BOA Web Server 0.94.8.2 - Arbitrary File Access Vulnerability

Exploit for linux platform in category web applications Title: Vulnerability in BOA web server v0.94.8.2 Date: 03/10/2000 Status: Vendor contacted, patch available Scope: Arbitrary file access Author: llmora Release: Public S 2 1 S E C http://www.s21sec.com Vulnerability in BOA web server v0.94.8...

ALi CTF 2 0 1 5 write up-vulnerability warning-the black bar safety net

0x00 Cake Cake is a title of Android Title, The specific process is an input a string and then initialize a length of 1 by 6 Array, then the string with this array of xor. So we just need to xor it ok. Just look at the code in reverse, the key is there are two Key looking for ok direct codes a= 0...

Mail.ru: /surveys/2auth: DOM-based XSS

document.write''; в него попадаем, когда кука swalang=en для меня Firefox URL-encode-ит location, увы на IE должно прокатить при кейсе BlackFan-а когда другой сайт выдает location GET /surveys/2auth?a='"%20content="40"/%20alert123;!-- HTTP/1.1 Host: help.mail.ru User-Agent: Mozilla/5.0 Macintosh;...

Login bypass when using the external FTP user backend - ownCloud

ownCloud provides multiple user backends that can be used to authenticate users. One of those backend providers is "userexternal", which authenticates users against FTP, IMAP or SMB servers. This is mainly useful when it is not possible to authenticate against an LDAP server. The FTP backend...

UBUNTU-CVE-2014-7819

Multiple directory traversal vulnerabilities in server.rb in Sprockets before 2.0.5, 2.1.x before 2.1.4, 2.2.x before 2.2.3, 2.3.x before 2.3.3, 2.4.x before 2.4.6, 2.5.x before 2.5.1, 2.6.x and 2.7.x before 2.7.1, 2.8.x before 2.8.3, 2.9.x before 2.9.4, 2.10.x before 2.10.2, 2.11.x before 2.11.3...

CVE-2014-7819

Multiple directory traversal vulnerabilities in server.rb in Sprockets before 2.0.5, 2.1.x before 2.1.4, 2.2.x before 2.2.3, 2.3.x before 2.3.3, 2.4.x before 2.4.6, 2.5.x before 2.5.1, 2.6.x and 2.7.x before 2.7.1, 2.8.x before 2.8.3, 2.9.x before 2.9.4, 2.10.x before 2.10.2, 2.11.x before 2.11.3...

JavaScript Percent-Encoding Obfuscation

Although various security products provide coverage against many web vulnerabilities, such as ActiveX exploits, these known exploits could potentially bypass security products by using JavaScript obfuscation techniques.An example of such a technique is percent-encoding, also known as URL encoding...

[SECURITY] [DSA 3017-1] php-cas security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3017-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst September 2, 2014 http://www.debian.org/security/faq -...

PHP/Sqlite under the Common Vulnerability analysis-vulnerability warning-the black bar safety net

0x00 before the bit SQLite as a lightweight database,PHP developers, one set not Mo where students,PHP5,which has the default integrated this lightweight embedded database products. For use with a PHP/Sqlite CMS,also there is one of these common security threats. The author of the following numbe...

Content injection caused by failing to encode the url

The exampleURLPrefix variable given to the single-xml-header.vm|https://stash.atlassian.com/projects/JIRA/repos/jira/browse/jira-components/jira-core/src/main/resources/templates/plugins/issueviews/single-xml-header.vm11 or...

Content injection caused by failing to encode the url

The exampleURLPrefix variable given to the single-xml-header.vm|https://stash.atlassian.com/projects/JIRA/repos/jira/browse/jira-components/jira-core/src/main/resources/templates/plugins/issueviews/single-xml-header.vm11 or...

Content injection caused by failing to encode the url

The exampleURLPrefix variable given to the single-xml-header.vm|https://stash.atlassian.com/projects/JIRA/repos/jira/browse/jira-components/jira-core/src/main/resources/templates/plugins/issueviews/single-xml-header.vm11 or...

CVE-2014-1345

WebKit in Apple iOS before 7.1.2 and Apple Safari before 6.1.5 and 7.x before 7.0.5 does not properly encode domain names in URLs, which allows remote attackers to spoof the address bar via a crafted web site...

X-Cart Gold 4.5 (products_map.php symb parameter) XSS Vulnerability

No description provided by source. Exploit Title: X-Cart Gold 4.5 productsmap.php symb parameter XSS Vulnerability Date: Jul 21 2012 Author: muts Version: X-Cart Gold 4.5 Vendor URL: http://www.x-cart.com/ X-Cart Gold implements a degree of XSS filtering but it is incomplete. The symb parameter o...

CSSearch 2.3 - Remote Command Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/4368/info csSearch is a website search script, written in Perl. It will run on most Unix and Linux variants, as well as Microsoft operating systems. csSearch is prone to an issue which may enable an attacker to execute Pe...

CGIScript.net csNews 1.0 Double URL Encoding Unauthorized Administrative Access

No description provided by source. source: http://www.securityfocus.com/bid/4993/info csNews is a script for managing news items on a website. It will run on most Unix and Linux variants, as well as Microsoft Windows operating systems. Users with public access to the system may be able to view an...

My Gaming Ladder Combo System <= 7.0 - Remote Code Execution Exploit

No description provided by source. !/usr/bin/perl Method found & Exploit scripted by nukedx Contacts ICQ: 10072 MSN/Main: [email protected] web: www.nukedx.com Original advisory: http://www.nukedx.com/?viewdoc=28 Usage: ladder.pl host path cmd Dork: Ladder Scripts by http://www.mygamingladder.com...

Edimax AR-7084GA Router CSRF + Persistent XSS Exploit

No description provided by source. ?php / Edimax AR-7084GA Router CSRF + Persistent XSS Exploit Firmware version: 2.9.8.1RUE0.C2A3.7.6.1 Vulnerable page: http://xx.xx.xx.xx/advanced/advnatvirsvr.htm Author: l3D Sites: http://xraysecurity.blogspot.com, http://nullbyte.org.il IRC: irc://irc.nix.co....

K-COLLECT CSV_DB.CGI 1.0/i_DB.CGI 1.0 - Remote Command Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/14059/info CSVDB.CGI/iDB.CGI are affected by a remote command execution vulnerability. Specifically, an attacker can supply arbitrary commands prefixed with the '|' character through the 'csvdb.cgi' script that will be...

MyBB AJAX Chat - Persistent XSS Vulnerability

No description provided by source. Title: MyBB AJAX Chat Persistent XSS Vulnerability Date: 12/12/2012 Exploit Author: Mr. P-teo Vendor Homepage: http://www.mybb.com/ Software Link: http://mods.mybb.com/view/ajax-chat Version: 1 Tested on: Windows The Persistent XSS vulnerability lies within the...