6827 matches found
IceWarp Universal WebMail - mailinclude.html Crafted HTTP_USER_AGENT Arbitrary File Access
IceWarp Universal WebMail - mailinclude.html Crafted HTTPUSERAGENT Arbitrary File Access source: https://www.securityfocus.com/bid/16069/info IceWarp Universal WebMail is prone to multiple input-validation vulnerabilities. Deerfield VisNetic Mail Server and Merak Mail Server integrate IceWarp...
IceWarp Universal WebMail - '/mail/include.html' Crafted HTTP_USER_AGENT Arbitrary File Access
source: https://www.securityfocus.com/bid/16069/info IceWarp Universal WebMail is prone to multiple input-validation vulnerabilities. Deerfield VisNetic Mail Server and Merak Mail Server integrate IceWarp Universal WebMail into their suites. An attacker can exploit these issues to include arbitra...
IceWarp Universal WebMail - '/mail/settings.html?Language' Local File Inclusion
source: https://www.securityfocus.com/bid/16069/info IceWarp Universal WebMail is prone to multiple input-validation vulnerabilities. Deerfield VisNetic Mail Server and Merak Mail Server integrate IceWarp Universal WebMail into their suites. An attacker can exploit these issues to include arbitra...
IceWarp Universal WebMail - '/dir/include.html?lang' Local File Inclusion
source: https://www.securityfocus.com/bid/16069/info IceWarp Universal WebMail is prone to multiple input-validation vulnerabilities. Deerfield VisNetic Mail Server and Merak Mail Server integrate IceWarp Universal WebMail into their suites. An attacker can exploit these issues to include arbitra...
[SA17553] Cisco ISAKMP IKE Message Processing Denial of Service
TITLE: Cisco ISAKMP IKE Message Processing Denial of Service SECUNIA ADVISORY ID: SA17553 VERIFY ADVISORY: http://secunia.com/advisories/17553/ CRITICAL: Moderately critical IMPACT: DoS WHERE: From remote OPERATING SYSTEM: Cisco SAN-OS 1.x MDS 9000 Switches http://secunia.com/product/3214/ Cisco...
Invision Power Board 2.1 : Multiple XSS Vulnerabilities
Fast translation of benji's advisory Author : benjilenoob WebSite : http://benji.redkod.org/ and http://www.redkod.org/ Audit in pdf : http://benji.redkod.org/audits/ipb.2.1.pdf Product : Invision power board Version : 2.1 Tisk : Low. XSS I- XSS non critical: -------------------- 1. Input passed ...
ipb.2.1-english.txt
Fast translation of benji's advisory Author : benjilenoob WebSite : http://benji.redkod.org/ and http://www.redkod.org/ Audit in pdf : http://benji.redkod.org/audits/ipb.2.1.pdf Product : Invision power board Version : 2.1 Tisk : Low. XSS I- XSS non critical: -------------------- 1. Input passed ...
osTicket Backdoored
There is a vulnerability in the current version of osTicket that allows an attacker to upload an PHP script, and then access it causing it to execute. This attack is being actively exploited by attackers to take over servers. This script tries to detect infected servers. OpenVAS Vulnerability Tes...
DeskNow Mail and Collaboration Server Directory Traversal Vulnerabilities
A directory traversal vulnerability was found in DeskNow webmail file attachment upload feature that may be exploited to upload files to arbitrary locations on the server. A second directory traversal vulnerability exists in the document repository file delete feature. SPDX-FileCopyrightText: 200...
osTicket Backdoored - Active Check
There is a vulnerability in the current version of osTicket that allows an attacker to upload an PHP script, and then access it causing it to execute. This script tries to detect infected servers. Copyright C 2004 Noam Rathaus Some text descriptions might be excerpted from a referenced sources, a...
[SECURITY] [DSA 857-1] New graphviz packages fix insecure temporary file
-------------------------------------------------------------------------- Debian Security Advisory DSA 857-1 [email protected] http://www.debian.org/security/ Martin Schulze October 10th, 2005 http://www.debian.org/security/faq -...
Firefox < 1.0.7 Multiple Vulnerabilities
The remote host is using Firefox, an alternative web browser. The installed version of Firefox contains various security issues, several of which are critical as they can be easily exploited to execute arbitrary shell code on the remote host. C Tenable Network Security, Inc. include"compat.inc"; ...
[SA16398] PHP Designer 2005 NULL Character File Display Weakness
---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secuniavacancies/...
Oracle Reports Server 6.0.8/9.0.x - Unauthorized Report Execution
source: https://www.securityfocus.com/bid/14316/info Oracle Reports Server is susceptible to an unauthorized report execution vulnerability. By placing a report file in a globally accessible location, users can trigger the execution of the report by issuing an HTTP GET request to the affected...
[SA15852] XML-RPC for PHP Unspecified PHP Code Execution Vulnerability
---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secuniavacancies/...
[SA15536] PeerCast URL Format String Vulnerability
---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secuniavacancies/...
HP-UX PHSS_32690 : HP OpenView Network Node Manager (OV NNM), Remote Unauthorized Privileged Code Execution, Denial of Service (DoS) (HPSBMA01140 SSRT4795, SSRT4797, SSRT4864 rev.2)
s700800 11.X OV NNM6.2 Patch for Jan-05 : Potential vulnerabilities have been identified with OpenView Network Node Manager OV NNM. These vulnerabilities could be exploited remotely by an unauthorized user to execute privileged code or to cause a Denial of ServiceDoS. %NASLMINLEVEL 70300 C Tenabl...
[SA15360] Kerio MailServer Two Denial of Service Vulnerabilities
---------------------------------------------------------------------- Want a new IT Security job? Vacant positions at Secunia: http://secunia.com/secuniavacancies/ ---------------------------------------------------------------------- TITLE: Kerio MailServer Two Denial of Service Vulnerabilities...
[SA14981] Sun Solaris Network Port Hijacking Vulnerability
---------------------------------------------------------------------- Want a new IT Security job? Vacant positions at Secunia: http://secunia.com/secuniavacancies/ ---------------------------------------------------------------------- TITLE: Sun Solaris Network Port Hijacking Vulnerability SECUN...
vortex.txt
Vortex Portal Multiples Bugs Vendor: http://www.VortexPortal.net Contact: Brian Price Email: [email protected] I. Remote File Inclusion: content.php -- ... if !isset$act requireonce"main.php"; else requireonce"$act.php"; ... ? index.php -- ... requireonce$rootdir."/content.php"; ... Exploits...