288 matches found
Linksys WRT54GC Password Changer
document.senha.submit;...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in osCommerce 2.2 RC 2a allows remote attackers to hijack the authentication of administrators...
GSC Privilege Escalation Exploit
Name: Michael Gray Website: www.ownerarium.net Contact: [email protected] Discovered Exploit: 06-05-2008 Vulnerable Software Title: GSC Vulnerable Version: = 2067 Severity: CRITICAL Website: http://www.getgsc.com Reported to vendor: Yes Actively exploited: Yes Exploit Discovery...
phpBB2012.txt
Just a simple Perl Script for this exploit. I hope it is usefull for some of you ------------------------------------------------------------------------------------------------ !/usr/bin/perl phpBB 2.0.12 Session Handling Administrator Authentication Bypass EXPLOIT written by phuket The discover...
CVE-2002-1410
Easy Guestbook CGI programs do not authenticate the administrator, which allows remote attackers to 1 delete entries via direct access of admin.cgi, or 2 reconfigure Guestbook via direct access of config.cgi...
EUVD-2002-1393
Easy Guestbook CGI programs do not authenticate the administrator, which allows remote attackers to 1 delete entries via direct access of admin.cgi, or 2 reconfigure Guestbook via direct access of config.cgi...
Back Office Web Administrator Authentication Bypass (#NISR17042002A)
NGSSoftware Insight Security Research Advisory Name: Back Office Web Administration Authentication Bypass Systems Affected: Microsoft's Back Office Web Administrator 4.0, 4.5 Severity: Medium/High Vendor URL: http://www.microsoft.com Author: David Litchfield [email protected] Date: 17th April...
Bypassing admin authentication in phpWebLog
Note: Although this software is still in beta stage, there are many websites using it, so i think it's a relevant issue. Author: Jason Hines Homepage: http://www.phpweblog.org | http://sourceforge.net/projects/phpweblog/ Version: 0.4.2 others? Problem: in common.inc.php, $CONF is not properly...