171 matches found
ownrsblog-sqlxss.txt
============================================================== OwnRS Blog beta3 SQL/XSS Multiple Remote Vulnerabilities ============================================================== ,--^----------,--------,-----,-------^--, | ||||||||| --------' | O .. CWH Underground Hacking Team...
CVE-2007-6223
SQL injection vulnerability in garage.php in phpBB Garage 1.2.0 Beta3 allows remote attackers to execute arbitrary SQL commands via the makeid parameter in a search action in browse mode...
phpBB Garage 1.2.0 Beta3 Remote SQL Injection Vulnerability
Exploit for unknown platform in category web applications =========================================================== phpBB Garage 1.2.0 Beta3 Remote SQL Injection Vulnerability =========================================================== Title: phpBB Garage v1.2.0 - Beta3 Remote SQL Injection...
phpBB Garage 1.2.0 Beta3 - SQL Injection
Title: phpBB Garage v1.2.0 - Beta3 Remote SQL Injection Vulnerability Dork: "Powered By phpBB Garage 1.2.0" Author: maku234 E-Mail: [email protected] garage.php?mode=browse&search=yes&makeid=-1//union//select//1,2/...
Microsoft Internet Explorer Document.Domain跨域同源覆盖漏洞
Microsoft Internet Explorer是一款流行的WEB浏览器。 Microsoft Internet Explorer存在绕过同源策略问题,远程攻击者可以利用漏洞访问其他目标域或者进行内容伪造攻击。 攻击者可以通过修改document.domain中的值,构建恶意WEB页,诱使用户访问来触发。 Microsoft Internet Explorer 6.0 SP2 Microsoft Internet Explorer 6.0 SP1 Microsoft Internet Explorer 6.0 - Citrix ICA Client for Windows 4.0...
FileZilla多个格式串漏洞
FileZilla是一款免费的FTP客户端软件。 FileZilla处理用户名数据存在问题,远程攻击者可以利用漏洞进行格式串攻击,可能以进程权限执行任意指令。 如果用户名包含%字符,连接将会提示错误,而造成格式串攻击,可能以进程权限执行任意指令。 FileZilla 3.0 -beta4 FileZilla 3.0 -beta3 FileZilla 3.0 -beta2 FileZilla 3.0 -beta1 升级程序: FileZilla FileZilla 3.0 -beta1 FileZilla FileZilla3.0.0-beta5src.tar.bz2...
Joomla OpenSEF Component mosConfig_absolute_path远程文件包含漏洞
Joomla OpenSEF是一款基于PHP的WEB应用程序。 Joomla OpenSEF不正确过滤用户提交的URI数据,远程攻击者可以利用漏洞以WEB进程权限执行任意命令。 问题是'sef.php'脚本对用户提交的'mosConfigabsolutepath'参数缺少过滤,提交恶意的远程服务器作为包含对象,可导致以WEB进程权限执行任意PHP代码。 OpenSEF Project OpenSEF 2.0-beta3 OpenSEF Project OpenSEF 2.0 RC5 SP2 OpenSEF Project OpenSEF 2.0 RC5 SP1 OpenSEF Proje...
PHP-Nuke NukeAI Module 3b - 'util.php' Remote File Inclusion
!/usr/bin/perl +------------------------------------------------------------------------------------------- + nukeai beta3 util.php Remote Code Execution Vulnerability +------------------------------------------------------------------------------------------- + Affected Software .: nukeai beta3 ...
CVE-2005-4810
Microsoft Internet Explorer 7.0 Beta3 and earlier is affected. The vulnerability arises when a remote attacker exploits an XMLHttpRequest response that contains a text/html Content-Type header, causing the browser to crash and leading to a denial of service. The documented impact is a crash; no o...
[SA20155] Serendipity Entry Manager Cross-Site Request Forgery
TITLE: Serendipity Entry Manager Cross-Site Request Forgery SECUNIA ADVISORY ID: SA20155 VERIFY ADVISORY: http://secunia.com/advisories/20155/ CRITICAL: Less critical IMPACT: Hijacking WHERE: From remote SOFTWARE: Serendipity 0.x http://secunia.com/product/3969/ DESCRIPTION: A vulnerability has...
CVE-2000-0133
CVE-2000-0133 affects Tiny FTPd 0.52 beta3 where a buffer overflow in handling FTP commands (STOR, RNTO, MKD, XMKD, RMD, XRMD, APPE, SIZE, RNFR) can allow a remote attacker to execute commands. The connected records consistently reference a buffer overflow vulnerability in Tiny FTPd and list the ...