vTiger CRM 5.0.4 - Local File Inclusion

!/usr/bin/python INFORMATION: Exploit Title: Vtiger CRM 5.0.4 Pre-Auth Local File Inclusion Exploit Google Dork: "The honest Open Source CRM" "vtiger CRM 5.0.4" Date: 5/3/2011 CVE: CVE-2009-3249 Windows link: http://bit.ly/fiOYCL Linux link: http://bit.ly/hluzLf Tested on: Windows XP/Linux Ubuntu...

HP JetAdmin 1.0.9 Rev. D - symlink

source: https://www.securityfocus.com/bid/157/info A vulnerability exists in HP's JetAdmin Rev. D.01.09 software. Due to its failure to check if it is following a symbolic link, it is possible for an attacker to create a link from /tmp/jetadmin.log to anywhere on the filesystem, with permissions...