Pivot t参数目录遍历漏洞

BUGTRAQ ID: 30012 Pivot是一款基于WEB的帮助用户维护动态站点的工具。 Pivot的search.php文件没有正确过滤对t参数输入的便返回用于显示文件： ... // Set the template for the tags page if !isset$PivotVars't' || empty$PivotVars't' if isset$Weblogs$Currentweblog'extratemplate' && $Weblogs$Currentweblog'extratemplate'!="" $template =...

Pivot 1.40.5 - Dreamwind 'load_template()' Credentials Disclosure

?php / Pivot 1.40.5 'Dreamwind' loadtemplate credentials disclosure exploit by Nine:Situations:Group::bookoo our site: http://retrogod.altervista.org/ software site: http://www.pivotlog.net/ Google dork: "by Pivot - 1.40.5" +'Dreadwind' -pivotlog.net vulnerability: search.php - lines 98-109: ... ...

Design/Logic Flaw

Untrusted search path vulnerability in vmware-authd in VMware Workstation 5.x before 5.5.7 build 91707 and 6.x before 6.0.4 build 93057, VMware Player 1.x before 1.0.7 build 91707 and 2.x before 2.0.4 build 93057, and VMware Server before 1.0.6 build 91891 on Linux, and VMware ESXi 3.5 and VMware...

CMS from Scratch <= 1.1.3 (fckeditor) Remote Shell Upload Exploit

No description provided by source. ?php / ----------------------------------------------------------------- CMS from Scratch = 1.1.3 fckeditor Remote Shell Upload Exploit ----------------------------------------------------------------- author...: EgiX mail.....: n0b0d13satgmaildotcom link.1.:...

Dragoon 0.1 - root Remote File Inclusion

Dragoon 0.1 - root Remote File Inclusion -========================================== ViVa YeMeN ====================================- Name : Dragoon 0.1 Remote File Include Vulnerabilitiy Download From : http://sourceforge.net/project/showfiles.php?groupid=118780 Found By : RoMaNcYxHaCkEr...

Access Restriction Bypass

Overview Affected versions of this package are vulnerable to Access Restriction Bypass. OpenSSH 4.4 up to versions before 4.9 allows remote authenticated users to bypass the sshdconfig ForceCommand directive by modifying the .ssh/rc session file. Remediation There is no fixed version for openssh...

VMware Server 1.0.5多个安全漏洞

BUGTRAQ ID: 28276 CVECAN ID: CVE-2008-1361,CVE-2008-1362,CVE-2008-1363 VMware Server是一款简单易用的服务器虚拟工具。 VMware Server中存在多个安全漏洞，允许恶意的本地用户获得权限提升或导致拒绝服务。 恶意的Windows用户可以通过导致authd进程连接到打开的受恶意用户控制的命名管道获得LocalSystem权限，还可能利用不安全的命名管道对象获得权限提升或导致拒绝服务。在这种情况下，攻击者可以扮演成为authd并获得Authd所执行的权限。...

XWine WINE graphical interface multiple security vulnerabilities

Symbolic links problem on temporary files creation, weak configuration file permissions...

VMWare applications multiple security vulnerabilities

Host to guest shared folder HGFS directory traversal, named pipes privileg e escalation, Windows 2000 privilege escalation, DHCP service DoS, configuration file privilege escalation, memory corruption...

Debian DSA-1516-1 : dovecot - privilege escalation

Prior to this update, the default configuration for Dovecot used by Debian runs the server daemons with group mail privileges. This means that users with write access to their mail directory on the server for example, through an SSH login could read and also delete via a symbolic link mailboxes...

Quantum Game Library 0.7.2c - Remote File Inclusion

Name : Quantum Game Library 0.7.2c Multiple Remote File Include Download From : http://garr.dl.sourceforge.net/sourceforge/quantumstar/qsgen0.7.2c.zip Found By : RoMaNcYxHaCkEr RoMaNTiC-TeaM Home Page : WwW.4RxH.CoM +============================================================================+...

XPWeb 3.3.2 (Download.php url) Remote File Disclosure Vulnerability

No description provided by source. XPWeb 3.3.2 Download.php url Remote File Disclosure Vulnerability http://puzzle.dl.sourceforge.net/sourceforge/xpweb/XPWebv3.3.2.tgz POC : /XPWebv3.3.2/Download.php?url=Config.inc.php /XPWebv3.3.2/Download.php?url=../../../../../../../etc/passwd Dorks :...

GLSA-200801-16 : MaraDNS: CNAME Denial of Service

The remote host is affected by the vulnerability described in GLSA-200801-16 MaraDNS: CNAME Denial of Service Michael Krieger reported that a specially crafted DNS could prevent an authoritative canonical name CNAME record from being resolved because of an 'improper rotation of resource records'...

Belkin Wireless G Plus MIMO Router F5D9230-4 Authentication Bypass Vulnerability

VULNERABILITY: Belkin Wireless G Plus MIMO Router F5D9230-4 Authentication Bypass Vulnerability AUTHOR: DarkFig gmdarkfig at gmail dot com http://acid-root.new.fr/?0:17 [email protected] INTRODUCTION: I recently bought this router for my local network without modem integrated, now I can...

Belkin Wireless G Plus MIMO Router F5D9230-4 Auth Bypass Vulnerability

Exploit for hardware platform in category remote exploits ====================================================================== Belkin Wireless G Plus MIMO Router F5D9230-4 Auth Bypass Vulnerability ====================================================================== VULNERABILITY: Belkin...

Belkin F5D9230-4 Wireless G Plus MIMO Router - Authentication Bypass

Belkin F5D9230-4 Wireless G Plus MIMO Router - Authentication Bypass VULNERABILITY: Belkin Wireless G Plus MIMO Router F5D9230-4 Authentication Bypass Vulnerability AUTHOR: DarkFig http://acid-root.new.fr/?0:17 [email protected] INTRODUCTION: I recently bought this router for my local...

Belkin F5D9230-4 Wireless G Plus MIMO Router - Authentication Bypass

VULNERABILITY: Belkin Wireless G Plus MIMO Router F5D9230-4 Authentication Bypass Vulnerability AUTHOR: DarkFig http://acid-root.new.fr/?0:17 [email protected] INTRODUCTION: I recently bought this router for my local network without modem integrated, now I can tell that it was a bad choic...

Debian: Security Advisory (DSA-509)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DSA-1156)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian Security Advisory DSA 080-1 (htdig)

The remote host is missing an update to htdig announced via advisory DSA 080-1. OpenVAS Vulnerability Test $Id: deb0801.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 080-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...