Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Exponent CMS 0.96.6 Alpha and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 url parameter to a magpiedebug.php and b magpiesimple.php in external/magpierss/scripts/, the 2 rssurl parameter to c magpieslashbox.p...

Foxit Reader 2.0 (PDF) Remote Denial of Service Exploit

Exploit for unknown platform in category dos / poc ======================================================= Foxit Reader 2.0 PDF Remote Denial of Service Exploit ======================================================= / Created Friday, April 20 2007 Moderator of http://igniteds.net Foxit Reader 2....

Foxit Reader 2.0 - PDF Remote Denial of Service

Foxit Reader 2.0 - PDF Remote Denial of Service / Created Friday, April 20 2007 Moderator of http://igniteds.net Foxit Reader 2.0 for Windows Remote dos exploit created by n00b Foxit pdf viewer is prone to a dos exploit by opening a malformed pdf document it is possible to crash foxit reader whic...

CVE-2007-1964

member.php in MyBB aka MyBulletinBoard, when debug mode is available, allows remote authenticated users to change the password of any account by providing the account's registered e-mail address in a debug request for a dolostpw action, which prints the change password verification code in the...

CVE-2007-1964

member.php in MyBB aka MyBulletinBoard, when debug mode is available, allows remote authenticated users to change the password of any account by providing the account's registered e-mail address in a debug request for a dolostpw action, which prints the change password verification code in the...

CVE-2007-1964

member.php in MyBB aka MyBulletinBoard, when debug mode is available, allows remote authenticated users to change the password of any account by providing the account's registered e-mail address in a debug request for a dolostpw action, which prints the change password verification code in the...

CVE-2007-1964

The CVE-2007-1964 issue affects MyBB (MyBulletinBoard) via member.php. When debug mode is enabled, remote authenticated users can change any account’s password by sending a do_lostpw request with the target’s registered email, and the debug output prints the change-password verification code. Acc...

mybb-exec.txt

!/usr/bin/php escapestring. They don't corrected the function this is a choice ... the bad and they forgot to correct 1 only SQL request. They must correct the problem at the source = if$argc URL: http://www.acid-root.new.fr/ -----------------------------------------------------------------------...

Mybb Change Password Vulnerability

Hello,, Mybb Change Password Vulnerability Discovered By : HACKERS PAL Copy rights : HACKERS PAL Website : http://www.soqor.net Email Address : [email protected] If You Can Use the debug mode you will be able to change the password for and user by knowing the registered email address Enter the...

DEBIAN-CVE-2007-1444

netserver in netperf 2.4.3 allows local users to overwrite arbitrary files via a symlink attack on /tmp/netperf.debug...

NukeSentinel <= 2.5.06 (mysql >= 4.0.24) Remote SQL Injection Exploit

No description provided by source. !/usr/bin/php = 4.0.24 Exploit --- ----------------------------------------------------------------------- PHP conditions: none CMS conditions: disableswitch URL: http://www.acid-root.new.fr/ ----------------------------------------------------------------------...

Linux CAPI library buffer overflow

Buffer overflow in debug printing function...

Samba winbindd Debug Log Server Credentials Local Disclosure

According to its version number, the remote Samba server is affected by a flaw that may allow a local attacker to get access to the passwords sent to the winbindd daemon if the debug level has been set to 5 or higher. C Tenable Network Security, Inc. include"compat.inc"; if description...

Fedora Core 6 : kernel-2.6.19-1.2895.fc6 (2007-058)

This is a large rebase to the latest upstream stable kernel 2.6.19.2 Complete changelogs available at www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.19 www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.19.1 www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.19.2 This update also introduces...

Berlios GPSD 2.7 - Remote Format String (Metasploit)

package Msf::Exploit::gpsdformatstring; use base "Msf::Exploit"; use strict; use Pex::Text; use IO::Socket; my $advanced = ; my $info = 'Name' = 'Berlios GPSD Format String Vulnerability', 'Version' = '$ 1.0 $', 'Authors' = 'Enseirb ', , 'Arch' = 'x86' , 'OS' = 'linux' , 'Priv' = 1, 'UserOpts' =...

GNU InetUtils ftpd 1.4.2 - &#039;ld.so.preload&#039; Remote Code Execution

FTP server GNU inetutils 1.4.2 Remote Root Exploit This program remotely exploits the most recent versions of GNU inetutils ftpd on linux systems. Requirements: 1. There MUST be a chroot'ed environment for the logged in user 2. Directory etc must be writeable by the logged in user duh! The exploi...

Hacking tricks of using pictures do Trojan applications completely resolution-vulnerability warning-the black bar safety net

What is a BMP web page Trojan. It and last long with the stink of a MIME header vulnerability of Trojans different, MIME Trojans is to put an EXE file with a MIME-encoded as an EMLOUT LOOK mailthe file, put it on a web page using IE and OE coding vulnerability to automatically download and execut...

IBM AIX Debug Malloc工具本地溢出漏洞

IBM AIX是一款商业性质的UNIX操作系统。 IBM AIX的debug malloc工具中存在堆溢出漏洞，本地攻击者可能利用此漏洞提升自己的权限。 如果本地攻击者使用debug malloc工具调试可执行程序的话，就可能以超级用户权限执行任意代码。 IBM AIX 5.3L IBM AIX 5.3 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： ftp://aix.software.ibm.com/aix/efixes/security/dbgmallocifix.tar.Z...

IBM AIX chcons命令本地溢出漏洞

IBM AIX是一款商业性质的UNIX操作系统。 IBM AIX chcons命令中存在本地溢出漏洞，成功利用这个漏洞的攻击者可以以当前用户的权限执行任意代码。 如果启用了DEBUG MALLOC的话，则攻击者可以通过发送超长的输入参数导致chcon发生核心转储（coredump）。 IBM AIX 5.3L IBM AIX 5.3 IBM AIX 5.2L IBM AIX 5.2 IBM AIX 5.1L IBM AIX 5.1 目前厂商还没有提供补丁或者升级程序，我们建议使用此软件的用户随时关注厂商的主页以获取最新版本： http://www.ers.ibm.com/...

debug217_php.txt

INSERT INTO \w?regantispam \regid,regcode,ipaddress,ctime\ VALUES\'\w32?',\d?,/', $page, $regs $prefix = $regs1; $regid = $regs2; $regcode = $regs3; else $suffix = "&debug=1"; $curl = curlinit$site.'act=Reg&CODE=10'.$suffix; curlsetopt$curl, CURLOPTPROXY, $proxy; curlsetopt$curl,...