openSite 0.2.2 Beta Local File Inclusion

opensite-v0.2.2-beta === Local File Include vuln By n0n0x Homepage: http://priasantai.uni.cc/ Download script :http://sourceforge.net/projects/contentone/files/openSite/opensite-v0.2.2-beta/opensite-v0.2.2-beta.zip/download ========================================= xpl :...

amoeba CMS 1.01 - Multiple Vulnerabilities

amoeba CMS 1.01 - Multiple Vulnerabilities !/usr/bin/python """ Amoeba CMS v1.01 multiple remote vulnerabilities: Vendor: http://www.amoebacms.com/ Found by: mrme Contact date: 20/12/2010 2:37pm EST SQL Injection: ============= There is quite a few instances of pre/post auth SQL Injection in the...

IPN Development Handler 2.0 - Multiple Vulnerabilities

IPN Development Handler 2.0 - Multiple Vulnerabilities IPN Development Handler v2.0 CSRF Change Admin Account ============================================================== .:. Author : AtT4CKxT3rR0r1ST [email protected] .:. Script :...

IPN Development Handler 2.0 - Multiple Vulnerabilities

IPN Development Handler v2.0 CSRF Change Admin Account ============================================================== .:. Author : AtT4CKxT3rR0r1ST [email protected] .:. Script : http://scripts.filehungry.com/product/php/e-commerce/paypal/ipndevelopmenthandler/ === Exploit === IPN Development Handler...

IPN Development Handler 2.0 SQL Injection / Cross Site Request Forgery

IPN Development Handler v2.0 CSRF Change Admin Account ============================================================== .:. Author : AtT4CKxT3rR0r1ST [email protected] .:. Script : http://scripts.filehungry.com/product/php/e-commerce/paypal/ipndevelopmenthandler/ === Exploit === IPN Development Handler...

Elcom CommunityManager.NET Auth Bypass Vulnerability - Security Advisory - SOS-10-004

Elcom CommunityManager.NET Auth Bypass Vulnerability - Security Advisory - SOS-10-004 Release Date. 20-Dec-2010 Last Update. - Vendor Notification Date. 22-Jan-2010 Product. Elcom Technology's CommunityManager.NET Platform. IIS with ASP.NET Affected versions. v6.7 verified and possibly others...

Elcom CommunityManager.NET Auth Bypass Vulnerability

Exploit for asp platform in category web applications Elcom CommunityManager.NET Auth Bypass Vulnerability - Security Advisory - SOS-10-004 Release Date. 20-Dec-2010 Last Update. - Vendor Notification Date. 22-Jan-2010 Product. Elcom Technology's CommunityManager.NET Platform. IIS with ASP.NET...

Nmap NSE: Auth Owners

This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Nmap NSE: Auth Spoof

This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Nmap NSE: Auth Owners

This script attempts to find the owner of an open TCP port by querying an auth daemon. This is a wrapper on the Nmap Security Scanner's http://nmap.org auth-owners.nse. OpenVAS Vulnerability Test $Id: gbnmapauthowners.nasl 7006 2017-08-25 11:51:20Z teissa $ Wrapper for Nmap Auth Owners NSE script...

Nmap NSE: Auth Spoof

This script attempts to checks for an identd auth server which is spoofing its replies. This is a wrapper on the Nmap Security Scanner's http://nmap.org auth-spoof.nse. OpenVAS Vulnerability Test $Id: gbnmapauthspoof.nasl 7000 2017-08-24 11:51:46Z teissa $ Wrapper for Nmap Auth Spoof NSE script...

Basic auth authentication does not allow files to be attached in 4.2

From the customer support case quote When using osauthType=basic to login to JIRA 4.2 a user is able to upload an attachment as a temporary file, but is unable to attach the temporary file to the issue. We noticed the exact same behavior ... had worked with JIRA 4.1.2. quote The Atlassian support...

Basic auth authentication does not allow files to be attached in 4.2

From the customer support case quote When using osauthType=basic to login to JIRA 4.2 a user is able to upload an attachment as a temporary file, but is unable to attach the temporary file to the issue. We noticed the exact same behavior ... had worked with JIRA 4.1.2. quote The Atlassian support...

Fedora 14 : openconnect-2.26-4.fc14 (2010-18055)

This update implements DTLS rekeying, elides the session cookie from debugging output by default, and fixes a potential crash on relative HTTP redirect during authentication. It also fixes a problem which occurs when changing VPN hosts in the NetworkManager auth-dialog, after the connection to th...

Fedora 13 : openconnect-2.26-2.fc13 (2010-18053)

This update implements DTLS rekeying, elides the session cookie from debugging output by default, and fixes a potential crash on relative HTTP redirect during authentication. It also fixes a problem which occurs when changing VPN hosts in the NetworkManager auth-dialog, after the connection to th...

CVE-2010-3705

The sctpauthasocgethmac function in net/sctp/auth.c in the Linux kernel before 2.6.36 does not properly validate the hmacids array of an SCTP peer, which allows remote attackers to cause a denial of service memory corruption and panic via a crafted value in the last element of this array...

AWCM 2.2 SQL Injection

AWCM v2.2 Auth Bypass Vulnerabilities /\ \ /\ \ /\ /\ \ \ \ \L\ \ \ /'\ /\ \ \ ,\ \ \ \ \ /\ /\ \ /'\ \ , /\ \ /' \ /' \ \ \ /\ \ \ /'\ \ \ /\ \ \ /\ /\ \ \\ \ /\ /\ /\ \L\ \ \ \ \ \ \ \ /\ / \ \ \ /\ \\ \ \ \ \ \ \ \ \ \\ \ \ \ // // // ///////////L\ \ //...

some ooold Juniper bugs (was: [Full-disclosure] ZDI-10-231: Juniper Secure Access Series meeting_testjava.cgi XSS Vulnerability)

This reminded me of a bunch of problems I spotted in Juniper SSL VPN a while ago; they are apparently fixed, but I don't recall seeing any public vendor advisory / credit for reporting them - so here you go, even if just for the record... These were fixed by Juniper in IVE 6.3R1, 6.2R3, 6.1R5,...

Max Anket v1.0 - Multiple Remote Vulnerabilities

Exploit for php platform in category web applications ================================================ Max Anket v1.0 - Multiple Remote Vulnerabilities ================================================ 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\...

SuSE 10 Security Update : squid (ZYPP Patch Number 6931)

The following vulnerabilities have been fixed in squid : - DoS via special crafted auth header CVE-2010-0308: DoS via invalid DoS header. CVE-2009-2855 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc';...