604 matches found
DGNews version 2.1 Path Disclosure Vulnerability
netVigilance Security Advisory 21 DGNews version 2.1 Path Disclosure Vulnerability Description: DGNews is small and simple but powered news publishing. Easy installation, no programing required. But you can still change whatever you want for advanced users. Features: add unlimited categories,...
[Full-disclosure] Jetbox CMS version 2.1 Multiple Path Disclosure Vulnerabilities
netVigilance Security Advisory 27 Jetbox CMS version 2.1 Multiple Path Disclosure Vulnerabilities Description: Jetbox CMS is seriously tested on usability & has a professional intuitive interface. The system is role based, with workflow and module orientated. All content is fully separated from...
gtcatalog <= 0.9.1 (index.php) Remote File Include Vulnerability
No description provided by source. ============================================================================================= Shopping Catalog RFI ============================================================================================= Info:- Scripts: ShoppingCatalog download :...
gtcatalog <= 0.9.1 (index.php) Remote File Include Vulnerability
============================================================================================= Shopping Catalog RFI ============================================================================================= Info:- Scripts: ShoppingCatalog download :...
LetterIt 2.0 - session.php Remote File Inclusion
LetterIt 2.0 - session.php Remote File Inclusion ================================================================================== LetterIt RFI ================================================================================== Info:- Scripts: LetterIt download :...
gtcatalog 0.9.1 - 'index.php' Remote File Inclusion
============================================================================================= Shopping Catalog RFI ============================================================================================= Info:- Scripts: ShoppingCatalog download :...
DigiOz Guestbook version 1.7 Path Disclosure Vulnerability in list.php
DigiOz Guestbook version 1.7 Path Disclosure Vulnerability in list.php Description: The DigiOz Guestbook is a PHP driven guestbook system. The vulnerability exists in list.php script which allows remote attackers to obtain sensitive information via an HTTP request to list.php that contains wrong...
FLVPlayer8.txt
Produce : FLV Players 8 Website : http://www.videospark.com + Fullpath Disclosure : 1 http://localhost/flv8/paginate.php Fatal error: Class simplepagemaker: Cannot inherit from undefined class object in /var/www/zero/httpdocs/flv8/paginate.php on line 45 2...
NISCC - Vulnerability Issues in Implementations of the DNS Protocol
UNIRAS UK Gov CERT Advisory Type: Briefing Id: 20060425-00311 Ref: 307/06 Date: 25 April 2006 Time: 12:57 Title: NISCC - Vulnerability Issues in Implementations of the DNS Protocol Abstract: The vulnerabilities described in this advisory affect implementations of the Domain Name System DNS...
knowledgebase.pl.txt
!/usr/bin/perl KnowledgebasePublisher 1.2 Remote Code Execution Exploit Bug Found By uid0 c 2006 ExploiterCode.com usage: perl knowledgebase.pl perl knowledgebase.pl http://site.com/knowledgebase/ http://site.com/cmd.txt cmd cmd shell example: cmd shell variable: $GETcmd; hai to: nex, kutmaster,...
PostgreSQL database DoS
Large number of connections at same time causes fatal error...
Plogger exploit method! - Vulnerability warning-the black bar safety net
http://www.hackeroo.com/Plogger 是 一 款 基于 PHP 的 网络日记 程序 the. Plogger does not filter the user submits the URI of the data, exploit vulnerabilities in the WEB permissions to execute arbitrary commands. Vulnerability in'plog-admin-functions.php'script for user-submitted'configbasedir'parameter is no...
FreeBSD : Cyrus IMAPd -- APPEND command uses undefined programming construct (31952117-3d17-11d9-8818-008088034841)
To support MULTIAPPENDS the cmdappend handler uses the global stage array. This array is one of the things that gets destructed when the fatal function is triggered. When the Cyrus IMAP code adds new entries to this array this is done with the help of the postfix increment operator in combination...
CVE-2005-0621
Scrapland 1.0 and earlier allows remote attackers to cause a denial of service server termination by triggering an error, which is treated as a fatal error by the server, as demonstrated using 1 signed integers for size values, 2 an invalid model, 3 a "newpos" value that is less than or equal to ...
CVE-2005-0621
Scrapland 1.0 and earlier allows remote attackers to cause a denial of service server termination by triggering an error, which is treated as a fatal error by the server, as demonstrated using 1 signed integers for size values, 2 an invalid model, 3 a "newpos" value that is less than or equal to ...
Pinnacle ShowCenter Skin Denial of Service
Dear ladies and gentlemen, I am a proud user of the Pinnacle ShowCenter 1.51. When I was playing around with the system, it seems I have found a denial of service attack against the web interface. First I did manually a HTTP GET request that selects a non-existent skin:...
Sami FTP Server 1.1.3 - Invalid Command Argument Local Denial of Service
Sami FTP Server 1.1.3 - Invalid Command Argument Local Denial of Service source: https://www.securityfocus.com/bid/9657/info Sami FTP Server has been reported prone to multiple remote denial of service vulnerabilities. It has been reported that an attacker who has sufficient credentials to access...
Sami FTP Server 1.1.3 - Invalid Command Argument Local Denial of Service
source: https://www.securityfocus.com/bid/9657/info Sami FTP Server has been reported prone to multiple remote denial of service vulnerabilities. It has been reported that an attacker who has sufficient credentials to access a vulnerable server, may cause the pmsystem.exe executable to raise a...
Sami FTP Server 1.1.3 - Library Crafted GET Remote Denial of Service
source: https://www.securityfocus.com/bid/9657/info Sami FTP Server has been reported prone to multiple remote denial of service vulnerabilities. It has been reported that an attacker who has sufficient credentials to access a vulnerable server, may cause the pmsystem.exe executable to raise a...
PalmOShttpd.txt
Introduction 'httpd' for PalmOS was originally written by Jim Rees, and is a simple webserver for Palm powered PDAs. Since the development of httpd for Palm stopped, I decided to modify 'httpd' slightly, and re-release it on freshmeat.net. However, httpd contains a bug which causes the device to...