164 matches found
InstantHMI 6.1 - Local Privilege Escalation
Title: InstantHMI - EoP: User to ADMIN CWE Class: CWE-276: Incorrect Default Permissions Date: 01/06/2016 Vendor: Software Horizons Product: InstantHMI Version: 6.1 Download link: http://www.instanthmi.com/ihmisoftware.htm Tested on: Windows 7 x86, fully patched Release mode: no bugbounty program...
PHPfileNavigator 2.3.3 - Privilege Escalation
PHPfileNavigator 2.3.3 - Privilege Escalation + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/AS-PHPFILENAVIGATOR0812b.txt Vendor: ========================= pfn.sourceforge.net Product:...
PHPfileNavigator 2.3.3 - Privilege Escalation
Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/AS-PHPFILENAVIGATOR0812b.txt Vendor: ========================= pfn.sourceforge.net Product: ===================================================== PHPfileNavigator v2.3.3 pfn...
PHPfileNavigator 2.3.3 Privilege Escalation
Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/AS-PHPFILENAVIGATOR0812b.txt Vendor: ========================= pfn.sourceforge.net Product: ===================================================== PHPfileNavigator v2.3.3 pfn...
Drupal Mollom Module Cross-Site Scripting Patch
Drupal today released an update that patches a cross-site scripting vulnerability in a popular spam and content moderation module used by websites built on the open source CMS. The vulnerability was in a feature of the Mollom module that is installed on at least 60,000 sites, said Drupal security...
MailEnable Enterprise <= 2.0 (ASP Version) Multiple Vulnerabilities
No description provided by source. Hi, I'm Soroush Dalili from GrayHatz Security Group GSG. I found multiple bugs in MailEnable Enterprise Edition ASP Version = 2.0 that I listed them below: 1 - Any user can login to web administration site. 2 - Authenticated normal user can gain ADMIN or SYSADMI...
Cart Engine 3.0.0 Remote Code Execution Vulnerability
Cart Engine suffers from an authenticated arbitrary code execution. The vulnerability is caused due to the improper verification of uploaded files in several modules thru several POST parameters. This can be exploited to execute arbitrary PHP code by uploading a malicious PHP script file that wil...
Kemana Directory 1.5.6 Remote Code Execution Vulnerability
Kemana Directory suffers from an authenticated arbitrary code execution. The vulnerability is caused due to the improper verification of uploaded files in several modules thru several POST parameters. This can be exploited to execute arbitrary PHP code by uploading a malicious PHP script file tha...
Cisco Small Business Router Password Disclosure Vulnerability
A vulnerability in the web management interface of the Cisco RV110W Wireless-N VPN Firewall, the Cisco RV215W Wireless-N VPN Router, and the Cisco CVR100W Wireless-N VPN Router could allow an unauthenticated, remote attacker to gain administrative-level access to the web management interface of t...
Snitz Forums 2000 - Active.asp SQL Injection
Snitz Forums 2000 - Active.asp SQL Injection WwW.BugReport.IR AmnPardaz Security Research & Penetration Testing Group Title: A user can gain admin level in snitz 2000 by SQL Injection vendor: http://forum.snitz.com/ Googling: "Powered by Snitz" 2,440,000 victims Last bug report in 2007-02-16 with...
Snitz Forums 2000 - 'Active.asp' SQL Injection
WwW.BugReport.IR AmnPardaz Security Research & Penetration Testing Group Title: A user can gain admin level in snitz 2000 by SQL Injection vendor: http://forum.snitz.com/ Googling: "Powered by Snitz" 2,440,000 victims Last bug report in 2007-02-16 with 4692 visitors Exploit: Available Fix...
Snitz Forums 2000 Active.asp Remote SQL Injection Vulnerability
Exploit for unknown platform in category web applications =============================================================== Snitz Forums 2000 Active.asp Remote SQL Injection Vulnerability =============================================================== AmnPardaz Security Research & Penetration Testi...
Snitz Forums 2000 Active.asp Remote SQL Injection Vulnerability
No description provided by source. WwW.BugReport.IR AmnPardaz Security Research & Penetration Testing Group Title: A user can gain admin level in snitz 2000 by SQL Injection vendor: http://forum.snitz.com/ Googling: "Powered by Snitz" 2,440,000 victims Last bug report in 2007-02-16 with 4692...
SQL-Injection in IP-TRACKING Mod for phpBB2.0.x
Information: The IP-Tracking Mod is a Extension for phpBB2.0.x which logs all Page hits the user of the Boards do including Referer, IP and Username. It contains a SQL-Injection on Admin-Level. You can get it from: http://www.phpbb.de/viewtopic.php?t=63690&postdays=0&postorder=asc&start=0 Steps t...
iptrack-sql.txt
Information: The IP-Tracking Mod is a Extension for phpBB2.0.x which logs all Page hits the user of the Boards do including Referer, IP and Username. It contains a SQL-Injection on Admin-Level. You can get it from: http://www.phpbb.de/viewtopic.php?t=63690&postdays=0&postorder=asc&start=0 Steps t...
[Full-disclosure] SQL-Injection in IP-TRACKING Mod for phpBB2.0.x
Information: The IP-Tracking Mod is a Extension for phpBB2.0.x which logs all Page hits the user of the Boards do including Referer, IP and Username. It contains a SQL-Injection on Admin-Level. You can get it from: http://www.phpbb.de/viewtopic.php?t=63690&postdays=0&postorder=asc&start=0 Steps t...
PT-2006-6644
Name of the Vulnerable Software and Affected Versions DirectAdmin version 1.28.1 Description The issue allows remote authenticated users to inject arbitrary web script or HTML. This can be achieved through various parameters and commands, including the user parameter to CMD SHOW RESELLER or CMD...
directadmin-1281.txt
Aria-Security Team Advisory Original Advisory : http://aria-security.net/advisory/directadmin.txt ----------------------------------------------------------- Software: DirectAdmin V1.28.1 DirectAdmin level used : Admin level PoC: http://target:2222/CMDSHOWRESELLER?userXSS...
Nuked klan 1.7: Bypassed level admin on forum(corrected)
mail/msn: [email protected] remplace THREADID id of the thread that you want to see remplace FORUMID id of the forum in which your thread is that allow you to view the post level admin http://target/index.php?file=Forum&page=viewtopic&forumid=FORUMID' OR id LIKE '' /&threadid=THREADID' AND...
MuOnline Loopholes Web Server - 'pkok.asp' SQL Injection
milw0rm.com 2005-10-15...