6827 matches found
CMS Made Simple 1.6.2 - Local File Disclosure
CMS Made Simple 1.6.2 - Local File Disclosure CMS Made Simple = 1.6.2 Class: LFI Reported: 29/07/2009 Public release: 10/08/2009 Remote: Yes DORK: "This site is powered by CMS Made Simple version 1." Site: http://www.cmsmadesimple.org/ Download:...
openSUSE Security Update : flash-player (flash-player-1148)
Specially crafted Flash SWF files can cause a buffer overflow in flash-player. Attackers could potentially exploit that to execute arbitrary code CVE-2009-1862, CVE-2009-0901, CVE-2009-2395, CVE-2009-2493, CVE-2009-1863, CVE-2009-1864, CVE-2009-1865, CVE-2009-1866, CVE-2009-1867, CVE-2009-1868,...
Design/Logic Flaw
The dnsdbfindrdataset function in db.c in named in ISC BIND 9.4 before 9.4.3-P3, 9.5 before 9.5.1-P3, and 9.6 before 9.6.1-P1, when configured as a master server, allows remote attackers to cause a denial of service assertion failure and daemon exit via an ANY record in the prerequisite section o...
Inside Microsoft's July Security Patch Batch
Microsoft released six security bulletins today — three rated Critical and three rated Important. Two of the issues are being actively exploited on the Internet and four of the issues are client-side vulnerabilities, which means the exploit can only occur if a user visits an evil website or opens...
CVE-2009-2477
creationtimestamp| type| source ---|---|--- 2009-07-13 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/9137 2009-07-20 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/9214 2010-09-20 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/16299 2016-12-18...
Joomla component 'com_category' SQL injection vulnerability
No description provided by source. Joomla component 'comcategory' SQL injection vulnerability dork:inurl:"comcategory" xploited by PrincePwn3r contact: [email protected] +++++++ greetz to all p0wnbox.com members !!! +++++++...
Stack overflow
Stack-based buffer overflow in the CComVariant::ReadFromStream function in the Active Template Library ATL, as used in the MPEG2TuneRequest ActiveX control in msvidctl.dll in DirectShow, in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold...
Messages Library 2.0 Insecure Cookie Handling Vulnerability
Exploit for unknown platform in category web applications =========================================================== Messages Library 2.0 Insecure Cookie Handling Vulnerability =========================================================== Messages Library 2.0 = Arbitrary Database Download...
Messages Library 2.0 Arbitrary Delete Message Vulnerability
Exploit for unknown platform in category web applications =========================================================== Messages Library 2.0 Arbitrary Delete Message Vulnerability =========================================================== !/usr/bin/perl -w Messages Library 2.0 ; $b =...
Messages Library 2.0 - Insecure Cookie Handling
Messages Library 2.0 = Arbitrary Database Download Vulnerability Founded & Exploited by : Stack Bypass with javascript:document.cookie = "SaphpLessonName=admin' or 1=1--; path=/"; javascript:document.cookie = "SaphpLessonPassword=' or 1=1--; path=/"; After Exec http://localhost/sms/admin/backup.p...
Bopup Communications Server (3.2.26.5460) Remote BOF Exploit (SEH)
No description provided by source. !/usr/bin/python Usage : python bopup.py targetip | || | / \ | | | | | | | | | - | | | / / | | |||| || // / |\ || Bug : Bopup Communications Server 3.2.26.5460 Remote BOF Exploit SEH Tested on : Xp sp3 ENVB Refer : mu-b Exploited by : His0k4 Greetings : All...
Evernew Free Joke Script 1.2 - Remote Change Password
Evernew Free Joke Script 1.2 - Remote Change Password Remote Change Password = Bug detail bug in change.php file in line 10 : $result=mysqlquery"update admin set password='$pass'"; ----------------------- = Fix $result=mysqlescapestring"update admin set password='$pass'"; change mysqlquery to...
httpdx 0.8 - FTP Server DeleteGetCreate DirectoriesFiles
httpdx 0.8 - FTP Server DeleteGetCreate DirectoriesFiles / Httpdx Server FTP v0.8 Remote Arbitrary Directories & files Vulnerability ------------------------------------------------------------------------- Arbitrary: ---------- The vulnerability is caused due to an input validation error when...
Design/Logic Flaw
Unspecified vulnerability in the QuickTime Movie Parser Filter in quartz.dll in DirectShow in Microsoft DirectX 7.0 through 9.0c on Windows 2000 SP4, Windows XP SP2 and SP3, and Windows Server 2003 SP2 allows remote attackers to execute arbitrary code via a crafted QuickTime media file, as...
nagios -- Command Injection Vulnerability
Secunia reports: A vulnerability has been reported in Nagios, which can be exploited by malicious users to potentially compromise a vulnerable system. Input passed to the "ping" parameter in statuswml.cgi is not properly sanitised before being used to invoke the ping command. This can be exploite...
CVE-2009-1807
Unspecified vulnerability in Config.dll in Baofeng products 3.09.04.17 and earlier allows remote attackers to execute arbitrary code by calling the SetAttributeValue method, as exploited in the wild in April and May 2009...
CVE-2009-1800
Stack-based buffer overflow in the Chinagames CGAgent ActiveX control 1.x in CGAgent.dll, as distributed in Chinagames iGame 2009, allows remote attackers to execute arbitrary code via a long argument to the CreateChinagames method, as exploited in the wild in April and May 2009. NOTE: some of...
Kensei Board <= 2.0.0b Multiple SQL Injection Vulnerabilities
No description provided by source. Kensei Board = 2.0.0b Multiple Remote SQL Injection Vulnerabilities Bug found && Exploited by cOndemned Greetz: SELECT FROM friends Download Script : http://www.kenseiboard.com/counter/click.php?id=2 --- source of index.php : ... 87. if $incfunction == "showforu...
Kensei Board 2.0.0b SQL Injection
Kensei Board = 2.0.0b Multiple Remote SQL Injection Vulnerabilities Bug found && Exploited by cOndemned Greetz: SELECT FROM friends Download Script : http://www.kenseiboard.com/counter/click.php?id=2 --- source of index.php : ... 87. if $incfunction == "showforum" 88. if $GETt == "" 89...
Kensei Board <= 2.0.0b Multiple SQL Injection Vulnerabilities
Exploit for unknown platform in category web applications ============================================================= Kensei Board = 2.0.0b Multiple SQL Injection Vulnerabilities ============================================================= Kensei Board = 2.0.0b Multiple Remote SQL Injection...