TorrentTrader Classic <= 1.04 - Blind SQL Injection Vulnerability

No description provided by source. ====================================================== == TorrentTrader Classic = 1.04 Blind SQL Injection Exploit ====================================================== == NamE : TorrentTrader Classic == version : 1.04 == Download : www.torrenttrader.org...

Viennabux Beta! 'cat' Parameter SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/39602/info Viennabux Beta! is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromi...

AllMyGuests <= 0.4.1 (AMG_id) Remote SQL Injection Vulnerability

No description provided by source. Found by : -=Player=- Contacts : 282-246-419 ICQ Greatz to: LidlosesAuge, Suicide, enco, Free-Hack Script : AllMyGuests Site : http://www.php-resource.net/ Dork : powered by AllMyGuests Valnu : index.php Parameter: AMGid Injection:...

Pidgin MSN <= 2.6.4 File Download Vulnerability

No description provided by source. !/usr/bin/env python Pidgin MSN = 2.6.4 file download vulnerability 19 January 2010 Mathieu GASPARD [email protected] Description: Pidgin is a multi-protocol Instant Messenger. This is an exploit for the vulnerability1 discovered in Pidgin by Fabian Yamaguchi. T...

Cetil Cross Site Scripting

Post Cross Site Scripting on Cetil - Demonstrativo de Pagamento de Salário + Date: 27/05/2014 + Risk: LOW + CWE number: CWE-79 + Author: Felipe Andrian Peixoto + Vendor Homepage: http://www.cetil.com.br/ + Contact: [email protected] + Tested on: Windows 7 and Linux + Vulnerable File:...

Web Terra 1.1 - books.cgi Remote Command Execution

Web Terra 1.1 - books.cgi Remote Command Execution + Remote Comand Execution on books.cgi Web Terra v. 1.1 + Date: 21/05/2014 + CWE number: CWE-78 + Risk: High + Author: Felipe Andrian Peixoto + Contact: [email protected] + Tested on: Windows 7 and Linux + Vendor Homepage:...

Web Terra 1.1 - &#039;books.cgi&#039; Remote Command Execution

Remote Comand Execution on books.cgi Web Terra v. 1.1 + Date: 21/05/2014 + CWE number: CWE-78 + Risk: High + Author: Felipe Andrian Peixoto + Contact: [email protected] + Tested on: Windows 7 and Linux + Vendor Homepage: http://www2.inforyoma.or.jp/terra + Vulnerable File: books.cgi +...

F5 iControl Remote Command Execution

Hi, Linked below is an advisory regarding remote command execution as root, possibly vulnerabilities within the iControl API: http://support.f5.com/kb/en-us/solutions/public/15000/200/sol15220.html An example request that will set the hostname to 'root.example.com': whoami.example.com This was...

DEDECMS full version disregard for GPC injection exp-vulnerability warning-the black bar safety net

? php printr " +------------------------------------+ DEDECMS full version disregard for GPC injection code by :Sunshie Usage:$argv0 domain Example: php.exe$argv0 www.phpinfo.me +------------------------------------+ " ; if$argv1=="" exit"do not tease than we're still good friends"; else...

Joomla Wire Immogest SQL Injection

IIIIIIII RRRRRRRRRRRR HHHHHHHH HHHHHHHH IIII RRRR RRRR HHHH HHHH IIII RRRR RRRR HHHH HHHH IIII RRRR RRRR HHHH HHHH IIII RRRR RRRR HHHH HHHH IIII RRRRRRRRRR HHHHHHHHHHHHHHHH IIII RRRR RRRR HHHH HHHH IIII RRRR RRRR HHHH HHHH IIII RRRR RRRR HHHH HHHH IIII RRRR RRRR HHHH HHHH IIIIIIII RRRRRRRR RRRRRR...

CVE-2012-1088

iproute2 before 3.3.0 allows local users to overwrite arbitrary files via a symlink attack on a temporary file used by 1 configure or 2 examples/dhcp-client-script...

Cross-Site Scripting (XSS) in Ilch CMS

High-Tech Bridge Security Research Lab discovered vulnerability in Ilch CMS, which can be exploited to perform Cross-Site Scripting XSS attacks against users and administrators of vulnerable application. 1 Cross-Site Scripting XSS in Ilch CMS: CVE-2014-1944 The vulnerability exists due to...

[SECURITY] Fedora 20 Update: mupdf-1.1-5.fc20

MuPDF is a lightweight PDF viewer and toolkit written in portable C. The renderer in MuPDF is tailored for high quality anti-aliased graphics. MuPDF renders text with metrics and spacing accurate to within fractions of a pixel for the highest fidelity in reproducing the look of a printed page on...

Eventum - Insecure File Permissions

Eventum - Insecure File Permissions source: https://www.securityfocus.com/bid/65186/info Eventum is prone to an insecure file-permission vulnerability. An attacker can exploit this issue to reinstall vulnerable application. This may aid in further attacks. Eventum 2.3.4 is vulnerable; other...

Eventum - Insecure File Permissions

source: https://www.securityfocus.com/bid/65186/info Eventum is prone to an insecure file-permission vulnerability. An attacker can exploit this issue to reinstall vulnerable application. This may aid in further attacks. Eventum 2.3.4 is vulnerable; other versions may also be affected. Following...

Cross-Site Scripting (XSS) in Komento Joomla Extension

High-Tech Bridge Security Research Lab discovered two XSS vulnerabilities in Komento Joomla Extension, which can be exploited to perform script insertion attacks. 1 Cross-Site Scripting XSS in Komento Joomla Extension: CVE-2014-0793 1.1 The vulnerability exists due to insufficient sanitisation of...

CVE-2013-5583

Cross-site scripting XSS vulnerability in libraries/idnaconvert/example.php in Joomla! 3.1.5 allows remote attackers to inject arbitrary web script or HTML via the lang parameter...

phpcms multiple versions of the background holding shell vulnerability-vulnerability warning-the black bar safety net

Brief description: phpcms multiple versions of the background holding shell vulnerability. Detailed description: url rules with generated static can get the shell. Vulnerability proof: 1, the landing in the background." Extension"—"the URL rule Management"—"Add a rule" ! 2,“URL rule name”must be...

phpcms v9 arbitrary file read vulnerability exp-vulnerability warning-the black bar safety net

? php / PHPcms V9 arbitrary file read vulnerability Detection Tool @author the Return of the Blog: www.creturn.com Email: [email protected] Note that this app only to learn reference, shall not be used for illegal interactions Otherwise the consequences conceited, and I is independent of! /...

http-errors NSE Script

This script crawls through the website and returns any error pages. The script will return all pages sorted by error code that respond with an http code equal or above 400. To change this behaviour, please use the errcodes option. The script, by default, spiders and searches within forty pages. F...