993 matches found
Deep-throat enterprise website management system ASP version get shell-vulnerability warning-the black bar safety net
| ! View the version http://www.0day.com/SHLCMS 说明 文档 .htm In the system configurationaboveof the company Chinese name of the Insert"%%eval request"a"%%s=" after connection/Config/config. asp,password a OK ---...
Microsoft Security Bulletin MS10-053 - Critical Cumulative Security Update for Internet Explorer (2183461)
Microsoft Security Bulletin MS10-053 - Critical Cumulative Security Update for Internet Explorer 2183461 Published: August 10, 2010 Version: 1.0 General Information Executive Summary This security update resolves six privately reported vulnerabilities in Internet Explorer. The most severe...
Ubiquity Nanostation5 (Air OS) - Remote Command Execution
Exploit Title: Ubiquity Nanostation5 Air OS 0day Remote Command Execution Date: 01 07 2010 Author: Emanuele 'emgent' Gentili Software Link: N/A Version: AirOS all firmwares CVE : N/A + Vulnerability Descrition With not privileged account, like read-only, an attacker is able to execute commands in...
Mac OS X 10.5.4 Update / Mac OS X Security Update 2008-004
The remote host is missing Mac OS X 10.5.4 Update / Mac OS X Security Update 2008-004. One or more of the following components are affected: Alias Manager CoreTypes c++filt Dock Launch Services Net-SNMP Ruby SMB File Server System Configuration Tomcat VPN WebKit OpenVAS Vulnerability Test Mac OS ...
Mac OS X 10.5.5 Update / Security Update 2008-006
The remote host is missing Mac OS X 10.5.5 Update / Security Update 2008-006. One or more of the following components are affected: ATS BIND ClamAV Directory Services Finder ImageIO Kernel libresolv Login Window mDNSResponder OpenSSH QuickDraw Manager Ruby SearchKit System Configuration System...
Southern data, a good precision system, Web soft world exploits-vulnerability warning-the black bar safety net
1, through the upfileother. asp vulnerability file taken directly SHELL Directly open userreg. asp for registered members, log in not logged state, use local Upload File Upload code is as follows: HTMLHEAD META http-equiv=Content-Type content="text/html; charset=gb2312" STYLE type=text/cssBODY...
CVE-2009-2820
The web interface in CUPS before 1.4.2, as used on Apple Mac OS X before 10.6.2 and other platforms, does not properly handle 1 HTTP headers and 2 HTML templates, which allows remote attackers to conduct cross-site scripting XSS attacks and HTTP response splitting attacks via vectors related to a...
CVE-2009-2820
The web interface in CUPS before 1.4.2, as used on Apple Mac OS X before 10.6.2 and other platforms, does not properly handle 1 HTTP headers and 2 HTML templates, which allows remote attackers to conduct cross-site scripting XSS attacks and HTTP response splitting attacks via vectors related to a...
Code injection
Unspecified vulnerability in the Cluster Management component in IBM PowerHA 5.4, 5.4.1, 5.5, and 6.1 on AIX allows remote attackers to modify the operating-system configuration via packets to the godm port 6177/tcp...
CVE-2009-3900
Unspecified vulnerability in the Cluster Management component in IBM PowerHA 5.4, 5.4.1, 5.5, and 6.1 on AIX allows remote attackers to modify the operating-system configuration via packets to the godm port 6177/tcp...
CVE-2009-3900
Unspecified vulnerability in the Cluster Management component in IBM PowerHA 5.4, 5.4.1, 5.5, and 6.1 on AIX allows remote attackers to modify the operating-system configuration via packets to the godm port 6177/tcp...
OCS Inventory NG 1.2.1 (systemid) SQL Injection Vulnerability
Exploit for unknown platform in category web applications ============================================================= OCS Inventory NG 1.2.1 systemid SQL Injection Vulnerability ============================================================= OCS Inventory NG Server 1.2.1 Details: The Open Compute...
OCS Inventory NG 1.2.1 - 'systemid' SQL Injection
OCS Inventory NG Server 1.2.1 Details: The Open Computer and Software OCS Inventory Next Generation NG provides relevant inventory information about system configurations and software on the network. Download : http://www.ocsinventory-ng.org/index.php?page=1-02-1 Found by : Guilherme Marinheiro...
LightNEasy sqlno-db 2.2.x - System Configuration Disclosure
LightNEasy sqlno-db 2.2.x - System Configuration Disclosure !/usr/bin/perl LightNEasy sql/no-db new PeerAddr = $host, PeerPort = 80, Proto = 'tcp', || die $!;...
OCS Inventory NG 1.02 Multiple SQL Injection Vulnerabilities
No description provided by source. OCS Inventory NG - Multiple SQL Injections May 30 2009 Product Open Computer and Software OCS Inventory NG http://www.ocsinventory-ng.org/ Vulnerable Versions OCS Inventory NG 1.02 Unix Vendor Status Vendor has been notified and the vulnerability has been fixed...
DedeCMSV53 arbitrary variable overwrite vulnerability-vulnerability warning-the black bar safety net
DedeCMSV53 arbitrary variable overwrite vulnerability See today mrxhming students a articles http://hi.baidu.com/mrxhming/blog/item/8176f00bf540f11795ca6b3f.html find this old BUG hasn't been patched to look like, from the inside of the forum go a pp out of it, everyone is welcome to shoot the...
Sun Java System Identity Manager多个安全漏洞
BUGTRAQ ID: 34191 Sun Java System Identity Manager是一个完整的端到端的保护敏感数据和管理标识配置文件与许可的解决方案。 Sun Java System Identity Manager(IdM)受多个安全漏洞影响,具体如下: 由于没有使用SSL加密某些连接,远程非特权用户可以非授权访问客户端与IdM服务器之间所传输的数据(17763)。 本地或远程非特权用户可以判断是否存在有效的IdM帐号名(18052,18104)。 在IdM服务器上拥有帐号的用户可以更改其他IdM帐号的口令(18578)。...
CVE-2008-6478
Cross-site request forgery CSRF vulnerability in the file manager in the VZPP web interface for Parallels Virtuozzo 365.6.swsoft build 4.0.0-365.6.swsoft and 25.4.swsoft build 3.0.0-25.4.swsoft allows remote attackers to create and delete arbitrary files as the administrator via a link or IMG tag...
Fedora Update for util-linux FEDORA-2007-2462
Check for the Version of util-linux OpenVAS Vulnerability Test Fedora Update for util-linux FEDORA-2007-2462 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...
Authentication flaw
servermgrd Server Manager in Apple Mac OS X 10.5.6 does not properly validate authentication credentials, which allows remote attackers to modify the system configuration...