2420 matches found
CVE-2008-2791
SQL injection vulnerability in product.detail.php in Kalptaru Infotech Comparison Engine Power Script 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter...
CVE-2008-2791
SQL injection vulnerability in product.detail.php in Kalptaru Infotech Comparison Engine Power Script 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter...
CVE-2008-2791
CVE-2008-2791 describes a SQL injection vulnerability in the Kalptaru Infotech Comparison Engine Power Script 1.0, specifically in the file or process related to product.detail.php . The underlying cause is an unsafely handled id parameter that allows remote attackers to inject arbitrary SQL comm...
Comparison Engine Power 1.0 - Blind SQL Injection
Comparison Engine Power 1.0 - Blind SQL Injection !/usr/bin/perl use LWP::UserAgent; use Getopt::Long; if!$ARGV1 print " \n"; print " VIVA ISLAME VIVA ISLAME \n"; print " VIVA ISLAME VIVA ISLAME \n"; print " \n"; print " Comparison Engine Power 1.0 Blind SQL Injection Exploit \n"; print " \n";...
Comparison Engine Power 1.0 - Blind SQL Injection
!/usr/bin/perl use LWP::UserAgent; use Getopt::Long; if!$ARGV1 print " \n"; print " VIVA ISLAME VIVA ISLAME \n"; print " VIVA ISLAME VIVA ISLAME \n"; print " \n"; print " Comparison Engine Power 1.0 Blind SQL Injection Exploit \n"; print " \n"; print " Author: Mr.SQL \n"; print " EMAIL :...
Comparison Engine Power 1.0 Blind SQL Injection Exploit
Exploit for unknown platform in category web applications ======================================================= Comparison Engine Power 1.0 Blind SQL Injection Exploit ======================================================= !/usr/bin/perl use LWP::UserAgent; use Getopt::Long; if!$ARGV1 print "...
Design/Logic Flaw
Skype 3.6.0.248, and other versions before 3.8.0.139, uses a case-sensitive comparison when checking for dangerous extensions, which allows user-assisted remote attackers to bypass warning dialogs and possibly execute arbitrary code via a file: URI with a dangerous extension that uses a different...
Open a Nday MS08-0 1 0(CVE-2 0 0 8-0 0 7 6)-vulnerability warning-the black bar safety net
The recent IE holes in a large stack,record what I know: 1. MS08-0 1 0:In addition to the VFP control of at least the TP mentioned above is able to take advantage of. 2. MS08-0 2 2:script ENCODER processing on the hole,but I see you want to use is too difficult,the hints about the patch compariso...
Authentication flaw
The admin.php file in Rantx allows remote attackers to bypass authentication and gain privileges by setting the logininfo cookie to "", which is present in the password file and probably passes an insufficient comparison...
CVE-2008-2297
The admin.php file in Rantx allows remote attackers to bypass authentication and gain privileges by setting the logininfo cookie to "", which is present in the password file and probably passes an insufficient comparison...
CVE-2008-2297
The admin.php file in Rantx allows remote attackers to bypass authentication and gain privileges by setting the logininfo cookie to "", which is present in the password file and probably passes an insufficient comparison...
Deciphering the Simple Machines Forum audio Captcha
The Simple Machine’s Forum audio Captcha that has been hardened from attack. I have contacted SMF about this flaw and it has been verified. I go into greater detail of how i am able to break this captcha here: http://www.rooksecurity.com/blog/?p=6 Exploit Code:...
CVE-2008-1842
The CVE-2008-1842 issue affects HP OpenView Network Node Manager (OV NNM) v8.01 and earlier (7.53 and older), where ovspmd.exe mishandles a long TCP request to port 8886. The described integer signedness error can cause a heap-based buffer overflow, enabling a remote attacker to crash the daemon ...
CVE-2007-0071
Integer overflow in Adobe Flash Player 9.0.115.0 and earlier, and 8.0.39.0 and earlier, allows remote attackers to execute arbitrary code via a crafted SWF file with a negative Scene Count value, which passes a signed comparison, is used as an offset of a NULL pointer, and triggers a buffer...
Re: Multiple vulnerabilities in HP OpenView NNM 7.53
Luigi Auriemma Application: HP OpenView Network Node Manager http://www.openview.hp.com/products/nnm/ Versions: = 7.53 Platforms: Windows tested, Solaris, Linux, HP-UX Bug: memory corruption in ovspmd Exploitation: remote Date: 08 Apr 2008 Author: Luigi Auriemma e-mail: [email protected] web:...
CVE-2007-4691
The NSURL component in Apple Mac OS X 10.4 through 10.4.10 performs case-sensitive comparisons that allow attackers to bypass intended restrictions for local file system URLs...
CVE-2007-4268
Integer signedness error in the Networking component in Apple Mac OS X 10.4 through 10.4.10 allows local users to execute arbitrary code via a crafted AppleTalk message with a negative value, which satisfies a signed comparison during mbuf allocation but is later interpreted as an unsigned value,...
CVE-2007-4691
The NSURL component in Apple Mac OS X 10.4 through 10.4.10 performs case-sensitive comparisons that allow attackers to bypass intended restrictions for local file system URLs...
Diskeeper 9 Remote Memory Disclosure Exploit
No description provided by source. / Diskeeper Remote Memory Disclosure Credit: Pravus pravus -a-t- hush -d-o-t- com Greetz: Scientology for making a remotely accessible disk defragmenter. Felix, Jenna, and Isaac. Vulnerability Description: This vulnerability involves a memory comparison function...
Remote Memory Read in Diskeeper 9 - 2007
Diskeeper Remote Memory Disclosure Credit: Pravus pravus -a-t- hush -d-o-t- com Greetz: Scientology for making a remotely accessible disk defragmenter. Felix, Jenna, and Isaac. Vulnerability Description: This vulnerability involves a memory comparison function that is remotely, anonymously...