60 matches found
Delete Users from XenMobile Database
For XenMobile environment 10.4 and below, we do not have the option to delete the user from the console.You will have to delete the user from the database manually. Use the following SQL query to delete all rows associated to a single user within XenMobile Server. Important! Ensure to back up the...
ecshop设计缺陷导致存在脱裤风险
简要描述: ecshop cms设计缺陷导致存在脱裤风险 详细说明: 后台备份数据库的地方,如果在windows系统下可以通过短文件名直接访问。 这是我找的一个证明此问题可以脱裤的站 漏洞证明: 后台备份数据库的地方,如果在windows系统下可以通过短文件名直接访问。 这是我找的一个证明此问题可以脱裤的站...
Network fun shopping system flagship version of eshop backend get webshell-vulnerability warning-the black bar safety net
Disclosure of status: 2012-03-04: positive contact vendors and wait for manufacturers to claim, details not open to the public 2012-03-04: the vendors have actively ignored vulnerabilities, the details disclosed to the public Brief description: eWebEditor editor filter is not strict, direct uploa...
Tianya, China's biggest online forum 40 million users data leaked
Tianya, China's biggest online forum 40 million users data leaked Tianya.cn, China's biggest online forum confirmed on Sunday that private information for 40 million users had been leaked, three days after the country's largest programmers' website CSDN reported a similar leak. Tianya is one of t...
ManageEngine ServiceDesk Plus 8.0.0 Build 8013 - Improper User Privileges
ManageEngine ServiceDesk Plus 8.0.0 Build 8013 - Improper User Privileges ================================================================================ Secur-I Research Group Security Advisory SRG-2011-002 ================================================================================ Title :...
bcksrvr format string in Sybase Adaptive Server 15.5
Luigi Auriemma Application: Sybase Adaptive Server http://www.sybase.com/products/databasemanagement/adaptiveserverenterprise Versions: = 15.5 Platforms: Solaris, Windows, Linux, AIX, HP Bug: format string in bcksrvr Exploitation: remote, versus server Date: 27 Jun 2011 found 28 Oct 2010 Author:...
bcksrvr format string in Sybase Adaptive Server 15.5
Luigi Auriemma Application: Sybase Adaptive Server http://www.sybase.com/products/databasemanagement/adaptiveserverenterprise Versions: = 15.5 Platforms: Solaris, Windows, Linux, AIX, HP Bug: format string in bcksrvr Exploitation: remote, versus server Date: 27 Jun 2011 found 28 Oct 2010 Author:...
WebsiteBaker 2.8.1 - DataBase Backup Disclosure
:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: Exploit Title : WebSiteBaker 2.8.1 DataBase Backup Exploit Date : 25 - 3 - 2010 Author : Tr0y-x Version : 2.8.1 & May Be Later Tested On : Windows & Linux My Home : WwWDoTSeC-WaRDoTCoM Contact Me : EgAtHackDoTCl...
JAG (Just Another Guestbook) Information Disclosure Vulnerability
The host is running JAG and is prone to Information Disclosure vulnerability. OpenVAS Vulnerability Test $Id: secpodjaginfodiscvuln.nasl 5394 2017-02-22 09:22:42Z teissa $ JAG Just Another Guestbook Information Disclosure Vulnerability Authors: Rachana Shetty Copyright: Copyright c 2010 SecPod,...
JAG (Just Another Guestbook) <= 1.14 Information Disclosure Vulnerability
JAG is prone to an information disclosure vulnerability. Copyright C 2010 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you...
Western Digital ODAY through the kill vulnerability-vulnerability warning-the black bar safety net
Western Digital ODAY through the kill vulnerability Speak directly to use of the method. In the registered members,“the applicant name in Chinese”here written on the "Chinese',utype='1 1 1 1 1 1"Note, does not include outside of the double quotation marks. Else as usual, and then register...
CVE-2009-2159
backup-database.php in TorrentTrader Classic 1.09 does not require administrative authentication, which allows remote attackers to create and download a backup database by making a direct request and then retrieving a .gz file from backups/...
Free PHP VX Guestbook 1.06 Arbitrary Database Backup Vulnerability
No description provided by source. + Free PHP VX Guestbook 1.06 Arbitrary Backup Database + Discovered By SirGod + wWw.MorTal-TeaM.OrG + Greetz : E.M.I.N.E.M,Ras,Puscasmarin,ToxicBlood,HrN,kemrayz,007m,Raven,Nytr0gen,str0ke + Arbitrary Backup Database Follow the example and the database download...
Free PHP VX Guestbook 1.06 - Arbitrary Database Backup
Free PHP VX Guestbook 1.06 - Arbitrary Database Backup + Free PHP VX Guestbook 1.06 Arbitrary Backup Database + Discovered By SirGod + wWw.MorTal-TeaM.OrG + Greetz : E.M.I.N.E.M,Ras,Puscasmarin,ToxicBlood,HrN,kemrayz,007m,Raven,Nytr0gen,str0ke + Arbitrary Backup Database Follow the example and th...
Free PHP VX Guestbook 1.06 - Arbitrary Database Backup
Free PHP VX Guestbook 1.06 Arbitrary Backup Database + Discovered By SirGod + wWw.MorTal-TeaM.OrG + Greetz : E.M.I.N.E.M,Ras,Puscasmarin,ToxicBlood,HrN,kemrayz,007m,Raven,Nytr0gen,str0ke + Arbitrary Backup Database Follow the example and the database download will begin : dbnamedbbackup.sql PoC :...
Cisco Clean Access多个远程安全漏洞
Cisco Clean Access CCA是一种用于自动检测、隔离、清除受恶意代码感染的设备访问网络的软件解决方案。 CCA的实现上存在两个安全漏洞,远程攻击得可能利用这些漏洞获取非授权访问或得到敏感信息。 CCA与Cisco Clean Access Manager CAM交互时,交互双方需要相同的密钥,CAM端的密钥在CAM和CAS初始化时设定,CCA实现上的漏洞使此密钥不可被更改,网络上所有相关的设备共享了相同的密钥,可能导致非授权访问。此漏洞的Cisco Bug ID为CSCsd48626,影响如下的CCA版本: CCA releases 3.6.x - 3.6.4.2 CCA...
CVE-2006-6819
AlstraSoft Web Host Directory stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a backup database via a direct request for admin/backup/db...
CVE-2006-6819
AlstraSoft Web Host Directory stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a backup database via a direct request for admin/backup/db...
CVE-2006-5905
Web Directory Pro allows remote attackers to 1 backup the database and obtain the backup via a direct request to admin/backupdb.php or 2 modify configuration via a direct request to admin/options.php...
Web Directory Pro bypass Vulnerabilities
Web Directory Pro is product of hostingfrenzy.com I check latest version and detect some security holes, attackers can backup database or re-config system: 1. Backup database: http://domain/path/admin/backupdb.php 2. Re-config system: http://domain/path/admin/options.php Note: If IE cannot downlo...