4202 matches found
WordPress 2.1.1 - Arbitrary Command Execution
WordPress 2.1.1 - Arbitrary Command Execution source: https://www.securityfocus.com/bid/22797/info An attacker compromised the source code for Wordpress 2.1.1 and altered it to include a malicious backdoor. This backdoor introduces a code-execution vulnerability that will let remote users inject...
WordPress Core 2.1.1 - '/wp-includes/theme.php?iz' Arbitrary Command Execution
source: https://www.securityfocus.com/bid/22797/info An attacker compromised the source code for Wordpress 2.1.1 and altered it to include a malicious backdoor. This backdoor introduces a code-execution vulnerability that will let remote users inject PHP code or execute operating system commands...
SUSE-SA:2006:045: freetype2
The remote host is missing the patch for the advisory SUSE-SA:2006:045 freetype2. This security update fixes crashes in the PCF handling of freetype2 which might be used to crash freetype2 using applications or even to execute code in them. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. Thi...
Security Update for Office 2003 (KB929064)
A security vulnerability exists in Microsoft Office 2003 that could allow arbitrary code to run when a maliciously modified file is opened. This update resolves that vulnerability...
Security Update for Outlook 2002 (KB921594)
This update resolves a security vulnerability in Microsoft Outlook 2002 that could enable a remote user to execute code on a computer that is running Outlook 2002...
logahead UNU edition 1.0 Remote Upload File / Code Execution Vuln
No description provided by source. -=--------------------ADVISORY-------------------=- logahead UNU edition 1.0 Author: CorryL [email protected] -=-----------------------------------------------=- -=+ Application: logahead UNU edition -=+ Version: 1.0 -=+ Vendor's URL: http://typo.i24.cc/logahea...
Enthrallweb eJobs - 'newsdetail.asp' SQL Injection
!/usr/bin/perl Script Name: Enthrallweb eJobs newsdetail.asp Remote SQL Injection Exploit Coded by : ajann Author : ajann Contact : : S.Page : http://www.enthrallweb.us $$ : 179.40 USD .. : ajann,Turkey use IO::Socket; if@ARGV newProto = "tcp", PeerAddr = "$server", PeerPort = "$port" || die "\n+...
Microsoft Agent ActiveX Control Remote Code Execution Vulnerability
Description The Microsoft Agent ActiveX control is prone to remote code execution. An attacker could exploit this issue to execute code in the context of the user visiting a malicious web page. Technologies Affected Avaya S8100 Media Servers Avaya S8100 Media Servers R10 Avaya S8100 Media Servers...
ZDI-06-036: Novell Netmail User Authentication Buffer Overflow Vulnerability
ZDI-06-036: Novell Netmail User Authentication Buffer Overflow Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-06-036.html October 31, 2006 -- CVE ID: CVE-2006-5478 -- Affected Vendor: Novell -- Affected Products: Netmail 3.5.2 Novell eDirectory 8.8.1 -- TippingPointTM IPS Customer...
TWiki 4.0.4 - Configure Script Remote Code Execution (Metasploit)
This file is part of the Metasploit Framework and may be redistributed according to the licenses defined in the Authors field below. In the case of an unknown or missing license, this file defaults to the same license as the core Framework dual GPLv2 and Artistic. The latest version of the...
newsReporter <= 1.1 (index.php) Remote Inclusion Vulnerability
Exploit for unknown platform in category web applications ============================================================== newsReporter Kurdish Security newsReporter v1.1 Remote Command Execution Freedom For Ocalan Contact : irc.gigachat.net kurdhack & www.PatrioticHackers.com Rish : High Class :...
UPB_0-day.txt
"; $ikey = ordsubstr$key, $i, 1; // print $i."ikey:".$ikey.""; $itext = ordsubstr$text, $i, 1; // p...
CVE-2006-3076
PHP remote file inclusion vulnerability in softwareupload/publicincludes/pubtemplates/vphptree/template.php in PhpBlueDragon CMS 2.9.1 allows remote attackers to execute arbitrary PHP code via a URL in the vsDragonRootPath parameter...
Update Protection against MS-Word Zero-Day Attack (919637)
A zero-day attack has been reported using a code execution vulnerability in Microsoft Word. In order for this attack to be triggered, a user must open a malicious Word document attached to an e-mail or otherwise provided to them by an attacker. Opening the Word file causes the system to be...
Sugar Suite Open Source 4.2 - 'OptimisticLock' Command Execution
!/usr/bin/php -q -d shortopentag=on \r\n"; die; / software site: http://www.sugarcrm.com/crm/ i vulnerable code in modules/OptimisticLock/LockResolve.php:...
CVE-2006-1799
censtore.cgi in Censtore 7.3.002 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the page parameter...
phpWebSite <= 0.10.2 (hub_dir) Remote Commands Execution Exploit
Exploit for unknown platform in category web applications ================================================================ phpWebSite arbitrary local inclusion, works with magicquotesgpc = Off\r\n"; echo "by rgod, mail: email protected\r\n"; echo "site: http://retrogod.altervista.org\r\n\r\n"; if...
quizz 1.01 - quizz.pl Remote Command Execution
quizz 1.01 - quizz.pl Remote Command Execution !/usr/bin/perl quizz.p exploit by FOXMULDER [email protected] Vulnerability foud by WBYTE. Born to be root !!! !!!!!!!!!!!!!!!THANKS to WBYTE !!!!!!!!!!!!!!!!! FACT:Wbyte doesn't sleeps , he waits !. 0day use IO::Socket; use LWP::Simple; sub Usage pri...
MailEnable IMAP EXAMINE Command Remote Overflow
The remote host is running a version of MailEnable's IMAP service that is prone to a buffer overflow attack when processing a EXAMINE command with a long mailbox name. Once authenticated, an attacker can exploit this flaw to execute arbitrary code subject to the privileges of the affected...
GLSA-200512-01 : Perl: Format string errors can lead to code execution
The remote host is affected by the vulnerability described in GLSA-200512-01 Perl: Format string errors can lead to code execution Jack Louis discovered a new way to exploit format string errors in Perl that could lead to the execution of arbitrary code. This is perfomed by causing an integer wra...