1574 matches found
Fingerprint And Proximity Access Control Bypass
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 + Device: Fingerprint & Proximity Access Control + Model: ZEM560 and others + Kernel: 2.6.24 Treckle on an MIPS + Vulnerability: Auth Bypass + Impact: By using a direct URL attackers can bypass the fingerprint & proximity security and open the door...
Postfixadmin 2.3.4 SQL Injection / Cross Site Scripting
Advisory ID: CSA-12002 Title: Multiple vulnerabilities in postfixadmin Product: postfixadmin Version: 2.3.4 and probably prior Vendor: www.postifixadmin.org Vulnerability type: SQL injection, XSS Vendor notification: 2012-01-10 Public disclosure: 2012-01-26 postfixadmin version 2.3.4 and probably...
Oracle WebLogic Admin State Unspecified Privilege Escalation (CVE-2008-4011)
According to its self-reported banner, the version of Oracle WebLogic Server running on the remote host is affected by an unspecified privilege escalation vulnerability such that some applications in admin state are made available to non-admin users. %NASLMINLEVEL 70300 C Tenable Network Security...
Parliament Of Botswana hacked by V0iD
Parliament Of Botswana hacked by V0iD V0iD hacker again strike with Parliament Of Botswana . Hacker Releases the database table information and Admin users login details at . Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post...
WebsiteBaker 2.8.1 Path Disclosure / SQL Injection
=================================== Vulnerability ID: HTB22929 Reference: http://www.htbridge.ch/advisory/multiplepathdisclosureinwebsitebaker.html Product: WebsiteBaker Vendor: Website Baker Org http://www.websitebaker2.org/ Vulnerable Version: 2.8.1 Vendor Notification: 29 March 2011...
Free Simple Software SQL Injection
'Free Simple Software' SQL Injection Vulnerability CVE-2010-4298 Mark Stanislav - [email protected] I. DESCRIPTION --------------------------------------- A vulnerability exists in the 'Free Simple Software' download module which allows for a 'UNION SELECT' to easily expose the application...
CMS Ignition SQL Injection Exploit
Exploit for php platform in category web applications ================================== CMS Ignition SQL Injection Exploit ================================== + SQL Injection Vulnerability + Dorks: allinurl:"shop.htm?shopMGID=" + Bug in shop.htm?shopMGID + Exploit:...
CMS Ignition - SQL Injection
CMS Ignition - SQL Injection |------------------------------------------------| | neavorc@gmaildotcom | ================================================== + SQL Injection Vulnerability + Dorks: allinurl:"shop.htm?shopMGID=" + Bug in shop.htm?shopMGID + Exploit:...
CVE-2010-2039
Cross-site request forgery CSRF vulnerability in gpEasy CMS 1.6.2, 1.6.1, and earlier allows remote attackers to hijack the authentication of administrators for requests that create new administrative users via an AdminUsers action to index.php. NOTE: some of these details are obtained from third...
gpEasy 1.6.1 Cross Site Request Forgery
============================================= gpEasy Date : 04-29-2010 Site : http://www.giudinvx.altervista.org/ Location : Naples, Italy -------------------------------------------------------- Application Info Site : http://www.gpeasy.com/ Version: 1.6.1...
Debian DSA-2015-1 : drbd8 - privilege escalation
A local vulnerability has been discovered in drbd8. Philipp Reisner fixed an issue in the drbd kernel module that allows local users to send netlink packets to perform actions that should be restricted to users with CAPSYSADMIN privileges. This is a similar issue to those described by...
Litespeed Web Server 4.0.12 - Cross-Site Request Forgery (Add Admin) Cross-Site Scripting
Litespeed Web Server 4.0.12 - Cross-Site Request Forgery Add Admin Cross-Site Scripting Author: d1dn0t didnotatmedotcom Software Link: http://www.litespeedtech.com/litespeed-web-server-downloads.html Version: 4.0.12 Greetz: Muts/Ryujin/KernelSaunders 0x00 Product Description LiteSpeed Web Server ...
Litespeed Web Server 4.0.12 - Cross-Site Request Forgery (Add Admin) / Cross-Site Scripting
Author: d1dn0t didnotatmedotcom Software Link: http://www.litespeedtech.com/litespeed-web-server-downloads.html Version: 4.0.12 Greetz: Muts/Ryujin/KernelSaunders 0x00 Product Description LiteSpeed Web Server is the leading high-performance, high-scalability web server. It is completely Apache...
Blog System 1.x SQL Injection
Script : Blog System Version : 1.x Link : http://netartmedia.net/blogsystem/ Author : BorN To K!LL - h4ck3r Dork : "powered by Blog System" Table : websiteadminadminusers Columns : id,username,password,type Exploit :...
Blog System 1.x - 'note' SQL Injection
Script : Blog System Version : 1.x Link : http://netartmedia.net/blogsystem/ Dork : "powered by Blog System" Table : websiteadminadminusers Columns : id,username,password,type Exploit :...
Blog System 1.x (note) SQL Injection Vuln
Exploit for unknown platform in category web applications ========================================= Blog System 1.x note SQL Injection Vuln ========================================= Script : Blog System Version : 1.x Link : http://netartmedia.net/blogsystem/ Dork : "powered by Blog System" Table ...
Get all Windows Admin Users and Groups over WMI (win)
Get all Windows non System Services and Eventlog Servicestate over WMI. OpenVAS Vulnerability Test $Id: GSHBWMIgetAdminUsers.nasl 7279 2017-09-26 13:40:36Z cfischer $ Get all Windows Admin Users and Groups over WMI win Authors: Thomas Rotter Copyright: Copyright c 2009 Greenbone Networks GmbH,...
Get all Windows Admin Users and Groups over WMI - Windows
Get all Windows non System Services and Eventlog Servicestate over WMI. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2009-3248
Cross-site request forgery CSRF vulnerability in the RSS module in vtiger CRM 5.0.4 allows remote attackers to hijack the authentication of Admin users for requests that modify the news feed system via the rssurl parameter in a Save action to index.php...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in the RSS module in vtiger CRM 5.0.4 allows remote attackers to hijack the authentication of Admin users for requests that modify the news feed system via the rssurl parameter in a Save action to index.php...