man2web Multiple Scripts Arbitrary Command Execution

The remote host appears to be running man2web, a program for dynamically converting unix man pages to HTML. The installed version of man2web allows attackers to execute arbitrary shell commands on the remote host subject to the privileges of the web server user id. %NASLMINLEVEL 70300 C Tenable...

Netquery <= 3.11 nquser.php host Parameter Arbitrary Command Execution

The remote host is running Netquery, a suite of network information utilities written in PHP. The installed version of Netquery lets an attacker execute arbitrary commands within the context of the affected web server user id by passing them through the 'host' parameter of the 'nquser.php' script...

[SECURITY] [DSA 782-1] New bluez-utils packages fix arbitrary command execution

-------------------------------------------------------------------------- Debian Security Advisory DSA 782-1 [email protected] http://www.debian.org/security/ Martin Schulze August 23rd, 2005 http://www.debian.org/security/faq -...

Multiple MacOS X vulnerabilities

Apple Mac OS X Directory Services contains a buffer overflow, Apple Mac OS X Server servermgrd authentication vulnerable to buffer overflow, Apple Mac OS X AppKit vulnerable to buffer overflow via the handling of maliciously crafted rich text files, Apple Mac OS X AppKit vulnerable to buffer...

Zorum 3.5 remote code execution poc exploit

Zorum 3.5 remote code execution poc exploit software: description: Zorum is a freely available, open source Web-based forum application implemented in PHP. It is available for UNIX, Linux, and any other platform that supports PHP script execution. author site: http://zorum.phpoutsourcing.com/ 1...

GLSA-200508-09 : bluez-utils: Bluetooth device name validation vulnerability

The remote host is affected by the vulnerability described in GLSA-200508-09 bluez-utils: Bluetooth device name validation vulnerability The name of a Bluetooth device is improperly validated by the hcid utility when a remote device attempts to pair itself with a computer. Impact : An attacker...

PHPOutsourcing Zorum 3.5 - &#039;Prod.php&#039; Arbitrary Command Execution

source: https://www.securityfocus.com/bid/14601/info Zorum is prone to an arbitrary command execution vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. This issue may facilitate unauthorized remote access in the context of the Web server to...

PHPOutsourcing Zorum 3.5 - Prod.php Arbitrary Command Execution

PHPOutsourcing Zorum 3.5 - Prod.php Arbitrary Command Execution source: https://www.securityfocus.com/bid/14601/info Zorum is prone to an arbitrary command execution vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. This issue may facilitat...

gforgeexec.txt

-------------------------------------------------------------------------- Vendor : Gforge http://gforge.org Product : gforge Affected versions : = 4.0 & Debian pkg 3.1-30 Vulnerability : Input validation flaw Problem-Type : remote Severity : High, arbitrary command execution Author : Filippo Spi...

AWStats Referrer Header Arbitrary Command Execution

The remote host is running AWStats, an open source web analytics tool used for analyzing data from internet services such as web, streaming, media, mail and FTP servers. The version of AWStats installed on the remote host collects data about the web referrers and uses them without proper sanitati...

[SECURITY] [DSA 772-1] New apt-cacher package fixes arbitrary command execution

-------------------------------------------------------------------------- Debian Security Advisory DSA 772-1 [email protected] http://www.debian.org/security/ Martin Schulze August 3rd, 2005 http://www.debian.org/security/faq -...

WPS Web-Portal-System wps_shop.cgi art Parameter Arbitrary Command Injection

The remote host is running the WPS Web-Portal-System. The version of this software installed on the remote host is vulnerable to remote command execution flaw through the argument 'art' of the script 'wpsshop.cgi'. A malicious user could exploit this flaw to execute arbitrary commands on the remo...

[SECURITY] [DSA 762-1] New affix packages fix arbitrary command and code execution

-------------------------------------------------------------------------- Debian Security Advisory DSA 762-1 [email protected] http://www.debian.org/security/ Martin Schulze July 19th, 2005 http://www.debian.org/security/faq -...

phpBB 2.0.15 Remote PHP Code Execution Exploit (metasploit)

Exploit for unknown platform in category web applications =========================================================== phpBB 2.0.15 Remote PHP Code Execution Exploit metasploit =========================================================== Title: phpBB 2.0.15 arbitrary command execution eXploit Name:...

phpBB 2.0.15 - PHP Remote Code Execution (Metasploit)

phpBB 2.0.15 - PHP Remote Code Execution Metasploit Title: phpBB 2.0.15 arbitrary command execution eXploit Name: phpphpbb2015.pm License: Artistic/BSD/GPL Info: Coded because of boredom. - This is an exploit module for the Metasploit Framework, please see http://metasploit.com/projects/Framework...

DSA-762-1 affix - several

Bulletin has no description...

phpBB 2.0.15 - PHP Remote Code Execution (Metasploit)

Title: phpBB 2.0.15 arbitrary command execution eXploit Name: phpphpbb2015.pm License: Artistic/BSD/GPL Info: Coded because of boredom. - This is an exploit module for the Metasploit Framework, please see http://metasploit.com/projects/Framework for more information. package...

Debian DSA-760-1 : ekg - several vulnerabilities

Several vulnerabilities have been discovered in ekg, a console Gadu Gadu client, an instant messaging program. The Common Vulnerabilities and Exposures project identifies the following vulnerabilities : - CAN-2005-1850 Marcin Owsiany and Wojtek Kaniewski discovered insecure temporary file creatio...

phpBB 2.0.15 Remote PHP Code Execution Exploit (metasploit)

No description provided by source. Title: phpBB 2.0.15 arbitrary command execution eXploit Name: phpphpbb2015.pm License: Artistic/BSD/GPL Info: Coded because of boredom. - This is an exploit module for the Metasploit Framework, please see http://metasploit.com/projects/Framework for more...

[SECURITY] [DSA 760-1] New ekg packages fix several vulnerabilities

-------------------------------------------------------------------------- Debian Security Advisory DSA 760-1 [email protected] http://www.debian.org/security/ Martin Schulze July 18th, 2005 http://www.debian.org/security/faq -...