PT-2006-6566 · @Cid · @Cid Stats

Name of the Vulnerable Software and Affected Versions: @cid stats version 2.3 Description: A remote file inclusion issue in install.php3 allows remote attackers to execute arbitrary PHP code via a URL in the repertoire parameter. Note that this issue has been disputed by a third party, who claims...

CVE-2006-4896

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-4785. Reason: This candidate is a duplicate of CVE-2006-4785. Notes: All CVE users should reference CVE-2006-4785 instead of this candidate. All references and descriptions in this candidate have been removed to prevent...

feedsplitter considered harmful

I was looking through the feedsplitter.php script avaiable from http://chxo.com/software/feedsplitter/, version 2006-01-21 revision 1.7 according to the RCS $Id$, but that looks out of date today, and noticed a few problems. Background: feedsplitter turns RSS feeds into HTML or javascript so you...

PT-2006-5246 · Cutenews · Cutenews

Name of the Vulnerable Software and Affected Versions: CuteNews versions 1.3.x Description: The issue allows remote attackers to potentially execute arbitrary PHP code via a URL in the cutepath parameter to API endpoints such as "show news.php" or "search.php". However, analysis has not identifie...

PT-2006-4031 · Nucleus · Nucleus

Name of the Vulnerable Software and Affected Versions: Nucleus version 3.23 Description: The issue allows remote attackers to execute arbitrary PHP code via a URL using the DIR LIBS parameter in various files, including path/action.php, media.php, /xmlrpc/server.php, and /xmlrpc/api...

win32 Download & Exec Shellcode 226 bytes+

Exploit for win32 platform in category shellcode ========================================== win32 Download & Exec Shellcode 226 bytes+ ========================================== / \ WINSHELLCODE / :: win32 download & exec shellcode :: \ :: by Darkeagle of Unl0ck Research Team http://exploiterz.or...

CVE-2005-4753

BEA WebLogic Server and WebLogic Express 8.1 SP4 and earlier, and 7.0 SP6 and earlier, in certain "heavy usage" scenarios, report incorrect severity levels for an audit event, which might allow attackers to perform unauthorized actions and avoid detection...

PT-2005-5346 · Mirc · Mirc

Name of the Vulnerable Software and Affected Versions: mIRC versions 5.91 through 6.16 Description: A buffer overflow issue allows local users to potentially execute arbitrary code by entering a long string after reaching the DCC Get Folder Dialog. The vendor has disputed this issue, suggesting i...

Byshell Backdoor:no process without DLL no disk file-the vulnerability warning-the black bar safety net

For readers: invasion enthusiasts, network administrators, black Controller fans Pre-knowledge: C basic syntax Liu stream: the back door is the hackers of the eternal topic in each big website such as the 1 6 3, Yahoo, Peking University, etc. have been black after that, more and more people began...

CVE-2005-4129

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2005-4092. Reason: This candidate is a reservation duplicate of CVE-2005-4092. Notes: All CVE users should reference CVE-2005-4092 instead of this candidate. All references and descriptions in this candidate have been removed to...

Newcomers scratch contact of hacking knowledge learning method-vulnerability warning-the black bar safety net

P today, there are many people ask me:“I read your article, but I'm new, Is there any learning method?” My answer is;“of course there Ah, but people and people are different, the method is their summary out, and my previous articles the noun are the same as me in learning based on their own...

CVE-2005-1346

Multiple Symantec AntiVirus products, including Norton AntiVirus 2005 11.0.0, Web Security Web Security 3.0.1.72, Mail Security for SMTP 4.0.5.66, AntiVirus Scan Engine 4.3.7.27, SAV/Filter for Domino NT 3.1.1.87, and Mail Security for Exchange 4.5.4.743, when running on Windows, allows remote...

PT-2005-2162 · Calendarscript · Calendarscript

Name of the Vulnerable Software and Affected Versions: CalendarScript version 3.21 Description: A cross-site scripting XSS issue exists in the login command of calendar.pl, allowing remote attackers to inject arbitrary web script or HTML via the username parameter. Recommendations: For...

Microsoft Internet Explorer Unspecified ActiveX Image Control Vulnerability

Description Microsoft has announced in the MS05-014 Cumulative Internet Explorer bulletin that the ActiveX Image Control 1.0 is no longer supported due to an unspecified security vulnerability. The cumulative update addresses the vulnerability by setting the kill-bit on the control so that it may...

LibTIFF vulnerable to integer overflow in the TIFFFetchStrip() routine

Overview An integer overflow in LibTIFF may allow a remote attacker to execute arbitrary code. Description LibTIFF is a library used to encode and decode images in Tag Image File Format TIFF. An integer overflow in the TIFFFetchStripThing routine within the tifdirread.c file may allow an attacker...

CVE-2003-1130

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2003-1071. Reason: This candidate is a duplicate of CVE-2003-1071. Notes: All CVE users should reference CVE-2003-1071 instead of this candidate. All references and descriptions in this candidate have been removed to prevent...

CVE-2003-0090

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2000-0844. Reason: This candidate is a duplicate of CVE-2000-0844. Notes: All CVE users should reference CVE-2000-0844 instead of this candidate. All references and descriptions in this candidate have been removed to prevent...

Do not scan printers

The remote host appears to be a network printer, multi-function device, or other fragile device. Such devices often react very poorly when scanned. To avoid problems, Nessus has marked the remote host as 'Dead' and will not scan it, beyond minimal probing traffic that allows the scanner to identi...

CVE-2002-0896

The CVE-2002-0896 entry concerns Swatch: the throttle capability may fail to report certain events if the same event type recurs after the throttle period or when multiple events matching the same watchfor expression don’t occur post-throttle. This could allow attackers to avoid detection. No spe...

PT-2000-1882 · Hewlett Packard · Hp-Ux

Name of the Vulnerable Software and Affected Versions: HP-UX version 11.00 Description: The issue allows local users to read arbitrary files via the -e option by creating a symlink to the target file during the crontab session, quitting the session, and reading the error messages that crontab...