65 matches found
Rediff Bol 2.0.2 URL Handling Denial of Service Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/6670/info It has been reported that a problem in Rediff Bol may allow remote users to log other users out of the Bol chat client. Due to improper handling of some types of requests, a remote user could send an URL request...
TRS 6.5 /wcm/app/main.jsp 登录绕过漏洞
No description provided by source...
Articles Directory - Authentication Bypass
Articles Directory - Authentication Bypass Exploit Title:Authenication Bypass Vulnerability in Articles Directory Version: Web Application vendor :http://www.yourarticlesdirectory.com/ Date: 29 apr,2010 Dork:Powered by Article Directory Author:Sid3^effects Code :...
ImageVue 2.0 - Remote Admin Login
Author: Sora Software Link: http://www.imagevuex.com/ Version: 2.0 Tested on: Windows and Linux --------------------------------- / ImageVue 2.0 Remote Admin Login Exploit Created by Sora Contact: vhr95zw at hotmail.com / + Google Dork: "inurl:/admin/" "ImageVue" + Description: ImageVue 2.0 suffe...
Text Exchange Pro - [ CSRF ] Create Administrator Account
Exploit for unknown platform in category web applications ========================================================= Text Exchange Pro - CSRF Create Administrator Account ========================================================= Title: Text Exchange Pro - CSRF Create Administrator Account Date:...
Professional Download Assistant 0.1 SQL Injection
Professional Download Assistant 0.1 Bypass ---------------------------------------------------------- Discovered By: ZoRLu msn: [email protected] Home: www.z0rlu.blogspot.com Date: 08/12/2008 N0T: TUM iSLAM ALEMiNiN BAYRAMINI KUTLARIM...! N0T: YALNIZLIK, YiTiRDi ANLAMINI YALNIZLIGIMDA :...
Dream4 Koobi Pro 6.25 Shop - categ SQL Injection
Dream4 Koobi Pro 6.25 Shop - categ SQL Injection Koobi Pro 6.25 shop categ all version Koobi AUTHOR : S@BUN HOME : http://www.milw0rm.com/author/1334 BLOG : http://my.opera.com/SQL-Injection/blog/ MAiL : [email protected] DORK 1 : allinurl: "index php p shop"categ EXPLOiT :...
phpFoX All Version Login Exploit
phpFoX AllVersion Login to any Account Exploit found by Mx at hackmx.net Login as any user/admin/mod Action event only once This exploit will allow you to action an event per login, on any account in phpFoX All Versions. 1 Create an account on phpFox, after activating the account, login. 2 Go to...
confixx312.txt
// Confixx 3.1.2 XSSdiv style= - Googledork: inurl:confixx inurl:login|anmeldung + Greetz to: Bluegeek + Visit: www.LoK-Crew.de...
acnews.txt
http://www.google.com/search?hl=en&lr=&q=acnews+1.0+login.asp&btnG=Search /str0ke Product:ACNews version :1.0 VULNERABILITY CLASS: SQL injection exploit Log in with username:' or 'x'='x password :' or 'x'='x from admin/login.asp page. greetz to HaXoR & LOverboy auther : LaMeR securitygurus team...
CMScore SQL Injection Exploit
No description provided by source. /==========================================/ // GHC - CMS CORE - ADVISORY // Product: CMS Core // URL: http://chipmunk-scripts.com/scripts/cmscore.php // VULNERABILITY CLASS: SQL injection /==========================================/ exploit Log in with username...
CMScore - SQL Injection
/==========================================/ // GHC - CMS CORE - ADVISORY // Product: CMS Core // URL: http://chipmunk-scripts.com/scripts/cmscore.php // VULNERABILITY CLASS: SQL injection /==========================================/ exploit Log in with username Administrator'/ from admin/index.p...
[waraxe-2004-SA#037 - Sql injection bug in Phorum 5.0.12 and older versions]
================================================================================ waraxe-2004-SA037 ================================================================================ Sql injection bug in Phorum 5.0.12 and older versions...
not_so_smartether.txt
There is a vulnerability within the OS that this and other samsung managed switches. The problem resides in the way that the admin user is authenticated when trying to login using telnet remote or from console local. Now just so everyone who reads this knows, I am not that up to date on all of...
Linux pam_smb < 1.1.6 login exploit
Adivisory at http://us2.samba.org/samba/ftp/pamsmb/ -- LIDS secure linux kernel http://www.lids.org/ 1024D/B6EFB028 4731 2BF7 7735 4DBD 3771 4E24 B53B B60A B6EF B028...
Owl Intranet Engine 0.7 - Authentication Bypass
source: https://www.securityfocus.com/bid/7595/info Owl has been reported prone to an authentication bypass vulnerability. The issue presents itself due to a lack of sufficient sanitization when checking the validity of usernames and passwords supplied to 'browse.php'. An attacker may exploit thi...
Solaris 2.6/7/8 - 'TTYPROMPT in.telnet' Remote Authentication Bypass
Solaris TTYPROMPT Security Vulnerability Telnet This vulnerability is very simple to exploit, since it does not require any code to be compiled by an attacker. The vulnerability only requires the attacker to simply define the environment variable TTYPROMPT to a 6-character string, inside telnet...
YaBB 1.401.41 - Login Cross-Site Scripting
YaBB 1.401.41 - Login Cross-Site Scripting source: https://www.securityfocus.com/bid/6004/info A cross-site scripting vulnerability has been reported in the YaBB Yet Another Bulletin Board forum login script. HTML tags or script code are not sanitized from the error output of erroneous login...
phpAuction 1/2 - Unauthorized Administrative Access
source: https://www.securityfocus.com/bid/5141/info PhpAuction is a freely available web-based auction system. It is written using PHP scripting language on a MySQL database engine. A flaw in /admin/login.php has been reported in PHPAuction, which could allow users to gain escalated privileges...
Unixware Message catalog exploit code
Hi, I'm jGgM. I was reported this problem Caldera, a few week ago. And, This exploit is fixed already. Hacker can modify message catalog and, It can possible format string exploit. for example $ gcc -o expshell expshell.c $ gcc -o getret getret.c $ gcc -o fmtexp fmtexp.c $ ./expshell $ ./getret...