7628 matches found
DSA-1039-1 blender - several
Bulletin has no description...
CVE-2006-1865
Argument injection vulnerability in Beagle before 0.2.5 allows attackers to execute arbitrary commands via crafted filenames that inject command line arguments when Beagle launches external helper applications while indexing...
PAJAX < 0.5.2 Multiple Vulnerabilities
The remote host is running PAJAX, a PHP library for remote asynchronous objects in JavaScript. The version of PAJAX installed on the remote host fails to validate input to the 'pajax/pajaxcalldispatcher.php' script before using it in a PHP 'eval' function. An unauthenticated attacker can exploit...
SimpleBBS 1.0.6/1.0.7/1.1 - Arbitrary Command Execution
source: https://www.securityfocus.com/bid/17501/info SimpleBBS is prone to an arbitrary command-execution vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this vulnerability to execute arbitrary PHP commands in the...
SimpleBBS 1.0.61.0.71.1 - Arbitrary Command Execution
SimpleBBS 1.0.61.0.71.1 - Arbitrary Command Execution source: https://www.securityfocus.com/bid/17501/info SimpleBBS is prone to an arbitrary command-execution vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this...
CVE-2006-1403
CVE-2006-1403 affects csDoom (client/server Doom) up to version 0.7. The vulnerability is in PrintString (c_console.cpp) and arises from a format-string issue, allowing remote attackers to cause a denial of service and potentially execute arbitrary commands via strings passed to the console. The ...
WebGUI < 6.7.6 arbitrary command execution
The remote web server contains a CGI script that is prone to arbitrary code execution. Description : The remote host is running WebGUI, a content management system from Plain Black Software. The installed version of WebGUI on the remote host fails to sanitize user-supplied input via the OpenVAS...
ATutor < 1.5.1-pl1 Multiple Flaws
The remote web server contains a PHP application that is prone to multiple flaws. The remote host is running ATutor, an open-source web-based Learning Content Management System LCMS written in PHP. The version of ATutor installed on the remote host may be vulnerable to arbitrary command execution...
WebGUI < 6.7.6 arbitrary command execution
The installed version of WebGUI on the remote host fails to sanitize user-supplied input via the SPDX-FileCopyrightText: 2005 David Maciejak Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...
CVE-2006-1061
Heap-based buffer overflow in cURL and libcURL 7.15.0 through 7.15.2 allows remote attackers to execute arbitrary commands via a TFTP URL tftp:// with a valid hostname and a long path...
openssh security update
CentOS Errata and Security Advisory CESA-2006:0044 Updated openssh packages that fix bugs in sshd and add auditing of user logins are now available for Red Hat Enterprise Linux 4. This update has been rated as having low security impact by the Red Hat Security Response Team. OpenSSH is OpenBSD's...
Low: Red Hat Security Advisory: openssh security update
Updated openssh packages that fix bugs in sshd and add auditing of user logins are now available for Red Hat Enterprise Linux 4. This update has been rated as having low security impact by the Red Hat Security Response Team. OpenSSH is OpenBSD's SSH Secure SHell protocol implementation. This...
Limbo CMS index.php Itemid Parameter Arbitrary Command Execution
The remote host is running Limbo CMS, a content-management system written in PHP. The installed version of Limbo fails to sanitize input to the 'Itemid' parameter before using it as part of a search string in an 'eval' statement in the 'classes/adodbt/readtable.php' script. Regardless of PHP's...
SMBlog 1.2 - Arbitrary PHP Command Execution
SMBlog 1.2 - Arbitrary PHP Command Execution source: https://www.securityfocus.com/bid/16905/info SMBlog is prone to an arbitrary command-execution vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this issue to...
SMBlog 1.2 - Arbitrary PHP Command Execution
source: https://www.securityfocus.com/bid/16905/info SMBlog is prone to an arbitrary command-execution vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this issue to execute arbitrary PHP commands on the vulnerable...
OpenSSH, Dropbear: Insecure use of system() call
Background OpenSSH is a free application suite consisting of server and clients that replace tools like telnet, rlogin, rcp and ftp with more secure versions offering additional functionality. Dropbear is an SSH server and client designed with a small memory footprint that includes OpenSSH scp...
DEBIAN-CVE-2006-0626
SQL injection vulnerability in spipaccesdoc.php3 in SPIP 1.8.2g and earlier allows remote attackers to execute arbitrary SQL commands via the file parameter...
myquiz101.pl.txt
This Perl Exploit for MyQuiz 1.01 Arbitrary Command Execution Exploit. Athour : Hessam-x - www.hessamx.net +IHST : iran hackerz security team hackerz.ir Perl exploit !/usr/bin/perl = MyQuiz Remote Command Execution Exploit - By Hessam-x / www.hackerz.ir manual exploiting --...
MyQuiz 1.01 - 'PATH_INFO' Arbitrary Command Execution
!/usr/bin/perl = MyQuiz Remote Command Execution Exploit - By Hessam-x / www.hackerz.ir manual exploiting -- http://target/cgi-bin/myquiz.pl/ask/;| SecurityFocus bug : http://www.securityfocus.com/archive/1/423921/30/0/threaded / | \ | | / \ \ / | |/ // \ \ / \ Y // \ | | \ | / \ / / / / /...
Irix LPD tagprinter Command Execution
This module exploits an arbitrary command execution flaw in the in.lpd service shipped with all versions of Irix. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Irix LPD tagprinter Command...