5900 matches found
CVE-2008-1528
Affected: ZyXEL Prestige routers P-660, P-661, P-662 with firmware 3.40(AGD.2)–3.40(AHQ.3). Issue: remote authenticated users can read HTML sources via direct HTTP requests to disclose credentials, e.g., RemMagSNMP.html reveals SNMP communities and WLAN.html reveals WEP keys. Root cause: inadequa...
Cross-site Scripting and CSRF in TorrentTrader Classic v1.08
Cross-site Scripting and CSRF in TorrentTrader Classic v1.08 Application: TorrentTrader Classic v1.08, possible other versions. Vendor URL: http://sourceforge.net/project/showfiles.php?groupid=98584&packageid=1809271. 1. Input passed to the msg property of account-inbox.php is not properly...
torrenttrader-xss.txt
Cross-site Scripting and CSRF in TorrentTrader Classic v1.08 Application: TorrentTrader Classic v1.08, possible other versions. Vendor URL: http://sourceforge.net/project/showfiles.php?groupid=98584&packageid=1809271. 1. Input passed to the msg property of account-inbox.php is not properly...
WS_FTP Server < 6.1.1 Multiple Vulnerabilities
Binary data 4361.prm...
GLSA-200801-22 : PeerCast: Buffer overflow
The remote host is affected by the vulnerability described in GLSA-200801-22 PeerCast: Buffer overflow Luigi Auriemma reported a heap-based buffer overflow within the 'handshakeHTTP' function when processing HTTP requests. Impact : A remote attacker could send a specially crafted request to the...
PeerCast: Buffer overflow
Background PeerCast is a client and server for P2P-radio network Description Luigi Auriemma reported a heap-based buffer overflow within the "handshakeHTTP" function when processing HTTP requests. Impact A remote attacker could send a specially crafted request to the vulnerable server, possibly...
Debian Security Advisory DSA 901-1 (gnump3d)
The remote host is missing an update to gnump3d announced via advisory DSA 901-1. Several vulnerabilities have been discovered in gnump3d, a streaming server for MP3 and OGG files. The Common Vulnerabilities and Exposures Project identifies the following problems: CVE-2005-3349 Ludwig Nussel...
Design/Logic Flaw
IMP Webmail Client 4.1.5, Horde Application Framework 3.1.5, and Horde Groupware Webmail Edition 1.0.3 does not validate unspecified HTTP requests, which allows remote attackers to 1 delete arbitrary e-mail messages via a modified numeric ID or 2 "purge" deleted emails via a crafted email message...
CVE-2007-6018
IMP Webmail Client 4.1.5, Horde Application Framework 3.1.5, and Horde Groupware Webmail Edition 1.0.3 does not validate unspecified HTTP requests, which allows remote attackers to 1 delete arbitrary e-mail messages via a modified numeric ID or 2 "purge" deleted emails via a crafted email message...
urlevasion.txt
I dont know if its new but i code it during a PentTest and i would like to share it with you. It is based on code developed By sinhack research labs: http://sinhack.net/URLFilteringEvasion/sakeru.tx Description: "Fortinet's URL blocking functionality can be bypassed by specially-crafted HTTP...
FortiGuard: URL Filtering Application Bypass Vulnerability
I dont know if its new but i code it during a PentTest and i would like to share it with you. It is based on code developed By sinhack research labs: http://sinhack.net/URLFilteringEvasion/sakeru.tx Description: "Fortinet's URL blocking functionality can be bypassed by specially-crafted HTTP...
GLSA-200712-18 : Multi-Threaded DAAP Daemon: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-200712-18 Multi-Threaded DAAP Daemon: Multiple vulnerabilities nnp discovered multiple vulnerabilities in the XML-RPC handler in the file webserver.c. The wsaddarg function contains a format string vulnerability, as it does not...
Mantis < 0.9.5 / 1.1.0 RC5 view.php HTML Injection
Binary data 4326.prm...
CVE-2007-6502
Hosting Controller 6.1 Hot fix 3.3 and earlier allows remote authenticated users to obtain sensitive information via 1 the AdminName and AdminLevel parameters to fp2000/NEWSRVR.asp, which discloses usernames; and 2 certain XML HTTP requests to hosting/css.asp using Microsoft.XMLHTTP or...
JVN#77414947 Cybozu Office denial of service (DoS) vulnerability
Cybozu Office, web-based groupware, is vulnerable to a denial of service DoS attack because it fails to properly handle specially crafted HTTP requests. Impact A remote attacker can cause a denial of service DoS against the server. Solution Update the Software For more information, refer to the...
Blind Sql-Injection in Joomla 1.5 RC3
Thanks to team of Darkc0de.com Blind Sql-Injection in Joomla 1.5 RC3 URL : http://localhost/index.php 1. Parameter = view The following changes were applied to the original request: • Set parameter 'view's value to 'somechars'20+20'article' POC URL :...
Several persistent XSS and CSRF on Wireless-G ADSL Gateway with SpeedBooster (WAG54GS)
http://www.gnucitizen.org/blog/persistent-xss-and-csrf-on-wireless-g-adsl-gateway-with-speedbooster-wag54gs The following vulns were found on 24 June 2007 and were tested against firmware V1.00.06. The specific persistent XSS holes mentioned in this advisory were fixed by Cisco on firmware versio...
irb, ruby security update
CentOS Errata and Security Advisory CESA-2007:0961 Updated ruby packages that fix several security issues are now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Ruby is an interpreted scripting languag...
Moderate: Red Hat Security Advisory: ruby security update
Updated ruby packages that fix several security issues are now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Ruby is an interpreted scripting language for object-oriented programming. A flaw was...
Cross site scripting
Cross-site scripting XSS vulnerability in Hitachi Web Server 01-00 through 03-10, as used by certain Cosminexus products, allows remote attackers to inject arbitrary web script or HTML via unspecified HTTP requests that trigger creation of a server-status page...