20 matches found
EUVD-2012-5537
Malware in sbrugna...
EUVD-2005-3373
Malware in sbrugna...
EUVD-2016-10648
Malware in sbrugna...
EUVD-2014-8871
Malware in sbrugna...
EUVD-2022-52807
Malicious code in bioql PyPI...
Liferay Portal vulnerable to Reflected XSS with the referer and forward parameter
A reflected cross-site scripting XSS vulnerability in the Liferay Portal 7.4.0 through 7.4.3.131, and Liferay DXP 2024.Q4.0 through 2024.Q4.3, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.12 and 7.4 GA through update 92 allows an remote non-authenticated...
SUSE CVE-2015-4025
PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 truncates a pathname upon encountering a \x00 character in certain situations, which allows remote attackers to bypass intended extension restrictions and access files or directories with unexpected names via a crafted argument to 1...
CURL-CVE-2018-1000120 FTP path trickery leads to NIL byte out of bounds write
curl can be fooled into writing a zero byte out of bounds. This bug can trigger when curl is told to work on an FTP URL, with the setting to only issue a single CWD command --ftp-method singlecwd or the libcurl alternative CURLOPTFTPFILEMETHOD. curl then URL-decodes the given path, calls strlen o...
Fedora 22 : asterisk-13.3.2-1.fc22 (2015-5948)
The Asterisk Development Team has announced security releases for Certified Asterisk 1.8.28, 11.6, and 13.1 and Asterisk 1.8, 11, 12, and 13. The available security releases are released as versions 1.8.28.cert-5, 1.8.32.3, 11.6-cert11, 11.17.1, 12.8.2, 13.1-cert2, and 13.3.2. These releases are...
FreeBSD : asterisk -- TLS Certificate Common name NULL byte exploit (5fee3f02-de37-11e4-b7c3-001999f8d30b)
The Asterisk project reports : When Asterisk registers to a SIP TLS device and and verifies the server, Asterisk will accept signed certificates that match a common name other than the one Asterisk is expecting if the signed certificate has a common name containing a null byte after the portion o...
phpdisk V7 (20140604) 注入一枚 (直接出数据)
简要描述: 20140604 详细说明: 在ajax.php中 else $file = unserializebase64decode$data; /foreach$file as $k=$v $file$k = $db-escape$file$v; / $filefileid = int$filefileid; $filefilesize = int$filefilesize; $filefiledescription = $db-escapetrim$filefiledescription; $filefileextension =...
CVE-2012-2241
scripts/dget.pl in devscripts before 2.12.3 allows remote attackers to delete arbitrary files via a crafted 1 .dsc or 2 .changes file, probably related to a NULL byte in a filename...
Zubrag Smart File Download 1.3 Arbitrary File Download Vulnerability
No description provided by source. --------------------------------------------------- "File Download 1.3" Remote File Download Exploit. --------------------------------------------------- By :Aodrulez. Email :[email protected] Blog :aodrulez.blogspot.com...
Zubrag Smart File Download 1.3 - Arbitrary File Download
Zubrag Smart File Download 1.3 - Arbitrary File Download --------------------------------------------------- "File Download 1.3" Remote File Download Exploit. --------------------------------------------------- By :Aodrulez. Email :[email protected] Blog :aodrulez.blogspot.com...
ArGoSoft FTP Server <= 1.4.2.8 Denial of Service Exploit
No description provided by source. / ArGoSoft Ftp Server remote overflow exploit author : c0d3r "kaveh razavi" [email protected] [email protected] package : ArGoSoft 1.4.2.29 and prior advisory : packetstormsecurity.nl/0503-advisories/argosoftFTP1428.txt company address : argosoft.com the bug...
linux/x86 execve code 23 bytes
Exploit for linux/x86 platform in category shellcode ============================== linux/x86 execve code 23 bytes ============================== / Linux 23 byte execve code. Greetz to preedator marcetam admin at marcetam.net / char linux= "\x99" / cdq / "\x52" / push %edx / "\x68\x2f\x2f\x73\x68...
Aix execve /bin/sh 88 bytes
Exploit for aix platform in category shellcode =========================== Aix execve /bin/sh 88 bytes =========================== / Aix execve of /bin/sh Georgi Guninski email protected / unsigned int code= 0x7c0802a6 , 0x9421fbb0 , 0x90010458 , 0x3c60f019 , 0x60632c48 , 0x90610440 , 0x3c60d002 ...
Apache Tomcat 3.x - Null Byte Directory / File Disclosure
source: https://www.securityfocus.com/bid/6721/info Apache Tomcat is prone to a directory/file disclosure vulnerability when used with JDK 1.3.1 or earlier. It has been reported that remote attackers may view directory contents even when an 'index.html' or other welcome file. It is also possible...
MSIE may download and run programs automatically - details
This posting briefly describes some technical details of the vulnerability discussed in the Bugtraq messages with the subjects "MSIE may download and run progams automatically" Dec 14 2001 and "File extensions spoofable in MSIE download dialog" Nov 26 2001. The flaw allows a malicious web site to...
Fun with UltraBoard V1.6X
hola friends, found some interesting things in the "old" UltraBoard-Forum scripts UltraBoard V 1.6 class:Input Validation Error remote:Yes vulnerable:UltraBoard V1. vendor: www.ultrascripts.com || www.ub2k.com Description: By using the good old NullByte000 its possible to open "any" file on the...