Andy's PHP KnowledgeBase 0.95.4 - SQL Injection

------------------------------------------------------------------------ Software................Andy's PHP Knowledgebase Project 0.95.4 Vulnerability...........SQL Injection Threat Level............Critical 4/5 Download................http://www.aphpkb.org/ Discovery Date..........3/27/2011 Test...

mySeatXT 0.164 SQL Injection

------------------------------------------------------------------------ Software................mySeatXT 0.164 Vulnerability...........SQL Injection Download................http://sourceforge.net/projects/coursems Release Date............2/16/2011 Tested On...............Windows Vista + XAMPP...

WordPress < 3.0.2 Multiple Vulnerabilities

According to its version number, the installation of WordPress hosted on the remote web server is affected by multiple vulnerabilities : - A SQL injection vulnerability exists in the 'wp-includes/comment.php' script due to improper sanitization of user-supplied input to the 'Send Trackbacks' fiel...

Новый метод атаки через Reverse-IP

Новый метод атаки через reverse-ip Хоть статья и 2009 года, но до сих пор актуальна. 0. INTRO Вобщем не буду делать большое вступление. Недавно имело место хекать сайт. Шел был успешно залит на соседний, но вот беда на сервере грамотно выставленны права. Пришлось включать голову и думать. И в...

CVE-2010-1775

Race condition in Passcode Lock in Apple iOS before 4 on the iPhone and iPod touch allows physically proximate attackers to bypass intended passcode requirements, and pair a locked device with a computer and access arbitrary data, via vectors involving the initial boot...

Race condition

Race condition in Passcode Lock in Apple iOS before 4 on the iPhone and iPod touch allows physically proximate attackers to bypass intended passcode requirements, and pair a locked device with a computer and access arbitrary data, via vectors involving the initial boot...

CVE-2010-1775

Race condition in Passcode Lock in Apple iOS before 4 on the iPhone and iPod touch allows physically proximate attackers to bypass intended passcode requirements, and pair a locked device with a computer and access arbitrary data, via vectors involving the initial boot...

Microsoft Office Excel SxView Record Parsing Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office Excel. User interaction is required to exploit this vulnerability in that the target must open a malicious document. The specific flaw exists in the parsing of SXVIEW records in an...

Apple 10.6.3 chpass BSD Insecure Temp File Creating In /etc

!/bin/sh Apple private/etc fantastics-macbook: fantastic$ ./prdelka-vs-APPLE-chpass.sh Apple /etc/I.HAX.9GrrKm fantastics-macbook: fantastic$ cat /etc/I.HAX.9GrrKm Turtle power -- prdelka cat evil.c include include int mainint ar...

Cacti < 0.8.7f Multiple Input Validation Vulnerabilities

According to its self-reported version number, the Cacti application running on the remote web server is prior to version 0.8.7f. It is, therefore, potentially affected by the following vulnerabilities : - A vulnerability exists in 'templatesexport.php' due to improper validation of input to the...

Fedora Core 12 FEDORA-2009-13039 (kernel)

The remote host is missing an update to the kernel announced via advisory FEDORA-2009-13039. OpenVAS Vulnerability Test $Id: fcore200913039.nasl 6624 2017-07-10 06:11:55Z cfischer $ Description: Auto-generated from advisory FEDORA-2009-13039 kernel Authors: Thomas Reinke Copyright: Copyright c 20...

Gentoo Security Advisory GLSA 200912-01 (openssl)

The remote host is missing updates announced in advisory GLSA 200912-01. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

Fedora Core 12 FEDORA-2009-13039 (kernel)

The remote host is missing an update to the kernel announced via advisory FEDORA-2009-13039. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C b...

Gentoo Security Advisory GLSA 200912-01 (openssl)

The remote host is missing updates announced in advisory GLSA 200912-01. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR GPL-3.0-only...

Simple PHP Blog 0.4.0 Command Execution

$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'Simple PHP...

CVE-2009-2795

Heap-based buffer overflow in the Recovery Mode component in Apple iPhone OS before 3.1, and iPhone OS before 3.1.1 for iPod touch, allows local users to bypass the passcode requirement and access arbitrary data via vectors related to "command parsing."...

Heap overflow

Heap-based buffer overflow in the Recovery Mode component in Apple iPhone OS before 3.1, and iPhone OS before 3.1.1 for iPod touch, allows local users to bypass the passcode requirement and access arbitrary data via vectors related to "command parsing."...

Waverider Systems Perlshop - Multiple Input Validation Vulnerabilities

source: https://www.securityfocus.com/bid/43158/info Perlshop is prone to multiple input-validation vulnerabilities including a nondescript input-validation vulnerability, multiple cross-site scripting vulnerabilities, and a directory-traversal vulnerability because it fails to sufficiently...

McAfee 3.6.0.608 naPolicyManager.dll ActiveX Arbitrary Data Write Vuln

No description provided by source. GOODFELLAS Security Research TEAM http://goodfellas.shellcode.com.ar Greetings to str0ke McAfee, Inc. 3.6.0.608 Policy Manager naPolicyManager.dll Arbitrary Data Write ============================================================================== Internal ID:...

McAfee 3.6.0.608 - naPolicyManager.dll ActiveX Arbitrary Data Write

McAfee 3.6.0.608 - naPolicyManager.dll ActiveX Arbitrary Data Write GOODFELLAS Security Research TEAM http://goodfellas.shellcode.com.ar Greetings to str0ke McAfee, Inc. 3.6.0.608 Policy Manager naPolicyManager.dll Arbitrary Data Write...