1634 matches found
AllMyVisitors.txt
AllMyVisitors PHP Code Injection vulnerability Product : AllMyVisitors Vendor : www.php-resource.net Date : February 14, 2004 Problem : PHP Code Injection Vendor Contacted ? : No Source in /include/info.inc.php -------------------------------------------------------------- $AMVinfoget =...
Arbitrary File Disclosure Vulnerability in phpMyAdmin 2.5.5-pl1 and prior
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Arbitrary File Disclosure Vulnerability in phpMyAdmin 2.5.5-pl1 and prior Summary : phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the WWW. There is a vulnerability in the current stable version of phpMyAdmin...
Niti Telecom Caravan Business Server 2.00-03D - Directory Traversal
source: https://www.securityfocus.com/bid/9555/info The showcode.asp script activated in Sampleshowcode.html may be vulnerable to a directory traversal issue. A remote attacker may view any files readable by the web server using '../' escape sequences in URI requests...
Hand-Crafted Software FreeProxy 3.53.6 - FreeWeb Directory Traversal
Hand-Crafted Software FreeProxy 3.53.6 - FreeWeb Directory Traversal source: https://www.securityfocus.com/bid/9388/info It has been reported that FreeWeb server of FreeProxy may be prone to a directory traversal vulnerability that may allow a remote attacker to access information outside the...
cgi bugs
Автор эксплоита x64rst email: [email protected] Имя скрипта: Manlix SW GuestBook Версия скрипта: 0.5 Страница: http://manliks.ru/manlix -------------Межсайтовый скриптинг--------------- -------------XXS--------------------------------- скрипт mnlxswgb.php недостаточно фильтрует переменные ip,admin.В...
CVE-2003-1513
Multiple cross-site scripting XSS vulnerabilities in example scripts in Caucho Technology Resin 2.0 through 2.1.2 allow remote attackers to inject arbitrary web script or HTML via 1 env.jsp, 2 form.jsp, 3 session.jsp, 4 the move parameter to tictactoe.jsp, or the 5 name or 6 comment fields to...
Mambo Open Source 4.0.14 Server - SQL Injection
source: https://www.securityfocus.com/bid/9196/info It has bee reported that Mambo Open Source 4.0.14 Server is prone to SQL injection attacks. The problem is said to occur due to insufficient sanitization of data passed to specific index.php variables. As a result, an attacker may be capable of...
Cross Site Scripting in VP-ASP
Advisory Name: Cross Site Scripting in VP-ASP Release Date: December 05st, 2003 Application: VP-ASP Version Affected: 4.50 Platform: ASP Severity: Low Discover: Xnuxer Research Lab. [email protected], [email protected] Vendor URL: http://www.vp-asp.com Reference: http://infosekuriti.com Proof Of...
OpenBSD 2.x < 3.3 - 'exec_ibcs2_coff_prep_zmagic()' kernel stack overflow
/ OpenBSD 2.x - 3.3 / / execibcs2coffprepzmagic kernel stack overflow / / note: ibcs2 binary compatibility with SCO and ISC is enabled / / in the default install / / Copyright Feb 26 2003 Sinan "noir" Eren / / noir olympos org | noir uberhax0r net / / greets to brother nahual for making this...
Microsoft Windows XP/2000 - Workstation Service Overflow (MS03-049)
/ Proof of concept for MS03-049. This code was tested on a Win2K SP4 with FAT32 file system, and is supposed to work only with that it will probably crash the the other 2Ks, no clue about XPs. To be compiled with lcc-win32 hint link mpr.lib ... I will not improve this public version, do not bothe...
NIPrint LPD-LPR Print Server <= 4.10 Remote Exploit
Exploit for unknown platform in category remote exploits =================================================== NIPrint LPD-LPR Print Server include else include include include include include include include include endif include // JMP ESP ADDRESS in Win XP 5.1.2600 define RET 0x77F5801c define...
php-nuke.6.5.php.txt
Hello, Here my Exploit for PHP-Nuke = v6.5 & Spaiz-Nuke SQL v1.2 SQL Injection Code in PHP: Grettings, Blade... |Blade «[email protected]»| www.abez.org Of AbeZ www.rzw.com.ar By XyborG www.adictosnet.com.ar By LaKosa www.fihezine.tsx.to Of FiH eZine / echo' PHP-Nuke And Spaiz-Nuke Injection Exploit...
DeskPro 1.1 - Multiple SQL Injections
DeskPro 1.1 - Multiple SQL Injections source: https://www.securityfocus.com/bid/8856/info It has been reported that DeskPro is prone to multiple SQL injection vulnerabilities due to insufficient sanitization of user-supplied input. The problem is reported to be present in various parameters such ...
Gaim festival plugin code execution
Published plugin example allows code execution...
shatterSEH3.txt
============================================================================ = Shattering SEH III = = [email protected] = http://www.security-assessment.com = = Originally posted: September 29, 2003 ============================================================================ ==...
Microsoft Windows - RPC DCOM2 Remote (MS03-039)
Microsoft Windows - RPC DCOM2 Remote MS03-039 / RPCDCOM2.c ver1.1 copy by FLASHSKY flashsky at xfocus.org 2003.9.14 / include include include include include include unsigned char bindstr= 0x05,0x00,0x0B,0x03,0x10,0x00,0x00,0x00,0x48,0x00,0x00,0x00,0x7F,0x00,0x00,0x00,...
Go2Call Cash Calling vulnerable
Hi, sorry fo my english. I found some bug in programm Go2Call Cash Calling It's dialer for talking from Internet Pc2Phone If you send a little UDP packets with size 1500 bytes for example 1472 chars 'A' on 5000 port then this prog will doesn't work The exploit is very easy a part of code on Delph...
DameWare Mini Remote Control Server SYSTEM Exploit
Exploit for unknown platform in category local exploits ================================================== DameWare Mini Remote Control Server SYSTEM Exploit ================================================== / DameWare Mini Remote Control Server Local SYSTEM Exploit Vulnerable Versions Prior to...
Apache 1.3.x mod_mylo Remote Code Execution Exploit
Exploit for multiple platform in category remote exploits =================================================== Apache 1.3.x modmylo Remote Code Execution Exploit =================================================== / Apache + modmylo remote exploit By Carl Livitt / July 2003 carllivitt at hush dot...
Microsoft IIS 5.0 - WebDAV Remote Code Execution (3) (xwdav)
Microsoft IIS 5.0 - WebDAV Remote Code Execution 3 xwdav / IIS 5.0 WebDAV Exploit Xnuxer Lab By Schizoprenic, Copyright c 2003 WebDAV exploit without netcat or telnet and with pretty magic number as RET / include include include include include include include include include define RET 0xc9c9...