1619 matches found
Security Advisory 0006
Security Advisory 0006 PDF Date: September 29th 2014 Revision | Date | Changes ---|---|--- 1.0 | September 29th 2014 | Initial release 1.1 | September 30th 2014 | Additional details on maintenance releases 1.2 | October 29th 2014 | Additional details on fixed releases 1.3 | November 4th 2014 |...
frcms 重装系统
简要描述: 重装了 之后 可以轻松getshell。 详细说明: 在install/index.php中 header"Content-Type: text/html; charset=$lang"; foreachArray'GET','POST','COOKIE' as $request foreach$$request as $k = $v $$k = runmagicquotes$v; function runmagicquotes&$svar if!getmagicquotesgpc if isarray$svar foreach$svar as $k = $v $svar$k...
[SECURITY] Fedora 20 Update: ipython-0.13.2-4.fc20
IPython provides a replacement for the interactive Python interpreter with extra functionality. Main features: Comprehensive object introspection. Input history, persistent across sessions. Caching of output results during a session with automatically generated references. Readline based name...
wu-ftpd 2.4.2/2.5 .0/2.6 .0/2.6.1/2.6.2 - FTP Conversion Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/2240/info Some FTP servers provide a conversion service that pipes a requested file through a program, for example a decompression utility such as tar, before it is passed to the remote user. Under some configurations whe...
Mod_Gzip 1.3.x Debug Mode Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/7769/info Modgzip is reported prone to a stack overflow, format string vulnerability and a file corruption issue due to a predictable naming scheme for log files. Exploitation of these issues could result in execution of...
PKCrew TIAtunnel 0.9 alpha2 Authentication Mechanism Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/2831/info TIAtunnel is a freely available IRC session bouncing software package. It is distributed by the pkcrew. A problem in the software package makes it possible for a remote user to gain a local shell. Due to a buffe...
Standard & Poors ComStock 4.2.4 Machine Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/1080/info Numerous vulnerabilities exist in the ComStock product, as sold by Standard & Poor's. ComStock is based on the RedHat 5.1 distribution, and contains many of the vulnerabilities found in the 5.1 distribution. In...
Kootenay Web Inc whois 1.0 - Remote Command Execution Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/1883/info whois is a utility used to find general information and technical details about registered domain names. A vulnerability exists in Kootenay Web Inc's Whois release v.1.9, a web interface to whois running on a...
Wordpress Asset Manager Plugin 0.2 - Arbitrary File Upload
No description provided by source. Description : Wordpress Plugins - Asset Manager Shell Upload Vulnerability Version : 0.2 Link : http://wordpress.org/extend/plugins/asset-manager/ Plugins : http://downloads.wordpress.org/plugin/asset-manager.0.2.zip Date : 26-05-2012 Google Dork :...
Wordpress MM Forms Community Plugin 2.2.6 - Arbitrary File Upload
No description provided by source. Description : Wordpress Plugins - MM Forms Community Arbitrary File Upload Vulnerability Version : 2.2.5 - 2.2.6 Link : http://wordpress.org/extend/plugins/mm-forms-community/ Plugins : http://downloads.wordpress.org/plugin/mm-forms-community.zip Date : 24-05-20...
Wordpress Gallery Plugin 3.06 Arbitrary File Upload
No description provided by source. Description : Wordpress Plugins - Gallery Arbitrary File Upload Vulnerability Version : 3.06 Link : http://wordpress.org/extend/plugins/gallery-plugin/ Plugins : http://downloads.wordpress.org/plugin/gallery-plugin.3.06.zip Date : 01-06-2012 Google Dork :...
YaBB 9.11.2000 search.pl Arbitrary Command Execution Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/1921/info YaBB Yet Another Bulletin Board is a popular perl-based bulletin board scripting package. search. pl, one of several perl scripts which comprise YaBB, fails to properly validate user input which arguments a call...
UoW imapd 10.234/12.264 Buffer Overflow Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/1110/info A buffer overflow exists in imapd. The vulnerability exists in the list command. By supplying a long, well-crafted string as the second argument to the list command, it becomes possible to execute code on the...
UoW imapd 10.234/12.264 LSUB Buffer Overflow (meta)
No description provided by source. source: http://www.securityfocus.com/bid/1110/info A buffer overflow exists in imapd. The vulnerability exists in the list command. By supplying a long, well-crafted string as the second argument to the list command, it becomes possible to execute code on the...
Apache mod_gzip (with debug_mode) <= 1.2.26.1a Remote Exploit
No description provided by source. / \ exploit code for modgzip with debugmode = 1.2.26.1a / \ Created by xCrZx crazyeinstein yahoo com /05.06.03/ / \ Tested on RedHat 8.0 Psyche here is target for it, / also tested on FreeBSD 4.7 1.3.19.2a here is no target for it : / \ / / \ / Single mode: \ /...
Sagem Router Fast 3304/3464/3504 Telnet Authentication Bypass
No description provided by source. !/home/bin/python Remote Exploit: SAGEM ROUTER FAST 3304/3464/3504 - Telnet Authentication bypass Date: 15-August-2011 Author: Elouafiq Ali Version: 3304-V1 / 3304-V2 / 3464 / 3504 Tested on: Linux Ubuntu 11.04, Linux Backtrack 5 Tested Router: SAGEM FAST 3304-V...
VoipNow <= 2.5 - Local File Inclusion Vulnerability
No description provided by source. / + Application : Voipnow | Version , Perior to 2.5.0 | Download : http://4psa.com/ | By Faris , AKA i-Hmx | [email protected] + sec4ever.com , 1337s.cc / VoipNow is commercial web GUI voip server manager, it's affected by local file inclusion vuln File :...
ClanSuite 2.9 - Arbitrary File Upload Vulnerability
No description provided by source. Exploit Title: ClanSuite 2.9 Arbitrary File Upload Date: 29/05/2012 Exploit Author: Adrien Thierry Vendor Homepage: http://clansuite.com/ Software Link : https://github.com/jakoch/Clansuite or : http://svn.gna.org/svn/clansuite/trunk/ Version: 2.9 and Trunk...
Wordpress SfBrowser 1.4.5 - Arbitrary File Upload Vulnerability
No description provided by source. Exploit Title: Wordpress SfBrowser Version 1.4.5 Arbitrary File Upload Google Dork: inurl:wp-content/plugins/sfbrowser/connectors/php/ Date: 11/06/2012 Exploit Author: Adrien Thierry Vendor Homepage: http://www.sjeiti.com/ Software Link:...
Wordpress Pica Photo Gallery 1.0 - Arbitrary File Upload Vulnerability
No description provided by source. Exploit Title: Wordpress Pica Photo Gallery 1.0 Arbitrary File Upload Google Dork: inurl:wp-content/plugins/pica-photo-gallery/ Date: 11/06/2012 Exploit Author: Adrien Thierry Vendor Homepage: http://www.apptha.com Software Link:...