9791 matches found
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. E107: обход CAPTCHA, межсайтовый скриптинг...
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
JVN#80771386 Fulltext search CGI vulnerability allows third party to gain administrative privileges
Fulltext search CGI is a website search software from futomi's CGI Cafe. Fulltext search CGI contains a vulnerability that allows an attacker to gain administrative privileges. Impact A remote attacker could impersonate an administrator of fulltext search CGI. Solution Update the Software Update ...
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. Power Phlogger: SQL injection, DoS...
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
ZDI-09-004: Oracle TimesTen evtdump Remote Format String Vulnerability
ZDI-09-004: Oracle TimesTen evtdump Remote Format String Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-09-004 January 14, 2009 -- Affected Vendors: Oracle -- Affected Products: Oracle TimesTen -- TippingPointTM IPS Customer Protection: TippingPoint IPS customers have been protecte...
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. e-Vision CMS: crossite scripting...
AWStats migrate Remote Command Execution
This module exploits an arbitrary command execution vulnerability in the AWStats CGI script. AWStats v6.4 and v6.5 are vulnerable. Perl based payloads are recommended with this module. The vulnerability is only present when AllowToUpdateStatsFromBrowser is enabled in the AWStats configuration fil...
CVE-2008-5440
Unspecified vulnerability in the TimesTen Data Server component in Oracle Database 7.0.5.0.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the January 2009 CPU. Oracle has not commented on...
Format string
Unspecified vulnerability in the TimesTen Data Server component in Oracle Database 7.0.5.0.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the January 2009 CPU. Oracle has not commented on...
CVE-2008-5440
Unspecified vulnerability in the TimesTen Data Server component in Oracle Database 7.0.5.0.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the January 2009 CPU. Oracle has not commented on...
CVE-2008-5440
Summary: CVE-2008-5440 concerns Oracle TimesTen In-Memory Database, specifically the TimesTen Data Server component. Connected sources clearly describe a format string vulnerability in the evtdump CGI module, triggered by the HTTP/message handling (parameter ‘msg’), which can be exploited remotel...
HP OpenView Network Node Manager getcvdata.exe parameter string buffer overflow
Added: 01/14/2009 CVE: CVE-2008-0067 BID: 33147 Background HP OpenView Network Node Manager is network availability and performance management software. Problem A buffer overflow vulnerability allows remote attackers to execute arbitrary commands by sending an HTTP request for the getcvdata.exe C...
HP OpenView Network Node Manager getcvdata.exe parameter string buffer overflow
Added: 01/14/2009 CVE: CVE-2008-0067 BID: 33147 Background HP OpenView Network Node Manager is network availability and performance management software. Problem A buffer overflow vulnerability allows remote attackers to execute arbitrary commands by sending an HTTP request for the getcvdata.exe C...
Oracle TimesTen evtdump Remote Format String Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle TimesTen. User interaction is not required to exploit this vulnerability. The specific flaw exists in the evtdump CGI module, which is used to write to an internal log file. The parameter...
HP OpenView Network Node Manager getcvdata.exe parameter string buffer overflow
Added: 01/14/2009 CVE: CVE-2008-0067 BID: 33147 Background HP OpenView Network Node Manager is network availability and performance management software. Problem A buffer overflow vulnerability allows remote attackers to execute arbitrary commands by sending an HTTP request for the getcvdata.exe C...
HSPell 1.1 Command Execution
!/usr/bin/perl use IO::Socket; print q HSpell v1.1 Command Execution Exploit Theres a 1000 ways to improve this exploit, but I really couldn't be fucked with it. Made By ZeN http://dusecurity.com/ http://darkcode.me/ ; $host = 'site.com'; $port = '80'; $path = '/cgi-bin/cilla.cgi'; ShellMe: print...
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. FCKeditor: crossite scripting, information leak. WOSendNews: crossite scripting, information leak...
HSPell 1.1 - cilla.cgi Remote Command Execution
HSPell 1.1 - cilla.cgi Remote Command Execution !/usr/bin/perl use IO::Socket; print q HSpell v1.1 Command Execution Exploit Theres a 1000 ways to improve this exploit, but I really couldn't be fucked with it. Made By ZeN http://dusecurity.com/ http://darkcode.me/ ; $host = 'site.com'; $port =...