2125 matches found
GLSA-201701-30 : vzctl: Security bypass
The remote host is affected by the vulnerability described in GLSA-201701-30 vzctl: Security bypass It was discovered that vzctl determined the virtual environment VE layout based on the presence of root.hdd/DiskDescriptor.xml in the VE private directory. This allows local simfs container CT root...
vzctl: Security bypass
Background vzctl is a set of control tools for the OpenVZ server virtualization solution. Description It was discovered that vzctl determined the virtual environment VE layout based on the presence of root.hdd/DiskDescriptor.xml in the VE private directory. This allows local simfs container CT ro...
MS14-057: Description of the security update for the .NET Framework 2.0 SP2 for Windows Vista SP2 and Windows Server 2008 SP2: October 14, 2014
MS14-057: Description of the security update for the .NET Framework 2.0 SP2 for Windows Vista SP2 and Windows Server 2008 SP2: October 14, 2014 View products that this article applies to. Introduction This security update resolves vulnerabilities that could allow remote code execution if an...
GENEXIS devices with DRGOS remote code execution vulnerability
GENEXIS devices with DRGOS is an operating system for use in home network gateways from the Dutch company GENEXIS. A security vulnerability exists in the Parental control panel in GENEXIS devices with DRGOS versions prior to 1.14.1. A remote attacker can exploit the vulnerability with the help of...
XAMPP Control Panel Denial Of Service Exploit
XAMPP Control Panel suffers from a denial of service vulnerability. + Credits: John Page hyp3rlinx Vendor: ===================== www.apachefriends.org Product: =================== XAMPP Control Panel XAMPP is a free and open source cross-platform web server solution stack package developed by...
XAMPP Control Panel - Denial Of Service
XAMPP Control Panel - Denial Of Service ''' + Credits: John Page hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/XAMPP-CONTROL-PANEL-MEMORY-CORRUPTION-DOS.txt + ISR: ApparitionSec Vendor: ===================== www.apachefriends.org Product:...
XAMPP Control Panel - Denial Of Service
''' + Credits: John Page hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/XAMPP-CONTROL-PANEL-MEMORY-CORRUPTION-DOS.txt + ISR: ApparitionSec Vendor: ===================== www.apachefriends.org Product: =================== XAMPP Control Panel XAMPP...
XAMPP Control Panel Denial Of Service
Credits: John Page hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/XAMPP-CONTROL-PANEL-MEMORY-CORRUPTION-DOS.txt + ISR: ApparitionSec Vendor: ===================== www.apachefriends.org Product: =================== XAMPP Control Panel XAMPP is a...
Vesta Control Panel 0.9.8-16 Local Privilege Escalation
!/bin/bash Exploit Title: Vesta Control Panel 0.9.7 suid.c PWN Make PWN shell scrip...
Vesta Control Panel 0.9.8-16 - Local Privilege Escalation
Vesta Control Panel 0.9.8-16 - Local Privilege Escalation !/bin/bash Exploit Title: Vesta Control Panel 0.9.7 suid.c PWN Make PWN shell script executable. chmod...
Vesta Control Panel 0.9.8-16 - Local Privilege Escalation
!/bin/bash Exploit Title: Vesta Control Panel 0.9.7 suid.c PWN Make PWN shell script executable. chmod +x PWN Inject command to...
WHMCompleteSolution (WHMCS) Addon VMPanel 2.7.4 - SQL Injection
===================================================== Exploit Title : VMPanel 2.7.4 - SQL Injection Web Vulnerability Author : Esmaeil Rahimian Date Discovered : 2016-12-07 Affected Products: VMPanel v2.7.4 - Content Management System Exploitation Technique: Remote Severity Level: Medium Tested O...
VMPanel 2.7.4 SQL Injection
===================================================== Exploit Title : VMPanel 2.7.4 - SQL Injection Web Vulnerability Author : Esmaeil Rahimian Date Discovered : 2016-12-07 Affected Products: VMPanel v2.7.4 - Content Management System Exploitation Technique: Remote Severity Level: Medium Tested O...
FreePBX 13: From Cross-Site Scripting to Remote Command Execution
RIPS Analysis The total amount of detected vulnerabilities is very high. Luckily, the majority of the detected vulnerabilities are inside the administration control panel, such that attackers either need to steal a valid account first or they have to trick an administrator into visiting a malicio...
OpenGB 1.2.3 Cross Site Scripting Vulnerability
Exploit for php platform in category web applications OpenGB version 1.2.3 Cross Site Scripting XSS Vulnerability ================================================================= Discovered by NA, NAattutanota.com ====================================== Description ============ A simple PHP MySQL...
OpenGB 1.2.3 Cross Site Scripting
OpenGB version 1.2.3 Cross Site Scripting XSS Vulnerability ================================================================= Discovered by NA, NAattutanota.com ====================================== Description ============ A simple PHP MySQL website guestbook, user friendly and easily...
HP ThinPro Local Elevation of Privilege Vulnerability
HP ThinPro is a thin client device from Hewlett-Packard HP in the United States. A security vulnerability exists in the Keyboard Layout Control Panel and Virtual Keyboard application on the HP ThinPro operating system. An attacker could exploit the vulnerability to locally gain unauthorized acces...
Flash Operator Panel 2.31.03 - Multiple Web Vulnerabilities
Document Title: =============== Flash Operator Panel 2.31.03 - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1906 Release Date: ============= 2016-10-21 Vulnerability Laboratory ID VL-ID: ===================================...
KLA10883 OSI vulnerability in Microsoft Products
An information disclosure vulnerability was found in Microsoft Products. Malicious users can exploit this vulnerability to obtain sensitive information. Original advisories CVE-2016-3209 Exploitation Malware exists for this vulnerability. Usually such malware is classified as Exploit. More detail...
KLA10908 Obsolete Adobe Flash Player for Windows
Microsoft released update to address vulnerabilities in Flash Player for Internet Explorer & Edge. For details look at KLA10868. Technical details To mitigate this vulnerability you can implement some of workarounds listed in original Microsoft advisory: don’t click a link in an email message or...