1791 matches found
metajour 2.1 - system_path Remote File Inclusion
metajour 2.1 - systempath Remote File Inclusion DEVIL TEAM THE BEST POLISH TEAM metajour 2.1 systempath - Remote File Include Vulnerabilities Script site: http://www.metajour.org Find by Kacper Rahim. Greetings; DragonHeart, Satan, Leito, Leon, Luzak, Adam, DeathSpeed, Drzewko, pepi ;- Special...
tiffsplit (libtiff <= 3.8.2) bss & stack buffer overflow...
Affected product: tiffsplit libtiff = 3.8.2 tiffsplit from libtiff http://www.remotesensing.org/libtiff/ is vulnerable to a bss-based and stack-based overflow, but, I just wrote the concept c0de for stack-based b0f 'cause I don't know how to take advantage of the overwritten bss data after the...
[KAPDA] MyBB1.1.1~Email Verification in User Activation ~SQL Injection Attack
ORIGINAL ADVISORY: http://myimei.com/security/2006-05-07/mybb111email-verification-in-user-activation-sql-injection-attack.html ——————-Summary—————- Software: MyBB Sowtware’s Web Site: http://www.mybboard.com Versions: 1.1.1 Class: Remote Status: Unpatched Exploit: Available Solution: Available...
Advanced Guestbook 2.4.0 - 'phpBB' Remote File Inclusion
!usr/bin/perl use LWP::UserAgent; Bug Found by Oo Exploit coded by n0m3rcy Copyright c 2006 [email protected] Gr33tz; nukedx , Devil-00 , str0ke , cijfer Usage; n0ag.pl if @ARGV ne 3 else sub header print "+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++\r\n"; pri...
VBulletinImpEx.txt
Remote File Inclusion in VBulletin ImpEx Date : 12 / 4 / 2006 Software : VBulletin ImpEx version : VBulletin 3.5.1 VBulletin 3.5.2 VBulletin 3.5.4 The bug reside in : ImpExModule.php ImpExController.php ImpExDisplay.php Exploit : 1...
Vulnerabilities in Papoo
k k kkkk kk kkkk k k kkkkkk kkkkkk kkkk k k k k k k k k k k k k k k kk k k k k kk k k k k kk kkkkk k kkkkk kk kk kkkkkk k k k k k k kk k k k k k k k kk k k k k k k k k k k k k kkkk kk kkkk k k kk k k kkkk k kk k k k =- Vulnerabilities in Papoo Author : Rusydi Hasan M a.k.a : cR45H3R Date :...
[Full-disclosure] Barracuda LHA archiver security bug leads to remote compromise
Topic: Barracuda LHA archiver security bug leads to remote compromise Announced: 2006-04-03 Product: Barracuda Spam Firewall Vendor: http://www.barracudanetworks.com/ Impact: Remote shell access Affected product: Barracuda with firmware 3.3.03.022 AND spamdef 3.0.10045 Credits: Jean-Sebastien...
evoBlog Remote Name tag Script injection
DESCRIPTION evoBlog is prone to HTML injection attacks. It is possible for a malicious evoBlog user to inject hostile HTML and script code into the commentary via form fields. This code may be rendered in the browser of a web user who views the commentary of evoBlog. evoBlog does not adequately...
[myimei]CuteNews1.4.1~ Add Comment For Protected UserNames~ XSS Attack
Hello Everybody ——–Summary——– Software: CuteNews Sowtware’s Web Site: http://cutephp.com Versions: 1.4.1 Class: Remote Status: Unpatched Exploit: Available Solution: NotAvailable Discovered by: imei addmimistrator Risk Level: Mediume&High ——-Description——- There is a security bug in CuteNews...
False positive signature verification in GnuPG
False positive signature verification in GnuPG ============================================== Summary ======= The Gentoo project identified a security related bug in GnuPG. When using any current version of GnuPG for unattended signature verification e.g. by scripts and mail programs, false...
[myimei]MyBB1.0.3~managegroup.php~Multiple SqlInjection & XSS
ORIGINAL ADVISORY/ http://myimei.com/security/2006-02-10/mybb103managegroupphpmultiple-sqlinjection-xss.html Vendor Credit:http://community.mybboard.net/showthread.php?tid=6777 ——————-Summary—————- Software: MyBB Sowtware’s Web Site: http://www.mybboard.com Versions: 1.0.3 Class: Remote Status:...
[myimei]MyBB 1.0.3~private.php~multiple SqlInjection
ORIGINAL ADVISORY/ http://myimei.com/security/2006-02-11/mybb-103privatephpmultiple-sqlinjection.html Vendor Credit:http://community.mybboard.net/showthread.php?tid=6777 ——————-Summary—————- Software: MyBB Sowtware’s Web Site: http://www.mybboard.com Versions: 1.0.3 Class: Remote Status: Unpatche...
gnupg -- false positive signature verification
Werner Koch reports: The Gentoo project identified a security related bug in GnuPG. When using any current version of GnuPG for unattended signature verification e.g. by scripts and mail programs, false positive signature verification of detached signatures may occur. This problem affects the too...
Power Daemon <= 2.0.2 (WHATIDO) Remote Format String Exploit
No description provided by source. / gexp-powerd.c Power Daemon v2.0.2 Remote Format String Exploit Copyright C 2005 Gotfault Security Bug found and developed by: barros and xgc Original Reference: http://gotfault.net/research/exploit/gexp-powerd.c / include getopt.h include sys/types.h include...
Subdreamer CMS (Pro 2.2.3 and Light 2.2.0.1) security bug ;)
Hello world ; A serious exploit has recently been discovered which will allow hackers to gain admin access to the latest versions of Subdreamer CMS Pro 2.2.3 and Light 2.2.0.1. It is crucial to patch your systems immediately. Affected files: admin/adminfunctions.php includes/functions.php...
MyBB 1.0.2 XSS attack in search.php redirection
http://127.0.0.1/mybb/search.php?action=dosearch&keywords=&postthread=1&author=imei&matchusername=1&forums=all&findthreadst=1&numreplies=&postdate=0&pddir=1&sortby="script language=javascriptalertdocument.cookie/script&sorder=1&showresults=threads&submit=Search...
MyBB 1.0.2 Sniffing table perfix bug in search.php
--------------------Summary---------------- Software: mybb Sowtware's Web Site: http://mybboard.com Versions: 1.0.2 Class: Remote Status: Unpatched Exploit: Available Solution: Not Available Discovered by: imei Risk: low -----------------Description--------------- mybb has a security bug that...
Remote file include in appserv 2.4.5 (possible in previous versions)
====================================================================== Remote file include in appserv 2.4.5 possible in previous versions ====================================================================== What is Appserv AppServ is the Apache/PHP/MySQL open source software installer packages...
MyBB XSS cross-site scripting
Hey this is a security bug in printthread.PHP script of MyBBall version also fully patched that allows XSS crosssite scripting hacking and can be exploit without limitation. post this message on a thread and go to print view of thread to view execution of exploit. script...
CubeCart 3.0.6 - Remote Command Execution
CubeCart 3.0.6 - Remote Command Execution !/usr/bin/perl cijfer-ccxpl - CubeCart All rights reserved. 1. example cijfer@kalma:/research$ perl ./cijfer-ccxpl.pl -h www.xxx.com -d [email protected] /$ id;uname -a uid=48apache gid=48apache groups=48apache,2523psaserv Linux server.xxx.com...