WebSVN 2.3.2 Unproper Metacharacters Escaping exec() Remote Command Injection

No description provided by source. WebSVN 2.3.2 Unproper Metacharacters Escaping exec Remote Commands Injection Vulnerability tested against: Microsoft Windows Server R2 SP2 PHP 5.3.6 VC9 with magicquotesgpc = off default Apache 2.2.17 VC9 Introduction: This is a very special vulnerabilty, given...

Fusion SBX <= 1.2 - Remote Command Execution Exploit

No description provided by source. / Fusion SBX = 1.2 exploit sileFSBXxpl This exploit use vulnerability found into Fusion SBX and create new variable and call it with a malicious function stored in config.php. This exploit utilize injection of three diverse procedures for execution of arbitrary...

Lynx 2.8.x Command Line URL CRLF Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/5499/info A CRLF injection vulnerability has been reported for Lynx that may allow an attacker to include extra HTTP headers when viewing web pages. If Lynx is called from the command line, carriage return and line feed...

ZoneMinder Video Server packageControl Command Execution (CVE-2013-0232)

A code execution vulnerability has been reported in ZoneMinder. The vulnerability is due to flaw in the index.php script that is triggered when user supplied input used in the /includes/actions.php file is passed from the 'runeState' parameter to the 'packageControl, which calls exec with user...

openSUSE Security Update : kernel (openSUSE-SU-2011:0860-1)

The openSUSE 11.4 kernel was updated to 2.6.37.6 fixing lots of bugs and security issues. Following security issues have been fixed: CVE-2011-2495: The /proc/PID/io interface could be used by local attackers to gain information on other processes like number of password characters typed or simila...

UBUNTU-CVE-2014-3956

The smcloseonexec function in conf.c in sendmail before 8.14.9 has arguments in the wrong order, and consequently skips setting expected FDCLOEXEC flags, which allows local users to access unintended high-numbered file descriptors via a custom mail-delivery program...

CVE-2014-0524

Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service memory corruption via unspecified vectors, a different vulnerability than CVE-2014-0522, CVE-2014-0523, and CVE-2014-0526...

Veritas Backup Exec Server Remote Registry Access Code Execution - Ver2 (CVE-2005-0771)

A code execution vulnerability has been reported in Veritas Backup Exec Server. Successful exploitation of this vulnerability could allow a remote attacker to modify the registry and execute arbitrary methods via RPC on the affected system...

Oracle Demantra 12.2.1 - SQL Injection

Details: Application is vulnerable to SQL injection. Impact: An attacker with access to the vulnerable pages could manipulate the queries being sent to the database, potentially enabling them to: - Extract sensitive information, including but not limited to authentication credentials and personal...

Barracuda Load Balancer‘/cgi-mod/index.cgi’远程命令注入漏洞

BUGTRAQ ID: 65508 Barracuda Load Balancer是美国梭子鱼（Barracuda Networks）公司的一款应用交付控制器。该控制器提供对入侵和攻击事件的防护功能，并同时优化应用负载和提供强大的性能支持。 Barracuda Load Balancer中存在远程命令注入漏洞。攻击者可利用该漏洞在受影响应用程序上下文中执行任意命令。Barracuda Load Balancer 340 4.2.2.007版本中存在漏洞，其他版本也可能受到影响。 0 Barracuda Load Balancer 340 4.2.2.007...

Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2014-3010)

The remote Oracle Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2014-3010 advisory. - inet: fix addrlen/msg-msgnamelen assignment in recverror and rxpmtu functions Hannes Frederic Sowa 18247290 CVE-2013-7263 CVE-2013-7265 -...

Unbreakable Enterprise kernel security update

3.8.13-26.1.1.el6uek - inet: fix addrlen/msg-msgnamelen assignment in recverror and rxpmtu functions Hannes Frederic Sowa 18247287 CVE-2013-7263 CVE-2013-7265 - inet: prevent leakage of uninitialized memory to user in recv syscalls Hannes Frederic Sowa 18238377 CVE-2013-7263 CVE-2013-7265 -...

WordPress E-Commerce 3.8.9.5 File Upload / XSS / CSRF / Code Execution

----------------------------------------- 0-DAY Aint DIE | No Priv8 | KedAns-Dz ----------------------------------------- ---------------------------- K |................| . h |.......................| A a |.......................| N l |.....................| S E |.......................| e D...

Wordpress Plugin (wp-e-commerce v3.8.9.5) Multiple Vulnerabilities

Wordpress Plugin wp-e-commerce v3.8.9.5 - File Upload - RCE - LFI - XSS/CSRF ----------------------------------------- 0-DAY Aint DIE | No Priv8 | KedAns-Dz ----------------------------------------- ---------------------------- K |................| . h |.......................| A a...

osCmax e-Commerce v2.5.3 (FU/ObjectInject) Multiple Vulnerabilities

osCmax e-Commerce v2.5.3 is suffer from multiple vulnerabilities remote attacker can upload file/shell via header attacks or exec a JavaScript Code & Inject a remote Object see also : CVE-2013-4144 Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site :...

NeoBill 0.9-alpha eCommerce Command Execution / SQL Injection / LFI

Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : 1337day.com 0 1 + Support e-mail : submitat1337day.com 1 0 0 1 1 0 I'm KedAns-Dz member from Inj3ct0r Team 1 1 0 0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1 Title : NeoBill...

NeoBill v0.9-alpha eCommerce <= (RCE/SQLi/LFI) Vulnerabilities

NeoBill v0.9-alpha is suffer from multiple vulnerabilities Usage Info Bllind Exploitation via cURL exploits or HTTP Headers Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : 1337day.com 0 1 + Support e-mail : submitat1337day.com 1 0 0 1 1 0 I'm KedAns-Dz...

CVE-2013-6366

The Groovy script console in VMware Hyperic HQ 4.6.6 allows remote authenticated administrators to execute arbitrary code via a Runtime.getRuntime.exec call...

DEBIAN-CVE-2013-2208

tpp 1.3.1 allows remote attackers to execute arbitrary commands via a --exec command in a TPP template file...

Symantec Backup Exec Remote Agent for Linux and UNIX Servers (RALUS) Installed

Symantec Backup Exec Remote Agent for Linux and UNIX Servers RALUS, a backup agent for Linux and UNIX servers, is installed on the remote host. TRUSTED...