215 matches found
Evilsentinel 1.0.9 - Multiple Vulnerabilities Disable
Evilsentinel 1.0.9 - Multiple Vulnerabilities Disable !/usr/bin/php -q -d shortopentag=on Thanks to rgod for the php code and Marty for the Love '; if $argc / errorreporting0; iniset"maxexecutiontime",0; iniset"defaultsockettimeout",5; function quickdump$string $re...
evilsentinel-disable.txt
!/usr/bin/php -q -d shortopentag=on Thanks to rgod for the php code and Marty for the Love '; if $argc / errorreporting0; iniset"maxexecutiontime",0; iniset"defaultsockettimeout",5; functi...
Evilsentinel <= 1.0.9 (multiple vulnerabilities) Disable Exploit
Exploit for unknown platform in category web applications ================================================================ Evilsentinel = 1.0.9 multiple vulnerabilities Disable Exploit ================================================================ !/usr/bin/php -q -d shortopentag=on ? echo '...
PR07-21: Webbler CMS forms are susceptible to spamming and phishing abuses
PR07-21: Webbler CMS forms are susceptible to spamming and phishing abuses This advisory has been published following consultation with UK CPNI formerly known as NISCC Date Found: 14th June 2007 Successfully tested on: Webbler CMS version 3.1.3. Earlier versions are possibly affected as well. Not...
myPHP Forum v1, 2 & 3
PHOX: myPHP Forum v1, 2 & 3 Exploits Content - Credits - SMFDBPWNOCS - Solution - Contact Credits Exploit discovered by Phoxpherus Phorce, Phox R&P, Terencentanio Root32 SMFDBPWNOCS - Stupid Mofo Database Spamming When No One Can See In short, forum.php and topic.php have no validation checks. Th...
BizMail bizmail.cgi Arbitrary Mail Relay
The remote web server is hosting the CGI bizmail.cgi, a CGI script for sending the content of web forms to email addresses. The remote version of this software fails to sanitize the 'email' parameter to the 'bizmail.cgi' script of CRLF sequences. An unauthenticated, remote attacker may be able to...
DCP-Portal 5.5 - 'advertiser.php?Password' SQL Injection
source: https://www.securityfocus.com/bid/8739/info Multiple SQL Injection vulnerabilities have been discovered that affect DCP-Portal scripts. These issues are likely due to a lack of sufficient sanitization performed on user supplied URI parameters. Attacks have been demonstrated that inject...
DCP-Portal 5.5 - 'lostpassword.php?email' SQL Injection
source: https://www.securityfocus.com/bid/8739/info Multiple SQL Injection vulnerabilities have been discovered that affect DCP-Portal scripts. These issues are likely due to a lack of sufficient sanitization performed on user supplied URI parameters. Attacks have been demonstrated that inject...
MTA Open Mail Relaying Allowed (thorough test)
Nessus has detected that the remote SMTP server is insufficiently protected against mail relaying. This issue allows any spammer to use your mail server to send their mail to the world, thus flooding your network bandwidth and possibly getting your mail server blacklisted. C Tenable Network...
CVE-2003-0316
Venturi Client before 2.2, as used in certain Fourelle and Venturi Wireless products, can be used as an open proxy for various protocols, including an open relay for SMTP, which allows it to be abused by spammers...
Buffer overflow vulnerability found in MailMax version 5
, / | / / / Buffer Overflow Vulnerability / / / / / Found in MailMax Version 5 / / , http://www.smartmax.com / / | // matrix at 0x36.org ooOOooOOooOOooOOooOOooOOooOOooOOooOOooOOooOOooOOooOOooOOooOOooOOooOOooOOooOOoo SUMMARY------------------------------------------------------------------- This i...
IIS SMTP component allows mail relaying via Null Session
BindView Security Advisory -------- IIS SMTP component allows mail relaying via Null Session Issue Date: March 1, 2002 Contact: [email protected] Topic: The SMTP component that comes with IIS can be used by anyone for relaying email. Overview: IIS comes with a small SMTP component. The...
smtp_bof.txt
Subject: SECURITY TenFour TFS SMTP 3.2 Buffer Overflow To: [email protected] INTRINsec Security Advisory Release Date : August 30, 1999 Software : TenFour TFS SMTP 3.2 Operating System: Windows NT 3.x / 4.x Impact : The attackers can use a misconfigured TFS SMTP for spamming and can...
ms.exchange.outlook.javascript.txt
Date: Fri, 5 Mar 1999 11:30:56 -0000 From: Mat Newman To: "'[email protected]'" Subject: Exchange server web access You may have heard about this but... If someone is accessing Exchange server via the web then you can embed javascript into the email to get it to delete the contents of...
ntmail3relay.txt
NTMail version 3 relay problem NTmail3 appears to have a small hole that allows anyone to use an NTmail3 server as a relay mail server. Basically here is how it works. NTmail3 is set to not allow relay either the TO or FROM address must be local JUCE a $500 antispamming add-on from the makers of...