131 matches found
Microsoft Works File Converter index table vulnerability
Added: 02/22/2008 CVE: CVE-2008-0105 BID: 27658 OSVDB: 41458 Background The Microsoft Works File Converter allows Microsoft Office to open Microsoft Works files. Problem A buffer overflow vulnerability in the Microsoft Works File Converter allows arbitrary command execution when a user opens a .w...
VanillaCMS.txt
Vanilla CMS = 1.0.1 RootDirectory Remote file inclusion Vuln. Vendor : Vanilla CMS Demo : http://demo.opensourcecms.com/vanilla/ Get Source : http://getvanilla.org/ Vuln type : Remote Risk : High Author : MFox HomePage : Http://hackerz.ir/ Team : IHST Iran HackerZ Security Team Contact :...
CVE-2004-1487
wget 1.8.x and 1.9.x allows a remote malicious web server to overwrite certain files via a redirection URL containing a ".." that resolves to the IP address of the malicious server, which bypasses wget's filtering for ".." sequences...
JSBoard 2.0.x - Arbitrary Script Upload
source: https://www.securityfocus.com/bid/11983/info JSBoard is reported prone to a vulnerability that can allow a remote attacker to upload arbitrary PHP scripts to a vulnerable server. This issue results from insufficient sanitization of user-supplied input. If successful, the attacker can...
Linux Kernel 2.4.x2.6.x - Local Denial of Service Memory Disclosure
Linux Kernel 2.4.x2.6.x - Local Denial of Service Memory Disclosure source: https://www.securityfocus.com/bid/11754/info The Linux kernel is reported prone to multiple local vulnerabilities: - A handcrafted 'a.out' file may be used to trigger a local denial-of-service condition. A local attacker...
alexPHP.txt
Informations : °°°°°°°°°°°°°° Website : http://www.alexphpteam.com Version : all Problem : Include file PHP Code/Location : °°°°°°°°°°°°°°°°°°° ./include/livreinclude.php ------------------------------------------------------------------ if !$noconnect.... some include functions...
Silent Storm Portal - Multiple Vulnerabilities
Demonstration: Register a user account then login and run the exploit.html ---exploit.html---- 1" ---/exploit.html--- That's All! What Happened? The 3rd line of exploit.html injected Administrator level "1" into the database file. 1: Administrator,2: is Normal User. milw0rm.com 2004-09-30...
wget contains directory traversal vulnerability
Overview The wget utility contains directory traversal vulnerabilities that allow a malicious FTP server to overwrite files on the client host. Description In a typical file transfer operation, one participant the client requests a file while a second participant the server provides the requested...
phpMyNewsletter
Informations : °°°°°°°°°°°°°° Product : phpMyNewsletter Tested version : 0.6.10 Website : http://gregory.kokanosky.free.fr/phpmynewsletter/ Problem : include file PHP code : °°°°°°°°°° ---- /include/customize.php ---- ? $langfile = $l; include $l; ? ---- /include/customize.php ---- Exploit :...
PHP 3.0.x/4.x - Move_Uploaded_File open_basedir Circumvention
source: https://www.securityfocus.com/bid/4325/info PHP is a server side scripting language, designed to be embedded within HTML files. It is available for Windows, Linux, and many Unix based operating systems. It is commonly used for web development, and is very widely deployed. It has been...
pop2d.fold.txt
While working to port ipop2d exploit to java discovered another hole in the FOLD command of ipop2d... The ability to read files that are readable via the pop2d userid. Attached is a ported exploit in java for bnc... as well as the pop2d exploit transcript. -d0tslash b10z EFnet 9x EFnet...