Linkspider 1.08 - Multiple Remote File Inclusions

Linkspider 1.08 - Multiple Remote File Inclusions source: https://www.securityfocus.com/bid/30632/info Linkspider is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues can allow an attacker to compromise the...

Joomla! / Mambo Component com_utchat 0.2 - Multiple Remote File Inclusions

source: https://www.securityfocus.com/bid/30571/info The comutchat component for Mambo and Joomla! is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues can allow an attacker to compromise the application and...

Joomla! Component EZ Store Remote - Blind SQL Injection

!/usr/bin/perl Note:Sometimes you have to change the regexp to viewcategory/catid,".$cid." use LWP::UserAgent; use Getopt::Long; if!$ARGV1 print " \n"; print " \n"; print " Joomla Component EZ Store Blind SQL Injection Exploit \n"; print " Author:His0k4 ALGERIAN HaCkeR \n"; print " \n"; print "...

CreaCMS - edition_articleedition_article.php?cfg[document_uri] Remote File Inclusion

CreaCMS - editionarticleeditionarticle.php?cfgdocumenturi Remote File Inclusion source: https://www.securityfocus.com/bid/30284/info CreaCMS is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues can allow an...

Ultrastats 0.2.142 - players-detail.php Blind SQL Injection

Ultrastats 0.2.142 - players-detail.php Blind SQL Injection !/usr/bin/perl use LWP::UserAgent; use Getopt::Long; ! Discovered.: DNX ! Vendor.....: http://www.shooter-szene.de | http://www.ultrastats.org ! Detected...: 29.06.2008 ! Reported...: 04.07.2008 ! Response...: xx.xx.2008 ! Background.:...

V-Webmail 1.6.4 - includespearFile.php?CONFIG[pear_dir] Remote File Inclusion

V-Webmail 1.6.4 - includespearFile.php?CONFIGpeardir Remote File Inclusion source: https://www.securityfocus.com/bid/30162/info V-webmail is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues can allow an...

V-Webmail 1.6.4 - includesprepend.php?CONFIG[includes] Remote File Inclusion

V-Webmail 1.6.4 - includesprepend.php?CONFIGincludes Remote File Inclusion source: https://www.securityfocus.com/bid/30162/info V-webmail is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues can allow an...

V-Webmail 1.6.4 - includesemail.list.search.php?CONFIG[includes] Remote File Inclusion

V-Webmail 1.6.4 - includesemail.list.search.php?CONFIGincludes Remote File Inclusion source: https://www.securityfocus.com/bid/30162/info V-webmail is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues can...

Wireshark 1.0.0 - Multiple Denial of Service Vulnerabilities

source: https://www.securityfocus.com/bid/30020/info Wireshark is prone to multiple vulnerabilities, including an information-disclosure issue and denial-of-service issues. Exploiting these issues may allow attackers to obtain potentially sensitive information, cause crashes, and deny service to...

UltraEdit 14.00b - FTPSFTP LIST Directory Traversal

UltraEdit 14.00b - FTPSFTP LIST Directory Traversal source: https://www.securityfocus.com/bid/29784/info UltraEdit is prone to a directory-traversal vulnerability because the application fails to sufficiently sanitize user-supplied input. This issue occurs in the FTP/SFTP client. Exploiting this...

UltraEdit 14.00b - FTP/SFTP 'LIST' Directory Traversal

source: https://www.securityfocus.com/bid/29784/info UltraEdit is prone to a directory-traversal vulnerability because the application fails to sufficiently sanitize user-supplied input. This issue occurs in the FTP/SFTP client. Exploiting this issue will allow an attacker to write arbitrary file...

Comparison Engine Power 1.0 Blind SQL Injection Exploit

Exploit for unknown platform in category web applications ======================================================= Comparison Engine Power 1.0 Blind SQL Injection Exploit ======================================================= !/usr/bin/perl use LWP::UserAgent; use Getopt::Long; if!$ARGV1 print "...

No-IP DUC Client for Windows - Local Information Disclosure

No-IP DUC Client for Windows - Local Information Disclosure source: https://www.securityfocus.com/bid/29758/info The DUC application for No-IP is prone to a local information-disclosure vulnerability when it is running on Microsoft Windows. Successfully exploiting this issue allows attackers to...

ALFTP FTP Client 4.15.0 - LIST Directory Traversal

ALFTP FTP Client 4.15.0 - LIST Directory Traversal source: https://www.securityfocus.com/bid/29585/info ALFTP is prone to a directory-traversal vulnerability because the application fails to sufficiently sanitize user-supplied input. This issue occurs in the FTP client. Exploiting this issue will...

JustPORTAL 1.0 - 'site' Multiple SQL Injections

source: https://www.securityfocus.com/bid/29426/info JustPORTAL is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to compromise the application, access or...

eCMS 0.4.2 - Multiple Vulnerabilities

eCMS 0.4.2 - Multiple Vulnerabilities source: https://www.securityfocus.com/bid/29304/info eCMS is prone to multiple security vulnerabilities, including a security-bypass issue and an SQL-injection issue. Exploiting these issues may allow an attacker to bypass certain security restrictions and ga...

philboard 0.5 - 'W1L3D4_foruma_yeni_konu_ac.asp?forumid' SQL Injection

source: https://www.securityfocus.com/bid/29229/info Philboard is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to compromise the application, access or...

PacketTrap Networks pt360 2.0.39 TFTPD Remote DoS Exploit

No description provided by source. !/usr/bin/python PacketTrap Networks pt360 2.0.39 TFTPD Remote DOS Coded by Mati Aharoni muts..at..offensive-security.com http://www.offensive-security.com/0day/pt360dos.py.txt import socket import sys host = '172.16.167.134' port = 69 try: s =...

Quick Classifieds 1.0 - 'controlpannel/color_help.php3?DOCUMENT_ROOT' Remote File Inclusion

source: https://www.securityfocus.com/bid/28417/info Quick Classifieds is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to compromise the application and the underlying system; othe...

Joomla! Mambo Component Download3000 1.0 - id SQL Injection

Joomla! Mambo Component Download3000 1.0 - id SQL Injection source: https://www.securityfocus.com/bid/28428/info The Download3000 component for Joomla! and Mambo is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query...