Microsoft ISAPI W3Who Library Buffer Overflow (CVE-2004-1134)

The W3Who dynamically linked library DLL, when used in the context of an IIS HTTP server, provides various information about the current HTTP client, as well as the current running environment. It is included with the Internet Services Application Programming Interface ISAPI and is meant to be us...

mysql-variables NSE Script

Attempts to show all variables on a MySQL server. Script Arguments mysqluser The username to use for authentication. If unset it attempts to use credentials found by mysql-brute or mysql-empty-password. mysqlpass The password to use for authentication. If unset it attempts to use credentials foun...

Thelia 1.4.2.1 Cross Site Scripting

Exploit Title: Thelia Date: 17/01/2010 Author: EsSandRe Software Link: http://www.thelia.fr/fichiers/thelia1.4.2.1.zip Version: 1.4.2.1 Tested on: / Vulnérabilité XSS au niveau de la variable 'motcle' de type POST http://localhost/recherche.php Une deuxième au niveau de la variable "ref" dans le...

Public Media Manager Bypass / SQL Injection

Public Media Manager SQLi vulns By learn3r hacker from Nepal [email protected] Product name: Public Media Manager This product, an online NEWS CMS, suffers from SQL injection in login so that we can bypass the login system. Also, it suffers from SQLi in the GET variables which can be...

Public Media Manager SQLi vulns

Exploit for unknown platform in category web applications =============================== Public Media Manager SQLi vulns ================================ Product name: Public Media Manager This product, an online NEWS CMS, suffers from SQL injection in login so that we can bypass the login syste...

Code injection

The Webform module 5.x before 5.x-2.8 and 6.x before 6.x-2.8, a module for Drupal, does not prevent caching of a page that contains token placeholders for a default value, which allows remote attackers to read session variables via unspecified vectors...

CVE-2009-4533

The Webform module 5.x before 5.x-2.8 and 6.x before 6.x-2.8, a module for Drupal, does not prevent caching of a page that contains token placeholders for a default value, which allows remote attackers to read session variables via unspecified vectors...

CVE-2009-4533

The Webform module 5.x before 5.x-2.8 and 6.x before 6.x-2.8, a module for Drupal, does not prevent caching of a page that contains token placeholders for a default value, which allows remote attackers to read session variables via unspecified vectors...

CVE-2009-4533

CVE-2009-4533 affects the Drupal Webform module (5.x before 5.x-2.8 and 6.x before 6.x-2.8). The underlying issue is that pages containing token placeholders for a default value are not prevented from being cached, which can allow remote attackers to read session variables via unspecified vectors...

ntp-info NSE Script

Gets the time and configuration variables from an NTP server. We send two requests: a time request and a "read variables" opcode 2 control message. Without verbosity, the script shows the time and the value of the version, processor, system, refid, and stratum variables. With verbosity, all...

OpenJDK information leaks in mutable variables (6588003,6656586,6656610,6656625,6657133,6657619,6657625,6657695,6660049,6660539,6813167)

Sun Java SE 5.0 before Update 20 and 6 before Update 15, and OpenJDK, might allow context-dependent attackers to obtain sensitive information via vectors involving static variables that are declared without the final keyword, related to 1 LayoutQueue, 2 Cursor.predefined, 3...

OpenJDK information leaks in mutable variables (6657026,6657138)

Multiple unspecified vulnerabilities in the Windows Pluggable Look and Feel PL&F feature in the Swing implementation in Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, have unknown impact and remote attack vectors, related to "information leaks in mutable variables," aka Bug...

FreeBSD Security Advisory (FreeBSD-SA-09:16.rtld.asc)

The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-09:16.rtld.asc SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

FreeBSD privilege escalation

It's possible to bypass environment variables filtering on suid program execution...

CVE-2009-4147

The rtld function in the Run-Time Link-Editor rtld in libexec/rtld-elf/rtld.c in FreeBSD 7.1 and 8.0 does not clear the 1 LDLIBMAP, 2 LDLIBRARYPATH, 3 LDLIBMAPDISABLE, 4 LDDEBUG, and 5 LDELFHINTSPATH environment variables, which allows local users to gain privileges by executing a setuid or setgu...

CVE-2009-4147

CVE-2009-4147 affects FreeBSD rtld (libexec/rtld-elf/rtld.c) on FreeBSD 7.1, 7.2 and 8.0. The rtld function fails to clear LD * environment variables, allowing a local user to exploit a modified search path to load a Trojan library and escalate privileges (e.g., through setuid/setgid programs). R...

EUVD-2009-4117

The rtld function in the Run-Time Link-Editor rtld in libexec/rtld-elf/rtld.c in FreeBSD 7.1 and 8.0 does not clear the 1 LDLIBMAP, 2 LDLIBRARYPATH, 3 LDLIBMAPDISABLE, 4 LDDEBUG, and 5 LDELFHINTSPATH environment variables, which allows local users to gain privileges by executing a setuid or setgu...

PHP 5.3.x < 5.3.1 Multiple Vulnerabilities

Binary data 801090.prm...

OpenJDK information leaks in mutable variables (6657026,6657138)

Multiple unspecified vulnerabilities in the Swing implementation in Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, have unknown impact and remote attack vectors, related to "information leaks in mutable variables," aka Bug Id 6657026...

OpenJDK information leaks in mutable variables (6657026,6657138)

Multiple unspecified vulnerabilities in the Windows Pluggable Look and Feel PL&F feature in the Swing implementation in Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, have unknown impact and remote attack vectors, related to "information leaks in mutable variables," aka Bug...