345 matches found
RTS Sentry PTZCamPanelCtrl ActiveX控件远程栈溢出漏洞
BUGTRAQ ID: 27304 RTS Sentry是系列视频监控和记录设备。 RTS Sentry的ActiveX控件实现上存在缓冲区溢出漏洞,远程攻击者可能利用此漏洞控制用户系统。 RTS Sentry监控设备客户端所安装的PTZCamPanelCtrl ActiveX控件(CamPanel.dll)没有正确地处理对ConnectServer函数的输入参数,如果用户受骗访问了恶意站点并向该方式传送了超长user参数的话,就可能触发栈溢出,导致执行任意指令。 RTS Sentry CamPanel.dll 2.1.0.2 RTS Sentry ----------...
IBM Lotus Notes TagAttributeListCopy远程栈溢出漏洞
BUGTRAQ ID: 26200 CVECAN ID: CVE-2007-4222 Lotus Domino/Notes服务器是一款基于WEB协同工作的应用程序架构,运行在Linux/Unix和Microsoft Windows操作系统平台下。 Lotus Notes在处理邮件格式转换时存在漏洞,远程攻击者可能利用此漏洞控制用户系统。 Lotus...
VMWare multiple security vulnerabilities
Multiple vulnerabilities allow unprivileged user of host system to control guest systems...
Symantec Reporting Server远程权限提升漏洞
Symantec Reporting Server是Symantec System Center控制台中的一个可选组件,用于创建报表。 Symantec Reporting Server在执行数据导出的过程中存在漏洞,远程攻击者可能利用此漏洞非授权访问服务器。 由于没有正确地初始化变量,非授权用户可能在从Reporting Server导出数据过程中控制所创建的文件,然后执行该文件,导致以Web Server用户的权限访问服务器。 Symantec Reporting Server 1.0.197.0 卸载Reporting Server,限制对SCS控制台和Reporting...
UebiMiau 2.7.10 - '/demo/pop3/error.php?selected_theme' Cross-Site Scripting
source: https://www.securityfocus.com/bid/24210/info Uebimiau is prone to multiple input-validation vulnerabilities, including cross-site scripting issues and an information-disclosure issue, because the application fails to properly sanitize user-supplied input. Attackers can exploit these issue...
Microsoft Excel Malformed Palette Record DoS PoC (MS07-002)
Excel处理Opcode的方式存在漏洞,远程攻击者可能利用此漏洞控制用户机器。 攻击者可以通过诱骗用户打开包含Opcode的Excel文档来利用此漏洞,如果用户使用管理用户权限登录,成功利用此漏洞的攻击者便可完全控制受影响的系统。攻击者可随后安装程序;查看、更改或删除数据;或者创建拥有完全用户权限的新帐户。那些帐户被配置为拥有较少系统用户权限的用户比具有管理用户权限的用户受到的影响要小。 MS07-002 EXCEL Malformed Palette Record Vulnerability DOS POC Author LifeAsaGeek at gmail.com ... an...
AR Memberscript - usercp_menu.php Remote File Inclusion
AR Memberscript - usercpmenu.php Remote File Inclusion Author: ex0 armemberscript - remote file include vulnerability all versions There is no vendo patch, and doubt there will be. I havnt been able to get in touch with the vendor for 2 months armemberscript is a script used by many anime sites t...
DeluxeBB 1.07 Create admin Exploit
DeluxeBB 1.07 Create admin Exploit ---------------------------------------- + Summary : Name : DeluxeBB 1.07 Class : Remote Risk : High + Description: DeluxeBB 1.07 Have a high Security Bug in user control panel cp.php . this bug allows to users change access level with inject qurry in update...
Moving-2 0 0 5 upload vulnerability-vulnerability warning-the black bar safety net
I haven't writtenthe article, this text is mainly to explain two techniques: one is the dexterity of the injection; the second is not into the background subtly Upload a WebShell to. Hope all my friends can draw inferences, inappropriate please master exhibitions. A, injection vulnerabilities...
PT-2005-5084 · Lemoon · Lemoon
Name of the Vulnerable Software and Affected Versions: lemoon versions 2.0 and earlier Description: A cross-site scripting XSS issue allows remote attackers to inject arbitrary web script or HTML via unspecified search parameters, possibly the q parameter. The vendor has disputed this issue,...
Multiple Bugs in MyBB 1.0 PR2 Rev 686(Updated Nov 1, 2005)
Description: MyBB is a powerful, efficient and free forum package developed in PHP and MySQL. MyBB has been designed with the end users in mind, you and your subscribers. Full control over your discussion system is presented right at the tip of your fingers, from multiple styles and themes to the...
PunBB 1.2.3 - Multiple HTML Injection Vulnerabilities
source: https://www.securityfocus.com/bid/12828/info PunBB is reportedly affected by multiple HTML injection vulnerabilities. An attacker could also exploit this issue to control how the site is rendered to the user; other attacks are also possible such as the theft of cookie-based authentication...
[Full-disclosure] 3 XSS Vulnerabilities in Phorum <= 5.0.14
Author: Jon Oberheide [email protected] Date: Sat, March 12th, 2005 Summary ======= Application: Phorum Vendor Website: http://www.phorum.org Affected Versions: = 5.0.14 Type of Vulnerability: Cross Site Scripting XSS About Phorum ============ Phorum is a web based message board written in PHP...
phpbb -- Insuffient check against HTML code in usercp_register.php
Neo Security Team reports: If we specify a variable in the html code any type: hidden, text, radio, check, etc with the name allowhtml, allowbbcode or allowsmilies, is going to be on the html, bbcode and smilies in our signature. This is a low risk vulnerability that allows users to bypass...
GLSA-200405-11 : KDE URI Handler Vulnerabilities
The remote host is affected by the vulnerability described in GLSA-200405-11 KDE URI Handler Vulnerabilities The telnet, rlogin, ssh and mailto URI handlers in KDE do not check for '-' at the beginning of the hostname passed. By crafting a malicious URI and entice an user to click on it, it is...
KDE URI Handler Vulnerabilities
Background The K Desktop Environment KDE is a powerful Free Software graphical desktop environment. KDE makes use of URI handlers to trigger various programs when specific URLs are received. Description The telnet, rlogin, ssh and mailto URI handlers in KDE do not check for '-' at the beginning o...
Invision Power Board (IP.Board) 1.3 - SQL Injection
Invision Power Board IP.Board 1.3 - SQL Injection IP.Board SQL Injection Vendor: Invision Power Services Product: IP.Board Version: = 1.3 Website: http://www.invisionboard.com/ BID: 9810 Description: Invision Power Board IPB is a professional forum system that has been built from the ground up wi...
Max Web Portal < 1.30 - Multiple Vulnerabilities
Max Web Portal Multiple Vulnerabilities Vendor: Max Web Portal Product: Max Web Portal Version: alertdocument.cookie Remember this vuln as I will later explain how it can be used to aide an attacker to compromise user and admin accounts. Hidden Form Field weakness: The Max Web Portal system seems...
More Office XP problems
Moderator: check the legal notice before submitting this to some database. Georgi Guninski security advisory 53, 2002 More Office XP problems Systems affected: Office XP Risk: High Date: 31 March 2002 Legal Notice: This Advisory is Copyright c 2002 Georgi Guninski. You may distribute it unmodifie...
Microsoft Windows 2000 Service Control Manager creates predictably named pipes
Overview A vulnerability exists in the Microsoft Windows 2000 Service Control Manager which could allow local users to gain control of the system. Description A vulnerability exists in the Service Control Manager SCM function. This function creates named pipes for system services. More informatio...