LinksCaffe 2.0/3.0 - Authentication Bypass

source: https://www.securityfocus.com/bid/19763/info LinksCaffe is prone to an authentication-bypass vulnerability because of a lack of required authentication on the application's administrative script. An attacker can use administrative functions simply by knowing the script's name and location...

CVE-2006-2890

Pixelpost 1-5rc1-2 and earlier, when registerglobals is enabled, allows remote attackers to gain administrator privileges and conduct other attacks by setting the SESSION"pixelpostadmin" parameter to 1 in calls to admin scripts such as admin/viewinfo.php...

os-x/PPC Add user r00t 219 bytes

Exploit for os-x/ppc platform in category shellcode ================================ os-x/PPC Add user r00t 219 bytes ================================ / PPC OS X / Darwin Shellcode by B-r00t. 2003. open; write; close; execve; exit; See ASM below. 219 Bytes! / char shellcode =...

FreeBSD : mailman XSS in admin script (104)

The following package needs to be updated: mailman %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated by freebsdpkg3cb88bb267a611d880e30020ed76ef5a.nasl. Disabled on 2011/10/02. C Tenable Network Security, Inc. This script contains information extracted from VuXML : Copyright...

PT-2002-1564 · Apache · Apache

Name of the Vulnerable Software and Affected Versions: popper mod versions 1.2.1 and earlier Description: The issue concerns the PHP administration script in popper mod, which relies on Apache .htaccess authentication. This allows remote attackers to gain privileges if the script is not properly...

CVE-2002-0579

WorkforceROI Xpede 4.1 allows remote attackers to gain privileges as an Xpede administrator via a direct HTTP request to the /admin/adminproc.asp script, which does not prompt for a password...