Lucene search
+L

243 matches found

myhack58
myhack58
added 2012/11/20 12:0 a.m.16 views

Code audit: DedeCMS several latest bug analysis-bug warning-the black bar safety net

Preface:the original is a contributor to the hacking of Defense want to change a few pieces of pocket money,results 3 on the cast of the manuscript,the editor replied that the proposed 4 period 4 late advice that,that”two days will be published”,the results of today's 5 on 2 numbers are not...

0.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2012/01/11 12:0 a.m.64 views

PHP 5.x < 5.2.2 Multiple vulnerabilities

According to its banner, the version of PHP 5.x installed on the remote host is older than 5.2.2. It is, therefore, affected by multiple vulnerabilities: - A heap-based buffer overflow vulnerability was found in PHP's gd extension. A script that could be forced to process WBMP images from an...

7.8CVSS6.5AI score0.08321EPSS
Exploits4References6
myhack58
myhack58
added 2011/11/15 12:0 a.m.25 views

DEDECMS global variable overwrite vulnerability science-vulnerability warning-the black bar safety net

DEDECMS global variable overwrite vulnerability was first wolves security team 0 9 published in the official soften up until now didn't repair the vulnerability, and now covers substantially DEDECMS full version. Personal guess is not the official deliberately left the back door. The following...

0.5AI score
Exploits0
myhack58
myhack58
added 2011/10/17 12:0 a.m.27 views

DEDECMS full version gotopage variable XSS ROOTKITS, 0DAY-vulnerability warning-the black bar safety net

Affected versions: DEDECMS full version The vulnerability described in: DEDECMS background landing template gotopage variable is not tested incoming data, leading toXSSvulnerabilities. \dede\templets\login.htm 6 5 the left and right input type="hidden" name="gotopage" value="? php if!...

1.3AI score
Exploits0
Exploit DB
Exploit DB
added 2010/09/20 12:0 a.m.36 views

RarCrack 0.2 - &#039;Filename init() .bss&#039; (PoC)

The software can be downloaded here: http://rarcrack.sourceforge.net/ Author: stoke Date: 2010-09-20 Download: http://rarcrack.sourceforge.net/ Tested on: Backtrack 4 Site: http://devilcode.it | http://hack2web.altervista.org Special greetz to: nex, for reassure me when i sayed "WHY EIP IT'S NOT...

7.4AI score
Exploits0
seebug.org
seebug.org
added 2010/05/24 12:0 a.m.26 views

Discuz! 7.x/6.x论坛绕过全局变量防御漏洞

Discuz!是一款华人地区非常流行的Web论坛程序。 由于php5.3.x版本php.ini的设置中requestorder默认值为GP,导致Discuz! 6.x/7.x中可以绕过全局变量防御。 在include/global.func.php代码中: function daddslashes$string, $force = 0 !defined'MAGICQUOTESGPC' && define'MAGICQUOTESGPC', getmagicquotesgpc; if!MAGICQUOTESGPC || $force ifisarray$string foreach$stri...

7.1AI score
Exploits0
myhack58
myhack58
added 2010/05/18 12:0 a.m.31 views

Discuz! 6. x/7. x a global variable Defense bypass vulnerability-vulnerability warning-the black bar safety net

Due to php5. 3. x version php. ini settings requestorder the default value for the GP, resulting in Discuz! 6. x/7. x a global variable Defense bypass vulnerability include/global. func. php code: function daddslashes$string, $force = 0 ! defined'MAGICQUOTESGPC' && define'MAGICQUOTESGPC',...

7.4AI score
Exploits0
seebug.org
seebug.org
added 2010/05/17 12:0 a.m.12 views

Discuz! 6.x/7.x 全局变量防御绕过漏洞

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2009/12/21 12:0 a.m.45 views

phpMyAdmin 2.7.0 全局变量覆盖导致文件包含漏洞

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2009/08/28 12:0 a.m.20 views

Wordpress Plugin WP-Syntax &lt;= 0.9.1 Remote Command Execution

No description provided by source. ====================================================================== Wordpress plugin WP-Syntax = 0.9.1 Remote Code Execution ====================================================================== This vulnerability was originally discovered by Raz0r on...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2009/08/27 12:0 a.m.20 views

