CreaCMS - edition_articleedition_article.php?cfg[document_uri] Remote File Inclusion

CreaCMS - editionarticleeditionarticle.php?cfgdocumenturi Remote File Inclusion source: https://www.securityfocus.com/bid/30284/info CreaCMS is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues can allow an...

Ultrastats 0.2.142 - players-detail.php Blind SQL Injection

Ultrastats 0.2.142 - players-detail.php Blind SQL Injection !/usr/bin/perl use LWP::UserAgent; use Getopt::Long; ! Discovered.: DNX ! Vendor.....: http://www.shooter-szene.de | http://www.ultrastats.org ! Detected...: 29.06.2008 ! Reported...: 04.07.2008 ! Response...: xx.xx.2008 ! Background.:...

V-Webmail 1.6.4 - includespearFile.php?CONFIG[pear_dir] Remote File Inclusion

V-Webmail 1.6.4 - includespearFile.php?CONFIGpeardir Remote File Inclusion source: https://www.securityfocus.com/bid/30162/info V-webmail is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues can allow an...

V-Webmail 1.6.4 - includesprepend.php?CONFIG[includes] Remote File Inclusion

V-Webmail 1.6.4 - includesprepend.php?CONFIGincludes Remote File Inclusion source: https://www.securityfocus.com/bid/30162/info V-webmail is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues can allow an...

V-Webmail 1.6.4 - includesemail.list.search.php?CONFIG[includes] Remote File Inclusion

V-Webmail 1.6.4 - includesemail.list.search.php?CONFIGincludes Remote File Inclusion source: https://www.securityfocus.com/bid/30162/info V-webmail is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues can...

V-Webmail 1.6.4 - '/includes/prepend.php?CONFIG[includes]' Remote File Inclusion

source: https://www.securityfocus.com/bid/30162/info V-webmail is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues can allow an attacker to compromise the application and the underlying system; other attack...

Wireshark 1.0.0 - Multiple Denial of Service Vulnerabilities

Wireshark 1.0.0 - Multiple Denial of Service Vulnerabilities source: https://www.securityfocus.com/bid/30020/info Wireshark is prone to multiple vulnerabilities, including an information-disclosure issue and denial-of-service issues. Exploiting these issues may allow attackers to obtain potential...

Wireshark 1.0.0 - Multiple Denial of Service Vulnerabilities

source: https://www.securityfocus.com/bid/30020/info Wireshark is prone to multiple vulnerabilities, including an information-disclosure issue and denial-of-service issues. Exploiting these issues may allow attackers to obtain potentially sensitive information, cause crashes, and deny service to...

UltraEdit 14.00b - FTPSFTP LIST Directory Traversal

UltraEdit 14.00b - FTPSFTP LIST Directory Traversal source: https://www.securityfocus.com/bid/29784/info UltraEdit is prone to a directory-traversal vulnerability because the application fails to sufficiently sanitize user-supplied input. This issue occurs in the FTP/SFTP client. Exploiting this...

Comparison Engine Power 1.0 Blind SQL Injection Exploit

Exploit for unknown platform in category web applications ======================================================= Comparison Engine Power 1.0 Blind SQL Injection Exploit ======================================================= !/usr/bin/perl use LWP::UserAgent; use Getopt::Long; if!$ARGV1 print "...

UltraEdit 14.00b - FTP/SFTP 'LIST' Directory Traversal

source: https://www.securityfocus.com/bid/29784/info UltraEdit is prone to a directory-traversal vulnerability because the application fails to sufficiently sanitize user-supplied input. This issue occurs in the FTP/SFTP client. Exploiting this issue will allow an attacker to write arbitrary file...

No-IP DUC Client for Windows - Local Information Disclosure

No-IP DUC Client for Windows - Local Information Disclosure source: https://www.securityfocus.com/bid/29758/info The DUC application for No-IP is prone to a local information-disclosure vulnerability when it is running on Microsoft Windows. Successfully exploiting this issue allows attackers to...

3D-FTP 8.01 - 'LIST' / 'MLSD' Directory Traversal

source: https://www.securityfocus.com/bid/29749/info 3D-FTP is prone to multiple directory-traversal vulnerabilities because it fails to sufficiently sanitize user-supplied input data. Exploiting these issues allows an attacker to write arbitrary files to locations outside of the FTP client's...

ALFTP FTP Client 4.15.0 - LIST Directory Traversal

ALFTP FTP Client 4.15.0 - LIST Directory Traversal source: https://www.securityfocus.com/bid/29585/info ALFTP is prone to a directory-traversal vulnerability because the application fails to sufficiently sanitize user-supplied input. This issue occurs in the FTP client. Exploiting this issue will...

EasyWay CMS (index.php mid) Remote SQL Injection Exploit

Exploit for unknown platform in category web applications ======================================================== EasyWay CMS index.php mid Remote SQL Injection Exploit ======================================================== php '.$argv0.' http://www.site.com 1 '; if $argc == 3 echo "\nExploiti...

JustPORTAL 1.0 - 'site' Multiple SQL Injections

source: https://www.securityfocus.com/bid/29426/info JustPORTAL is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to compromise the application, access or...

eCMS 0.4.2 - Multiple Vulnerabilities

eCMS 0.4.2 - Multiple Vulnerabilities source: https://www.securityfocus.com/bid/29304/info eCMS is prone to multiple security vulnerabilities, including a security-bypass issue and an SQL-injection issue. Exploiting these issues may allow an attacker to bypass certain security restrictions and ga...

philboard 0.5 - 'W1L3D4_foruma_yeni_konu_ac.asp?forumid' SQL Injection

source: https://www.securityfocus.com/bid/29229/info Philboard is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to compromise the application, access or...

Claroline 1.7.5 - Multiple Remote File Inclusions

source: https://www.securityfocus.com/bid/29162/info Claroline is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow a remote attacker to compromise the application and the underlying system; other...

PacketTrap Networks pt360 2.0.39 TFTPD Remote DoS Exploit

No description provided by source. !/usr/bin/python PacketTrap Networks pt360 2.0.39 TFTPD Remote DOS Coded by Mati Aharoni muts..at..offensive-security.com http://www.offensive-security.com/0day/pt360dos.py.txt import socket import sys host = '172.16.167.134' port = 69 try: s =...