Samba SWAT 3.0.2 - 3.0.4 HTTP Basic Auth base64 Buffer Overflow

According to its banner, the version of Samba running on the remote host is between 3.0.2 and 3.0.4, inclusive. An error exists in the base64 decoding functions, which can result in a buffer overflow. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc';...

Authentication Bypass and Blind LDAP Injection in extension eu_ldap

It has been discovered that the extension euladap is vulnerable to Authentication Bypass and Blind LDAP Injection Component Type: Third party extension. This extension is not a part of the TYPO3 default installation. Affected Versions: Version 2.8.10 and all versions below Vulnerability Type:...

Jara 1.6 - Multiple Vulnerabilities

Jara 1.6 - Multiple Vulnerabilities !/Mohammed/bin/YahYa Jara v1.6 Multiple Vulnerabilities -------------------------------------------+ download : http://sourceforge.net/projects/jara/files/v1.6/jarav16.zip AutHOr : Or4nG.M4n cOntAct : priv8teathotmail.com versiOn : v1.6 Tested : My Mind :...

Jara 1.6 - Multiple Vulnerabilities

!/Mohammed/bin/YahYa Jara v1.6 Multiple Vulnerabilities -------------------------------------------+ download : http://sourceforge.net/projects/jara/files/v1.6/jarav16.zip AutHOr : Or4nG.M4n cOntAct : priv8teathotmail.com versiOn : v1.6 Tested : My Mind :...

Jara v1.6 Multiple Vulnerabilities

Exploit for php platform in category web applications !/Mohammed/bin/YahYa Jara v1.6 Multiple Vulnerabilities -------------------------------------------+ download : http://sourceforge.net/projects/jara/files/v1.6/jarav16.zip AutHOr : Or4nG.M4n cOntAct : priv8teathotmail.com versiOn : v1.6 Tested...

CVE-2010-4930

Cross-site scripting XSS vulnerability in index.php in @mail Webmail before 6.2.0 allows remote attackers to inject arbitrary web script or HTML via the MailType parameter in a mail/auth/processlogin action...

Bintech Systems LLC Admin Auth Bypass Exploit

Exploit for php platform in category web applications 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 +...

Car Portal 2.0 SQL Injection

Exploit Title: Car Portal Auth Bypass SQL injection Valunrability Google Dork: n/a Date: 18.09.2011 Author: m3rciL3Ss Software Link:http://www.netartmedia.net/carsportal/ Version:v2.0 Tested on:http://www.wscreator.com/autoportal1/ [email protected] Exploit: Username: 'or' 1=1 Password: 'or' 1=1...

Card Sharj SQL Injection

. \ \ | | | / | \ | | / | \ \ / | |/ / / / \ | | \ |/ \ | | / /\ | \ | /\ / / / / / /// .ORG + Info================================================================= - Exploit Title: Card sharj scripts Auth Bypass & Sqli Vulnerability - Author: Net.Edit0r - Home : Black-HG.Org - Version:...

USN-1208-1: Linux kernel (Marvel DOVE) vulnerabilities

Dan Rosenberg discovered that multiple terminal ioctls did not correctly initialize structure memory. A local attacker could exploit this to read portions of kernel stack memory, leading to a loss of privacy. CVE-2010-4076, CVE-2010-4077 Alex Shi and Eric Dumazet discovered that the network stack...

TomatoCart 1.1 Post Auth Local File Inclusion Vulnerability

Exploit for php platform in category web applications Exploit Title: TomatoCart 1.1 PostAuth Local File Include Google Dork: "Powered by TomatoCart" Date: 25.10.2010 Author: brainpillow Software Link: http://www.tomatocart.com/ Version: 1.1 ========================================================...

HTTP Brute Force Logins With Default Credentials

A number of known default credentials are tried for the login via HTTP Basic Auth. As this VT might run into a timeout the actual reporting of this vulnerability takes place in the VT SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, an...

xmpp-info NSE Script

Connects to XMPP server port 5222 and collects server information such as: supported auth mechanisms, compression methods, whether TLS is supported and mandatory, stream management, language, support of In-Band registration, server capabilities. If possible, studies server vendor. Script Argument...

mWebnet SQL Injection

================================================= mWebnet Auth Bypass SQL Injection Vulnerability ================================================= 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' ...

TinyWebgallery v1.8.4 (Flash-uploader) Multiple Vulnerabilities

Exploit for php platform in category web applications 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 +...

SuSE 10 Security Update : apache2-mod_auth_mysql (ZYPP Patch Number 7682)

This update of apache2-modauthmysql fixes a possible SQL injection vulnerability that can be exploited using multibyte character encoding. CVE-2008-2384: CVSS v2 Base Score: 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N: SQL Injection. CWE-89 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text...

TinyWebGallery 1.8.4 SQL Injection / Shell Upload / Local File Inclusion

1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : 1337day.com 0 1 + Support e-mail :...

vAuthenticate 3.0.1 Auth Bypass by Cookie SQL Injection Vulnerability

Exploit for php platform in category web applications ----------------------------------------------------------------------- vAuthenticate 3.0.1 Auth Bypass by Cookie SQL Injection Vulnerability ----------------------------------------------------------------------- Author: bd0rk Contact:...

vAuthenticate 3.0.1 SQL Injection

----------------------------------------------------------------------- vAuthenticate 3.0.1 Auth Bypass by Cookie SQL Injection Vulnerability ----------------------------------------------------------------------- Author: bd0rk Contact: bd0rkathackermail.com Date: 2011 / 08 / 30 MEZ-Time: 01:35...

Omnistar Mailer - Multiple Vulnerabilities

1 1 0 I'm Sid3^effects member from Inj3ct0r Team 1 1 0 0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1 Name : Omnistar Mailer SQLi Vulnerability Date : june, 21 2010 Critical Level : HIGH Vendor Url : http://www.omnistarmailer.com/ Author : Sid3^effects aKa HaRi special...