286 matches found
The vulnerability of the web application for data synchronization with ownCloud allows a attacker to reinstall the application or execute arbitrary code.
The vulnerability of the routing subsystem of the web application for data synchronization with ownCloud exists due to an incorrect restriction on the path name to the restricted directory. Exploiting this vulnerability could allow a malicious actor to reinstall the application or execute arbitra...
ownCloud Server Directory Traversal Vulnerability
ownCloud Server is a free and open source personal cloud storage solution created by German KDE developer Frank Karlitschek; ownCloud Server is a server edition. A directory traversal vulnerability exists in ownCloud Server versions prior to 7.0.6, and 8.0.4 prior to 8.0.x. The vulnerability is...
Best Practices for Upgrading a Hypervisor Tools Version in a Citrix Provisioning Environment
This article describes the steps for upgrading a hypervisor tools version in a Citrix Provisioning environment. Use the following procedure to upgrade a Hypervisor: 1. Reverse image the vdisk. 2. Boot from the local HDD on the VM that has been reverse imaged to. 3. Uninstall the PVS target...
CentOS 7 : mailman (CESA-2015:1153)
Updated mailman packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating,...
BIGACE 2.7.8 Cross Site Scripting / File Upload
| Title : BIGACE 2.7.8 Multi Vulnerability | Author : indoushka | email : [email protected] | Dork : Powered by BIGACE 2.7.8. Login | Tested on: windows 8.1 Français V.Pro | Download : http://www.bigace.de/ ======================================= FCKeditor Upload :...
QuickTalk 1.5 Password Hash Disclosure
| Title : QuickTalk 1.5 Reinstall Script Vulnerability | Author : indoushka | email : [email protected] | Dork : powered by QT-cute | Tested on: windows 8.1 Français V.Pro | Bug : Reinstall Script | Download : http://www.scriptmafia.org ======================================= 1 -...
YXcms1.2.8两处任意文件删除可reinstall
简要描述: 1.2.8 详细说明: 一处没有过滤,一处过滤失误 第一处:/protected/apps/member/controller/inforController.php public function index $auth=$this-auth; $id=$auth'id'; if!$this-isPost $info=model'members'-find"id='$id'"; $this-info=$info; $this-path=ROOT.'https://images.seebug.org/upload/member/image/';...
MS15-032: Cumulative Security Update for Internet Explorer (3038314)
The version of Internet Explorer installed on the remote host is missing Cumulative Security Update 3038314. It is, therefore, affected by multiple vulnerabilities, the majority of which are remote code execution vulnerabilities. An attacker can exploit these vulnerabilities by convincing a user ...
Mao10CMS可直接重装
简要描述: rt 详细说明: 下载源码之后,搭建完该cms之后。发现install.php文件还在。 errorreporting0; header"Content-Type: text/html; charset=utf-8"; $siteurl = "http://".$SERVER"HTTPHOST".$SERVER'PHPSELF'; $siteurl = pregreplace"//a-z0-9+.php./is", "", $siteurl; if$POST'dbhost' && $POST'dbname' && $POST'dbuser' &&...
Veeam Agent for Microsoft Windows: Service suddenly stopped working.
Challenge While running Veeam Agent for Microsoft Windows VAW, the Control Panel displays the error: Services suddenly stopped working. Cause The Veeam Agent for Microsoft Windows Control Panel has lost contact with the Veeam Agent for Microsoft Windows service on the local machine. Possible caus...
YXCMS 1.2.6任意文件删除可Reinstall
简要描述: YXCMS 1.2.6任意文件删除 Reinstall 详细说明: 前人经验: http://wooyun.org/bugs/wooyun-2010-047226 产生漏洞文件: protected\apps\admin\controller\photoController.php protected\apps\member\controller\photoController.php 关键代码: if!empty$photos'photolist' $phoarr=explode',',$photos'photolist'; foreach $phoarr as $vo...
Enterprise Manager Install fails with Patched Database Error
Purpose If the Veeam Backup Enterprise Manager software is moved, or needs to be reinstalled and it was previously patched it errors out with the following error: Cause The SQL database that is being reused contains table entries that mark it as having been used with a newer version the version o...
ElfChat 5.2.0 Pro Cross Site Scripting
ElfChat 5.2.0 Pro Reinstall SCript EXploits =========================================== Author : indoushka Vondor : http://elfchat.ru/ Dork: 2011 Elfet - ElfChat 5.2.0 Pro ========================== XSS Reflected - Jquery 1.4.2 $function $'users'.eachfunction var select = $this; var option =...
FengCMS新版本重装
简要描述: FengCms Beta 1.20 管理这样判断冒是那里不对啊。 详细说明: 用switch做判断,真的搞不懂程序猿是怎么想的啊,这里的step变量可以控制,导致重装程序。 switch$GET'step' case '1': //安装许可协议 include ABSPATH."/step/step1.php"; break; case '2': //检查安装环境是否满足要求 $PHPGD = ''; ifextensionloaded'gd' iffunctionexists'imagepng' $PHPGD .= 'png';...
Bonefire 0.7.1 - Reinstall Admin Account Exploit
No description provided by source...
Article Management System 2.1.2 Reinstall Vulnerability
No description provided by source...
Bonefire v.0.7.1 - Reinstall Admin Account Exploit
Exploit for php platform in category web applications !/usr/bin/env python coding: utf-8 Bonefire v.0.7.1 Reinstall Admin Account Exploit Author : Mehmet INCE Analysis write-up : http://www.mehmetince.net/ci-bonefire-reinstall-admin-account-vulnerability-analysis-exploit/ Description : Forgotten...
Bonefire 0.7.1 Reinstall Admin Account
!/usr/bin/env python coding: utf-8 Bonefire v.0.7.1 Reinstall Admin Account Exploit Author : Mehmet INCE Analysis write-up : http://www.mehmetince.net/ci-bonefire-reinstall-admin-account-vulnerability-analysis-exploit/ Description : Forgotten controls lead to call install module which lead to...
Bonefire 0.7.1 - Reinstall Admin Account
!/usr/bin/env python coding: utf-8 Bonefire v.0.7.1 Reinstall Admin Account Exploit Author : Mehmet INCE Analysis write-up : http://www.mehmetince.net/ci-bonefire-reinstall-admin-account-vulnerability-analysis-exploit/ Description : Forgotten controls lead to call install module which lead to...
CVE-2013-6955 Synology DSM remote code execution
Products Affected By CVE-2013-6955 Diskstation Manager 4.0 4.2 4.3 4.3-3810 Vendor: Synology Status: Patched webman/imageSelector.cgi in Synology DiskStation Manager DSM 4.0 before 4.0-2259, 4.2 before 4.2-3243, and 4.3 before 4.3-3810 Update 1 allows remote attackers to append data to arbitrary...