Hpecs Shopping Cart - Remote Authentication Bypass

vendor site:http://hpe.net/ product:hpecs shopping cart bug:injection sql risk:high login bypass : username: 'or''=' passwd: 'or''=' injection sql post : http://site.com/searchlist.asp variables: HpecsFind=maingroup&searchstring='sql or just post your query in the search engine ... laurent gaffié...

Property Pro 1.0 - vir_Login.asp Remote Authentication Bypass

Property Pro 1.0 - virLogin.asp Remote Authentication Bypass Title : Property Pro v1.0 virLogin.asp Remote Login ByPass SQL Injection Vulnerability Author : ajann Example: http://target/path/admin/ UserName: ' union select 0,0 from admin """"""""""""""""""""" ajann,Turkey ... Im not Hacker!...

Property Pro 1.0 - 'vir_Login.asp' Remote Authentication Bypass

Title : Property Pro v1.0 virLogin.asp Remote Login ByPass SQL Injection Vulnerability Author : ajann Example: http://target/path/admin/ UserName: ' union select 0,0 from admin """"""""""""""""""""" ajann,Turkey ... Im not Hacker! milw0rm.com 2006-11-13...

CVE-2006-5845

Unrestricted file upload vulnerability in index.php in Speedywiki 2.0 allows remote authenticated users to upload and execute arbitrary PHP code by setting the upload parameter to 1...

CVE-2006-5826

Buffer overflow in Texas Imperial Software WFTPD Pro Server 3.23.1.1 allows remote authenticated users to execute arbitrary code or cause a denial of service application crash via crafted APPE commands that contain "/" slash or "" backslash characters...

RealVNC远程终端控制软件存在远程认证绕过的漏洞

RealVNC VNC Server是一款远程终端控制软件。 RealVNC VNC Server采用的RFB（远程帧缓冲区）协议允许客户端与服务端协商合适的认证方法，协议的实现上存在设计错误，远程攻击者可以绕过认证无需口令实现对服务器的访问。 具体操作细节如下： 1 服务端发送其版本“RFB 003.008\n” 2 客户端回复其版本“RFB 003.008\n” 3 服务端发送1个字节，等于所提供安全类型的编号 3a 服务端发送字节数组说明所提供的安全类型 4 客户端回复1个字节，从3a的数组中选择安全类型 5 如果需要的话执行握手，然后是服务端的“0000” RealVNC...

CVE-2006-5738

Multiple SQL injection vulnerabilities in PunBB before 1.2.14 allow remote authenticated administrators to execute arbitrary SQL commands via unspecified vectors...

CVE-2006-5540

CVE-2006-5540 affects PostgreSQL 8.1.x prior to 8.1.5. A Denial of Service can be triggered by remote authenticated users through certain aggregate functions in an UPDATE, related to MIN/MAX index optimization. Connected advisories/alerts corroborate this issue across multiple distributions (RHSA...

PT-2006-6256 · Postgresql +1 · Postgresql +1

Name of the Vulnerable Software and Affected Versions: PostgreSQL versions 7.4.1 through 7.4.14 PostgreSQL versions 8.0.x before 8.0.9 PostgreSQL versions 8.1.x before 8.1.5 Description: The issue allows remote authenticated users to cause a denial of service, resulting in a daemon crash. This is...

CVE-2006-5414

Barry Nauta BRIM before 1.2.1 allows remote authenticated users to read information from other users via a modified URL...

CVE-2006-5204

Cross-site scripting XSS vulnerability in actionadmin/member.php in Invision Power Board IPB 2.1.7 and earlier allows remote authenticated users to inject arbitrary web script or HTML via a reference to a script in the avatar setting, which can be leveraged for a cross-site request forgery CSRF...

CVE-2006-5018

ContentKeeper 123.25 and earlier places passwords in cleartext in an INPUT element in cgi-bin/ck/changepw.cgi, which allows remote authenticated users to obtain passwords via this URI...

CVE-2006-5030

CVE-2006-5030 describes an SQL injection in exV2 2.0.4.3 and earlier, affecting the modules/messages/index.php file. The vulnerability is triggered by the sort parameter and permits remote authenticated users to execute arbitrary SQL commands. The NVD metrics indicate high severity (base score 7....

CVE-2006-5018

ContentKeeper 123.25 and earlier places passwords in cleartext in an INPUT element in cgi-bin/ck/changepw.cgi, which allows remote authenticated users to obtain passwords via this URI...

CVE-2006-5014

Unspecified vulnerability in cPanel before 10.9.0 12 Tree allows remote authenticated users to gain privileges via unspecified vectors in 1 mysqladmin and 2 hooksadmin...

CVE-2006-4620

The usereditaccount.wdm module in Alt-N WebAdmin 3.2.5 running with MDaemon 9.0.6, and possibly earlier versions, allows remote authenticated domain administrators to gain privileges and obtain access to the system mail queue by modifying the mailbox of the MDaemon user account to use the mailbox...

CVE-2006-4586

The admin panel in Tr Forum 2.0 accepts a username and password hash for authentication, which allows remote authenticated users to perform unauthorized actions, as demonstrated by modifying user settings via the id parameter to /membres/modifprofil.php, and changing a password via...

CVE-2006-4547

Lyris ListManager 8.95 allows remote authenticated users to obtain sensitive information by attempting to add a user with a ' single quote character in the name, which reveals the details of the underlying SQL query, possibly because of a forced SQL error or SQL injection...

CVE-2006-4546

CVE-2006-4546 affects Lyris ListManager 8.95. The vulnerability allows remote authenticated users who have administrative privileges for at least one list to add new administrators to any list by modifying the MEMBERS_.List_ parameter. The underlying cause is parameter manipulation that bypasses ...

CVE-2006-4547

Lyris ListManager 8.95 allows remote authenticated users to obtain sensitive information by attempting to add a user with a ' single quote character in the name, which reveals the details of the underlying SQL query, possibly because of a forced SQL error or SQL injection...