1030 matches found
PostNuke 0.6 Unauthenticated User Login Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/3435/info PostNuke, successor to PHPNuke, is a content management system written in PHP. PostNuke versions 0.62 to 0.64 suffer from a vulnerability that allows a remote user to log-in as any user with known username and I...
PHP Charts 1.0 (index.php, type param) - Remote Code Execution
No description provided by source. !/usr/bin/python Original Advisory came from: http://packetstormsecurity.com/files/119582/PHP-Charts-1.0-Code-Execution.html infodox - insecurety.net import requests import random import threading import sys def genpayloadhost, port: Perl Reverse Shell Generator...
Symantec Web Gateway 5.0.2 - Remote LFI Root Exploit
No description provided by source. !/usr/bin/python Symantec Web Gateway 5.0.2 Remote LFI root Exploit Proof of Concept Exploit requires no authentication, /tmp/networkScript is sudoable and apache writable. muts at offensive-security dot com import socket import base64 payload= '''echo...
National Science Foundation Squid Web Proxy 1.0/1.1/2.1 Authentication Failure
No description provided by source. source: http://www.securityfocus.com/bid/741/info There is a vulnerability present in certain versions of the Squid Web Proxy Cache developed by the National Science Foundation. This problem is only in effect when users of the cache are using an external...
Sysax Multi Server <= 5.52 File Rename BoF RCE (Egghunter)
No description provided by source. !/usr/bin/python Title: Sysax Multi Server = 5.52 File Rename BoF RCE Egghunter Author: Craig Freyman @cd1zz Tested on: XP SP3 32bit and Server 2003 SP2 32bitNo DEP Software Versions Tested: 5.50 and 5.52 Date Discovered: Febrary 1, 2012 Vendor Contacted: Febrar...
Design/Logic Flaw
LiveZilla before 5.1.1.0 stores the admin Base64 encoded username and password in a 1click file, which allows local users to obtain access by reading the file...
逐浪CMS某处编码SQL注入漏洞
简要描述: 逐浪cms某处编码SQL注入漏洞 详细说明: 地址 http://demo.zoomla.cn/3d/InsertContext.aspx protected void PageLoadobject sender, EventArgs e if base.Request.QueryString"type" != null this.md.Caddtime = DateTime.Now; this.md.Cadduser = this.user.GetLogin.UserName; string s = base.Request.Form.ToString; s =...
CVE-2013-6372
The Subversion plugin before 1.54 for Jenkins stores credentials using base64 encoding, which allows local users to obtain passwords and SSH private keys by reading a subversion.credentials file...
CVE-2013-6372
The Subversion plugin before 1.54 for Jenkins stores credentials using base64 encoding, which allows local users to obtain passwords and SSH private keys by reading a subversion.credentials file...
Design/Logic Flaw
The Subversion plugin before 1.54 for Jenkins stores credentials using base64 encoding, which allows local users to obtain passwords and SSH private keys by reading a subversion.credentials file...
CVE-2013-6372
The CVE-2013-6372 issue affects the Jenkins Subversion plugin prior to version 1.54. The vulnerability arises because credentials are stored using base64 encoding in a subversion.credentials file, allowing local users to read and extract passwords and SSH private keys. Impact is limited to local ...
CVE-2013-6372
The Subversion plugin before 1.54 for Jenkins stores credentials using base64 encoding, which allows local users to obtain passwords and SSH private keys by reading a subversion.credentials file...
PT-2014-3100 · Jenkins · Jenkins Subversion Plugin
Name of the Vulnerable Software and Affected Versions: Jenkins Subversion plugin versions prior to 1.54 Description: The issue allows local users to obtain passwords and SSH private keys by reading a subversion.credentials file, due to the storage of credentials using base64 encoding...
COLDFUSION(CVE-2 0 1 0-2 8 6 1) the local contains a the use of method-vulnerability warning-the black bar safety net
Recently saw foreigner an article said that the CVE-2 0 1 0-2 8 6 1 This use of the method, only seen by reading the password. properties in the password field, to crack the SHA-1 value of the login background, or by passing a hash of the landing back, haven't seen can directly get the SHELL. In...
Design/Logic Flaw
Luci in Red Hat Conga stores the user's username and password in a Base64 encoded string in the ac session cookie, which allows attackers to gain privileges by accessing this cookie. NOTE: this issue has been SPLIT due to different vulnerability types. Use CVE-2013-7347 for the incorrect...
Trustport Webfilter Traversal / File Disclosure
Trustport Webfilter Remote File Access Vulnerability ==================================================== Affected Product ---------------- Product Name: Trustport Webfilter Product Version: 5.5.0.2232 Platform: Microsoft Windows Product/Company Information --------------------------- From...
WordPress Advanced XML Reader 0.3.4 XXE Injection
The WordPress plugin Advanced XML Reader v0.3.4 published here: http://wordpress.org/extend/plugins/advanced-xml-reader/ is susceptible to XXE XML eXternal Entity processing attacks. After installing the plugin on a Windows machine, I created a text file in the root of C:\ named "test.txt", which...
Multiple XSS in Hero Framework
High-Tech Bridge Security Research Lab discovered two XSS vulnerabilities in Hero Framework, which can be exploited to perform cross-site scripting attacks against vulnerable application. 1 Multiple XSS in Hero Framework: CVE-2013-2649 1.1 The vulnerability exists due to insufficient sanitisation...
Secret phpwebshell in the backdoor-vulnerability warning-the black bar safety net
Only will this document give to others the webshell to make a contribution to the classmates. Take down a website, after, Of course, pass webshll, mention right. But some people will be in webshell insert small piece of code, so that your hard-won webshell address and password, and so on will be...
DEBIAN-CVE-2012-5468
Heap-based buffer overflow in iconvert.c in the bogolexer component in Bogofilter before 1.2.3 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via an email containing a base64 string that is decoded to incomplete multibyte characters...