CVE-2007-5724

Multiple cross-site scripting XSS vulnerabilities in Omnistar Live allow remote attackers to inject arbitrary web script or HTML via 1 the categoryid parameter to users/kb.php, and possibly 3 the Email Box field in profile.php...

Analysis of Ronin article system V2. 3-vulnerability warning-the black bar safety net

| Author: ice of origin Description: articles have been published in hackers manual 0 7 year 1 1 period, reproduced please specify the source of! Own just to learn ASP, Hey, no one taught, really cool! It does not, see for yourself a few books, and non-security on each issue analysis of ASP...

Use of system agreement when the backdoor-vulnerability warning-the black bar safety net

This morning inadvertently open the xFocus of a cow's BLOG...The New Year's firsthaha. Found a very interesting thing. Is the use of the system in the registered agreement to execute the command. 具体 连接 :http://coolice.blogdriver.com/coolice/414334.html Then I on their own machine experiment:it...

The new network Union television system vulnerabilities-vulnerability warning-the black bar safety net

Today idle with nothing to do, went to the web to download Hu GE parodied the gold armor on the curse of the full overtime Group on the view. Inadvertently found that the station's software leaderboard on the new affiliate video system v2. 0 popularity index is quite high, so I just put this syst...

CVE-2007-4207

SQL injection vulnerability in adminconsole/index.asp in Gallery In A Box allows remote attackers to execute arbitrary SQL commands via the 1 Username or 2 Password field. NOTE: these fields might be associated with the txtUsername and txtPassword parameters...

Sql injection

SQL injection vulnerability in adminconsole/index.asp in Gallery In A Box allows remote attackers to execute arbitrary SQL commands via the 1 Username or 2 Password field. NOTE: these fields might be associated with the txtUsername and txtPassword parameters...

CVE-2007-4207

CVE-2007-4207 affects Gallery In A Box, via an SQL injection in admin_console/index.asp. The vulnerability allows remote attackers to execute arbitrary SQL commands through the Username or Password fields (potentially txtUsername/txtPassword). Exploitation is described as network-based and unauth...

CVE-2007-4207

SQL injection vulnerability in adminconsole/index.asp in Gallery In A Box allows remote attackers to execute arbitrary SQL commands via the 1 Username or 2 Password field. NOTE: these fields might be associated with the txtUsername and txtPassword parameters...

Webspell 4.x Local File Inclusion

muH - $Title: Webspell 4.x Local File Inclusion Win $Damage Factor: Medium - High $Requires: Win Box & Php Supporting 00 $Discovered by muH $Usage: http://server.com/index.php?site=c:windowsrepairsam00...

CVE-2007-3678

Stack-based buffer overflow in the MSWord text-import extension Word 6-2000 Filter.xnt in QuarkXPress 7.2 for Windows, when using the Rectangle Text Box tool for importing text, allows user-assisted remote attackers to execute arbitrary code via a long font name...

CVE-2007-3678

Stack-based buffer overflow in the MSWord text-import extension Word 6-2000 Filter.xnt in QuarkXPress 7.2 for Windows, when using the Rectangle Text Box tool for importing text, allows user-assisted remote attackers to execute arbitrary code via a long font name...

Sql injection

SQL injection vulnerability in BugMall Shopping Cart 2.5 and earlier allows remote attackers to execute arbitrary SQL commands via the "basic search box." NOTE: 4.0.2 and other versions might also be affected...

CVE-2007-3447

SQL injection vulnerability in BugMall Shopping Cart 2.5 and earlier allows remote attackers to execute arbitrary SQL commands via the "basic search box." NOTE: 4.0.2 and other versions might also be affected...

Dart Communications PowerTCP - Service Control Remote Buffer Overflow

'metasploit one, 456 bytes - cmd /c net user su tzu /add & net localgroup Administrators su /add shellcode =...

rpm2html 1.6 XSS Vulnerability

----------------------------------------------------------------------| My Name: Vladiii | My Country: Romania | My Site: http://www.rstzone.net | My Team: I hope to enter in RST-Crew : | Contact me: [email protected] | Special Shoutz: kw3rln fluffybunny, floflowsupremacy, mozi2weed, | & all...

CVE-2006-7023

Multiple cross-site scripting XSS vulnerabilities in fx-APP 0.0.8.1 allow remote attackers to inject arbitrary HTML or web script via 1 the search box, and the 2 url, 3 website, 4 comment, and 5 signature fields in the profile, and possibly 6 a menu item...

With ASP Trojan FTP and decompression-vulnerability warning-the black bar safety net

In broilers placed on the website,the most troublesome is probably the update and upload a lot of files, Terminal Services broad daylight easy to be found,open your own ftp and not assured. Your own online in a circle is found by combining the non-component upload asp Trojan can be easily achieve...

WEB vulnerabilities mining techniques-vulnerability warning-the black bar safety net

Source: security focus Author: 7all sgh81at163.com WEB vulnerability Mining Technology |=---------------= WEB vulnerability Mining Technology=-----------------------------=| |=-----------------------------------------------------------------=| |=---------------= 7all7all7at163. com...

Cross site scripting

Cross-site scripting XSS vulnerability in search in High 5 Review Site allows remote attackers to inject arbitrary web script or HTML via the q parameter aka the search box...

Microsoft Visual C++ (.RC) resource files buffer overflow vulnerability

Advisory: //////////// Microsoft Visual C++ 6.0 is prone to stack based memory corruption vulnerability during processing .RC resource files, caused by the lack of input data boundary check. Vulnerable software: //////////////////// Microsoft Visual Studio 6.0 SP6 Impact: /////// Remote code...