670 matches found
Yahoo Status Checker File upload Vulnerability
Exploit for php platform in category web applications ============================================== Yahoo Status Checker File upload Vulnerability ============================================== 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /...
CVE-2010-2251
The get1 command, as used by lftpget, in LFTP before 4.0.6 does not properly validate a server-provided filename before determining the destination filename of a download, which allows remote servers to create or overwrite arbitrary files via a Content-Disposition header that suggests a crafted...
Mereo 1.9.1 Directory Traversal
============================================================================================================ //\ /\ /\ /\ /\ /\ ///\ //\ /\ /\///\ // \ // //\ \ / //\ \ / // //\ \ /\\ \ \ \ / / / / // \ \ // // // // \ // //\ \\ \ // /// \ \ / \ / // / // / / / / / \ \ / / / ...
JaxCMS 1.0 - Local File Inclusion
/ Name : JaxCMS p Local File Include WebSite : http://www.pixiescripts.com/ Author : Hamza 'MizoZ' N. Email : [email protected] Greetz : Zuka ! / The vulnerability is in the get $GET'p' , the index.php include '/pages/'.$GET'p'.'.php' So we can read any file in the server . EXPLOIT :...
PAJAX Remote Command Execution
$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'PAJAX Remote...
T-HTB Manager 0.5 Multiple Blind SQL Injection Vulnerabilities
Exploit for unknown platform in category web applications ============================================================== T-HTB Manager 0.5 Multiple Blind SQL Injection Vulnerabilities ============================================================== Salvatore "drosophila" Fresta + Application: T-HTB...
Vulnerability in La!cooda WIZ and LacoodaST allowing an arbitrary PHP script execution
Overview La!cooda WIZ and LacoodaST contain a vulnerability which may allow a malicious user to execute an arbitrary PHP script on the server. La!cooda WIZ from System Consultants Co., Ltd. and LacoodaST from SpaceTag, Inc. are groupware providing schedule and task managements, etc. La!cooda WIZ...
CA BrightStor ARCserve Backup Multiple Vulnerabilities (QO92996)
According to its version, the installation of BrightStor ARCserve Backup on the remote host is affected by multiple issues : - A vulnerability in 'caloggerd' could allow an unauthenticated attacker to append data to arbitrary files on the server using log messages with directory traversal...
Shopping Basket Pro directory traversal vulnerability
Overview A directory traversal vulnerability exists in Shopping Basket Pro from CGI RESCUE. Shopping Basket Pro from CGI RESCUE is shopping cart software. A directory traversal vulnerability exists in Shopping Basket Pro. Impact A remote attacker could obtain a list of the file and directory name...
The script pictures the back door without echo solutions-vulnerability warning-the black bar safety net
First of all, let us think about why the picture of the back door is not back obvious reason: as you know, we use the include contains picture, the interpreter will put the picture as a text document for searching and automatic parsing% %or??& gt;of the script. So what other html characters such...
LoveCMS 1.4 - 'step' Traversal Arbitrary File Access
source: https://www.securityfocus.com/bid/22675/info LoveCMS is prone to multiple input-validation vulnerabilities, including an arbitrary-file-upload issue, a remote file-include issue, a local file-include issue, and a cross-site scripting issue. An attacker can exploit these issues to steal...
Mambo Component com_flyspray 1.0.1 - Remote File Disclosure
Mambo Component comflyspray 1.0.1 - Remote File Disclosure | \ | / | \ \ / | | | | | \ / | \ \ / / | | | | '| | |/| |/ \ / / \ / / | | '| | | / | | || | | | | | | | | \ / | | | | || \ \ |/|| || ||,//\ / ||| ,|/ Compononent name:comflyspray Affected Version:1.0.1...
FreeBSD : gallery2 -- file disclosure vulnerability (47bdabcf-3cf9-11da-baa2-0004614cc33d)
Michael Dipper wrote : A vulnerability has been discovered in gallery, which allows remote users unauthorized access to files on the webserver. A remote user accessing gallery over the web may use specially crafted HTTP parameters to access arbitrary files located on the webserver. All files...
PBLang Bulletin Board System 4.x - 'SendPM.php' Directory Traversal
source: https://www.securityfocus.com/bid/12690/info PBLang is reported prone to a directory traversal vulnerability. It is reported that the issue exists due to a lack of sufficient sanitization performed on user-supplied input. A remote attacker may exploit this condition to reveal the contents...
QWikiwiki Directory Traversal Vulnerability
No description provided by source. REQUEST: http://SERVER/qwiki/index.php?page=../config.php%00 milw0rm.com 2005-01-04...
CVE-2004-2672
Unspecified vulnerability in ArGoSoft FTP server before 1.4.2.2 allows attackers to upload .lnk files via unknown vectors...
CVE-2002-1394
Apache Tomcat 4.0.5 and earlier, when using both the invoker servlet and the default servlet, allows remote attackers to read source code for server files or bypass certain protections, a variant of CAN-2002-1148...
DEBIAN-CVE-2003-1307
The modphp module for the Apache HTTP Server allows local users with write access to PHP scripts to send signals to the server's process group and use the server's file descriptors, as demonstrated by sending a STOP signal, then intercepting incoming connections on the server's TCP port. NOTE: th...
CVE-2003-0740
Stunnel 4.00, and 3.24 and earlier, leaks a privileged file descriptor returned by listen, which allows local users to hijack the Stunnel server...
security flaw
The default servlet org.apache.catalina.servlets.DefaultServlet in Tomcat 4.0.4 and 4.1.10 and earlier allows remote attackers to read source code for server files via a direct request to the servlet...