4422 matches found
Elcom CMS 7.4.10 Community Manager Insecure File Upload
No description provided by source. Elcom CMS - Community Manager Insecure File Upload Vulnerability - Security Advisory - SOS-12-008 Release Date. 24-Aug-2012 Last Update. - Vendor Notification Date. 28-Oct-2011 Product. Elcom CMS - Community Manager Platform. ASP.NET Affected versions. Elcom...
Anon Proxy Server 0.100/0.102 Remote Authentication Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/27593/info Anon Proxy Server is prone to a remote buffer-overflow vulnerability because the application fails to sufficiently bounds-check user-supplied input. Successful exploits allow remote attackers to execute arbitra...
Novell Access Management SSLVPN Server Security Bypass Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/22787/info Novell Access Management SSLVPN Server is prone to a security-bypass vulnerability. A remote authenticated attacker can exploit this issue to access corporate resources normally restricted within VPN access...
VocalTec VGW4/8 Telephony Gateway Remote Authentication Bypass Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/9876/info It has been reported that the VGW4/8 Telephony Gateway is prone to a remote authentication bypass vulnerability via its web configuration tool. The problem is due to a design error in the application that allows...
Everfocus <= 1.4 EDSR Remote Authentication Bypass
No description provided by source. Product: Everfocus EDSR series Version affected: 1.4 and older Website: http://www.everfocus.com/ Discovered By: Andrea Fabrizi Email: andrea.fabrizi gmail com Web: http://www.andreafabrizi.it Vuln: remote DVR applet authentication bypass The EDSR firmware don't...
FreeFTPD Remote Authentication Bypass Zeroday Exploit
No description provided by source. FreeFTPD all versions Remote System Level Exploit Zero-Day -- No username needed, straightforward rooting! Discovered & Exploited By Kingcope Year 2011 -- http://www.exploit-db.com/sploits/23079.zip Example banner: WeOnlyDo-wodFTPD 2.3.6.165 This package include...
Pentacle In-Out Board <= 6.03 (login.asp) Remote Auth Bypass
No description provided by source. html titlePentacle In-Out Board = 6.03 login.asp Authencation ByPass Vulnerability/title script language=javascript function ptxpl ifdocument.xpl.victim.value== alertPlease enter site!; return false; ifconfirmAre you sure?...
PRE HOTELS&RESORTS MANAGEMENT SYSTEM(Auth Bypass) Remote SQL Injection
No description provided by source. ? ?????????????????????????In The Name Of Allah The Mercifull?????????????????????? ? Tybe:Auth Bypass Remote SQL Injection Vulnerability Vendor: www.preproject.com Software:PRE HOTELS & RESORTS MANAGEMENT SYSTEM author: R3d-D3v!L Date: 17.dec.2009 T!ME: 3:03 am...
Plume CMS 1.2.3 - Multiple SQL Injection Vulnerabilities
No description provided by source. Plume CMS Multiple SQL Injection Vulnerabilities - Security Advisory - SOS-09-006 Release Date. 12-Aug-2009 Last Update. - Vendor Notification Date. 16-Jun-2009 Product. Plume CMS Platform. Independent Affected versions. 1.2.3 verified, possibly others Severity...
123tkShop 0.9.1 - Remote Authentication Bypass Vulnerability
No description provided by source. By Michael Brooks Vulnerability:Sql Injection Software:123tkShop Homepage:http://sourceforge.net/projects/my123tkshop/ Affects Version 0.9.1. An attacker can gain Administrative rights with this authentication bypass exploit:...
Kerio Personal Firewall 2.1.x Remote Authentication Packet Buffer Overflow Vulnerability (1)
No description provided by source. source: http://www.securityfocus.com/bid/7180/info A buffer-overflow vulnerability has been discovered in Kerio Personal Firewall. The problem occurs during the administration authentication process. An attacker could exploit this vulnerability by forging a...
D-Link DSL Router Remote Authentication Bypass Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/13679/info Various D-Link DSL routers are susceptible to a remote authentication bypass vulnerability. This issue is due to a failure of the devices to require authentication in certain circumstances. This vulnerability...
OCS Inventory NG Server <= 1.3.1 (login) Remote Authentication Bypass
No description provided by source. !-- OCS Inventory NG Server = 1.3.1 login Remote Authentication Bypass Software : Open Computer and Software OCS Inventory NG Download : http://www.ocsinventory-ng.org/ Discovered by : Nicolas DEROUET nicolas.derouetgmailcom Discover : 2010-02-05 Published :...
Kerio Personal Firewall <= 2.1.4 - Remote Authentication Packet Overflow
No description provided by source. This file is part of the Metasploit Framework and may be redistributed according to the licenses defined in the Authors field below. In the case of an unknown or missing license, this file defaults to the same license as the core Framework dual GPLv2 and Artisti...
Kerio Personal Firewall 2.1.x Remote Authentication Packet Buffer Overflow Vulnerability (2)
No description provided by source. source: http://www.securityfocus.com/bid/7180/info A buffer-overflow vulnerability has been discovered in Kerio Personal Firewall. The problem occurs during the administration authentication process. An attacker could exploit this vulnerability by forging a...
CVE-2014-2612
Unspecified vulnerability in HP Release Control 9.x before 9.13 p3 and 9.2x before RC 9.21.0003 p1 on Windows and 9.2x before RC 9.21.0002 p1 on Linux allows remote authenticated users to obtain sensitive information via unknown vectors...
CVE-2014-2612
CVE-2014-2612 affects HP Release Control 9.x before 9.13 p3 and 9.2x before RC 9.21.0003 p1 on Windows, and 9.2x before RC 9.21.0002 p1 on Linux. The vulnerability is an information-disclosure flaw that could be exploited by remote authenticated users to obtain sensitive data via unspecified vect...
CVE-2014-2612
Unspecified vulnerability in HP Release Control 9.x before 9.13 p3 and 9.2x before RC 9.21.0003 p1 on Windows and 9.2x before RC 9.21.0002 p1 on Linux allows remote authenticated users to obtain sensitive information via unknown vectors...
CVE-2014-4349
CVE-2014-4349 affects phpMyAdmin 4.1.x up to 4.1.14.1 and 4.2.x up to 4.2.4. Root cause: improper handling of table names during hide/unhide actions leads to cross-site scripting (XSS). Impact: remote authenticated users can inject arbitrary web script or HTML. Remediation: upgrade to 4.1.14.1 or...
CVE-2014-4615
The notifier middleware in OpenStack PyCADF 0.5.0 and earlier, Telemetry Ceilometer 2013.2 before 2013.2.4 and 2014.x before 2014.1.2, Neutron 2014.x before 2014.1.2 and Juno before Juno-2, and Oslo allows remote authenticated users to obtain XAUTHTOKEN values by reading the message queue...