117 matches found
DLA-88-1 ruby1.8 - security update
Bulletin has no description...
Easy Forms for vBulletin 4.X - Upload Shell Code / Remote Code Execute
Easy Forms vBuletin 4.x have suffers from a remote code execute and upload shell code. This is private exploit. You can buy it at https://0day.today...
osCommerce 2.2 admin/languages.php page Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/20343/info osCommerce is prone to multiple cross-site scripting vulnerabilities. An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting user in the context of the...
DieselScripts Diesel Paid Mail Getad.PHP
漏洞类型: 输入验证错误 漏洞文件: Getad.PHP 漏洞危害: 攻击者利用该漏洞可以获取用户cookie,从而执行其他攻击行为 解决方案: 厂商没有补丁,推荐使用加速乐: source: http://www.securityfocus.com/bid/19646/info Paid Mail is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to...
Omniture SiteCatalyst Multiple Cross-Site Scripting Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/21620/info Omniture SiteCatalyst is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary...
ac4p Mobile index.php Multiple Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/20895/info Mobile is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code execu...
WikiNi 0.4.x Waka.PHP Multiple HTML-Injection Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/20688/info WikiNi is prone to multiple HTML-injection vulnerabilities because it fails to sufficiently sanitize user-supplied input data before using it in dynamically generated content. An attacker may leverage these...
osCommerce 2.2 admin/stats_products_purchased.php page Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/20343/info osCommerce is prone to multiple cross-site scripting vulnerabilities. An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting user in the context of the...
myMP3-Player 3.0 - Buffer Overflow Exploit
No description provided by source. Exploit Title: myMP3-Player 3.0 NOT SEH Overwrite Date: 8 / 8 / 2010 Author: Oh Yaw Theng Software Link: http://www.chip.de/downloads/myMP3-Player-3.013008621.html Version: 3.0 Tested on: Windows XP SP 2 CVE : N / A !/usr/bin/python filename = crash.m3u junk =...
Azerbaijan Development Group AzDGDatingPlatinum 1.1 .0 view.php id Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/13082/info AzDGDatingPlatinum is reported prone to multiple vulnerabilities. The following specific issues were identified: - Multiple SQL-injection vulnerabilities. These issues could permit remote attackers to pass...
Magneto ICMP ActiveX 4.0.0.20 - ICMPSendEchoRequest Remote Code Execute
No description provided by source. Magneto ICMP ActiveX v4.0.0.20 ICMPSendEchoRequest Remote Code Execute Date: 2011-5-27 Discovered by: boahat vendor: http://www.magnetosoft.com/ Download: http://www.magnetosoft.com/downloads/skicmpsetup.exe SKIcmp.ocx Function ICMPSendEchoRequest ByVal...
ZonPHP V2.25 Remote Code Execute Vulnerability
Exploit for php platform in category web applications "; $headers = array"User-Agent: Mozilla/5.0 Windows NT 6.0; WOW64; rv:24.0 Gecko/20100101 Firefox/24.0", "Content-Type: text/plain"; $rc = curlinit; curlsetopt$rc, CURLOPTURL, $url.$path.$filename; curlsetopt$rc, CURLOPTHTTPHEADER, $headers;...
Firefox 23/24/26(Nightly) Android 0day remote code execute apk file
This exploit is using human greed and little magic. First, at remote telephone must be enabled "Install apk from unknown sources". Second, at some Android devices more than one application, which can install apk files. For the successful execution apk file, target phone must use standart apk...
EasyPHP Webserver PHP Command Execution
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : 1337day.com 0 1 + Support e-mail :...
Reallyeasycart 2.8.x Remote Code Execute Vulnerability
reallyeasycart suffers from a RCE bug that will allow you to execute php commands. This is private exploit. You can buy it at https://0day.today...
EasyPHP WebServer v.(all) <= Multiple Vulnerabilities
EasyPHP is Suffer from : + Auth Bypass + Remote Shell Injection / Remote Code Execute The Bug in EasyPHP WebServer Manager found because the PORTAL of Administration doesn't protected ! so just when you found the Admin-Portal - you can bypass the auth directly and remote attacker can get some...
CVE-2012-3152
Unspecified vulnerability in the Oracle Reports Developer component in Oracle Fusion Middleware 11.1.1.4, 11.1.1.6, and 11.1.2.0 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Report Server Component. NOTE: the previous information is from the Octob...
phpMyAdmin3 remote code execute exploit [Not jilei(chicken\'s ribs)]
No description provided by source. !/usr/bin/php ?php printr' +---------------------------------------------------------------------------+ pma3 - phpMyAdmin3 remote code execute exploit Not jileichicken's ribs by oldjunwww.oldjun.com welcome to www.t00ls.net mail: [email protected] Assigned CVE...
Security issue is_a function in PHP 5.3.7+
PHP 5.3.7 changed the behavior of the isa function, used to check if an object is an instance of a class, to call the autoload function. This causes a remote code execute problem when coupled with a standard library like PEAR that internally uses isa to check if a returned variable is an Error...
Magneto ICMP ActiveX v4.0.0.20 ICMPSendEchoRequest Code Execute
Exploit for windows platform in category remote exploits Magneto ICMP ActiveX v4.0.0.20 ICMPSendEchoRequest Remote Code Execute Date: 2011-5-27 Discovered by: boahat vendor: http://www.magnetosoft.com/ Download: http://www.magnetosoft.com/downloads/skicmpsetup.exe SKIcmp.ocx Function...