111 matches found
wp212-sqlinj.txt
!/usr/bin/perl -w Wordpress 2.1.2 SQL Injection POC Credits: [email protected] Thanks to ferruh [email protected] improving my exploitation skills website:www.notsosecure.com Wordpress version 2.1.2 is vulnerable to sql injection. This POC works when exploting with the credentials of a val...
Wordpress 2.1.2 (xmlrpc) Remote SQL Injection Exploit
No description provided by source. !/usr/bin/perl -w Wordpress 2.1.2 SQL Injection POC Credits: [email protected] Thanks to ferruh [email protected] improving my exploitation skills website:www.notsosecure.com Wordpress version 2.1.2 is vulnerable to sql injection. This POC works when...
[ISR] - Novell iChain Mini FTP Server Valid User Disclosure Vulnerability
|| || ISR || Infobyte Security Research || www.infobyte.com.ar || 03.15.2005 || .:: SUMMARY Novell iChain Mini FTP Server Valid User Disclosure Vulnerability Version: IChain Version v2.3, It is suspected that all previous versions of IChan are vulnerable. .:: BACKGROUND The Novell iChain product...
[Full-Disclosure] sacred (pcgame) server flaw
Program: Sacred pc game http://sacred-game.com type: simple DoS, no client-auth affected version: 1.0.6.2 note: -fixed in later versions 1.0.7.0 dated:31.08.2004 -this security-lag exits for nearly half a year. although ascaron was informed at the date of release 02.03.2004, nothing happens long...
ProFTPd 1.2.10 - Remote Users Enumeration
ProFTPd 1.2.10 - Remote Users Enumeration / Details Vulnerable Systems: ProFTPD Version 1.2.10 and below It is possible to determine which user names are valid, which are special, and which ones do not exist on the remote system. This can be accomplished by code execution path timing analysis...
ProFTPd 1.2.10 - Remote Users Enumeration
/ Details Vulnerable Systems: ProFTPD Version 1.2.10 and below It is possible to determine which user names are valid, which are special, and which ones do not exist on the remote system. This can be accomplished by code execution path timing analysis attack at the ProFTPd login procedure. There ...
OpenSSH 2.x/3.x - Kerberos 4 TGT/AFS Token Buffer Overflow
source: https://www.securityfocus.com/bid/4560/info A buffer overflow condition exists in the OpenSSH server. The condition is exploitable by attackers with valid user credentials in versions 2.9.9 and higher. Exploitation does not require valid user credentials in versions prior to 2.9.9. The...
OpenSSH 2.x3.x - Kerberos 4 TGTAFS Token Buffer Overflow
OpenSSH 2.x3.x - Kerberos 4 TGTAFS Token Buffer Overflow source: https://www.securityfocus.com/bid/4560/info A buffer overflow condition exists in the OpenSSH server. The condition is exploitable by attackers with valid user credentials in versions 2.9.9 and higher. Exploitation does not require...
CVE-2001-1280
POP3 Server for Ipswitch IMail 7.04 and earlier generates different responses to valid and invalid user names, which allows remote attackers to determine users on the system...
Solaris 2.67.0 - IN.FTPD CWD Username Enumeration
Solaris 2.67.0 - IN.FTPD CWD Username Enumeration source: https://www.securityfocus.com/bid/2564/info Solaris is the variant of the UNIX Operating System distributed by Sun Microsystems. Solaris is a versatile operating system designed for use with machines as small as desktop systems and as larg...
PT-1997-1165 · Rusers · Rusers
Name of the Vulnerable Software and Affected Versions: rusers affected versions not specified Description: The issue exposes valid user information to any entity on the network due to a version of rusers being run. Recommendations: At the moment, there is no information about a newer version that...