2745 matches found
GuppY 2.4 - Remote File Access
GuppY 2.4 - Remote File Access source: https://www.securityfocus.com/bid/8769/info GuppY is prone to an issue that could allow a remote attacker to read or write to files on the vulnerable server. This issue presents itself in the tinymsg.php component of the software. The attacker could only...
GuppY 2.4 - Remote File Access
source: https://www.securityfocus.com/bid/8769/info GuppY is prone to an issue that could allow a remote attacker to read or write to files on the vulnerable server. This issue presents itself in the tinymsg.php component of the software. The attacker could only access files to which the webserve...
Virginity Security Advisory 2003-001 : Hola CMS - Admin Password Disclosure by Include vulnerability
-------------------------------------------------------------------- Virginity Security Advisory 2003-001 - - - -------------------------------------------------------------------- DATE : 2003-08-13 03:11 GMT TYPE : remote VERSIONS AFFECTED : == hola-cms-1.2.9-10...
Information Disclosure Vulnerability in bitboard2
================================================ ------------------------------------------------ ------------www.bright-shadows.net------------ ------------------------------------------------ --------------theblacksheep&erik-------------- ------------------------------------------------...
[Full-Disclosure] Megabook 2.0 -XSS & UA execution
------------------------------------------------------------------ - EXPL-A-2003-011 exploitlabs.com Advisory 011 ------------------------------------------------------------------ -= MegaBook =- exploitlabs.com June 29, 2003 Vunerabilitys: ---------------- 1. XSS and Unchecked Input Length 2...
IRCXPro Default Admin Password
The remote web server is running IRCXPro. It is possible to connect to the management port of this service by default : 7100 by using the default login / password combination admin / password. An attacker may use this flaw to gain the control of this server. %NASLMINLEVEL 70300 C Tenable Network...
CVE-2002-1934
Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 2.0.1 leaks sensitive information during boot-up, which allows attackers to obtain the MD5 hash of the Admin password, MD5 hash of the physical password, and other registration information...
PT-2002-2532 · D Link · D-Link Dwl-900Ap+ Access Point
Name of the Vulnerable Software and Affected Versions: D-Link DWL-900AP+ Access Point versions 2.1 through 2.2 Description: The issue allows remote attackers to access the TFTP server without authentication and read the config.img file. This file contains sensitive information, including the...
MySimpleNews (PHP)
Informations : °°°°°°°°°°°°°° Language : PHP Tested version : 1 Website : ? Comment : Very simple code. a Writing PHP code in a PHP file and execution of this code. Problem : °°°°°°°°° ----------------- users.php ----------------- ? $fp=fopen"news.php3","a"; fwrite$fp,"Post Par $LOGINn";...
CVE-2002-0544
Aprelium Abyss Web Server abyssws before 1.0.3 stores the administrative console password in plaintext in the abyss.conf file, which allows local users with access to the file to gain privileges...
CVE-2002-0589
The CVE-2002-0589 issue affects PVote prior to 1.9. An unauthenticated remote attacker can change the administrative password by directly calling ch_info.php with newpass and confirm parameters both set to the new password, enabling privilege gain. The available documents confirm the vulnerabilit...
Unauthorized access via Xerox DocuTech
Default system settings and admin password...
[[ TH 026 Inc. ]] SA #1 - Multiple vulnerabilities in PVote 1.5
Telhack Security Advisory - 1 Name: PVote 1.5b Impact: Minor Content manipulation, Script admin Date: April 18 / 2002 Daniel Nystrm [email protected] I N F O PVote is a PHP voting system. It uses MySQL to hold all information about the system. Author has been notified of all three problems...
CVE-2001-1220
D-Link DWL-1000AP Firmware 3.2.28 483 Wireless LAN Access Point stores the administrative password in plaintext in the default Management Information Base MIB, which allows remote attackers to gain administrative privileges...
Sawmill 6.2.x - Admin Password Insecure Default Permissions
source: https://www.securityfocus.com/bid/4077/info Sawmill is commercial log analysis software. It runs on most Unix and Linux variants, Microsoft Windows NT/2000 operating systems and MacOS. Sawmill creates the file AdminPassword with insecure default permissions on Solaris platforms...
CVE-2001-1040
CVE-2001-1040 affects HP LaserJet and possibly other JetDirect devices, where certain power-off behavior resets the admin password. The result is that a remote attacker could gain administrative access without a password after the device is turned off, per the available description. The provided ...
CVE-2001-1040
HP LaserJet, and possibly other JetDirect devices, resets the admin password when the device is turned off, which could allow remote attackers to access the device without the password...
[PTL-2002-01] Vulnerabilities in Oracle9iAS Web Cache
PenTest Limited www.pentest-limited.com Security Advisory Vulnerabilities in Oracle9iAS Web Cache Author: Mark Rowe [email protected] Pete Finnigan [email protected] Date: 7th January 2002 Reference: ptl-2002-01...
php-nuke.5.1.txt
PhpNuke Admin password can be stolen ! by Cabezon Aurélien | [email protected] http://www.isecurelabs.com/article.php?sid=229 FR VERSION + screen shot Vulnerable : PhpNuke 5.1 Other version : not tested PostNuke : not tested 1 Introduction I have found a way to stole PhpNuke Admin...
PhpNuke Admin password can be stolen !
PhpNuke Admin password can be stolen ! by Cabezon Aurйlien | [email protected] http://www.isecurelabs.com/article.php?sid=229 FR VERSION + screen shot Vulnerable : PhpNuke 5.1 Other version : not tested PostNuke : not tested 1 Introduction I have found a way to stole PhpNuke Admin...