3842 matches found
McAfee VirusScan 8.0 - Path Specification Privilege Escalation
// source: https://www.securityfocus.com/bid/16040/info McAfee VirusScan is prone to a vulnerability that could allow an arbitrary file to be executed. The 'naPrdMgr.exe' process calls applications without using properly quoted paths. Successful exploitation may allow local attackers to gain...
CVE-2005-4426
Interpretation conflict in YaBB before 2.1 allows remote authenticated users to inject arbitrary web script or HTML via HTML in a file with a GIF file extension, which causes the HTML to be executed by a victim who views the file in Internet Explorer as a result of CVE-2005-3312. NOTE: it could b...
FarCry XSS vuln.
FarCry XSS vuln. Vuln. discovered by : r0t Date: 17 dec. 2005 orginal advisory:http://pridels.blogspot.com/2005/12/farcry-xss-vuln.html vendor:http://farcry.daemon.com.au/ affected version:3.0 and prior Product Description: FarCry is an open source Content Management System CMS, originally...
CA BrightStor Universal Agent Overflow
This module exploits a convoluted heap overflow in the CA BrightStor Universal Agent service. Triple userland exception results in heap growth and execution of dereferenced function pointer at a specified address. This module requires Metasploit: https://metasploit.com/download Current source:...
DSA-913-1 gdk-pixbuf - several
Bulletin has no description...
CVE-2005-2929
Lynx 2.8.5, and other versions before 2.8.6dev.15, allows remote attackers to execute arbitrary commands via 1 lynxcgi:, 2 lynxexec, and 3 lynxprog links, which are not properly restricted in the default configuration in some environments...
HP-UX PHCO_33989 : HP-UX envd, Local Execution of Privileged Code (HPSBUX02073 SSRT051012 rev.2)
s700800 11.00 envd1M cumulative patch : A potential vulnerability has been identified with HP-UX running the envd1M. The vulnerability could be exploited by a local authorized user to execute arbitrary code and/or gain unauthorized privileges. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...
XOOPS (wfdownloads) 2.05 Module - Multiple Vulnerabilities
XOOPS wfdownloads 2.05 Module - Multiple Vulnerabilities ?php / rgod: http://target/pathtoxoops/class/xoopseditor/textarea/editorregistry.php?xoopsConfiglanguage=../../../../../../../../../../script...
Veritas Storage Foundation 4.0 - VCSI18N_LANG Local Overflow
!/usr/bin/perl -w Veritas Storage Foundation 4.0 http://www.digitalmunition.com kf kflistsatdigitalmunitiondotcom - 08/19/2005 This bug has not been patched as of: Q14438H.sf.4.0.00.0.rhel3i686.tar.gz Make sure you don't get your sploits from some Frenchie at FR-SIRT go to milw0rm instead. $retva...
TWiki 20030201 VIEW string remote command execution
!/usr/bin/perl TWiki 20030201 VIEW string remote command execution vulnerability Exploit coded by runvirus GeekZatWorldDefacersd0tNeT root@localhost perls$ perl twikiview.pl -h www.victim.com -p twiki/bin/view/TWiki/ -c "uname -a;id" -= TWiki :- view string remote command execution exploit =- -=...
phpinfoXSS.txt
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [email protected] schrieb: PoC: phpinfo.php?GLOBALStest=alertdocument.cookie; ...or just use phpinfo.php?=alertdocument.cookie; Saves some typing. In contrary to the above, this one only works on IE tested 6 on XP SP2 & Konqueror tested 3.4.2, though...
osTicket Backdoored
There is a vulnerability in the current version of osTicket that allows an attacker to upload an PHP script, and then access it causing it to execute. This attack is being actively exploited by attackers to take over servers. This script tries to detect infected servers. OpenVAS Vulnerability Tes...
MantisBT < 0.18.1 Multiple Unspecified XSS Vulnerabilities
MantisBT contains a flaw in the handling of some types of input. Copyright C 2005 David Maciejak Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you c...
Netware Perl CGI Overflow DoS Vulnerability
The remote web server crashes when it receives a too long URL for the Perl handler. SPDX-FileCopyrightText: 2003 Michel Arboi Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescripti...
EFTP < 2.0.8.x Buffer Overflow Vulnerability
It was possible to crash the EFTP service by uploading a .lnk file containing too much data. SPDX-FileCopyrightText: 2001 Michel Arboi Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
JShop XSS Vulnerability
J-Shop is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2004 Noam Rathaus Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
osTicket < 1.2.7 Attachment Code Execution Vulnerability - Active Check
The target is running at least one instance of osTicket that enables a remote user to open a new ticket with an attachment containing arbitrary PHP code and then to run that code using the permissions of the web server user. SPDX-FileCopyrightText: 2005 George A. Theall Some text descriptions mig...
SOCKS4A Hostname Overflow DoS Vulnerability
It was possible to kill the remote SOCKS4A server by sending a request with a too long hostname. SPDX-FileCopyrightText: 2002 Michel Arboi Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-onl...
CVSTrac filediff vulnerability
The remote host seems to be running cvstrac, a web-based bug and patch-set tracking system for CVS. This version of filediff has a flaw in the input sanitation which, when exploited, can lead to a remote attacker executing arbitrary commands on the system. SPDX-FileCopyrightText: 2004 David...
CVE-2005-3430
Rockliffe MailSite Express (