724 matches found
Ane CMS 1 - Persistent Cross-Site Scripting
Ane CMS 1 - Persistent Cross-Site Scripting ======================================================================= ANE CMS 1 Persistent XSS Vulnerability ======================================================================= by Pratul Agrawal Vulnerability found in- Admin module email...
mDNSResponder 10.4.0/10.4.8 (OSX) - UPnP Location Overflow (Metasploit)
require 'msf/core' class Metasploit3 'Mac OS X mDNSResponder UPnP Location Overflow', 'Platform' = 'osx', 'DefaultOptions' = 'SRVPORT' = 1900, 'RPORT' = 0 , 'Targets' = '10.4.8 x86', mDNSResponder-108.2 'Arch' = ARCHX86, Offset to mDNSStorage structure 'Offset' = 21000, 'Magic' = 0x8fe510a0,...
AIX 610002 : U828286
The remote host is missing AIX PTF U828286 which is related to the security of the package devices.usbif.08025002.rte You should install this PTF for your system to be up-to-date. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. if ! definedfunc"bnrandom" exit0;...
CVE-2009-4660
creationtimestamp| type| source ---|---|--- 2009-09-15 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/9673 2009-09-15 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/9690 2018-05-29 15:50:33+00:00| seen|...
Photodex ProShow Gold 4 (Windows XP SP3) - .psh Universal Buffer Overflow (SEH)
Photodex ProShow Gold 4 Windows XP SP3 - .psh Universal Buffer Overflow SEH + Vulnerability : ProShow Gold 4 BOF + Detected by : Bkis - http://blog.bkis.com/?p=737 Sploit coded by : corelanc0d3r corelanc0d3ratgmaildotcom Sploit coded on : August 20, 2009 Type : local OS : Windows Product : Photod...
ElectraSoft 32bit FTP Version Detection
This script detects the version of ElectraSoft 32bit FTP and sets the result in KB. OpenVAS Vulnerability Test $Id: gbelectrasoft32bitftpdetect.nasl 5372 2017-02-20 16:26:11Z cfi $ ElectraSoft 32bit FTP Version Detection Authors: Nikita MR Copyright: Copyright c 2009 Greenbone Networks GmbH,...
Realty Web-Base Detection
Realty Web-Base, a content management and customer communication suite is running at this host. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
w3blabor CMS 3.3.0 SQL Injection
'/ -.- ------------------oOO------OOo----------------- | | | / / / / | | / / / / / / / / / / / | | // // / / / // / // / // | | ///,// /./,/, // | | Security Research Division // 2oo8 | -------------------------------------------------- | w3blabor CMS = v3.3.0 Admin Login Bypass | | requires...
w3blabor CMS 3.3.0 - Authentication Bypass
w3blabor CMS 3.3.0 - Authentication Bypass '/ -.- ------------------oOO------OOo----------------- | | | / / / / | | / / / / / / / / / / / | | // // / / / // / // / // | | ///,// /./,/, // | | Security Research Division // 2oo8 | -------------------------------------------------- | w3blabor...
w3blabor CMS 3.0.5 - Arbitrary File Upload Local File Inclusion
w3blabor CMS 3.0.5 - Arbitrary File Upload Local File Inclusion !/usr/bin/perl use LWP::UserAgent; use HTTP::Request::Common qwPOST; use Getopt::Long; '/ -.- ------------------oOO------OOo----------------- | | | / / / / | | / / / / / / / / / / / | | // // / / / // / // / // | | ///,// /./,/,...
Mozilla Firefox Detection (Linux/Unix SSH Login)
SSH login-based detection of Mozilla Firefox. SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Unfixed XSS vulnerability at www.careerjet.ca
Security researcher xylitol, has submitted on 14/08/2008 a cross-site-scripting XSS vulnerability affecting www.careerjet.ca, which at the time of submission ranked 771145 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 15/08/2008. It is...
Ultrastats 0.2.142 - players-detail.php Blind SQL Injection
Ultrastats 0.2.142 - players-detail.php Blind SQL Injection !/usr/bin/perl use LWP::UserAgent; use Getopt::Long; ! Discovered.: DNX ! Vendor.....: http://www.shooter-szene.de | http://www.ultrastats.org ! Detected...: 29.06.2008 ! Reported...: 04.07.2008 ! Response...: xx.xx.2008 ! Background.:...
PHP ZLink 'go.php' SQL注入漏洞
PHP ZLink是一款基于PHP的WEB应用程序。 PHP ZLink不正确过滤用户提交的URI数据,远程攻击者可以利用漏洞进行SQL注入攻击,可获得敏感信息或操作数据库。 问题是由于'go.php'脚本对用户提交的WEB参数处理缺少充分过滤,提交恶意SQL查询作为参数数据,可更改原来的SQL逻辑,获得敏感信息或操作数据库。 Zeak.net PHP ZLink 0.3 目前没有解决方案提供: http://www.zeak.net/ !/usr/bin/perl use LWP::UserAgent; use Getopt::Long; if!$ARGV3 print "\n \'/...
PHPNuke-Clan <= 4.2.0 (mvcw_conver.php) RFI Vulnerability
No description provided by source. '/ -.- --------------------------oOO------OOo------------------------- | PHPNuke-Clan = v4.2.0 mvcwconver.php Remote File Inclusion | | coded by DNX | ------------------------------------------------------------------ ! Discovered: DNX ! Vendor:...
PHPNuke-Clan 4.2.0 - mvcw_conver.php Remote File Inclusion
PHPNuke-Clan 4.2.0 - mvcwconver.php Remote File Inclusion '/ -.- --------------------------oOO------OOo------------------------- | PHPNuke-Clan = v4.2.0 mvcwconver.php Remote File Inclusion | | coded by DNX | ------------------------------------------------------------------ ! Discovered: DNX !...
Magic CMS 4.2.747 - mysave.php Remote File Inclusion
Magic CMS 4.2.747 - mysave.php Remote File Inclusion '/ -.- ---------------------oOO------OOo--------------------- | Magic CMS v4.2.747 mysave.php Remote File Inclusion | | works only with registerglobals = on | | coded by DNX | --------------------------------------------------------- !...
webspell.txt
WebSPELL = 4.01.01 Accessible Database Backup Download Exploit Discovered by: Trex Visit: www.SecuritySector.org / www.UnderGround.ag Exploit: http://SITE/PATH/admin/database.php?action=write&userID=1 Solution: http://cms.webspell.org/index.php?site=files&file=15...
Microsoft IIS - SA WebAgent 5.25.3 Redirect Overflow (Metasploit)
Microsoft IIS - SA WebAgent 5.25.3 Redirect Overflow Metasploit This file is part of the Metasploit Framework and may be redistributed according to the licenses defined in the Authors field below. In the case of an unknown or missing license, this file defaults to the same license as the core...
Medal of Honor Spearhead (Linux) - Server Remote Buffer Overflow
Medal of Honor Spearhead Linux - Server Remote Buffer Overflow / ------------------------------------------------------------------------------------------------- Remote buffer overflow exploit for Medal of Honor Spearhead Dedicated Server Linux...