850 matches found
Joomla Component PhotoMap Gallery 1.6.0 Multiple Blind SQL Injection
Exploit for php platform in category web applications ==================================================================== Joomla Component PhotoMap Gallery 1.6.0 Multiple Blind SQL Injection ==================================================================== PhotoMap Gallery 1.6.0 Joomla...
Joomla! Component com_photomapgallery 1.6.0 - Multiple Blind SQL Injections
PhotoMap Gallery 1.6.0 Joomla Component Multiple Blind SQL Injection Name PhotoMap Gallery Vendor http://extensions.joomla.org/extensions/photos-a-images/photo-gallery/10658 Versions Affected 1.6.0 Author Salvatore Fresta aka Drosophila Website http://www.salvatorefresta.net Contact salvatorefres...
Rayzz Photoz Shell Upload
========================================================== Rayzz Photoz Upload Vulnerability ========================================================== 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /'...
Rayzz Photoz Upload Vulnerability
Exploit for php platform in category web applications ================================= Rayzz Photoz Upload Vulnerability ================================= 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ ...
Rayzz Photoz - Arbitrary File Upload
Rayzz Photoz - Arbitrary File Upload ========================================================== Rayzz Photoz Upload Vulnerability ========================================================== 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, ...
CVE-2010-0554
The HTTP Authentication implementation in Geo++ GNCASTER 1.4.0.7 and earlier uses the same nonce for all authentication, which allows remote attackers to hijack web sessions or bypass authentication via a replay attack...
CVE-2010-0552
Geo++ GNCASTER 1.4.0.7 and earlier allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code via multiple requests for a non-existent file using a long URI...
CVE-2010-0551
HTTP authentication implementation in Geo++ GNCASTER 1.4.0.7 and earlier allows remote attackers to read authentication headers of other users via a large request with an incorrect authentication attempt, which includes sensitive memory in the response. NOTE: this is referred to as a "memory leak...
CVE-2010-0550
admin.htm in Geo++ GNCASTER 1.4.0.7 and earlier does not properly enforce HTTP Digest Authentication, which allows remote authenticated users to use HTTP Basic Authentication, bypassing intended server policy...
CVE-2010-0553
Geo++ GNCASTER 1.4.0.7 and earlier allows remote authenticated users to cause a denial of service application crash and possibly execute arbitrary code via a long NMEA data sentence...
Design/Logic Flaw
HTTP authentication implementation in Geo++ GNCASTER 1.4.0.7 and earlier allows remote attackers to read authentication headers of other users via a large request with an incorrect authentication attempt, which includes sensitive memory in the response. NOTE: this is referred to as a "memory leak...
Authentication flaw
admin.htm in Geo++ GNCASTER 1.4.0.7 and earlier does not properly enforce HTTP Digest Authentication, which allows remote authenticated users to use HTTP Basic Authentication, bypassing intended server policy...
Authentication flaw
The HTTP Authentication implementation in Geo++ GNCASTER 1.4.0.7 and earlier uses the same nonce for all authentication, which allows remote attackers to hijack web sessions or bypass authentication via a replay attack...
Code injection
Geo++ GNCASTER 1.4.0.7 and earlier allows remote authenticated users to cause a denial of service application crash and possibly execute arbitrary code via a long NMEA data sentence...
Code injection
Geo++ GNCASTER 1.4.0.7 and earlier allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code via multiple requests for a non-existent file using a long URI...
CVE-2010-0554
The CVE-2010-0554 entry concerns Geo++ GNCASTER, affected in versions 1.4.0.7 and earlier. The HTTP Authentication implementation uses the same nonce for all authentication attempts, enabling replay attacks that can hijack web sessions or bypass authentication. This is the root cause: nonce reuse...
CVE-2010-0554
The HTTP Authentication implementation in Geo++ GNCASTER 1.4.0.7 and earlier uses the same nonce for all authentication, which allows remote attackers to hijack web sessions or bypass authentication via a replay attack...
CVE-2010-0550
admin.htm in Geo++ GNCASTER 1.4.0.7 and earlier does not properly enforce HTTP Digest Authentication, which allows remote authenticated users to use HTTP Basic Authentication, bypassing intended server policy...
CVE-2010-0551
CVE-2010-0551 affects Geo++ GNCASTER 1.4.0.7 and earlier. The HTTP authentication implementation allows remote attackers to read authentication headers from other users by sending a large request with an incorrect authentication attempt, resulting in memory disclosure (often called a memory leak)...
CVE-2010-0553
CVE-2010-0553 affects Geo++ GNCASTER (versions up to and including 1.4.0.7). The issue allows remote authenticated users to trigger a denial of service (application crash) and possibly execute arbitrary code via a long NMEA data sentence. The NVD entry records a NETWORK attack vector with LOW com...