T-HTB Manager 0.5 Multiple Blind SQL Injection Vulnerabilities

Exploit for unknown platform in category web applications ============================================================== T-HTB Manager 0.5 Multiple Blind SQL Injection Vulnerabilities ============================================================== Salvatore "drosophila" Fresta + Application: T-HTB...

T-HTB Manager 0.5 - Multiple Blind SQL Injections

Salvatore "drosophila" Fresta + Application: T-HTB Manager + Version: 0.5 + Website: http://sourceforge.net/apps/mediawiki/t-htbmanager/index.php?title=MainPage + Bugs: A Multiple Blind SQL Injection + Exploitation: Remote + Date: 10 Sep 2009 + Discovered by: Salvatore Fresta aka drosophila +...

All PEAR Mail functions contain an arbitrary file write vulnerability-vulnerability warning-the black bar safety net

出现 问题 的 地方 位于 Sendmail.php ...... if ! isset$from return PEAR::raiseError'No from address given.'; elseif strpos$from, ' ' !== false || strpos$from, ';' !== false || strpos$from, '&' !== false || strpos$from, "' !== false return PEAR::raiseError'From address specified with dangerous characters.';...

McAfee 3.6.0.608 Active-X Data Write

GOODFELLAS Security Research TEAM http://goodfellas.shellcode.com.ar Greetings to str0ke McAfee, Inc. 3.6.0.608 Policy Manager naPolicyManager.dll Arbitrary Data Write ============================================================================== Internal ID: VULWAR20090616. -----------...

php pear mail package arbitrary file write vulnerability-vulnerability warning-the black bar safety net

Vulnerability description: the PEAR is PHP's official open-source Class Library, PHP Extension and Application Repository abbreviations. PEAR the PHP application development process commonly used in the function written as a class library, the cover page was surface, database access, file...

CVE-2008-5625

PHP 5 before 5.2.7 does not enforce the errorlog safemode restrictions when safemode is enabled through a phpadminflag setting in httpd.conf, which allows context-dependent attackers to write to arbitrary files by placing a "phpvalue errorlog" entry in a .htaccess file...

CVE-2008-5625

PHP 5 before 5.2.7 is affected by CVE-2008-5625: when safe_mode is enabled via php_admin_flag in httpd.conf, error_log restrictions are not enforced, allowing context-dependent attackers to write to arbitrary files by placing a php_value error_log entry in .htaccess. The vulnerability arises from...

kernel: open() call allows setgid bit when user is not in new file's group

fs/open.c in the Linux kernel before 2.6.22 does not properly strip setuid and setgid bits when there is a write to a file, which allows local users to gain the privileges of a different group, and obtain sensitive information or possibly have unspecified other impact, by creating an executable...

MemHT Portal 4.0.1 SQL Injection Code Execution Exploit

No description provided by source. !/usr/bin/perl =about MemHT 4.0.1 Perl exploit AUTHOR discovered & written by Ams ax330d doggy gmail dot com VULN. DESCRIPTION: Due to weak params filtering we are able to make SQL-Injection. So, 1. Look at 'inc/ajax/ajaxrating.php', line 29. It is not enough to...

MemHT Portal 4.0.1 SQL Injection Code Execution Exploit

Exploit for unknown platform in category web applications ======================================================= MemHT Portal 4.0.1 SQL Injection Code Execution Exploit ======================================================= !/usr/bin/perl =about MemHT 4.0.1 Perl exploit AUTHOR discovered &...

MemHT Portal <= 4.0 Remote Code Execution Exploit

No description provided by source. !/usr/bin/perl =about MemHT Portal = 4.0 Perl exploit AUTHOR: Discovered and written by Ams ax330d doggy gmail dot com DESCRIPTION: Here we are able to make SQL-injection due to weak filtering. So, look at inc/incheader.php lines 74, where hides code $checktitle...

hooked_on_fanucs.rb.txt

$Id: hookedonfanucs.rb This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/projects/Framework/ msfcli...

U-Mail Webmail 4.91 (edit.php) Arbitrary File Write Vulnerability

No description provided by source. U-Mail Webmail Arbitrary File Write Vulnerability ================================================== Vulnerable: U-Mail 4.91 Vendors: www.comingchina.com Category: Input Validation Error Impact: An attacker can write arbitrary data to new files. Author: Shennan...

U-Mail Webmail 'edit.php' Arbitrary File Write Vulnerability

U-Mail Webmail Arbitrary File Write Vulnerability ================================================== Vulnerable: U-Mail 4.91 Vendors: www.comingchina.com Category: Input Validation Error Impact: An attacker can write arbitrary data to new files. Author: Shennan Wang Date: 2008-10-30 Web:...

umail-filewrite.txt

U-Mail Webmail Arbitrary File Write Vulnerability ================================================== Vulnerable: U-Mail 4.91 Vendors: www.comingchina.com Category: Input Validation Error Impact: An attacker can write arbitrary data to new files. Author: Shennan Wang Date: 2008-10-30 Web:...

U-Mail Webmail 4.91 - 'edit.php' Arbitrary File Write

U-Mail Webmail Arbitrary File Write Vulnerability ================================================== Vulnerable: U-Mail 4.91 Vendors: www.comingchina.com Category: Input Validation Error Impact: An attacker can write arbitrary data to new files. Author: Shennan Wang Date: 2008-10-30 Web:...

CVE-2008-4210

fs/open.c in the Linux kernel before 2.6.22 does not properly strip setuid and setgid bits when there is a write to a file, which allows local users to gain the privileges of a different group, and obtain sensitive information or possibly have unspecified other impact, by creating an executable...

CVE-2008-4210

fs/open.c in the Linux kernel before 2.6.22 does not properly strip setuid and setgid bits when there is a write to a file, which allows local users to gain the privileges of a different group, and obtain sensitive information or possibly have unspecified other impact, by creating an executable...

MemHT Portal 3.9.0 - Remote Create Shell

!/usr/bin/perl MemHT Portal = 3.9.0 Perl exploit discovered & written by Ams ax330d doggy gmail dot com DESCRIPTION: Script /inc/incstatistics.php accepts unfiltered $COOKIE's, $COOKIE'statsres' which later goes to MySQL request. So we are able to make sql injection. This exploit tries to create...

FreeBSD Ports: libxine

The remote host is missing an update to the system as announced in the referenced advisory. VID e50b04e8-9c55-11d8-9366-0020ed76ef5a OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...