ASP Stats Generator <= 2.1.1 SQL Injection Vulnerabilities

No description provided by source. /------------------------------------------------ IHS Public advisory -------------------------------------------------/ ASP Stats Generator SQL-ASP injection - Code Excution ASP Stats Generator is a powerful website counter, completely written in ASP programmin...

ASP Stats Generator 2.1.1 - SQL Injection

/------------------------------------------------ IHS Public advisory -------------------------------------------------/ ASP Stats Generator SQL-ASP injection - Code Excution ASP Stats Generator is a powerful website counter, completely written in ASP programming language. The application is able...

ASP Stats Generator <= 2.1.1 SQL Injection Vulnerabilities

Exploit for unknown platform in category web applications ========================================================== ASP Stats Generator = 2.1.1 SQL Injection Vulnerabilities ========================================================== /------------------------------------------------ IHS Public...

[SA19306] Quick &#39;n Easy Web Server ASP Code Disclosure Vulnerability

TITLE: Quick 'n Easy Web Server ASP Code Disclosure Vulnerability SECUNIA ADVISORY ID: SA19306 VERIFY ADVISORY: http://secunia.com/advisories/19306/ CRITICAL: Moderately critical IMPACT: Exposure of sensitive information WHERE: From remote SOFTWARE: Quick and Easy Web Server 3.x...

Replace the small bamboo of the NBSI2: the Opendatasource And Openrowset-vulnerability warning-the black bar safety net

Currently on the market of SQL Injection tools a lot, the most respected is the NBSI2. SQL Injection method on the Internet is everywhere, everyone serious to learn it will soon become the script of the invasion“master”it. But whether it is tools, or numerous methods, to guess the SQL data when t...

MS Windows IIS 5.0 (500-100.asp) Server Name Spoof Exploit

Exploit for unknown platform in category remote exploits ========================================================== MS Windows IIS 5.0 500-100.asp Server Name Spoof Exploit ========================================================== /...

MS Windows IIS 5.0 (500-100.asp) Server Name Spoof Exploit

No description provided by source. / ==================================================================================== || || || || || || || || || || ==================================================================================== Name: IIS 5.x and IIS 6.0 Server Name Spoof PoC File:...

Microsoft IIS 5.0 - &#039;500-100.asp&#039; Server Name Spoof

/ ==================================================================================== || || || || || || || || || || ==================================================================================== Name: IIS 5.x and IIS 6.0 Server Name Spoof PoC File: IIS5.xandIIS6.0ServerNameSpoof.c...

Microsoft IIS 5.0 - 500-100.asp Server Name Spoof

Microsoft IIS 5.0 - 500-100.asp Server Name Spoof / ==================================================================================== || || || || || || || || || || ==================================================================================== Name: IIS 5.x and IIS 6.0 Server Name Spoof P...

Remote IIS 5.x and IIS 6.0 Server Name Spoof

Remote IIS 5.x and IIS 6.0 Server Name Spoof It is possible to remotely spoof the "SERVERNAME" Microsoft® Internet Information Server® 5.0, 5.1 and 6.0 server variable by doing a modified HTTP request. Thus potentially revealing sensitive ASP code through the IIS 500-100.asp error page, the spoof...

CVE-2005-2624

Eval injection vulnerability in CPAINT 1.3-SP allows remote attackers to execute arbitrary ASP code via the cpaintargument parameter to 1 calculator.asp or 2 cpaintfile.asp, which is directly fed into an eval statement...

CVE-2005-2624

CVE-2005-2624 affects CPAINT 1.3-SP. The vulnerability occurs when user-supplied cpaint_argument[] is fed directly into an eval statement in calculator.asp and cpaintfile.asp, allowing remote attackers to execute arbitrary ASP code. The root cause is eval-injection via unsanitized input. The publ...

CVE-2005-2624

Eval injection vulnerability in CPAINT 1.3-SP allows remote attackers to execute arbitrary ASP code via the cpaintargument parameter to 1 calculator.asp or 2 cpaintfile.asp, which is directly fed into an eval statement...

srcgrab.pl.txt

Subject: Re: Translate:f summary, history and thoughts Simple perl script exploit for the problem. Please find a simple perl script included at the bottom that exploits below described problem. ----- Original Message ----- From: "Daniel Doèekal" To: Sent: Tuesday, August 15, 2000 7:39 PM Subject:...

Translate:f summary, history and thoughts

Because Microsoft went the way of HIDING the actual mechanism of Translate:f from all of us original KB article is gone and new Security Bulletin is playing nasty game of downplaying the problem, i have decided to write follow up with sufficient information. HOW IT WORKS -------------------------...