10 matches found
Linux Distros Unpatched Vulnerability : CVE-2016-8615
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in curl before version 7.51. If cookie state is written into a cookie jar file that is later read back and used for subsequent requests, a...
Sefrengo CMS 1.6.0 - SQL Injection
Advisory: SQL-Injection in administrative Backend of Sefrengo CMS v.1.6.0 Advisory ID: SROEADV-2015-04 Author: Steffen Rösemann Affected Software: CMS Sefrengo v.1.6.0 Release-Date: 18th-Feb-2014 Vendor URL: http://www.sefrengo.org/start/start.html Vendor Status: fixed CVE-ID: -...
Pointter PHP Micro-Blogging Social Network Unauthorized Privilege Escalation
No description provided by source. 'Pointter PHP Micro-Blogging Social Network' Unauthorized Privilege Escalation CVE-2010-4333 Mark Stanislav - [email protected] I. DESCRIPTION --------------------------------------- A vulnerability exists in the 'Pointter PHP Micro-Blogging Social Networ...
exp_jmp_rand.pl.txt
!/usr/bin/perl -w use strict; expjmprand.pl Mon Apr 3 19:17:14 CEST 2006 Exploit solution against 2.6 stack randomization Using the "jmp %esp" technic. Copyright: bunker - http://rawlab.altervista.org 37F1 A7A1 BB94 89DB A920 3105 9F74 7349 AF4C BFA2 EXPLANATION: In 2.6 kernel we have a ghost...
Harpia CMS 1.0.5 - Remote File Inclusion
--------------------------------------------------------------------------- Harpia CMS = 1.0.5 Remote File Include Vulnerabilities --------------------------------------------------------------------------- Discovered By Kw3RLn Romanian Security Team Remote : Yes Critical Level : Dangerous...
Symlink vulnerabilities in mailmgr
--------------------------------------------------------- Title : Symlink vulnerabilities in mailmgr Bug finder : Marco van Berkum [email protected] Website : http://ws.obit.nl URL to mailmgr : http://web.onda.com.br/orso/mailmgr.html Tested version : Mailmgr-1.2.3 Date : 12 Feb 2004...
Bandmin 1.4 index.cgi Multiple Parameter XSS
The remote host is running the Bandmin CGI suite. There is a cross-site scripting issue in this suite that may allow an attacker to steal your users cookies. The flaw lies in the cgi bandwitdh/index.cgi %NASLMINLEVEL 70300 C Tenable Network Security, Inc. Date: 28 May 2003 16:38:40 -0000 From:...
MDaemon IMAP Server CREATE Command Mailbox Name Handling Overflow
According to its banner, the version of MDaemon running on the remote host has a buffer overflow vulnerability in the CREATE command. A remote attacker could exploit this to execute arbitrary code, or cause a denial of service. A crash would prevent other MDaemon services SMTP, POP from running a...
WarFTPd dir Command Traversal Arbitrary Directory Listing
The version of WarFTPd running on this host contains a vulnerability that may allow a potential intruder to gain read access to directories and files outside of the ftp root. By sending a specially crafted 'dir' command, the server may disclose an arbitrary directory. This script was written by...
[LBYTE] Ruslan Communications <BODY>Builder SQL modification
Title: BODYBuilder SQL modification Author: mam0nt of Limpid Byte http://lbyte.void.ru/ Vendor: Ruslan Communications Vendor URL: http://ruslan-com.ru/ Vendor Status: Contacted, not replied Released: June, 13 2002 Background: BodyBuilder is a site building engine by Ruslan Communications writen i...