Madness Pro <= 1.14 Persistent XSS / SQL InjectionVulnerabilities

Exploit for php platform in category web applications !/usr/bin/env python2 -- coding: utf-8 -- Exploit Title: Madness Pro = 1.14 Persistent XSS Date: June 05, 2014 Exploit Author: @botnethunter Version: 1.14 Tested on: Apache2 - Ubuntu - MySQL ▄▄▌ ▄▄▄▄· ▄▄▄▄▄ • ▌ ▄ ·. ▄· ▄▌ ██• ▪ ▐█ ▀█▪▪ •██ ▪ ·...

Madness Pro 1.14 Cross Site Scripting

!/usr/bin/env python2 -- coding: utf-8 -- Exploit Title: Madness Pro %3C%2Fscript%3E%3C%2Fa%3E" "%3Ca%20href%3D%22%23%22%20onclick%3D%5C%22setstatus\'12345".formatpanelindexurl, beefhookurl print f.re...

Madness Pro 1.14 - Persistent Cross-Site Scripting

!/usr/bin/env python2 -- coding: utf-8 -- Exploit Title: Madness Pro %3C%2Fscript%3E%3C%2Fa%3E"...

Medium: mod_security

Issue Overview: apache2/modsecurity.c in ModSecurity before 2.7.6 allows remote attackers to bypass rules by using chunked transfer coding with a capitalized Chunked value in the Transfer-Encoding HTTP header. Affected Packages: modsecurity Issue Correction: Run yum update modsecurity or yum upda...

[USN-2105-1] MAAS vulnerabilities

========================================================================== Ubuntu Security Notice USN-2105-1 February 13, 2014 maas vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

Localize: Apache2 /icons/ folder accessible

The Apache2 icons folder is accessible from http://www.localize.io/icons/. This is not by definition dangerous, but removing the directory can help obfuscate the server version you're running, which may prevent targeted attacks against your web server. To remove the directory you should look for...

Debian Security Advisory DSA 2908-1 (openssl - security update)

Multiple vulnerabilities have been discovered in OpenSSL. The following Common Vulnerabilities and Exposures project ids identify them: CVE-2010-5298 A read buffer can be freed even when it still contains data that is used later on, leading to a use-after-free. Given a race condition in a...

CVE-2013-5705

apache2/modsecurity.c in ModSecurity before 2.7.6 allows remote attackers to bypass rules by using chunked transfer coding with a capitalized Chunked value in the Transfer-Encoding HTTP header...

CVE-2013-5705

Affected software: ModSecurity (Apache module) before 2.7.6. Root cause: flawed handling of chunked Transfer-Encoding with a capitalized Chunked value in the HTTP header. Impact: remote attackers can bypass mod_security rules. Remediation: upgrade to ModSecurity 2.7.6 or newer (as cited by multip...

CVE-2013-5705

apache2/modsecurity.c in ModSecurity before 2.7.6 allows remote attackers to bypass rules by using chunked transfer coding with a capitalized Chunked value in the Transfer-Encoding HTTP header...

Ubuntu 10.04 LTS / 12.04 LTS / 12.10 / 13.10 : apache2 vulnerabilities (USN-2152-1)

Ning Zhang & Amin Tora discovered that the moddav module incorrectly handled whitespace characters in CDATA sections. A remote attacker could use this issue to cause the server to stop responding, resulting in a denial of service. CVE-2013-6438 Rainer M Canavan discovered that the modlogconfig...

Ubuntu Update for apache2 USN-2152-1

Check for the Version of apache2 OpenVAS Vulnerability Test $Id: gbubuntuUSN21521.nasl 7957 2017-12-01 06:40:08Z santu $ Ubuntu Update for apache2 USN-2152-1 Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This program is free software...

Ubuntu: Security Advisory (USN-2152-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2011-3196

The CVE-2011-3196 issue affects Domain Technologie Control (DTC) prior to version 0.34.1. The root cause is world-readable permissions on /etc/apache2/apache2.conf, which allowed local users to read a configuration file and obtain the dtcdaemons MySQL password. Impact was local, with confidential...

discuz x3.0 20130801版本发表日志可xss

简要描述： 论坛开启日志功能的情况下，发表日志，在引入网络图片时可以实现xss。 详细说明： 一、详细说明： 1、论坛开启日志功能。 2、用户登录后打开日志功能。 3、发表日志，在引入网络图片时可以实现xss。 在ubuntu12.04LTS下搭建的apache2+php+mysql环境下，使用一切默认设置可以再现此漏洞，但我使用win2003时，之前能够再现，在没有更新配置的情况下发现今天不可再现此漏洞，onerror被替换成了点（.） 漏洞证明： 1、登录后打开日志模块。 2、发表日志，内容如下： 3、单击提交 4、提交日志后再浏览日志。...

CVE-2013-1090

The SUSE horde5 package before 5.0.2-2.4.1 sets incorrect ownership for certain configuration files and directories including /etc/apache2/vhosts.d, which allows local wwwrun users to gain privileges via unspecified vectors...

Buffer overflow

The SUSE horde5 package before 5.0.2-2.4.1 sets incorrect ownership for certain configuration files and directories including /etc/apache2/vhosts.d, which allows local wwwrun users to gain privileges via unspecified vectors...

CVE-2013-1090

CVE-2013-1090 affects the SUSE horde5 package prior to 5.0.2-2.4.1. The issue is incorrect ownership for certain configuration files and directories, including /etc/apache2/vhosts.d, which can enable local wwwrun users to gain privileges via unspecified vectors. This is a local-privilege-escalati...

CVE-2013-1090

The SUSE horde5 package before 5.0.2-2.4.1 sets incorrect ownership for certain configuration files and directories including /etc/apache2/vhosts.d, which allows local wwwrun users to gain privileges via unspecified vectors...

SuSE 11.2 / 11.3 Security Update : Apache2 (SAT Patch Numbers 8137 / 8138)

This collective update for Apache provides the following fixes : - Make sure that input that has already arrived on the socket is not discarded during a non-blocking read read2 returns 0 and errno is set to -EAGAIN. bnc815621 - Close the connection just before an attempted re-negotiation if data...