Multiple Vulnerabilities in Piwigo

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in Piwigo, which can be exploited to perform Сross-Site Request Forgery and Path Traversal attacks. 1 Сross-Site Request Forgery CSRF in Piwigo: CVE-2013-1468 The vulnerability exists due to insufficient verificatio...

Hunt CCTV DVR.cfg Direct Request Information Disclosure

The remote web server appears to be part of a digital video recorder DVR, such as models of Hunt CCTV, that is affected by an information disclosure vulnerability. Specifically, an unauthenticated remote attacker can retrieve the device's configuration file, 'DVR.cfg', which contains sensitive...

Nagios XI 2012R1.5b XSS / Command Execution / SQL Injection / CSRF

Nagios XI version 2012R1.5b suffers from cross site request forgery, cross site scripting, remote command injection, and remote SQL injection vulnerabilities. Reflected XSS: Alert Cloud Component: Example URL: http://nagiosxiserver/nagiosxi/includes/components/alertcloud/index.php?width=800";...

Simple Machine Forum 2.0.x 2.0.4 - File Disclosure Directory Traversal

Simple Machine Forum 2.0.x 2.0.4 - File Disclosure Directory Traversal Exploit Title: SMF /index.php?action=admin;area=logs;sa=errorlog;file=BASE64 ENCODED FILE PATH;line=LINE NUMBER Example : /srv/www/smf/Settings.php : L3Nydi93d3cvc21mL1NldHRpbmdzLnBocA= /etc/passwd : L2V0Yy9wYXNzd2Q= SMF...

Nagios XI 2012R1.5b XSS / Command Execution / SQL Injection / CSRF

Reflected XSS: Alert Cloud Component: Example URL: http://nagiosxiserver/nagiosxi/includes/components/alertcloud/index.php?width=800"; alert'xss'; var aa="a" : "b" : " The vulnerable code in Alert Cloud's index.php appears to have been copied and pasted into several other components as well...

ASPCMS old version spike get SHELL-vulnerability warning-the black bar safety net

Old ASPCMS version of the Spike to get SHELL vulnerability Find a background that... Then /admin/system/AspCmsSiteSetting. asp? action=saves Direct POST...

D-Link DCS Cameras Authentication Bypass / Command Execution

D-Link DCS Cameras suffer from authentication bypass and remote command execution vulnerabilities due to a remote information disclosure of the configuration. Unauthenticated remote access to D-Link DCS cameras =================================================== ADVISORY INFORMATION Title:...

Scientific Linux Security Update : net-snmp on SL5.x i386/x86_64 (20130108)

An out-of-bounds buffer read flaw was found in the net-snmp agent. A remote attacker with read privileges to a Management Information Base MIB subtree handled by the 'extend' directive in '/etc/snmp/snmpd.conf' could use this flaw to crash snmpd via a crafted SNMP GET request. CVE-2012-2141 Bug...

Слабая криптография в IP-телефонах Aastra

Configuration file encryption is vulnerable to replay attacks...

Design/Logic Flaw

Opera before 12.12 on UNIX uses weak permissions for the profile directory, which allows local users to obtain sensitive information by reading a 1 cache file, 2 password file, or 3 configuration file, or 4 possibly gain privileges by modifying or overwriting a configuration file...

Chromium to 25.0.1343 (important)

Chromium was updated to 25.0.1343 Security Fixes bnc791234 and bnc792154: - CVE-2012-5131: Corrupt rendering in the Apple OSX driver for Intel GPUs - CVE-2012-5133: Use-after-free in SVG filters. - CVE-2012-5130: Out-of-bounds read in Skia - CVE-2012-5132: Browser crash with chunked encoding -...

Cisco DPC2420 - Multiples Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - Title: DPC2420 Multiple vulnerabilities - Author: Facundo M. de la Cruz tty0 - E-mail: [email protected] =20 0x00 Details Vendor : Cisco Model : DPC2420 type : Cablemodem router.=20 Firmware: D2425-P10-13-v202r12811-110511as-TRO.bin Software:...

Cisco DPC2420 - Multiples Vulnerabilities

Cisco DPC2420 - Multiples Vulnerabilities -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - Title: DPC2420 Multiple vulnerabilities - Author: Facundo M. de la Cruz tty0 - E-mail: [email protected] =20 0x00 Details Vendor : Cisco Model : DPC2420 type : Cablemodem router.=20 Firmware:...

Cisco DPC2420 Cross Site Scripting / File Disclosure

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - Title: DPC2420 Multiple vulnerabilities - Author: Facundo M. de la Cruz tty0 - E-mail: [email protected] 0x00 Details Vendor : Cisco Model : DPC2420 type : Cablemodem router. Firmware: D2425-P10-13-v202r12811-110511as-TRO.bin Software:...

Site Builder RumahWeb Arbitrary Config File Disclosure Vulnerability

Exploit for php platform in category web applications ========================================================================================== Site Builder RumahWeb Arbitrary Config File Disclosure Vulnerability...

The new concept of foreign language network teaching platform file upload vulnerability-vulnerability warning-the black bar safety net

A lot of universities are using this learning platform, this vulnerability can lead directly to get questions answers, or even as a springboard to continue to penetrate into other school Server Detailed description: South of the Open University as an example: http://222.30.60.3/NPELS...

The new concept of foreign language network teaching platform to upload files and repair programme-vulnerability warning-the black bar safety net

Information disclosure and privilege is not strict result in the column directory and upload To a certain University, for example: http://www.myhack58.com /NPELS NPELSLearningCenter5. 0 client Update. exe. config file leaked an important address setting name="UpdateCommonSvrCommonService"...

Novell NetIQ Privileged User Manager 2.3.1 ldapagnt.dll Code Execution

Novell NetIQ Privileged User Manager version 2.3.1 suffers from a perl code evaluation remote command execution vulnerability in ldapagnteval in ldapagnt.dll. The secure web interface contains a flaw which allows, without prior authentication, to execute a Perl script with SYSTEM privileges. This...

Novell NetIQ Privileged User Manager 2.3.1 - auth.dll pa_modify_accounts() Remote Code Execution

Novell NetIQ Privileged User Manager 2.3.1 - auth.dll pamodifyaccounts Remote Code Execution Novell NetIQ Privileged User Manager 2.3.1 auth.dll pamodifyaccounts Remote Code Execution pre auth / SYSTEM privileges Tested against: Microsoft Windows 2003 r2 sp2 download url:...

Ubuntu 10.04 LTS / 11.10 / 12.04 LTS / 12.10 : munin vulnerabilities (USN-1622-1)

It was discovered that the Munin qmailscan plugin incorrectly handled temporary files. A local attacker could use this issue to possibly overwrite arbitrary files. This issue only affected Ubuntu 10.04 LTS, Ubuntu 11.10, and Ubuntu 12.04 LTS. CVE-2012-2103 It was discovered that Munin incorrectly...