Microsoft DNS Server Internal Hostname Disclosure Detection

Microsoft DNS server might be prone to an internal hostname disclosure. SPDX-FileCopyrightText: 2009 Tim Brown Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

URL Spoofing vulnerability in GoogleBot, Yahoo! Slurp, Mozilla and Internet Explorer #2

Hello 3APA3A! I already wrote you about URL Spoofing vulnerability in GoogleBot, Yahoo! Slurp, Mozilla and Internet Explorer http://websecurity.com.ua/3079/, which also can exists in bots of other search engines. As I mentioned, with this vulnerability it's possible to spoof URL and conduct fishi...

Flatnux 2009-03-27 - Arbitrary File Upload Information Disclosure

Flatnux 2009-03-27 - Arbitrary File Upload Information Disclosure Author: girex Homepage: girex.altervista.org Date: 17/04/2009 CMS: flatnux-2009-03-27 site: flatnux.altervista.org Bugs: Multiple remote vulnerabilities Flatnux suffers of multiple local file inclusions: output of my scanner Line: ...

Code injection

Multiple unspecified vulnerabilities in the Web management interface in Avaya SIP Enablement Services SES 3.x and 4.0, as used with Avaya Communication Manager 3.1.x, allow remote attackers to obtain 1 application server configuration, 2 database server configuration including encrypted passwords...

One absolutely can use the SU to mention the right skill-vulnerability warning-the black bar safety net

A period of time provided the right, found that the SU provide the right climate SU configuration file can be written, but don't know how to write, just to have a server installed SU on their own to configure one and then copy to be provided right on the machine, found it easy to use. For the...

My PHP Indexer 1.0 - index.php Local File Download

My PHP Indexer 1.0 - index.php Local File Download My PHP Indexer 1.0 index.php Local File Download Vulnerability url: http://sourceforge.net/projects/myphpindexer/ Author: JosS mail: sys-projectathotmaildotcom site: http://spanish-hackers.com team: Spanish Hackers Team - SHT This was written for...

Gentoo Security Advisory GLSA 200402-01 (PHP)

The remote host is missing updates announced in advisory GLSA 200402-01. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Input validation

Multiple unspecified "input validation" vulnerabilities in the Web management interface aka Messaging Administration interface in Avaya Message Storage Server MSS 3.x and 4.0, and possibly Communication Manager 3.1.x, allow remote authenticated administrators to execute arbitrary commands as user...

CVE-2008-3081

Multiple unspecified "input validation" vulnerabilities in the Web management interface aka Messaging Administration interface in Avaya Message Storage Server MSS 3.x and 4.0, and possibly Communication Manager 3.1.x, allow remote authenticated administrators to execute arbitrary commands as user...

Site@School 2.4.10 - 'FCKeditor' Session Hijacking / Arbitrary File Upload

?php / ------------------------------------------------------------------------- Site@School = 2.4.10 fckeditor Session Hijacking / File Upload Exploit ------------------------------------------------------------------------- author...: EgiX mail.....: n0b0d13satgmaildotcom link.....:...

Seagull PHP Framework 0.6.4 - FCKeditor Arbitrary File Upload

Seagull PHP Framework 0.6.4 - FCKeditor Arbitrary File Upload ?php / ------------------------------------------------------------------------ Seagull PHP Framework = 0.6.4 fckeditor Arbitrary File Upload Exploit ------------------------------------------------------------------------ author...:...

cmsworks-upload.txt

array"zip","doc","xls","pdf","rtf","csv","jpg","gif","jpeg","png","avi","mpg","mpeg","swf","fla", with a default configuration of this script, an attacker might be able to upload arbitrary files containing malicious PHP code due to multiple file extensions isn't properly checked / errorreporting0...

cmsWorks 2.2 RC4 - 'FCKeditor' Arbitrary File Upload

array"zip","doc","xls","pdf","rtf","csv","jpg","gif","jpeg","png","avi","mpg","mpeg","swf","fla", with a default configuration of this script, an attacker might be able to upload arbitrary files containing malicious PHP code due to multiple file extensions isn't properly checked / errorreporting0...

smf114-sql.txt

!/usr/bin/python """ ================================================================================================= / | |\ \ / | / |/ | | |/ \ | | | |||| /| / / ================================================================================================= This was a priv8 Exploit...

Simple Machines Forum (SMF) 1.1.4 - SQL Injection

Simple Machines Forum SMF 1.1.4 - SQL Injection !/usr/bin/python """ ================================================================================================= / | |\ \ / | / |/ | | |/ \ | | | |||| /| / /...

revokebbrc11-sql.txt

!/usr/bin/python """ ================================================================================================= / | |\ \ / | / |/ | | |/ \ | | | |||| /| / / ================================================================================================= This is a public Exploit...

Mega File Hosting Script 1.2 - fid SQL Injection

Mega File Hosting Script 1.2 - fid SQL Injection Script: Mega File Hosting script Type: SQL Injection 1923TURK.ORG TURKiSHWARRiORR Step 1: Register an account Step 2: login and go to /members.php?folders=1 Step 3: Create a folder with any name Exploitation options: ADIM 1:...

RunCMS 1.6.1 - 'msg_image' SQL Injection

!/usr/bin/python """ ================================================================================================= / | |\ \ / | / |/ | | |/ \ | | | |||| /| / / ================================================================================================= This is a public Exploit...

Novell eDirectory unauthenticated access to SOAP interface

= Affected software : Editor : Novell Name : eDirectory Version : 8.7.x see note and 8.8.2 Services : TCP/8028 HTTP and TCP/8030 HTTPS = External references : http://www.novell.com/support/viewContent.do?externalId=3866911&sliceId=1 https://vulners.com/cve/CVE-2008-0926 = Technical details : A SO...

phpfusion-sql.py.txt

!/usr/bin/python """ ================================================================================================= / | |\ \ / | / |/ | | |/ \ | | | |||| /| / / ================================================================================================= This was a priv8 Exploit...