1894 matches found
phpMyFamily <= 1.4.0 SQL Injection Exploit
No description provided by source. !/usr/bin/perl -w phpMyFamily Exploit injection ============================== $banner = "phpMyFamily Exploit injection \n\n============================== \n\nINFGPG-Hacking&Security Research"; Greats: AresU 1st IndoSec Team,ADZ Security Team has discovered bugs...
CVE-2004-1724
The ReadMe First.txt file in PHP-Fusion 4.0 instructs users to set the permissions on the fusionadmin/dbbackups directory to world read/write/execute 777, which allows remote attackers to download or view database backups, which have easily guessable filenames and contain the administrator userna...
my.phpforum.1.0.txt
/==========================================/ // GHC - MyPHP Forum - ADVISORY // Product: MyPHP Forum // Version: 1.0 // URL: http://www.myphp.ws // VULNERABILITY CLASS: SQL injection /==========================================/ example of exploit member.php?action=viewpro&member=nonexist' UNION...
[Full-Disclosure] Sweex 802.11g router/accesspoint config disclosure / remote config
Maniac Security Advisory 2004-01 Configuration disclosure on Wireless Accesspoint/Router SUMMARY Critical elements of the accesspoint's configuration can be discovered by any client connected to the accesspoint. This includes the administration username and password. AFFECTED PRODUCTS Sweex...
Critical SQL injection in phpBB
Anyone can get admin's username and password's md5 hash via a single web request. A working example is provided in the advisory...
Several bugs found in "Spyke's PHP Board"
================================================ ------------------------------------------------ ------------www.bright-shadows.net------------ ------------------------------------------------ --------------theblacksheep&erik-------------- ------------------------------------------------...
Guestbook 4.0 - Sensitive Information Disclosure
Guestbook 4.0 - Sensitive Information Disclosure source: https://www.securityfocus.com/bid/7320/info Guestbook has been reported prone to a sensitive information disclosure weakness. An attacker may disclose sensitive information regarding the Super Guestbook install by sending a HTTP request for...
HP JetDirect Device SNMP Request Cleartext Admin Credential Disclosure
It is possible to obtain the password of the remote HP JetDirect web server by sending SNMP requests. An attacker may use this information to gain administrative access to the remote printer. TRUSTED...
Ingenium Learning Management System 5.1/6.1 - Reversible Password Hash
source: https://www.securityfocus.com/bid/5970/info Ingenium Learning Management System uses a weak algorithm to hash user and administrative credentials. Passwords may be trivially obtained by reversing the password hash. An attacker must be able to gain unauthorized access to the password hashe...
LinkMax.txt
---------------------------------------------------------- Release date: May 21th 2001 Subject: WebAvail LinkMax2 ASP security problem Systems affected: All systems running LinkMax2 ASP script Vendor: http://www.webavail.com ---------------------------------------------------------- 1. problem...
Local promotion in NT4's NTLM Security Support Provider
BindView Security Advisory -------- Local promotion vulnerability in NT4's NTLM Security Support Provider Issue Date: February 7, 2001 Contact: [email protected] Topic: Local promotion vulnerability in NT4's NTLM Security Support Provider Overview: Due to a flaw in the NTLM Security Suppo...
Symlink attack in (all?) Samba. - Local root walkthrough by Tozz
Symlink attack in all? Samba. - Local root walkthrough by Tozz ================================================================= Requirements: Shell access or any other way to create symlinks A running samba deamon The username and/or password of a user named in the admin lists in one or more...
Проблемы с безопасностью в Cisco VCO/4000 (SNMP community)
Через SNMP community доступны на чтение логин и пароль администрирования...
cybercash.cc.txt
Date: Sun, 25 Apr 1999 13:38:43 +0200 From: Bo Elkjaer To: [email protected] Subject: Re: Shopping Carts exposing CC data Hi Joe Your CC-exposures are gaining momentum. Right now I'm only waiting for the mainstream papers to catch up. I'm a journalist myself, working for one of Denmarks larges...