WordPress WP-Syntax 0.9.1 Command Execution

====================================================================== Wordpress plugin WP-Syntax $functions if isnull$functions continue; foreach$functions as $function $string = calluserfuncarray$function, array$string; return $string; ... Global variable testfilter is not defined, so...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2009/04/23 12:0 a.m.37 views

Mandrake Linux Security Advisory : php (MDKSA-2007:090)

A heap-based buffer overflow vulnerability was found in PHP's gd extension. A script that could be forced to process WBMP images from an untrusted source could result in arbitrary code execution CVE-2007-1001. A DoS flaw was found in how PHP processed a deeply nested array. A remote attacker coul...

7.8CVSS7.7AI score0.18162EPSS
Exploits3References5
seebug.org
seebug.org
added 2009/02/02 12:0 a.m.338 views

Coppermine Photo Gallery 1.4.19 Remote PHP File Upload Vulnerability

No description provided by source. Written By Michael Brooks Special thanks to str0ke! Coppermine Photo gallery - Remote PHP File Upload Affects: v1.4.19 Homepage: http://coppermine-gallery.net/ 5,239,057 downloads from sf.net! For this attack we need registerglobals=on . The problem is that the...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2009/01/29 12:0 a.m.26 views

Coppermine Photo Gallery 1.4.19 - Remote File Upload

Coppermine Photo Gallery 1.4.19 - Remote File Upload Written By Michael Brooks Special thanks to str0ke! Coppermine Photo gallery - Remote PHP File Upload Affects: v1.4.19 Homepage: http://coppermine-gallery.net/ 5,239,057 downloads from sf.net! For this attack we need registerglobals=on . The...

0.1AI score
Exploits0
0day.today
0day.today
added 2009/01/29 12:0 a.m.41 views

Coppermine Photo Gallery 1.4.19 Remote PHP File Upload Vulnerability

Exploit for unknown platform in category web applications ==================================================================== Coppermine Photo Gallery 1.4.19 Remote PHP File Upload Vulnerability ==================================================================== Written By Michael Brooks...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2009/01/29 12:0 a.m.96 views

Coppermine Photo Gallery 1.4.19 - Remote File Upload

Written By Michael Brooks Special thanks to str0ke! Coppermine Photo gallery - Remote PHP File Upload Affects: v1.4.19 Homepage: http://coppermine-gallery.net/ 5,239,057 downloads from sf.net! For this attack we need registerglobals=on . The problem is that the anti-registerglobals security can b...

7.4AI score
Exploits0
NVD
NVD
added 2008/12/17 5:30 p.m.21 views

CVE-2008-5624

PHP 5 before 5.2.7 does not properly initialize the pageuid and pagegid global variables for use by the SAPI phpgetuid function, which allows context-dependent attackers to bypass safemode restrictions via variable settings that are intended to be restricted to root, as demonstrated by a setting ...

7.5CVSS9.5AI score0.02222EPSS
Exploits1References15
UbuntuCve
UbuntuCve
added 2008/12/17 12:0 a.m.31 views

CVE-2008-5624

PHP 5 before 5.2.7 does not properly initialize the pageuid and pagegid global variables for use by the SAPI phpgetuid function, which allows context-dependent attackers to bypass safemode restrictions via variable settings that are intended to be restricted to root, as demonstrated by a setting ...

7.5CVSS7AI score0.02222EPSS
Exploits1References4
seebug.org
seebug.org
added 2008/12/09 12:0 a.m.25 views

XAMPP 1.6.8 (XSRF) Change Administrative Password Exploit

No description provided by source. XAMPP change administrative password: -------------------------------------------------------------------------------- Written by Michael Brooks special thanks to str0ke Affects XAMPP 1.6.8. homepage: http://www.apachefriends.org/ XAMPP has 17+ million downloads...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2008/12/08 12:0 a.m.30 views

XAMPP 1.6.8 Password Exploit

XAMPP change administrative password: -------------------------------------------------------------------------------- Written by Michael Brooks special thanks to str0ke Affects XAMPP 1.6.8. homepage: http://www.apachefriends.org/ XAMPP has 17+ million downloads from sourceforge.net...

Exploits0
Rows per page
Query Builder