SpecView Web Server Directory Traversal Vulnerability (Jul 2012) - Active Check

SpecView is prone to a directory traversal vulnerability because it fails to properly sanitize user-supplied input. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

CVE-2011-3667

CVE-2011-3667 affects Bugzilla 2.x and 3.x before 3.4.13, 3.5.x and 3.6.x before 3.6.7, 3.7.x and 4.0.x before 4.0.3, and 4.1.x through 4.1.3. The root cause is that when createemailregexp is not empty, Bugzilla does not properly apply the user_can_create_account setting, allowing remote attacker...

Simple PHP Guestbook 1.0 Administrative Access

Vendor: http://www.simplephpguestbook.com/ Version: 1.0 Tested on: Windows and Linux -------------------------------------- Simple PHP Guestbook Remote Admin Access Exploit Created by Sora + contact: vhr95zw at hotmail.com Description: Simple PHP Guestbook suffers an remote access in the guestboo...

ChartDirector 5.0.1 - cacheId Arbitrary File Disclosure

ChartDirector 5.0.1 - cacheId Arbitrary File Disclosure ==================================================== Advisory No.: ISNSC-0910 ============= ChartDirector Critical File Access Information ====== Author: DokFLeed Program Affected: http://www.chartdir.com for .NET Version: 5.0.1 Severity:...

Php168 v6 权限提升漏洞

天天上班,好久没在论坛发贴了... 以前发过一个php168 v2008的权限提升漏洞,这次的漏洞也出在相同的代码段,直接给出exp,里面的一些细节还是有些意思的,有兴趣的同学可以自行分析: mail:[email protected] PHP168 V6.0 暂无 请关注官方网址：http://www.php168.com/ !/usr/bin/php ?php printr' +---------------------------------------------------------------------------+ Php168 v6.0 update user...

CVE-2008-6767

wp-admin/upgrade.php in WordPress, probably 2.6.x, allows remote attackers to upgrade the application, and possibly cause a denial of service application outage, via a direct request...

GeoVision LiveAudio - ActiveX Remote Freed-Memory Access

GeoVision LiveAudio - ActiveX Remote Freed-Memory Access // win32exec - EXITFUNC=seh CMD=c:\windows\system32\calc.exe Size=378 Encoder=Alpha2 http://metasploit.com shellcode = unescape"%u03eb%ueb59%ue805%ufff8%uffff%u4949%u4949%u4949" +...

ASPTicker 1.0 - Remote Database Disclosure

ASPTicker 1.0 DD Remote Vuln. ---------------------------------------------------------- Discovered By: ZoRLu msn: [email protected] Home: www.z0rlu.blogspot.com N0T: YALNIZLIK, YiTiRDi ANLAMINI YALNIZLIGIMDA : ----------------------------------------------------------- exp for demo: DD...

CVE-2008-4361

CVE-2008-4361 affects PowerPortal 2.0.13 and is a directory traversal vulnerability where a crafted .. in the path parameter to the default URI enables remote attackers to list and possibly read arbitrary files. This is documented across multiple sources (NVD/NVD entry for CVE-2008-4361 referenci...

EZWebAlbum - Remote File Disclosure

EZWebAlbum - Remote File Disclosure EZWebAlbum dlfilename Remote File Disclosure Vulnerability |, .-. .-. ,| Found by : Ghost Hacker R-H TeaM | o/ \o | My Site web : Real-hack.Net |/ /\ | Found by : Ghost Hacker R-H TeaM Home page : www.Real-hack.net Email : [email protected] Name Script :...

EZWebAlbum - Remote File Disclosure

EZWebAlbum dlfilename Remote File Disclosure Vulnerability |, .-. .-. ,| Found by : Ghost Hacker R-H TeaM | o/ \o | My Site web : Real-hack.Net |/ /\ | Found by : Ghost Hacker R-H TeaM Home page : www.Real-hack.net Email : [email protected] Name Script : EZWebAlbum Download Script :...

jonascms-lfi.txt

┌┌───────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An Unimaginable crack.... ────┐...

migcms-rfi.txt

┌┌───────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An Unimaginable crack.... ────┐...

PHP 5.2.6 - 'chdir()' Function http URL Argument Safe_mode Restriction Bypass

source: https://www.securityfocus.com/bid/29796/info PHP is prone to multiple 'safemode' restriction-bypass vulnerabilities. Successful exploits could allow an attacker to determine the presence of files in unauthorized locations; other attacks are also possible. Exploiting these issues allows...

SendCard <= 3.4.0 Unauthorized Administrative Access Exploit

No description provided by source. !/usr/bin/php -q -d shortopentag=on ? echo "SendCard = 3.4.0 unauthorized administrative access / remote commands\n"; echo "execution exploit\n"; echo "by rgod [email protected]\n"; echo "site: http://retrogod.altervista.org\n"; echo "dork: "Powered by sendcard...

UPublisher 1.0 (viewarticle.asp) Remote SQL Injection Vulnerability

No description provided by source. Title : UPublisher 1.0 viewarticle.asp Remote SQL Injection Vulnerability Author : ajann Dork : UPublisher Vendor: http://www.superfreaker.com/ http://target/path//viewarticle.asp?ID=SQL Example:...

Opera 9 (long href) Remote Denial of Service Exploit

No description provided by source. !-- Opera 9 DoS by Critical Security, Advisory 009 Advisory can be reached: http://www.critical.lt/?vuln/349 We are: N9, bigb0u, cybergoth, iglOo, mircia, Povilas Shouts to Lithuanian girlz! and our friends ; Product: Opera 9 8.x is immune to this Vulnerability...

Opera 9 - long href Remote Denial of Service

a...

Xmame 0.102 - '-pb/-lang/-rec' Local Buffer Overflow

/ xmame-expl.c by sj [email protected] On 20th of Jan it came to my attention that Xmame suffered from several buffer overflow problems. Thinking this issue was resolved, I installed Xmame on my Ubuntu laptop, from the Ubuntu repositories which installed a vulnerable version of Xmame. This is what...

CVE-2005-2654

phpldapadmin before 0.9.6c allows remote attackers to gain anonymous access to the LDAP server, even when disableanonbind is set, via an HTTP request to login.php with the anonymousbind parameter set...