INSECT Pro 2.7 - Penetration testing tool download

INSECT Pro 2.7 - Penetration testing tool download INSECT Pro 2.7 - Ultimate is here! This penetration security auditing and testing software solutionis designed to allow organizations of all sizes mitigate, monitor and manage the latest security threats vulnerabilities and implement active...

Microsoft Data Access Components (MDAC) Insecure Library Loading (MS11-059; CVE-2011-1975)

This is a remote code execution vulnerability. The vulnerability is due to the improper way in which the MDAC handles the loading of library files DLL. A remote attacker could trigger this vulnerability by enticing a victim to accept and open an excel related file on a remote folder SMB or Webdav...

CodeLock Encrypter v2.7 - Multiple Web Vulnerabilities

Document Title: =============== CodeLock Encrypter v2.7 - Multiple Web Vulnerabilities Release Date: ============= 2011-08-04 Vulnerability Laboratory ID VL-ID: ==================================== 102 Product & Service Introduction: =============================== The PHP/HTML Encryptor & The...

FCK each version of a breakout-vulnerability warning-the black bar safety net

Don't know who the copyright- FCKeditor v2.43 版本 FCKeditor/editor/filemanager/browser/default/connectors/php/config.php FCKeditor V2. 6. 6 version fckeditor/editor/filemanager/connectors/asp/config.php View Editor Version FCKeditor/whatsnew.html...

YxShop easy to Shopping Mall 4. 7. 1 version arbitrary file upload vulnerability-vulnerability warning-the black bar safety net

Author: Konstantin Tonight happened to come across this app, went to search a bit and found that with people quite a lot. Also no search to the hackers published the program of the vulnerability, so the lower the source code, find the fckeditor folder, look at its directory structure is there wit...

OmniSecure v7.x DLX - Multiple SQL Injection Vulnerabilities

Document Title: =============== OmniSecure v7.x DLX - Multiple SQL Injection Vulnerabilities Release Date: ============= 2011-07-15 Vulnerability Laboratory ID VL-ID: ==================================== 101 Product & Service Introduction: =============================== One Click Folder Protecti...

CVE-2011-1338

Untrusted search path vulnerability in XnView before 1.98.1 allows local users to gain privileges via a Trojan horse .exe file in a folder selected by the "Open containing folder" menu item...

CVE-2011-1338

XnView on Windows is affected by an untrusted search path vulnerability in versions prior to 1.98.1. The flaw arises when loading executables via the Open containing folder path, allowing a local user to gain privileges by placing a Trojan horse .exe in a target folder. Impact: local privilege es...

XnView may insecurely load executable files

Overview XnView may use unsafe methods for determining how to load executables .exe XnView is a software for viewing and converting graphic files. XnView loads certain executables when using the "Open containing folder" function. XnView contains an issue with the file search path, which may...

Internet Explorer vulnerable to cross-site scripting

Overview Internet Explorer contains a cross-site scripting vulnerability. Internet Explorer contains a cross-site scripting vulnerability due to the processing of malformed file names. Keigo Yamazaki of LAC Co., Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer und...

Devil shell v1.2 - Php shell with DDoS feature !

Devil shell v1.2 - Php shell with DDoS feature ! Features : 1. Design 2. Permission Change of file / Folders 3. Improved DDoS 4. Create Folder 5. Multi uploading 6. Encrypted Title so hard to find by Google. Download Link Username : ugdevil Password : 1234567 For further Query mail me at :...

DirectAdmin 'mysql_backup'文件夹信息泄露漏洞

Bugtraq ID: 47693 DirectAdmin是一款功能强大的虚拟主机在线管理系统。 DirectAdmin把MySQL数据库备份文件创建在全局可读的"mysqlbackups"文件夹中，可导致泄露MySQL数据库备份内容。 要成功利用漏洞需要CustomBuild用于更新MySQL数据库，并且"mysqlbackup"设置为"yes"。 JBMC Software DirectAdmin 1.33.6 JBMC Software DirectAdmin 1.33.4 JBMC Software DirectAdmin 1.33.3 JBMC Software...

360 Web Manager 3.0 File Access

Exploit Title: Multiple vulnerabilities in 360 Web Manager 3.0 Google Dork: "Powered by 360 Web Manager 3.0" Date: 15/04/2011 Author: Ignacio Garrido Contact: [email protected] Software Link: www.360webmanager.com Version: v3.0 Tested on: Linux 2.6.18 Vulnerability description: 360 Web Manager 3....

SMF 2.0 RC5 Remote Shell Upload Exploit

Exploit for php platform in category web applications Title : SMF 2.0 RC5 Remote Shell Upload Exploit Author : KedAns-Dz E-mail : email protected Home : HMD/AM 30008/04300 - Algeria -00213555248701 Twitter page : twitter.com/kedans platform : php Impact : Remote Shell Upload Tested on : Windows X...

Samsung Keylogger Case Revealed As False Positive

The panic that arose yesterday about Samsung allegedly shipping laptops that contained a pre-installed keylogger turns out to have been a complete mistake after further investigation by security researchers and the company itself. In fact, the controversy was the result of a false positive from o...

[SECURITY] Fedora 15 Update: roundcubemail-0.5.1-1.fc15

RoundCube Webmail is a browser-based multilingual IMAP client with an application-like user interface. It provides full functionality you expect from an e-mail client, including MIME support, address book, folder manipulation, message searching and spell checking. RoundCube Webmail is written in...

Fedora Update for perl-Mail-Box FEDORA-2011-2531

Check for the Version of perl-Mail-Box OpenVAS Vulnerability Test Fedora Update for perl-Mail-Box FEDORA-2011-2531 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...

SAP GUI DLL hijacking

DLL hijacking by placing .sap files in network floder...

BoutikOne Multiples SQL Injection Vulnerability

BoutikOne - Multiples SQL Injection Vulnerability RELEASE DATE : 13.03.2011 by Alz cdxdotsecurityatgmaildotcom - Google Dork: "Powered by BoutikOne" - categorie.php Var path : http://target/categories.php?path=sqli - list.php Var path : http://target/list.php?path=sqli - description.php Var id :...

BoutikOne Multiple SQL Injections

BoutikOne - Multiples SQL Injection Vulnerability RELEASE DATE : 13.03.2011 by Alz categorie.php Var : http://target/categories.php?path=sqli - list.php Var : http://target/list.php?path=sqli - description.php Var : http://target/description.php?id=sqli - description.php Var :...