549 matches found
CyberCMS Remote SQL Injection Vuln.
No description provided by source. Exploit Title: CyberCMS Remote SQL Injection Vuln. Date: 26/11/2009 Author: hc0de | hc0de.blogspot.comhttp://hc0de.blogspot.com Software Link: http://cyberfusion.ramx.org/cyber-cms Version: app version Tested on: Ubuntu Linux 9.04 CVE : PoC: +Target:...
Maian Gallery 2 - Local File Download Vulnerability
No description provided by source. !/usr/bin/python This vulnerability uses filegetcontents so we have some limitations, we cant execute PHP and we cant read files that the web server will interpret such as PHP, conf etc tested on: Ubuntu Linux 2.6.32 with php v5.3.2 registerglobals = Off PRIVATE...
Mozilla Firefox 3.0 - Malformed JPEG File Denial of Service Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/29984/info Mozilla Firefox is prone to a remote denial-of-service vulnerability. Successful exploits can allow attackers to crash the affected browser, resulting in denial-of-service conditions. This issue affects Firefox...
openSUSE Security Update : python-apache-libcloud (openSUSE-SU-2014:0198-1)
Updated to 0.13.3 bnc857209, CVE-2013-6480 + Security fix release, for destroying nodes on digitalOcean 'datascrub' method is always invoked - Require python-setuptools instead of distribute upstreams merged - Updated to 0.13.2 - General : - Don't sent Content-Length: 0 header with POST and PUT...
CVE-2012-6648
gdm/guest-session-cleanup.sh in gdm-guest-session 0.24 and earlier, as used in Ubuntu Linux 10.04 LTS, 10.10, and 11.04, allows local users to delete arbitrary files via a space in the name of a file in /tmp. NOTE: this identifier was SPLIT from CVE-2012-0943 per ADT1/ADT2 due to different...
CVE-2012-0943
debian/guest-account in Light Display Manager lightdm 1.0.x before 1.0.6 and 1.1.x before 1.1.7, as used in Ubuntu Linux 11.10, allows local users to delete arbitrary files via a space in the name of a file in /tmp. NOTE: this identifier was SPLIT per ADT1/ADT2 due to different codebases and...
Session fixation
debian/guest-account in Light Display Manager lightdm 1.0.x before 1.0.6 and 1.1.x before 1.1.7, as used in Ubuntu Linux 11.10, allows local users to delete arbitrary files via a space in the name of a file in /tmp. NOTE: this identifier was SPLIT per ADT1/ADT2 due to different codebases and...
CVE-2012-6648
gdm/guest-session-cleanup.sh in gdm-guest-session 0.24 and earlier, as used in Ubuntu Linux 10.04 LTS, 10.10, and 11.04, allows local users to delete arbitrary files via a space in the name of a file in /tmp. NOTE: this identifier was SPLIT from CVE-2012-0943 per ADT1/ADT2 due to different...
Design/Logic Flaw
gdm/guest-session-cleanup.sh in gdm-guest-session 0.24 and earlier, as used in Ubuntu Linux 10.04 LTS, 10.10, and 11.04, allows local users to delete arbitrary files via a space in the name of a file in /tmp. NOTE: this identifier was SPLIT from CVE-2012-0943 per ADT1/ADT2 due to different...
CVE-2012-6648
Summary: CVE-2012-6648 affects gdm-guest-session up to version 0.24 (used in Ubuntu 10.04 LTS, 10.10, 11.04). A local user can delete arbitrary files in /tmp by crafting a filename containing a space. The issue is tied to gdm/guest-session-cleanup.sh behavior in the guest-session setup, as split ...
CVE-2012-0943
CVE-2012-0943 concerns debian/guest-account in LightDM (lightdm) 1.0.x before 1.0.6 and 1.1.x before 1.1.7, as used in Ubuntu 11.10. Affected component: guest-account cleanup in LightDM; root cause described as a vulnerability allowing local users to delete arbitrary files via a space in the name...
CVE-2012-0943
debian/guest-account in Light Display Manager lightdm 1.0.x before 1.0.6 and 1.1.x before 1.1.7, as used in Ubuntu Linux 11.10, allows local users to delete arbitrary files via a space in the name of a file in /tmp. NOTE: this identifier was SPLIT per ADT1/ADT2 due to different codebases and...
CVE-2012-0943
debian/guest-account in Light Display Manager lightdm 1.0.x before 1.0.6 and 1.1.x before 1.1.7, as used in Ubuntu Linux 11.10, allows local users to delete arbitrary files via a space in the name of a file in /tmp. NOTE: this identifier was SPLIT per ADT1/ADT2 due to different codebases and...
CVE-2011-4613
The X.Org X wrapper xserver-wrapper.c in Debian GNU/Linux and Ubuntu Linux does not properly verify the TTY of a user who is starting X, which allows local users to bypass intended access restrictions by associating stdin with a file that is misinterpreted as the console TTY...
DoS vulnerability in Adobe Flash Player (BSOD)
Hello 3APA3A! At beginning of this year I informed you about DoS vulnerability in Adobe Flash. Look at advisory http://seclists.org/fulldisclosure/2013/Apr/9 with exploit and video demonstration http://www.youtube.com/watch?v=xi29KZ3LD80 of previous DoS in Flash. Adobe hiddenly fixed it in the...
vBulletin 5 - 'index.php/ajax/api/reputation/vote?nodeid' SQL Injection (Metasploit)
This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'vBulletin index.php/ajax/api/reputation/vote nodeid Parameter SQL Injection', 'Description' = %q This module exploits a SQL injection...
vBulletin index.php/ajax/api/reputation/vote nodeid Parameter SQL Injection
Exploit for php platform in category remote exploits require 'msf/core' class Metasploit3 'vBulletin index.php/ajax/api/reputation/vote nodeid Parameter SQL Injection', 'Description' = %q This module exploits a SQL injection vulnerability found in vBulletin 5 that has been used in the wild since...
UBUNTU-CVE-2013-4788
The PTRMANGLE implementation in the GNU C Library aka glibc or libc6 2.4, 2.17, and earlier, and Embedded GLIBC EGLIBC does not initialize the random value for the pointer guard, which makes it easier for context-dependent attackers to control execution flow by leveraging a buffer-overflow...
UBUNTU-CVE-2013-2899
drivers/hid/hid-picolcdcore.c in the Human Interface Device HID subsystem in the Linux kernel through 3.11, when CONFIGHIDPICOLCD is enabled, allows physically proximate attackers to cause a denial of service NULL pointer dereference and OOPS via a crafted device...
CVE-2013-2162
Race condition in the post-installation script mysql-server-5.5.postinst for MySQL Server 5.5 for Debian GNU/Linux and Ubuntu Linux creates a configuration file with world-readable permissions before restricting the permissions, which allows local users to read the file and obtain sensitive...