18 matches found
interphoto gallery - Multiple Vulnerabilities
No description provided by source. ''' | / |/ \ /\ | | | | \ | \ / | | | | / \ | | | | | | | |/| | | | |/ /\ | | | | Day 6 0day | | | | || / \ || | | | || ||// \/|/ ''' - Title : InterPhoto Gallery Multiple Remote Vulnerabilities - Affected Version : = 2.4.0 - Vendor Site :...
syndeocms 2.8.02 - Multiple Vulnerabilities
No description provided by source. ''' | / |/ \ /\ | | | | \ | \ / | | | | / \ | | | | | | | |/| | | | |/ /\ | | | | Day 4 0day | | | | || / \ || | | | || ||// \/|/ ''' Title : syndeocms 2.8.02 Multiple Vulnerabilities Affected Version : syndeocms = 2.8.02 Vendor Site :...
JE CMS 1.0.0 - Bypass Authentication by SQL Injection Vulnerability
No description provided by source. ''' | / |/ \ /\ | | | | \ | \ / | | | | / \ | | | | | | | |/| | | | |/ /\ | | | | | | | | || / \ || | | | || ||// \/|/ http://www.exploit-db.com/moaub-28-je-cms-1-0-0-bypass-authentication-by-sql-injection-vulnerability/ ''' Title : JE CMS 1.0.0 Bypass...
Adobe Shockwave Director tSAC - Chunk Memory Corruption
No description provided by source. ''' | / |/ \ /\ | | | | \ | \ / | | | | / \ | | | | | | | |/| | | | |/ /\ | | | | | | | | || / \ || | | | || ||// \/|/ ''' ''' Title : Adobe Shockwave Director tSAC Chunk memory corruption Version : dirapi.dll 11.5.7 Analysis : http://www.abysssec.com Vendor...
Yahoo Mail XSS Vulnerability Could Affect Millions of Accounts
Security researcher Shahin Ramezany developed an XSS proof-of-concept exploit that he claims puts some 400 million Yahoo Mail users at risk of having their accounts taken over. In a video posted on YouTube last night, Ramezanydemonstrated an exploit for what he claims is a document object...
Avaya WinPDM UniteHostRouter <= 3.8.2 Pre-Auth Command Execute
Exploit for windows platform in category remote exploits Abysssec Public Exploit more info www.abysssec.com Avaya WinPDM UniteHostRouter = v2 || v4 = v3 + 1, v5 = strpbrkv3 + 1, ":/? \n\r", v5 v2 result = 0; else v6 = v5 - v4; memcpya2, v4, v6; // vulnerable memcpy BYTE a2 + v6 = 0; result = 1;...
Month Of Abysssec Undisclosed Bugs - JE CMS 1.0.0
''' | / |/ \ /\ | | | | \ | \ / | | | | / \ | | | | | | | |/| | | | |/ /\ | | | | userLogin; userLogin function is in administrator\library\functions.php. in lines 129-139: if $userName == '' || $password == '' $errorMessage = JEMISMATCHUSERNAMEPASSWORD; else // check the database and see if the...
JE CMS 1.0.0 Bypass Authentication by SQL Injection Vulnerability
Exploit for php platform in category web applications ================================================================= JE CMS 1.0.0 Bypass Authentication by SQL Injection Vulnerability ================================================================= Title : JE CMS 1.0.0 Bypass Authentication by...
JE CMS 1.0.0 - Authentication Bypass
JE CMS 1.0.0 - Authentication Bypass ''' | / |/ \ /\ | | | | \ | \ / | | | | / \ | | | | | | | |/| | | | |/ /\ | | | | userLogin; userLogin function is in administrator\library\functions.php. in lines 129-139: if $userName == '' || $password == '' $errorMessage = JEMISMATCHUSERNAMEPASSWORD; else...
JE CMS 1.0.0 - Authentication Bypass
''' | / |/ \ /\ | | | | \ | \ / | | | | / \ | | | | | | | |/| | | | |/ /\ | | | | userLogin; userLogin function is in administrator\library\functions.php. in lines 129-139: if $userName == '' || $password == '' $errorMessage = JEMISMATCHUSERNAMEPASSWORD; else // check the database and see if the...
festos CMS 2.3b - Multiple Vulnerabilities
festos CMS 2.3b - Multiple Vulnerabilities ''' | / |/ \ /\ | | | | \ | \ / | | | | / \ | | | | | | | |/| | | | |/ /\ | | | | query$query; poc: in admin.php page: username: admin' or '1'='1 password: admin' or '1'='1 1.2- in festoszdologin.php: $query = "SELECT vendorID FROM...
FestOS CMS 2.3b Multiple Remote Vulnerabilities
Exploit for php platform in category web applications =============================================== FestOS CMS 2.3b Multiple Remote Vulnerabilities =============================================== Title : FestOS CMS 2.3b Multiple Remote Vulnerabilities Affected Version : query$query; poc: in...
Month Of Abysssec Undisclosed Bugs - DynPage 1.0
''' | / |/ \ /\ | | | | \ | \ / | | | | / \ | | | | | | | |/| | | | |/ /\ | | | | | | | | || / \ || | | | || ||// \/|/ http://www.exploit-db.com/moaub-7-dynpage-multiple-remote-vulnerabilities/ ''' - Title : DynPage Multiple Remote Vulnerabilities. - Affected Version : = v1.0 - Vendor Site :...
InterPhoto Gallery - Multiple Vulnerabilities
InterPhoto Gallery - Multiple Vulnerabilities ''' | / |/ \ /\ | | | | \ | \ / | | | | / \ | | | | | | | |/| | | | |/ /\ | | | | Day 6 0day | | | | || / \ || | | | || ||// \/|/ ''' - Title : InterPhoto Gallery Multiple Remote Vulnerabilities - Affected Version : = 2.4.0 - Vendor Site :...
SAP GUI for Windows - sapirrfc.dll ActiveX Overflow
SAP GUI for Windows - sapirrfc.dll ActiveX Overflow SAP GUI for Windows sapirrfc.dll Accecpt Activex Overflow www.Abysssec.com Public Exploit / Application: SAP GUI for Windows, EnjoySAP Versions Affected: Version 6.4 Vendor URL: http://SAP.com Bugs: Buffer Overflow Exploits: YES Reported:...
SAP GUI for Windows sapirrfc.dll Activex Overflow Exploit
No description provided by source. html title SAP GUI for Windows sapirrfc.dll Accecpt Activex Overflow /title center h1 www.Abysssec.com Public Exploit h1 /center object classid='clsid:77F12F8A-F117-11D0-8CF1-00A0C91D9D87' id='target' / script / Application: SAP GUI for Windows, EnjoySAP Version...
SAP GUI for Windows - 'sapirrfc.dll' ActiveX Overflow
SAP GUI for Windows sapirrfc.dll Accecpt Activex Overflow www.Abysssec.com Public Exploit / Application: SAP GUI for Windows, EnjoySAP Versions Affected: Version 6.4 Vendor URL: http://SAP.com Bugs: Buffer Overflow Exploits: YES Reported: 13.11.2008 Vendor response: 17.11.2008 Date of Public...
Portili Personal And Team Wiki Disclosure / XSS / Execution
Abysssec Inc Public Advisory Title : Portili Personal and Team Wiki Multiple Remote Vulnerabilities Affected Version : Portili Personal and Team Wik = 1.14 Vendor Site : www.Portili.com Discovery : www.Abysssec.com Vendor Contact : 10/4/2009 Vendor Response : 11/4/2009 Vendor Response : i have...