Pligg CMS 1.1.3 - Multiple Vulnerabilities

Pligg CMS 1.1.3 - Multiple Vulnerabilities Exploit title: Pligg CMS file existence exploration/shared hosting privilege escalation H.ackAck.net Found by: Jelmer de Hen 15/03/2011 I released some Pligg exploits: http://h.ackack.net/the-pligg-cms-0dayset-1.html 22/03/2011 a patch became evailable;...

Pligg CMS 1.1.3 - Multiple Vulnerabilities

Exploit title: Pligg CMS file existence exploration/shared hosting privilege escalation H.ackAck.net Found by: Jelmer de Hen 15/03/2011 I released some Pligg exploits: http://h.ackack.net/the-pligg-cms-0dayset-1.html 22/03/2011 a patch became evailable; patching took 7 days:...

udf. dll in the php mention the right of the specific application-vulnerability warning-the black bar safety net

A, function: using MYSQL custom function-again statement: the use of MYSQL UDFS providing the right to not be overflow, but MYSQL itself a function of the MYSQL account into the system with system privileges. Second, applicable occasions: 1. The target system is a WindowsWin2000,XP,Win2003; 2.the...

Jorp 1.3.05.09 Remote Arbitrary Remove Projects/Tasks Vulnerabilities

Exploit for unknown platform in category web applications ===================================================================== Jorp 1.3.05.09 Remote Arbitrary Remove Projects/Tasks Vulnerabilities =====================================================================...

Mandriva Update for postgresql MDKSA-2007:188 (postgresql)

Check for the Version of postgresql OpenVAS Vulnerability Test Mandriva Update for postgresql MDKSA-2007:188 postgresql Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modif...

DEBIAN-CVE-2006-0147

Dynamic code evaluation vulnerability in tests/tmssql.php test script in ADOdb for PHP before 4.70, as used in multiple products including 1 Mantis, 2 PostNuke, 3 Moodle, 4 Cacti, 5 Xaraya, 6 PhpOpenChat, possibly 7 MAXdev MD-Pro, and 8 Simplog, allows remote attackers to execute arbitrary PHP...

CVE-2005-3405

ATutor 1.4.1 through 1.5.1-pl1 allows remote attackers to execute arbitrary PHP functions via a direct request to forum.inc.php with a modified addslashes parameter with either the 1 asc or 2 desc parameters set, possibly due to an eval injection vulnerability...

[SCSA-006] XSS & Function Execution Vulnerabilities in Nuked-Klan

Security Corporation Security Advisory SCSA-006 PROGRAM: Nuked-Klan HOMEPAGE: http://www.nuked-klan.org VULNERABLE VERSIONS: beta 1.3 DESCRIPTION Nuked Klan is a PHP Gateway for "clans". direct quote from Nuked Klan website DETAILS & EXPLOITS Many Cross-Site Scripting vulnerabilities have been...

Borland/Inprise Interbase 4.0/5.0/6.0 - Backdoor Password

source: https://www.securityfocus.com/bid/2192/info Interbase is an open source relational database offered by Borland Inprise Corporation. Interbase contains a backdoor user account and password called "LOCKSMITH". When accessed this account will eliminate all implemented security allowing full...

Дырка в Excel 2000

С помощью функции REGISTER.ID можно выполнить любую функцию любой динамической библиотеки...