254 matches found
My Book World Edition NAS multiple vulnerability
Exploit for unknown platform in category web applications ================================================ My Book World Edition NAS multiple vulnerability ================================================ Exploit Title: My Book World Edition NAS multiple vulnerability Date: 20091230 Author:...
My Book World Edition NAS multiple vulnerability
No description provided by source. Exploit Title: My Book World Edition NAS multiple vulnerability Date: 20091230 Author: Emanuele 'emgent' Gentili Code: http://www.backtrack.it/emgent/exploits/20091230-NAS.txt Version: 01.01.16 with MioNet 2.3.9.13 firmware. CVE : N/A Vendor:...
A guide to the IIS WebDAV vulnerability
Even for the most experienced security professionals, understanding complex attacks and vulnerabilities sometimes can be a serious challenge. A perfect example is the recent Microsoft IIS WebDAV vulnerability, which surfaced last week and has yet to be patched by Microsoft. It’s a complicated...
peterConnects Web Server Traversal Arbitrary File Access Vulnerability
Exploit for windows platform in category remote exploits ====================================================================== peterConnects Web Server Traversal Arbitrary File Access Vulnerability ====================================================================== - PeterConnects Web Server...
PeterConnects Web Server Traversal
PeterConnects Web Server Traversal Arbitrary File Access - Description PeterConnects products use a web server that is vulnerable to classic directory traversal hello 1987 that allows for arbitrary file access. - Product PeterConnects, Unknown Product, Unknown Version blind external tests not so...
PHP mbstring.func_overload web server denial of service
PHP 4.4.4, 5.1.6, and other versions, when running on Apache, allows local users to modify behavior of other sites hosted on the same web server by modifying the mbstring.funcoverload setting within .htaccess, which causes this setting to be applied to other virtual hosts on the same server...
PT-2009-22: EXcms Root directory disclosure vulnerability
EXcms is a content management system CMS software, usually implemented as a Web application, for creating and managing HTML content. It is used to manage and control a large, dynamic collection of Web material HTML documents and their associated images. Vulnerability Description Positive...
F5 FirePass Content Inspection Management XSS
F5 FirePass Content Inspection Management XSS Product: F5 FirePass http://www.f5.com/products/firepass/ The F5 FirePass SSL VPN appliance provides rudimentary web request sanitization for resources exposed through the appliance via Portal Access. This Content Inspection feature can be configured...
Modify the PHP core Backdoor implementation-vulnerability warning-the black bar safety net
Developing A PHP Core Backdoor Author: wofeiwo/I non-I wofeiwoatgmaildotcom Directory 1Foreword 2The advantages and disadvantages of 3design 4functions to achieve 5reference to documents 6some description 1Foreword PHP is a very popular web server side script language. At present, many web...
Hacking tricks of talking about network intrusion to improve the method-vulnerability warning-the black bar safety net
Now you want to invade a site directly with the data server, open some ports, with those overflowing way to engage in the web server Station, presumably unlikely, if now also can use 1 4 3 3 can easily handle a server, then you will be able to buy lottery tickets went to the Oh. Now the...
Easy Address Book Web Server 1.2 - Remote Format String
source: https://www.securityfocus.com/bid/19842/info Easy Address Book Web Server is prone to a remote format-string vulnerability because the application fails to properly sanitize user-supplied data before including it in the format-specifier argument to a formatted-printing function. This issu...
CVE-2005-3163
Unspecified vulnerability in Polipo 0.9.8 and earlier allows attackers to read files outside of the web root...
CVE-2002-2114
Artekopia Netjuke before 1.0 b7 is affected by a remote-code-execution vulnerability. The issue arises when the section parameter is passed to an eval call, enabling an attacker to run arbitrary code on the web server. The connected documents confirm the affected product/version and the root caus...
K-COLLECT CSV_DB.CGI 1.0/i_DB.CGI 1.0 - Remote Command Execution
// source: https://www.securityfocus.com/bid/14059/info CSVDB.CGI/iDB.CGI are affected by a remote command execution vulnerability. Specifically, an attacker can supply arbitrary commands prefixed with the '|' character through the 'csvdb.cgi' script that will be executed in the context of the We...
fusionBB.txt
GulfTech Security Research June 6th, 2005 Vendor : InteractivePHP, Inc URL : http://www.fusionbb.com/ Version : Version .11 Beta And Earlier Risk : Multiple Vulnerabilities Description: FusionBB is a popular online message board written in php and developed by InteractivePHP, INC. There are sever...
CVE-2004-1784
CVE-2004-1784 concerns Webcam Watchdog 3.63. The web server component is vulnerable to a buffer overflow triggered by a long HTTP GET request, enabling remote code execution. The advisory notes a high severity (CVSSv2 7.5) with network access, no authentication required, and partial impacts on co...
punBB < 1.2.2 Multiple SQL Injection and Authentication Bypass Vulnerabilities
Binary data 2651.prm...
phpWebSite Image Announcement Upload Arbitrary Command Execution
The remote host is running a version of phpWebSite in which the Announcements module allows a remote attacker to both upload PHP scripts disguised as image files and later run them using the permissions of the web server user. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...
CVE-2005-0433
Technical details about CVE-2005-0433 are not publicly provided in the supplied documents. Available sources describe a path disclosure in Php-Nuke 7.5. Monitor for updates on affected versions, impact, and fixes.
RaidenHTTPD 1.1.27 - Remote File Disclosure
RaidenHTTPD 1.1.27 - Remote File Disclosure source: https://www.securityfocus.com/bid/12451/info RaidenHTTPD is reported prone to a remote file disclosure vulnerability. It is reported that the service does not correctly handle requests for restricted files that reside outside of the web document...