Web Slider 0.6 (path) Remote File Inclusion Vulnerabilities

No description provided by source. Web Slider 0.6pathRemote File Inclusion Vulnerabilities D.Script: http://sourceforge.net/projects/webslider/ Discovered by: GolDM = Mahmoodali Homepage: http://Www.Tryag.Com/cc Exploit:Path/index.php?path=Shell Exploit:Path/modules/pdf.php?path=Shell...

Joomla/Mambo Component SWmenuFree 4.0 RFI Vulnerability

No description provided by source. MAMBO Modules SWmenu 4.0 ImageManager.php Remote File Include Vulnerabilities script : http://mamboxchange.com/frs/download.php/8109/comswmenufree4.0.zip file : /ImageManager/Classes/ImageManager.php Dork : index.php?option=comswmenupro Found by & Contact : Cold...

Active PHP Bookmark Notes <= 0.2.5 Remote File Inclusion Exploit

No description provided by source. !/usr/bin/perl Active PHP Bookmark Notes 0.2.5 = Remote File Inclusion Exploit Download S: http://sourceforge.net/projects/apbn/ Discovered & Coded by: GloDM = Mahmoodali perl GloD.pl target cmd shell location cmd shell variable cmd shell example:...

RRDBrowse <= 1.6 Remote Arbitrary File Disclosure Vulnerability

No description provided by source. I - TITLE Security advisory: Arbitrary file disclosure vulnerability in rrdbrowse II - SUMMARY Description: Arbitrary file disclosure vulnerability in rrdbrowse = 1.6 Author: Sebastian Wolfgarten sebastian at wolfgarten dot com, http://www.devtarget.org Date:...

CVE-2007-1226

McAfee VirusScan for Mac Virex before 7.7 patch 1 has weak permissions 0666 for /Library/Application Support/Virex/VShieldExclude.txt, which allows local users to reconfigure Virex to skip scanning of arbitrary files...

[Full-disclosure] Arbitrary file disclosure vulnerability in php rrd browser < 0.2.1 (prb)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I - TITLE Security advisory: Arbitrary file disclosure vulnerability in php rrd browser prb II - SUMMARY Description: Arbitrary file disclosure vulnerability in php rrd browser 0.2.1 Author: Sebastian Wolfgarten sebastian at wolfgarten dot com,...

IP3 NetAccess < 4.1.9.6 Remote Arbitrary File Disclosure Vulnerability

Exploit for hardware platform in category remote exploits ====================================================================== IP3 NetAccess 4.1.9.6 Remote Arbitrary File Disclosure Vulnerability ====================================================================== I - TITLE Security advisory:...

VisoHotlink &quot;mosConfig_absolute_path&quot;远程文件包含漏洞

VisoHotlink是一款基于PHP的WEB应用程序。 VisoHotlink不正确过滤用户提交的输入，远程攻击者可以利用漏洞以WEB权限执行任意命令。 问题是'includes/functions.visohotlink.php'脚本对用户提交的'"mosConfigabsolutepath"'参数缺少过滤，指定远程服务器上的文件作为包含参数，可导致以WEB权限执行任意命令。 VisoHotlink 1.x 目前没有解决方案提供： http://www.easy-script.com/compt.php?id=3312 !/usr/bin/perl VisoHotlink 1.0...

CVE-2007-0468

Stack-based buffer overflow in rcdll.dll in msdev.exe in Visual C++ MSVC in Microsoft Visual Studio 6.0 SP6 allows user-assisted remote attackers to execute arbitrary code via a long file path in the "1 TYPELIB MOVEABLE PURE" option in an RC file...

CVE-2007-0468

Stack-based buffer overflow in rcdll.dll in msdev.exe in Visual C++ MSVC in Microsoft Visual Studio 6.0 SP6 allows user-assisted remote attackers to execute arbitrary code via a long file path in the "1 TYPELIB MOVEABLE PURE" option in an RC file...

mssploit.txt

Advisory: //////////// Microsoft Visual C++ 6.0 is prone to stack based memory corruption vulnerability during processing .RC resource files, caused by the lack of input data boundary check. Vulnerable software: //////////////////// Microsoft Visual Studio 6.0 SP6 Impact: /////// Remote code...

Microsoft Visual C++ &#40;.RC&#41; resource files buffer overflow vulnerability

Advisory: //////////// Microsoft Visual C++ 6.0 is prone to stack based memory corruption vulnerability during processing .RC resource files, caused by the lack of input data boundary check. Vulnerable software: //////////////////// Microsoft Visual Studio 6.0 SP6 Impact: /////// Remote code...

Microsoft Visual C++ (.RC)资源文件远程栈溢出漏洞

Microsoft Visual C++是基于Windows平台的C++编译器。 Microsoft Visual C++资源编译器RCDLL.DLL模块的MSDEV.EXE进程在处理.rc资源文件时存在栈溢出漏洞，远程攻击者可能利用此漏洞通过诱骗用户打开恶意资源文件来控制用户机器。 在处理类似于以下的文件名字段时： 1 TYPELIB MOVEABLE PURE "FilePath01"...

MXBB Meeting Module Module_Root_Path远程文件包含漏洞

mxBB Meeting Module是一款基于PHP的WEB应用程序。 mxBB Meeting Module不正确过滤用户提交的URI数据，远程攻击者可以利用漏洞以WEB进程权限执行任意命令。 问题是由于'meetingconstants.php'脚本对用户提交的'modulerootpath'参数缺少过滤，提交恶意的远程服务器作为包含对象，可导致以WEB进程权限执行任意PHP代码 mxBB Meeting Module 1.1.2 目前没有详细解决方案提供： http://www.mx-system.com/index.php?page=4&action=file&fileid=1...

MXBB Charts Module Module_Root_Path远程文件包含漏洞

mxBB Charts Module是一款基于PHP的WEB应用程序。 mxBB Charts Module不正确过滤用户提交的URI数据，远程攻击者可以利用漏洞以WEB进程权限执行任意命令。 问题是由于'chartsconstants.php'脚本对用户提交的'modulerootpath'参数缺少过滤，提交恶意的远程服务器作为包含对象，可导致以WEB进程权限执行任意PHP代码。 mxBB Charts Module 1.0 目前没有详细解决方案提供： http://www.mx-system.com/...

BlazeVideo HDTV Player 2.1 - &#039;.PLF&#039; Local Buffer Overflow

/ ======================================================================== 0-day BlazeVideo HDTV Player 30 days of Media Player Exploits by Greg Linares Discovered and Reported By: Greg Linares [email protected] Reported Exploit Date: 12/1/2006 / include include include int mainint argc, ch...

CVE-2006-5617

Directory traversal vulnerability in index.php in Thepeak File Upload Manager 1.3 allows remote attackers to read or download arbitrary files via a base64-encoded file path containing a .. dot dot sequence in the file parameter...

UeberProject &lt;= 1.0 (login/secure.php) Remote File Include Vulnerability

No description provided by source. -=-=-=-=-=-=-=-=-=-=-=-=-=-=-= -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Uber Project Document Management System secure.php Remote File Include Vulnerability...

OpenDock FullCore 4.4 - Remote File Inclusion

OpenDock FullCore 4.4 - Remote File Inclusion --------------------------------------------------------------------------------- OpenDock FullCore = v4.4 Remote File Include Vulnerabilities --------------------------------------------------------------------------------- Author : Matdhule Contact ...

CVE-2006-5178

Race condition in the symlink function in PHP 5.1.6 and earlier allows local users to bypass the openbasedir restriction by using a combination of symlink, mkdir, and unlink functions to change the file path after the openbasedir check and before the file is opened by the underlying system, as...