ax-lfi.txt

W w w . T r Y a G . C o m Ax Developer CMS 0.1.1 index.php module Local File Inclusion Vulnerability http://sourceforge.net/projects/axdcms/ POC : /index.php?module=../../../../../../../../etc/passwd%00 W w w . T r Y a G . C o m...

Ax Developer CMS 0.1.1 - 'index.php?module' Local File Inclusion

W w w . T r Y a G . C o m Ax Developer CMS 0.1.1 index.php module Local File Inclusion Vulnerability http://sourceforge.net/projects/axdcms/ POC : /index.php?module=../../../../../../../../etc/passwd%00 W w w . T r Y a G . C o m milw0rm.com 2007-11-02...

Ax Developer CMS 0.1.1 - index.php?module Local File Inclusion

Ax Developer CMS 0.1.1 - index.php?module Local File Inclusion W w w . T r Y a G . C o m Ax Developer CMS 0.1.1 index.php module Local File Inclusion Vulnerability http://sourceforge.net/projects/axdcms/ POC : /index.php?module=../../../../../../../../etc/passwd%00 W w w . T r Y a G . C o m...

JSPWiki Multiple Vulnerabilities

Application: JSPWiki Multiple Vulnerabilities Version: 2.4.103 and 2.5.139 Credit: Jason Kratzer Date: 9/24/2007 Background ------------------------------------------------------------ JSPWiki is wiki software built around the standard J2EE components of Java, servlets and JSP. It was written by...

JVN#62868899 7-ZIP32.DLL buffer overflow vulnerability

7-ZIP32.DLL is an open source library for compression and decompression supporting 7z, zip, and some other format files. 7-ZIP32.DLL is based on "Integrated Archiver API Specification", and called from the compression/decompression software. 7-ZIP32.DLL contains a buffer overflow vulnerability. I...

212cafeboard-sql.txt

Hello Vulnerable : ----------- 212cafeBoard Version: ------- 6.30 Beta Vendor: ------ http://www.212cafe.com Description: ----------- Sql injection 212cafeBoard v6.30 Beta : http://site/Board/read.php?id=INJECT SQL CODE Path: ----- I try to contact the developer but never receiver a response...

CVE-2007-4103

The IAX2 channel driver chaniax2 in Asterisk Open 1.2.x before 1.2.23, 1.4.x before 1.4.9, and Asterisk Appliance Developer Kit before 0.6.0, when configured to allow unauthenticated calls, allows remote attackers to cause a denial of service resource exhaustion via a flood of calls that do not...

CVE-2007-4103

The CVE-2007-4103 issue affects the IAX2 channel driver (chan_iax2) in Asterisk Open 1.2.x (pre-1.2.23), Asterisk Open 1.4.x (pre-1.4.9), and Asterisk Appliance Developer Kit (pre-0.6.0). When configured to allow unauthenticated calls, remote attackers can cause denial of service by flooding call...

Asterisk IAX2隧道驱动IAX2_Write函数远程栈溢出漏洞

BUGTRAQ ID: 24949 CVECAN ID: CVE-2007-3762 Asterisk是开放源码的软件PBX，支持各种VoIP协议和设备。 Asterisk IAX2隧道驱动（chaniax2）中存在栈溢出漏洞，远程攻击者可能利用此漏洞控制服务器。 如果向chaniax2传送了数据负载大于4 kB的RTP帧的话，就可能触发这个漏洞。如果要触发这个漏洞，调用iax2write的帧应满足以下条件： 语音或视频帧 4字节的时间戳与之前所发送帧高2字节相同 格式为预期格式 数据负载大于4kB...

CVE-2007-3765

The CVE-2007-3765 entry corresponds to a remote crash vulnerability in Asterisk’s STUN implementation. Affected are Asterisk Open Source 1.4.x before 1.4.8, AsteriskNOW before beta7, Appliance Developer Kit before 0.5.0, and s800i before 1.0.2. The flaw arises when parsing inbound STUN attributes...

CVE-2007-3816

JWIG might allow context-dependent attackers to cause a denial of service service degradation via loops of references to external templates. NOTE: this issue has been disputed by multiple third parties who state that only the application developer can trigger the issue, so no privilege boundaries...

CVE-2007-3816

JWIG might allow context-dependent attackers to cause a denial of service service degradation via loops of references to external templates. NOTE: this issue has been disputed by multiple third parties who state that only the application developer can trigger the issue, so no privilege boundaries...

JVN#74063879 sHTTPd cross-site scripting vulnerability

sHTTPd provided by anekos is a web server for Windows. sHTTPd contains a cross-site scripting vunerability. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Apply the latest updates provided by the developer. Products Affected sHTTPd version...

TISA2007-01.txt

========================================================================= TeamIntell Security Advisory TISA2007-01 ------------------------------------------------------------------------- Letterman Subscriber Module "Itemid" Script Insertion Vulnerability...

JVN#63602912 dotProject cross-site scripting vulnerability

This vulnerability is different from JVN97636431. Impact An arbitrary script may be executed on the user's web browser. In particular, if session information from a cookie is leaked, session hijacking could be conducted. Solution Update the Software The developer has released dotProject version 2...

Asterisk SIP T.38 SDP解析远程栈溢出漏洞

Asterisk是一款PBX系统的软件，运行在Linux系统上，支持使用SIP、IAX、H323协议进行IP通话。 Asterisk的SIP/SDP处理器中存在多个远程栈溢出漏洞，远程攻击者可能利用此漏洞控制服务器。 如果所发送SIP报文中的SDP数据包含有超长的T38参数的话，就可以触发这个溢出，导致执行任意代码。这个漏洞是由chansip.c文件中的processsdp函数调用sscanf所导致的： else if sscanfa, "T38FaxRateManagement:%s", s == 1 found = 1; if optiondebug 2 astlogLOGDEBUG...

PHP-Nuke <= 8.0 Cookie Manipulation (lang)

///////////////////////////////////////////////////////////////////////////////////////////////////// PHPNuke = 8.0 Cookie Manipulation lang PROGRAM: PHP-Nuke HOMEPAGE: http://phpnuke.org/ VERSION: All version BUG: Cookie Manipulation lang SQL Injection + Local file include AUTHOR: Aleksandar aka...

[Full-disclosure] PHP import_request_variables() vs extract()

Please note that also extract will override any variable exluded $GLOBALS but the main difference is that on http://it2.php.net/extract you are advised to do not use "extract against untrusted data, like user-input $GET, ...." quote if you want to run old code that relies on registerglobals...

Design/Logic Flaw

Unspecified vulnerability in Oracle Application Server 9.0.4.3, 10.1.2.0.2, and 10.1.2.2; Collaboration Suite 9.0.4.2 and 10.1.2; and E-Business Suite and Applications 11.5.10CU2 has unknown impact and attack vectors related to Oracle Reports Developer, aka REP01...

CVE-2007-0285

Unspecified vulnerability in Oracle Application Server 9.0.4.3, 10.1.2.0.2, and 10.1.2.2; Collaboration Suite 9.0.4.2 and 10.1.2; and E-Business Suite and Applications 11.5.10CU2 has unknown impact and attack vectors related to Oracle Reports Developer, aka REP01...