnerability hides in 'evb/checkurl.php' unfiltered $GET'url' parameter. Actually, it has filtration. Filtration...
Pligg 9.9.5b - Arbitrary File Upload / SQL Injection
!/usr/bin/perl =about Pligg 9.9.5 Beta Perl exploit AUTHOR discovered & written by Ams ax330d doggy gmail dot com VULN. DESCRIPTION: Vulnerability hides in 'evb/checkurl.php' unfiltered $GET'url' parameter. Actually, it has filtration. Filtration strips tags and converts html special chars , but ...
Pligg 9.9.5b (check_url.php url) Upload Shell/SQL Injection Exploit
No description provided by source. !/usr/bin/perl =about Pligg 9.9.5 Beta Perl exploit AUTHOR discovered & written by Ams ax330d doggy gmail dot com VULN. DESCRIPTION: Vulnerability hides in 'evb/checkurl.php' unfiltered $GET'url' parameter. Actually, it has filtration. Filtration strips tags and...
Pligg 9.9.5b (check_url.php url) Upload Shell/SQL Injection Exploit
Exploit for unknown platform in category web applications =================================================================== Pligg 9.9.5b checkurl.php url Upload Shell/SQL Injection Exploit =================================================================== !/usr/bin/perl =about Pligg 9.9.5 Beta...
Cross site scripting
Cross-site scripting XSS vulnerability in index.php in Pligg 9.9.5 allows remote attackers to inject arbitrary web script or HTML via the category parameter...