Ninja Blog 4.8 Information Disclosure

Vendor: http://ninjadesigns.co.uk Versions: Ninja Blog 4.8 May also affect earlier versions Credit: Danny Moules Critical: Yes See PUSH 55 Advisory at http://www.push55.co.uk/index.php?s=ad&id=6 ---- Due to insufficient validation of client-side data, we can alter the path of files to be read to ...

Ubuntu: Security Advisory (USN-700-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ninja Blog 4.8 Remote Information Disclosure Vulnerability

No description provided by source. Vendor: http://ninjadesigns.co.uk Versions: Ninja Blog 4.8 May also affect earlier versions Credit: Danny Moules Critical: Yes See PUSH 55 Advisory at http://www.push55.co.uk/index.php?s=ad&id=6 ---- Due to insufficient validation of client-side data, we can alt...

Ninja Blog 4.8 Remote Information Disclosure Vulnerability

Exploit for unknown platform in category web applications ========================================================== Ninja Blog 4.8 Remote Information Disclosure Vulnerability ========================================================== Vendor: http://ninjadesigns.co.uk Versions: Ninja Blog 4.8 May...

Ninja Blog 4.8 - Remote Information Disclosure

Ninja Blog 4.8 - Remote Information Disclosure Vendor: http://ninjadesigns.co.uk Versions: Ninja Blog 4.8 May also affect earlier versions Credit: Danny Moules Critical: Yes See PUSH 55 Advisory at http://www.push55.co.uk/index.php?s=ad&id=6 ---- Due to insufficient validation of client-side data...

USN-700-2: Perl regression

USN-700-1 fixed vulnerabilities in Perl. Due to problems with the Ubuntu 8.04 build, some Perl .ph files were missing from the resulting update. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Jonathan Smith discovered that the Archive::Tar Perl modul...

DMXReady SDK 1.1 File Download

Title : DMXReady SDK = 1.1 Remote File Download Vulnerability Author : ajann Contact : : S.Page : http://www.dmxready.com/productdetails.asp?mid=5&incid=11&ItemID=178 $$ : 389.97 $ Stop Attack ABD and ISRAEL !...

Simple Machines Forum - Destroyer 0.1

Exploit for unknown platform in category web applications ===================================== Simple Machines Forum - Destroyer 0.1 ===================================== !/usr/bin/perl use LWP::UserAgent; use Getopt::Std; use LWP::Simple; use HTTP::Request; Author: Xianur0 Uxmal666atgmail.com...

Simple Machines Forum (SMF) 1.0.13/1.1.5 - 'Destroyer 0.1' Password Reset Security Bypass

!/usr/bin/perl use LWP::UserAgent; use Getopt::Std; use LWP::Simple; use HTTP::Request; Author: Xianur0 Uxmal666atgmail.com Cracks links Password Recovery Find Temporary Files executed by mods DB function Flood by Error Log File Path Disclosure List installed Mods Useful To Find Mods Vulnerable...

FreeBSD Ports: p5-File-Path

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

FreeBSD Ports: p5-File-Path

The remote host is missing an update to the system as announced in the referenced advisory. VID 13b0c8c8-bee0-11dd-a708-001fc66e7203 OpenVAS Vulnerability Test $ Description: Auto generated from VID 13b0c8c8-bee0-11dd-a708-001fc66e7203 Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...

PHPAuctionSystem - Multiple Remote File Inclusions

PHPAuctionSystem - Multiple Remote File Inclusions »=======================================================================================================-X » » » PHPAuctionSystem Multiple Remote File Inclusion Vulnerability » » » » ======= ------d-------m------ ==== ==== » » || = | |o...

FreeBSD : p5-File-Path -- rmtree allows creation of setuid files (13b0c8c8-bee0-11dd-a708-001fc66e7203)

Jan Lieskovsky reports : perl-File-Path rmtree race condition CVE-2005-0448 was assigned to address this This vulnerability was fixed in 5.8.4-7 but re-introduced in 5.8.8-1. It's also present in File::Path 2.xx, up to and including 2.07 which has only a partial fix. %NASLMINLEVEL 70300 C Tenable...

Debian Security Advisory DSA 1678-2 (perl)

The remote host is missing an update to perl announced via advisory DSA 1678-2. OpenVAS Vulnerability Test $Id: deb16782.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1678-2 perl Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

HZHOST域名虚拟主机管理系统sql注射漏洞

是在线开通ftp.sql.web的一个管理系统。一套web程序。和IIS管理程序。实现在线开通. 存在文本框的注射。 HZHOST域名虚拟主机管理系统 暂无 123' UPDATE memlst SET upss='e10adc3949ba59abbe56e057f20f883e' WHERE unme='admin'-- 123' and select top 1 isnullcastunme as nvarchar4000,char32+char94+isnullcastUpss as nvarchar4000,char32 from select top 2unme,Upss fr...

[SECURITY] [DSA 1678-2] New perl packages fix regression

------------------------------------------------------------------------ Debian Security Advisory DSA-1678-2 [email protected] http://www.debian.org/security/ Florian Weimer December 21, 2008 http://www.debian.org/security/faq -...

Debian DSA-1678-1 : perl - design flaws

Paul Szabo rediscovered a vulnerability in the File::Path::rmtree function of Perl. It was possible to exploit a race condition to create setuid binaries in a directory tree or remove arbitrary files when a process is deleting this tree. This issue was originally known as CVE-2005-0448 and...

[SECURITY] [DSA 1678-1] New perl packages fix privilege escalation

------------------------------------------------------------------------ Debian Security Advisory DSA-1678-1 [email protected] http://www.debian.org/security/ Steffen Joeris December 03, 2008 http://www.debian.org/security/faq -...

CVE-2008-5302

Race condition in the rmtree function in File::Path 1.08 and 2.07 lib/File/Path.pm in Perl 5.8.8 and 5.10.0 allows local users to create arbitrary setuid binaries via a symlink attack, a different vulnerability than CVE-2005-0448, CVE-2004-0452, and CVE-2008-2827. NOTE: this is a regression error...

CVE-2008-5302

Race condition in the rmtree function in File::Path 1.08 and 2.07 lib/File/Path.pm in Perl 5.8.8 and 5.10.0 allows local users to create arbitrary setuid binaries via a symlink attack, a different vulnerability than CVE-2005-0448, CVE-2004-0452, and CVE-2008-2827. NOTE: this is a regression error...