1248 matches found
MD-Pro 1.0.76 - SQL Injection
!/usr/bin/perl use strict; use IO::Socket; my $app = "MDPro 1.0.76"; my $type = "SQL Injection"; my $author = "undefined1"; my $settings = "magicquotesruntime = off, mysql = 4.1.0"; $| = 1; print ":: $app $type - by $author ::\n\n\n"; my $url = shift || usage; if$url = m/^?:http://./ $url = $1;...
CVE-2007-5092
Summary: CVE-2007-5092 is a directory traversal vulnerability in the Dance Music module’s index.php for phpNuke, exploited when register_globals is enabled. The flaw allows remote attackers to include and execute arbitrary local files by injecting a .. path via an ACCEPT_FILE array parameter to m...
[CVE-2007-1358] Apache Tomcat XSS vulnerability in Accept-Language header processing
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2007-1358: Apache Tomcat XSS vulnerability in Accept-Language header processing Severity: Low cross-site scripting Vendor: The Apache Software Foundation Versions Affected: Tomcat 4.0.0 to 4.0.6 Tomcat 4.1.0 to 4.1.34 Tomcat 5.0.0 to 5.0.30 Tomcat...
Apache Tomcat Accept-Language crossite scripting
Crossite scripting with invalid Accept-Language header...
JVN#16535199: Apache Tomcat Accept-Language Header Cross-Site Scripting Vulnerability
Apache Tomcat from the Apache Software Foundation is an implementation of the Java Servlet and JavaServer Page JSP technologies. Apache Tomcat contains a cross-site scripting vulnerability. It occurs when the value of the Accept-Language header sent from a client is non-standard. The developer ha...
tomcat accept-language xss flaw
Cross-site scripting XSS vulnerability in certain applications using Apache Tomcat 4.0.0 through 4.0.6 and 4.1.0 through 4.1.34 allows remote attackers to inject arbitrary web script or HTML via crafted "Accept-Language headers that do not conform to RFC 2616"...
tomcat accept-language xss flaw
Cross-site scripting XSS vulnerability in certain applications using Apache Tomcat 4.0.0 through 4.0.6 and 4.1.0 through 4.1.34 allows remote attackers to inject arbitrary web script or HTML via crafted "Accept-Language headers that do not conform to RFC 2616"...
tomcat accept-language xss flaw
Cross-site scripting XSS vulnerability in certain applications using Apache Tomcat 4.0.0 through 4.0.6 and 4.1.0 through 4.1.34 allows remote attackers to inject arbitrary web script or HTML via crafted "Accept-Language headers that do not conform to RFC 2616"...
tomcat accept-language xss flaw
Cross-site scripting XSS vulnerability in certain applications using Apache Tomcat 4.0.0 through 4.0.6 and 4.1.0 through 4.1.34 allows remote attackers to inject arbitrary web script or HTML via crafted "Accept-Language headers that do not conform to RFC 2616"...
Cross site scripting
Cross-site scripting XSS vulnerability in certain applications using Apache Tomcat 4.0.0 through 4.0.6 and 4.1.0 through 4.1.34 allows remote attackers to inject arbitrary web script or HTML via crafted "Accept-Language headers that do not conform to RFC 2616"...
CVE-2007-1358
Cross-site scripting XSS vulnerability in certain applications using Apache Tomcat 4.0.0 through 4.0.6 and 4.1.0 through 4.1.34 allows remote attackers to inject arbitrary web script or HTML via crafted "Accept-Language headers that do not conform to RFC 2616"...
CVE-2007-1358
Cross-site scripting XSS vulnerability in certain applications using Apache Tomcat 4.0.0 through 4.0.6 and 4.1.0 through 4.1.34 allows remote attackers to inject arbitrary web script or HTML via crafted "Accept-Language headers that do not conform to RFC 2616"...
Fixed in Apache Tomcat 5.5.21, 5.0.SVN
Low: Cross-site scripting CVE-2007-1358 Web pages that display the Accept-Language header value sent by the client are susceptible to a cross-site scripting attack if they assume the Accept-Language header value conforms to RFC 2616. Under normal circumstances this would not be possible to exploi...
WEBInsta FM 0.1.4 login.php absolute_path Remote File Inclusion Exploit
Exploit for unknown platform in category web applications ======================================================================= WEBInsta FM 0.1.4 login.php absolutepath Remote File Inclusion Exploit ======================================================================= !/usr/bin/perl / \ / \ |...
0irc-client v1345 build20060823 Denial of Service Exploit
Exploit for unknown platform in category dos / poc ========================================================= 0irc-client v1345 build20060823 Denial of Service Exploit ========================================================= / 0irc-client v1345 build 20060823 DoS Exploit By DiGitalX email protect...
0irc-client 1345 build20060823 - Denial of Service
0irc-client 1345 build20060823 - Denial of Service / 0irc-client v1345 build 20060823 DoS Exploit By DiGitalX [email protected] Date: 22/3/2007 -- MicroSystem Team -- Site: http://DiGitalX.I.am Description: 0irc-client suffers from a NULL pointer derefrencing bug. / define WIN32LEANANDMEAN inclu...
phpBB Security 1.0.1 - PHP_security.php Remote File Inclusion
phpBB Security 1.0.1 - PHPsecurity.php Remote File Inclusion !/usr/bin/perl phpBB Security 1.0.1 Class: Remote File Include Vulnerability Date: 2006/10/12 Remote: Yes Type: high Site: http://www.phpbb-amod.com/downloads/phpBBSecurity.zip...
firefox-DoS.txt
!/usr/bin/perl author: tomas kempinsky use strict; use Socket; my $port = shift || 2121; my $proto = getprotobyname'tcp'; my $payload = "\x32\x32\x30\x20\x5a\x0d\x0a\x33". "\x33\x31\x20\x5a\x0d\x0a\x35\x30". "\x30\x20\x44\x6f\x53\x0d\x0a\x35". "\x30\x30\x20\x5a\x0d\x0a"; socketSERVER, PFINET,...
bsd/x86 - setuid/portbind shellcode 94 bytes
bsd/x86 setuid/portbind shellcode 94 bytes. Shellcode exploit for bsdx86 platform / $Id: portbind-bsd.c,v 1.3 2004/06/02 12:22:30 raptor Exp $ portbind-bsd.c - setuid/portbind shellcode for BSD/x86 Copyright c 2003 Marco Ivaldi Simple portbind shellcode that bind's a setuid0 shell on port 31337/t...
Novell GroupWise Messenger Accept-Language buffer overflow
Added: 04/20/2006 CVE: CVE-2006-0992 BID: 17503 OSVDB: 24617 Background Novell GroupWise includes the Messaging Agent which offers an HTTP service on port 8300/TCP. Problem A buffer overflow in the Messaging Agent allows remote attackers to execute commands by sending a long, specially crafted...