Evernew Free Joke Script (viewjokes.php) SQL Injection

Exploit for unknown platform in category web applications ====================================================== Evernew Free Joke Script viewjokes.php SQL Injection ====================================================== / Name : Evernew Free Joke Script viewjokes.php SQL Injection WebSite :...

JpGraph <= 3.0.6 Multiple XSS Vulnerabilities

JpGraph is prone to multiple cross-site scripting XSS vulnerabilities. Copyright C 2010 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...

Cacti 0.8.7e Cross Site Scripting

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Cacti 0.8.7e and earlier versions are affected by multiple security issues. Issues 1-4 are cross site scripting issues, issue 5 is a priviledge escalation issue. 1. XSS 1 A HTTP GET request against the following URL will, on a web browser with...

Quick.Cart 3.4 and Quick.CMS 2.4 CSRF Vulnerabilities

Exploit for unknown platform in category web applications ===================================================== Quick.Cart 3.4 and Quick.CMS 2.4 CSRF Vulnerabilities ===================================================== Systems Affected: Quick.Cart 3.4 other versions untested, Quick.CMS 2.4 other...

Proxy-Pro Professional GateKeeper 4.7 GET Request Overflow

$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'Proxy-Pro...

Code injection

The Web Administrator service STEMWADM.EXE in Websense Personal Email Manager 7.1 before Hotfix 4 and Email Security 7.1 before Hotfix 4 allows remote attackers to cause a denial of service crash by sending a HTTP GET request to TCP port 8181 and closing the socket before the service can send a...

CVE-2009-3749

The Web Administrator service STEMWADM.EXE in Websense Personal Email Manager 7.1 before Hotfix 4 and Email Security 7.1 before Hotfix 4 allows remote attackers to cause a denial of service crash by sending a HTTP GET request to TCP port 8181 and closing the socket before the service can send a...

CVE-2009-3711

Stack-based buffer overflow in the hhandlepeer function in http.cpp in httpdx 1.4, and possibly 1.4.3, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a long HTTP GET request...

Stack overflow

Stack-based buffer overflow in the hhandlepeer function in http.cpp in httpdx 1.4, and possibly 1.4.3, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a long HTTP GET request...

DM FileManager <= 3.9.4 RFI Vulnerability - Active Check

DM FileManager is prone to a remote file inclusion RFI vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

OCS Inventory NG < 1.02.1 Information Disclosure Vulnerability - Active Check

OCS Inventory NG is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Carom3D 5.06 Unicode Buffer Overrun/DoS Vulnerability

Exploit for unknown platform in category dos / poc ===================================================== Carom3D 5.06 Unicode Buffer Overrun/DoS Vulnerability ===================================================== !/usr/bin/perl Title: Carom3D 5.06 Unicode Buffer Overrun/Denial Of Service...

Carom3D 5.06 - Unicode Buffer Overrun/Denial of Service

!/usr/bin/perl Title: Carom3D 5.06 Unicode Buffer Overrun/Denial Of Service Vulnerability Summary: Carom 3D is an online multi-user billiard game created with special 3D graphic effects bringing every aspect such as 6 ball, 9 ball, 8 ball and other Billiard games to life. Product Web Page:...

Uebimiau Web-Mail 3.2.0-1.8 File Overwrite

Uebimiau Webmail After That Click Write To File Go /uebimiau/index.php?cmd=id See Pic :http://www.almlf.com/get-6-2009-almlfcomakszizl2.png Thanx To ... | || \ \ \ / / / \ / | ---| |----| | | \ / / / ^ \ | | | | | / \ / / /\ \ | | | | | | | |\ ----. | | / \ | || | || | | .| || // \ | . . / \ /...

TinyButStrong 3.4.0 - script Local File Disclosure

TinyButStrong 3.4.0 - script Local File Disclosure ' -. ,'-. ,' ' .--.===.--. ' .%%. .. -'=' /%%/ \ |%%/ local | |%%| ||.,-. %%| file |/ %\ // ' %\ include // , -'-. ,-. %\ /' ' |/' -=--=' ' -=-=- .' ||/ |||/ o o -=-=-=-==-=-=-=-=-=-=-=+-oooO---------+-=-=-=-=-=-=- | | | |...

GScripts.net DNS Tools RCE Vulnerability (May 2009) - Active Check

GScripts.net DNS Tools is prone to a remote command execution RCE vulnerability because the software fails to adequately sanitize user-supplied input. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respecti...

Addonics NAS Adapter &#40;bts.cgi&#41; Remote DoS Exploit &#40;post-auth&#41;

Remote: Yes Local: No Credit: Mike Cyr, aka h00die Vulnerable: NASU2FW41 Loader 1.17 Not Vulnerable: Discussion: Addonics NAS Adapter Post-Auth DoS Addonics NAS Adapter is prone to several post authentication buffer overflows. Each of these buffer overflows will crash the entire TCP/IP stack and...

Zervit Webserver 0.3 Remote Denial Of Service Exploit

Exploit for unknown platform in category dos / poc ===================================================== Zervit Webserver 0.3 Remote Denial Of Service Exploit ===================================================== import socket import sys print...

Community CMS <= 0.5 Multiple SQLi Vulnerabilities - Active Check

Community CMS is prone to multiple SQL injection SQLi vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in SQL queries. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by...

Turnkey eBook Store <= 1.1 XSS Vulnerability - Active Check

Turnkey eBook Store is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...