Xaraya <= 1.0.0 RC4 create() Denial of Service Exploit

No description provided by source. ?php ---XarayaDOS.php 17.30 28/11/2005 Xaraya =1.0.0 RC4 D.O.S coded by rgod site: http://rgod.altervista.org usage: launch from Apache, fill in requested fields, then go! Sun-Tzu: "Hold out baits to entice the enemy. Feign disorder, and crush him."...

CVE-2003-1286

HTTP Proxy in Sambar Server before 6.0 beta 6, when security.ini lacks a 127.0.0.1 proxydeny entry, allows remote attackers to send proxy HTTP requests to the Sambar Server's administrative interface and external web servers, by making a "Connection: keep-alive" request before the proxy requests...

CVE-2003-1286

The CVE-2003-1286 issue affects Sambar Server prior to 6.0 beta 6. An HTTP Proxy vulnerability arises when security.ini lacks a 127.0.0.1 proxydeny entry, allowing remote attackers to send proxy HTTP requests to the server’s administrative interface and external web servers by issuing a Connectio...

EUVD-2003-1276

HTTP Proxy in Sambar Server before 6.0 beta 6, when security.ini lacks a 127.0.0.1 proxydeny entry, allows remote attackers to send proxy HTTP requests to the Sambar Server's administrative interface and external web servers, by making a "Connection: keep-alive" request before the proxy requests...

Mambo 4.5.2 - Globals Overwrite / Remote Command Execution

Mambo body background-color:111111; SCROLLBAR-ARROW-COLOR: ffffff; SCROLLBAR-BASE-COLOR: black; CURSOR: crosshair; color: 1CB081; img background-color: FFFFFF !important input backgr...

Mambo 4.5.2 - Globals Overwrite Remote Command Execution

Mambo 4.5.2 - Globals Overwrite Remote Command Execution Mambo body background-color:111111; SCROLLBAR-ARROW-COLOR: ffffff; SCROLLBAR-BASE-COLOR: black; CURSOR: crosshair; color: 1CB081; img background-color: F...

CuteNews <= 1.4.1 (shell inject) Remote Command Execution Exploit

No description provided by source. ?php ---cuten141xpl.php 7.13 03/11/2005 CuteNews 1.4.1 shell injection by rgod site: http://rgod.altervista.org usage: launch form Apache, fill in requested fields, then go! make these changes in php.ini if you have troubles with this script:...

Header overflow against HTTP proxy

It was possible to kill the HTTP proxy by sending an invalid request with a too long header A cracker may exploit this vulnerability to make your proxy server crash continually or even execute arbitrary code on your system. OpenVAS Vulnerability Test $Id: avirtproxyoverflow.nasl 6702 2017-07-12...

CuteNews <= 1.4.1 (shell inject) Remote Command Execution Exploit

Exploit for unknown platform in category web applications ================================================================= CuteNews CuteNews 1.4.1 re...

Anti-Scanner Defenses (HTTP)

It seems that the remote web server rejects HTTP requests from the Scanner. It is probably protected by a reverse proxy, WAF or IDS/IPS. SPDX-FileCopyrightText: 2005 Michel Arboi SPDX-FileCopyrightText: New / improved detection code since 2018 Greenbone AG Some text descriptions might be excerpte...

Header Overflow Attack against HTTP Proxy

It was possible to crash the HTTP proxy by sending an invalid request with a too long header. SPDX-FileCopyrightText: 2003 Michel Arboi Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Mandrake Linux Security Advisory : apache2 (MDKSA-2005:129)

Marc Stern reported an off-by-one overflow in the modssl CRL verification callback which can only be exploited if the Apache server is configured to use a malicious certificate revocation list CVE-2005-1268. Watchfire reported a flaw that occured when using the Apache server as a HTTP proxy. A...

MailGust 1.9 - Board Takeover (SQL Injection)

?php mailgustxpl.php MailGust 1.9 possibly prior versions SQL Injection / board takeover poc exploit with generic HTTP proxy support by rgod site: http://rgod.altervista.org make these changes in php.ini if you have troubles to launch this script: allowcalltimepassreference = on registerglobals =...

MailGust <= 1.9 (board takeover) SQL Injection Exploit

Exploit for unknown platform in category web applications ====================================================== MailGust = 1.9 board takeover SQL Injection Exploit ====================================================== ?php mailgustxpl.php MailGust 1.9 possibly prior versions SQL Injection / boa...

MailGust &lt;= 1.9 (board takeover) SQL Injection Exploit

No description provided by source. ?php mailgustxpl.php MailGust 1.9 possibly prior versions SQL Injection / board takeover poc exploit with generic HTTP proxy support by rgod site: http://rgod.altervista.org make these changes in php.ini if you have troubles to launch this script:...

MailGust 1.9 - Board Takeover (SQL Injection)

MailGust 1.9 - Board Takeover SQL Injection ?php mailgustxpl.php MailGust 1.9 possibly prior versions SQL Injection / board takeover poc exploit with generic HTTP proxy support by rgod site: http://rgod.altervista.org make these changes in php.ini if you have troubles to launch this script:...

CuteNews &lt;= 1.4.0 (shell inject) Remote Command Execution Exploit

No description provided by source. ?php cutenxpl.php CuteNews 1.4.0possibly prior versions remote code execution by rgod site: http://rgod.altervista.org usage: launch form Apache, fill in requested fields, then go! make these changes in php.ini if you have troubles with this script:...

AzDGDatingLite 2.1.3 - Remote Code Execution

?php azdgexpl.php AzDGDatingLite V 2.1.3 possibly prior versions remote code execution with generic http proxy support by rgod site: http://rgod.altervista.org make these changes in php.ini if you have troubles to launch this script: allowcalltimepassreference = on registerglobals = on usage:...

AzDGDatingLite 2.1.3 - Remote Code Execution

AzDGDatingLite 2.1.3 - Remote Code Execution ?php azdgexpl.php AzDGDatingLite V 2.1.3 possibly prior versions remote code execution with generic http proxy support by rgod site: http://rgod.altervista.org make these changes in php.ini if you have troubles to launch this script:...

AzDGDatingLite &lt;= 2.1.3 Remote Code Execution Exploit

No description provided by source. ?php azdgexpl.php AzDGDatingLite V 2.1.3 possibly prior versions remote code execution with generic http proxy support by rgod site: http://rgod.altervista.org make these changes in php.ini if you have troubles to launch this script: allowcalltimepassreference =...