CVE-2009-1607

Cross-site scripting XSS vulnerability in the administrator panel in phpForm.net LinkBase 2.0 allows remote attackers to inject arbitrary web script or HTML via the username in a registration, which is not properly handled when the administrator accesses the Users menu...

LinkBase 2.0 - Remote Cookie Grabber

Download LinkBase 2.0 Cookie Grabber Exploit + Discovered By SirGod + www.mortal-team.net + www.h4cky0u.org + Greetz : All my friends + Make 2 files and upload to your host : stealer.php - Put the following code into the file : log.txt - CHMOD it 777 and put in the same directory with stealer.php...

MDVA-2008:011 : kdelibs

Due to bad encoding, accented letters appeared on the KDE menu and kicker as strange symbols rather than the actual letters. This update fixes the issue and properly displays those letters. %NASLMINLEVEL 70300 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a...

e107 User Journals Menu SQL Injection

e107 Plugin userjournalsmenu blog.id SQL injection vulnerability Author : boom3rang Greetz : H!tm@N, KHG, chs, redc00de Vulnerability : Remote SQL-injection Google Dork : inurl:"userjournals.php?blog." -------------------------------------------------- ! Product Site : http://www.bugrain.com !...

Mandriva Update for mdk-menu-messages MDKA-2007:105 (mdk-menu-messages)

Check for the Version of mdk-menu-messages OpenVAS Vulnerability Test Mandriva Update for mdk-menu-messages MDKA-2007:105 mdk-menu-messages Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can...

Mandriva Update for desktop-common-data MDKA-2007:006 (desktop-common-data)

Check for the Version of desktop-common-data OpenVAS Vulnerability Test Mandriva Update for desktop-common-data MDKA-2007:006 desktop-common-data Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can...

Mandriva Update for mdk-menu-messages MDKA-2007:105 (mdk-menu-messages)

Check for the Version of mdk-menu-messages OpenVAS Vulnerability Test Mandriva Update for mdk-menu-messages MDKA-2007:105 mdk-menu-messages Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can...

Mandriva Update for nmap MDKA-2007:005 (nmap)

Check for the Version of nmap OpenVAS Vulnerability Test Mandriva Update for nmap MDKA-2007:005 nmap Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the term...

CDex 1.70b2 Buffer Overflow

Tools - Media file Player - Select files - Browse to a folder - - Open - Play evil.ogg / $frgmnt1 = "OggS". //for what I understood ... beginning "\x00". //streamstructureversion "\x02". //headertypeflag "\x00\x00\x00\x00\x00\x00\x00\x00". //granularposition "\x66\x07\x00\x00"...

MP Form Mail CGI vulnerability allows third party to gain administrative privileges

Overview MP Form Mail CGI from futomi's CGI Cafe contains a vulnerability that allows an attacker to gain administrative privileges. MP Form Mail CGI from futomi's CGI Cafe is a software for sending contents entered into an HTML form via email. MP Form Mail CGI contains a vulnerability that allow...

Wili-CMS 0.4.0 - Local File Inclusion / Remote File Inclusion / Authentication Bypass

Salvatore "drosophila" Fresta + Application: Wili-CMS + Version: 0.4.0 + Website: http://wili-cms.sourceforge.net/ + Bugs: A Multiple Remote/Local File Inclusion B Authentication Bypass + Exploitation: Remote + Date: 06 Mar 2009 + Discovered by: Salvatore "drosophila" Fresta + Author: Salvatore...

blindblog 1.3.1 - SQL Injection Authentication Bypass Local File Inclusion

blindblog 1.3.1 - SQL Injection Authentication Bypass Local File Inclusion Salvatore "drosophila" Fresta + Application: BlindBlog + Version: 1.3.1 + Website: http://sourceforge.net/projects/cbblog/ + Bugs: A SQL Injection B Authentication Bypass C Local File Inclusion + Exploitation: Remote + Dat...

Sql injection

SQL injection vulnerability in home.html in Xpoze Pro 4.10 allows remote attackers to execute arbitrary SQL commands via the menu parameter...

Fedora Update for xfce4-places-plugin FEDORA-2007-4368

Check for the Version of xfce4-places-plugin OpenVAS Vulnerability Test Fedora Update for xfce4-places-plugin FEDORA-2007-4368 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/o...

webframe 0.76 Multiple File Inclusion Vulnerabilities

No description provided by source. ------------------Rfi/Lfi------------------ script:webframe 0.76 ------------------------------------------------------------------ download from:http://downloads.sourceforge.net/phpwebframe/webframe-0.76-src.tar.gz?modtime=1155546760&bigmirror=0...

webframe 0.76 - Multiple File Inclusions

webframe 0.76 - Multiple File Inclusions ------------------Rfi/Lfi------------------ script:webframe 0.76 ------------------------------------------------------------------ download from:http://downloads.sourceforge.net/phpwebframe/webframe-0.76-src.tar.gz?modtime=1155546760&bigmirror=0...

Custom shortcuts can pass the wrong parameters to applications

Custom shortcut and menu commands can be used to activate external applications. In some cases, the parameters passed to these applications are not prepared correctly, and may be created from uninitialized memory. These may be misinterpreted as additional parameters, and depending on the...

Xpoze 4.10 (home.html menu) Blind SQL Injection Vulnerability

No description provided by source. ■Xpoze Pro home menù = Blind $ql Injection --------------------------------------- AuToR: XaDoS SecurityCode Team Contact M&: xados at hotmail dot it B§g: Blind $ql inJection SIte vuln: http://www.xpoze.org/ --------------------------------------- ■...

Google Analytics Stored Cross Site Scripting

====================================================== ================= = Google Analytics - Stored Cross Site Scripting Vulnerability = = Vendor Website: = http://www.google.com = = Affected Version: = -- http://www.google.com/analytics/ = = Public disclosure on 8th December 2008 =...

Linux each version of the local root password cracking method-vulnerability warning-the black bar safety net

This time the old met was asked and the various linux versions of the local root password cracking method, I here own and on the network to collect some information, we want to see this article and just used to give the art a little help: A RedHat/CentOS/Fedora system password cracking 1. In the...