EasyPHP 3.0 - Arbitrary Modify Configuration File

Bug : Arbitrary Modify Configuration File Vendor : EasyPHP Vendor URI : http://sourceforge.net/projects/quickeasyphp/ Product : EasyPHP 2.0 Author : Zigma zigmatn @ gmail.com http://NullArea.NET Description : EasyPHP is a WAMP software bundle that installs web server services onto the Windows...

EasyPHP 3.0 Arbitrary Modify Configuration File Vulnerability

Exploit for unknown platform in category local exploits ============================================================= EasyPHP 3.0 Arbitrary Modify Configuration File Vulnerability ============================================================= Bug : Arbitrary Modify Configuration File Vendor :...

Qt QuickTeam - Multiple Remote File Inclusions

Qt QuickTeam - Multiple Remote File Inclusions =-=-remote file include-=-= -=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-=-=-=-=-=-=-=-= script::quickteam 2 ------------------------------------------------- Author: ahmadbady my site :Coming Soon =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= download...

Apache Web Server Configuration File Environment Variable Local Buffer Overflow Vulnerability

According to its version number, the remote version of Apache Web Server is prone to a local buffer-overflow vulnerability that affects a configuration file environment variable. This occurs because the application fails to validate user-supplied string lengths before copying them into finite...

Apache HTTP Server Configuration File Environment Variable Local Buffer Overflow Vulnerability

According to its version number, the remote version of Apache Web Server is prone to a local buffer-overflow vulnerability that affects a configuration file environment variable. Copyright C 2009 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are...

CVE-2008-6755

ZoneMinder 1.23.3 on Fedora 10 sets the ownership of /etc/zm.conf to the apache user account, and sets the permissions to 0600, which makes it easier for remote attackers to modify this file by accessing it through a 1 PHP or 2 CGI script...

FreeBSD : mnGoSearch buffer overflow in UdmDocToTextBuf() (87cc48fd-5fdd-11d8-80e3-0020ed76ef5a)

Jedi/Sector One reported the following on the full-disclosure list : Every document is stored in multiple parts according to its sections description, body, etc in databases. And when the content has to be sent to the client, UdmDocToTextBuf concatenates those parts together and skips metadata...

Fedora Core 9 FEDORA-2009-3692 (phpMyAdmin)

The remote host is missing an update to phpMyAdmin announced via advisory FEDORA-2009-3692. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by...

Fedora 9 : phpMyAdmin-3.1.3.2-1.fc9 (2009-3692)

Improvements for 3.1.3.2: - security Insufficient output sanitizing when generating configuration file http://www.phpmyadmin.net/homepage/security/PMASA-2009-4.php Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable...

phpMyAdmin 'CVE-2009-1285' Configuration File PHP Code Injection Vulnerability

According to its version number, the remote version of phpMyAdmin is prone to a remote PHP code-injection vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

W2B Restaurant 1.2 - conf.inc Configuration File Disclosure

W2B Restaurant 1.2 - conf.inc Configuration File Disclosure || || | || o,7 || . o7 || 4||| ow, : / / . |-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=| | | | /' \ /'\ /\ \ /'\ /\ \ | | /, \ /\/\L\ \ \ \ ,/\ /\ \ \ \ / | | //\ \ /' \ /\ //\ Kings of injection | | //...

Job2C - 'conf.inc' Configuration File Disclosure

|| || | || o,7 || . o7 || 4||| ow, : / / . |-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=| | | | /' \ /'\ /\ \ /'\ /\ \ | | /, \ /\/\L\ \ \ \ ,/\ /\ \ \ \ / | | //\ \ /' \ /\ //\ Kings of injection | | // | | |...

phpAdBoard - 'conf.inc' Remote Configuration File Disclosure

|| || | || o,7 || . o7 || 4||| ow, : / / . |-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=| | | | /' \ /'\ /\ \ /'\ /\ \ | | /, \ /\/\L\ \ \ \ ,/\ /\ \ \ \ / | | //\ \ /' \ /\ //\ Kings of injection | | // | | |...

Insufficient output sanitizing when generating configuration file.

PMASA-2009-4 Announcement-ID: PMASA-2009-4 Date: 2009-04-14 Summary Insufficient output sanitizing when generating configuration file. Description Setup script used to generate configuration can be fooled using a crafted POST request to include arbitrary PHP code in generated configuration file...

phpmyadmin -- insufficient output sanitizing when generating configuration file

phpMyAdmin Team reports: Setup script used to generate configuration can be fooled using a crafted POST request to include arbitrary PHP code in generated configuration file. Combined with ability to save files on server, this can allow unauthenticated users to execute arbitrary PHP code. This...

GLSA-200904-12 : Wicd: Information disclosure

The remote host is affected by the vulnerability described in GLSA-200904-12 Wicd: Information disclosure Tiziano Mueller of Gentoo discovered that the DBus configuration file for Wicd allows arbitrary users to own the org.wicd.daemon object. Impact : A local attacker could exploit this...

PHP-Agenda <= 2.2.5 Remote File Overwriting Vulnerabilities

Exploit for unknown platform in category web applications =========================================================== PHP-Agenda PHP-agenda To execute commands: http://www.site.com/path/config.inc.php?cmd=uname -a + Fix You must delete install.php after installation...

Koschtit Image Gallery 1.82 Local File Inclusion

:local file include: script: koschtitimagegalleryv1.82 download from:http://koschtit..tabere.net/download/ or http://koschtit.tabere.net/en/getit vul:/kibase/kimakepic.php ifisset$GET'file' $file = "../kigalleries/".$GET'file'; else exit; $gallery = substr$GET'file', 0, strpos$GET'file', "/";...

Debian DSA-1758-1 : nss-ldapd - insecure config file creation

Leigh James discovered that nss-ldapd, an NSS module for using LDAP as a naming service, by default creates the configuration file /etc/nss-ldapd.conf world-readable which could leak the configured LDAP password if one is used for connecting to the LDAP server. %NASLMINLEVEL 70300 C Tenable Netwo...

Information disclosure

Vidalia bundle before 0.1.2.18, when running on Windows, installs Privoxy with a configuration file config.txt or config that contains an insecure enable-remote-http-toggle setting, which allows remote attackers to bypass intended access restrictions and modify configuration...