CVE-2006-3103

CVE-2006-3103 describes a cross-site scripting (XSS) vulnerability in Bitweaver 1.3, allowing remote attackers to inject arbitrary web script or HTML via (1) the error parameter in users/login.php and (2) the feedback parameter in articles/index.php. The connected records confirm Bitweaver as the...

DataLife Engine <= 4.1 Remote SQL Injection Exploit (perl)

No description provided by source. !/usr/bin/perl DataLife Engine sql injection exploit by RST/GHC coded by 1dt.w0lf RST/GHC http://rst.void.ru http://ghc.ru 18.06.06 use LWP::UserAgent; use Getopt::Std; getopts'u:n:p:'; $url = $optu; $name = $optn; $prefix = $optp || 'dle'; if!$url || !$name $sn...

[Full-disclosure] linux-ftpd-ssl 0.17 warez

hello this is kcope, i got juarez for you.......................... lnxFTPDsslwarez.c is a remote r00t exploit for the latest version of linux-ftpd-ssl. have fun and send me feedback to kingcopeatgmx.net -kc...

CVE-2005-2854

CRLF injection vulnerability in thesitewizard.com chfeedback.pl Feedback Form Perl Script 2.0.1 allows remote attackers to use the script as a mail relay spam proxy via CRLF sequences in the 1 name or 2 email fields, which are injected into mail headers...

CVE-2005-2854

The CVE-2005-2854 entry concerns the thesitewizard.com chfeedback.pl Feedback Form Perl Script 2.0.1. The vulnerability is a CRLF injection in the name and email fields, allowing remote attackers to inject headers and use the script as a mail relay (spam proxy). Multiple connected sources (NVD, R...

CVE-2005-2854

CRLF injection vulnerability in thesitewizard.com chfeedback.pl Feedback Form Perl Script 2.0.1 allows remote attackers to use the script as a mail relay spam proxy via CRLF sequences in the 1 name or 2 email fields, which are injected into mail headers...

Jump/Call XOR Additive Feedback Encoder

Jump/Call XOR Additive Feedback This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Jump/Call XOR Additive Feedback Encoder', 'Description' = 'Jump/Call XOR Additive Feedback', 'Author' = 'skape',...

netmailsharpro.txt

Netmailshar 4.0 Build 15 Directory traversal & Users enumeration weakneses Release Date: 19 April ,2005 Severity: Medium Vendor: http://www.pppindia.com/ Systems Affected: Microsoft Windows NT 4.0 all versions Microsoft Windows 2000 SP3 and earlier Microsoft Windows XP all versions Microsoft...

CVE-2004-2063

Cross-site scripting XSS vulnerability in antiboard.php in AntiBoard 0.7.2 and earlier allows remote attackers to inject arbitrary HTML or web script via the feedback parameter...

CVE-2005-0366

The integrity check feature in OpenPGP, when handling a message that was encrypted using cipher feedback CFB mode, allows remote attackers to recover part of the plaintext via a chosen-ciphertext attack when the first 2 bytes of a message block are known, and an oracle or other mechanism is...

OpenPGP vulnerable to chosen-ciphertext attacks in cipher feedback (CFB) mode

Overview A vulnerability in OpenPGP may allow attackers to recover partial plaintexts from OpenPGP messages that use symmetric encryption. Description A vulnerability in OpenPGP can be used by attackers to recover partial plaintexts from messages employing symmetric encryption. Researchers Serge...

mambo451.txt

Vendor www.mamboportal.com Message from vendor : Mambo is one of the most powerful Open Source Content Management Systems on the planet. It is used all over the world for everything from simple websites to complex corporate applications. Mambo is easy to install, simple to manage, and reliable. B...

New CesarFTP v 0.99g DoS

just thought that, since you seemed interseted in the topic earlier, I would e-mail you this exploit. I don't think that it's going to get patched anytime soon anyways, so it doesn't matter. I haven't tested remotely network trouble but I would like to get some info back on your results. I can on...

CVE-2002-0752

CGIscript.net csMailto.cgi program exports feedback to a file that is accessible from the web document root, which could allow remote attackers to obtain sensitive information by directly accessing the file...

codeblue.txt

TITLE: Pontential remote root in CodeBlue log scanner NAME: DEMI SEX GOD FROM HELL ADV 00001 DATE: YES, PLEASE MAIL ME IF YOU ARE FEMALE send pictures CRAZY TRACKING NUMBER THAT MAKES IT LOOK LIKE I HAVE SOME MASSIVE DATABASE OF JUAREZ: 7363A64B02 Props to dme@! Information ----------- you may...

CVE-1999-1085

SSH 1.2.25, 1.2.23, and other versions, when used in in CBC Cipher Block Chaining or CFB Cipher Feedback 64 bits modes, allows remote attackers to insert arbitrary data into an existing stream between an SSH client and server by using a known plaintext attack and computing a valid CRC-32 checksum...

Weak CRC allows packet injection into SSH sessions encrypted with block ciphers

Overview There is an information integrity vulnerability in the SSH1 protocol that allows packets encrypted with a block cipher to be modified without notice. Description Preconditions: Attacker has a fragment of plaintext and its corresponding ciphertext. Attacker must be able to actively...

Caldera OpenUnix8 Overflows (reject, lpsystem, su)

I contacted Caldera SCO about some local overflows in a few binaries that came default with my install of OpenUnix8... Here is a snippet of the email dialog between us. Due to the lack of access to the machine and lack of a good debugger on the system, I have not had time to put any further...

Media_V1_QFE_ko

MediaV1QFEko...

Microsoft Visual Studio 2010 Service Pack 1

This download installs Visual Studio 2010 Service Pack 1 SP1. This service pack release addresses issues that were found through a combination of customer and partner feedback, as well as internal testing. These service packs offer Visual Studio users improvements in responsiveness and stability,...