TeamSpeak 2.0 (Windows Release) - Remote Denial of Service

!/usr/bin/perl TeamSpeak 2.0 Windows Release Remote D0S Exploit by Yag Kohha skyhole at gmail.com Vendor URL: http://www.goteamspeak.com/ TeamSpeak WebServer has no tcp session expire and no checks for incoming values length. TODO: Edit $target value Run script CPU 100%, Memory up for 1.2 Gb per...

Insanely Simple Blog 0.4/0.5 - Cross-Site Scripting

source: https://www.securityfocus.com/bid/24934/info Insanely Simple Blog is prone to multiple input-validation vulnerabilities, including cross-site scripting, HTML-injection, and SQL-injection issues, because the application fails to properly sanitize user-supplied input. Exploiting these issue...

Dating Gold 3.0.5 - footer.php?int_path Remote File Inclusion

Dating Gold 3.0.5 - footer.php?intpath Remote File Inclusion source: https://www.securityfocus.com/bid/24910/info AzDG Dating Gold is prone to multiple remote file-include vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues...

Dating Gold 3.0.5 - secure.admin.php?int_path Remote File Inclusion

Dating Gold 3.0.5 - secure.admin.php?intpath Remote File Inclusion source: https://www.securityfocus.com/bid/24910/info AzDG Dating Gold is prone to multiple remote file-include vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these...

Dating Gold 3.0.5 - header.php?int_path Remote File Inclusion

Dating Gold 3.0.5 - header.php?intpath Remote File Inclusion source: https://www.securityfocus.com/bid/24910/info AzDG Dating Gold is prone to multiple remote file-include vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues...

Dating Gold 3.0.5 - 'secure.admin.php?int_path' Remote File Inclusion

source: https://www.securityfocus.com/bid/24910/info AzDG Dating Gold is prone to multiple remote file-include vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute an arbitrary remote file containing malicious...

Dating Gold 3.0.5 - 'footer.php?int_path' Remote File Inclusion

source: https://www.securityfocus.com/bid/24910/info AzDG Dating Gold is prone to multiple remote file-include vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute an arbitrary remote file containing malicious...

Dating Gold 3.0.5 - 'header.php?int_path' Remote File Inclusion

source: https://www.securityfocus.com/bid/24910/info AzDG Dating Gold is prone to multiple remote file-include vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute an arbitrary remote file containing malicious...

IBM Proventia Sensor Appliance - Multiple Input Validation Vulnerabilities

IBM Proventia Sensor Appliance - Multiple Input Validation Vulnerabilities source: https://www.securityfocus.com/bid/24864/info The IBM Proventia Sensor Appliance is prone to multiple input-validation vulnerabilities, including multiple remote file-include issues and a cross-site scripting issue...

IBM Proventia Sensor Appliance - Multiple Input Validation Vulnerabilities

source: https://www.securityfocus.com/bid/24864/info The IBM Proventia Sensor Appliance is prone to multiple input-validation vulnerabilities, including multiple remote file-include issues and a cross-site scripting issue. An attacker can exploit these issues to steal cookie-based authentication...

SquirrelMail G/PGP Encryption Plugin 2.0/2.1 - Multiple Remote Command Execution Vulnerabilities

source: https://www.securityfocus.com/bid/24828/info Vulnerabilities in the SquirrelMail G/PGP encryption plugin may allow malicious webmail users to execute system commands remotely. These issues occur because the application fails to sufficiently sanitize user-supplied data. Commands would run ...

[Full-disclosure] Fujitsu-Siemens ServerView Remote Command Execution

Advisory: Fujitsu-Siemens ServerView Remote Command Execution RedTeam Pentesting discovered a remote command execution in the Fujitsu- Siemens ServerView during a penetration test. The DBAsciiAccess CGI script is vulnerable to a remote command execution because of a parameter which is not properl...

Plume CMS 1.0.4 - index.php?_PX_config[manager_path] Remote File Inclusion

Plume CMS 1.0.4 - index.php?PXconfigmanagerpath Remote File Inclusion source: https://www.securityfocus.com/bid/18780/info Plume CMS is prone to multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input. A successful exploit of these issues allows the...

Fujitsu ServerView 4.50.8 - DBASCIIAccess Remote Command Execution

Fujitsu ServerView 4.50.8 - DBASCIIAccess Remote Command Execution source: https://www.securityfocus.com/bid/24762/info Fujitsu ServerView is prone to a remote command-execution vulnerability because it fails to adequately sanitize user-supplied data. Attackers can exploit this issue to execute...

Plume CMS 1.0.4 - rss.php?_PX_config[manager_path] Remote File Inclusion

Plume CMS 1.0.4 - rss.php?PXconfigmanagerpath Remote File Inclusion source: https://www.securityfocus.com/bid/18780/info Plume CMS is prone to multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input. A successful exploit of these issues allows the...

Fujitsu ServerView 4.50.8 - DBASCIIAccess Remote Command Execution

source: https://www.securityfocus.com/bid/24762/info Fujitsu ServerView is prone to a remote command-execution vulnerability because it fails to adequately sanitize user-supplied data. Attackers can exploit this issue to execute arbitrary commands with the privileges of the affected application...

Plume CMS 1.0.4 - 'rss.php?_PX_config[manager_path]' Remote File Inclusion

source: https://www.securityfocus.com/bid/18780/info Plume CMS is prone to multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input. A successful exploit of these issues allows the attacker to execute arbitrary server-side script code on an affected...

Plume CMS 1.0.4 - 'index.php?_PX_config[manager_path]' Remote File Inclusion

source: https://www.securityfocus.com/bid/18780/info Plume CMS is prone to multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input. A successful exploit of these issues allows the attacker to execute arbitrary server-side script code on an affected...

LiteWEB Web Server 2.7 - Invalid Page Remote Denial of Service

LiteWEB Web Server 2.7 - Invalid Page Remote Denial of Service source: https://www.securityfocus.com/bid/24628/info LiteWeb webserver is prone to a remote denial-of-service vulnerability because the application fails to handle exceptional conditions. An attacker can exploit this issue to crash th...

Joomla! Mambo Component Mod_Forum - PHPBB_Root.php Remote File Inclusion

Joomla! Mambo Component ModForum - PHPBBRoot.php Remote File Inclusion source: https://www.securityfocus.com/bid/24591/info The 'modforum' component for Joomla and Mambo is prone to a remote file-include vulnerability because the application fails to properly sanitize user-supplied input. An...