5019 matches found
cPanel 11.18.3 - List Directories and Folders Information Disclosure
cPanel 11.18.3 - List Directories and Folders Information Disclosure source: https://www.securityfocus.com/bid/28300/info cPanel is prone to an information-disclosure vulnerability. An attacker can exploit this issue to determine programs that are running on the affected server and to view folder...
Several critical security vulnerabilities have been addressed in the newest releases of VMware's hosted product line
a. Host to guest shared folder HGFS traversal vulnerabilityOn Windows hosts, if you have configured a VMware host to guest shared folder HGFS, it is possible for a program running in the guest to gain access to the host's file system and create or modify executable files in sensitive locations...
MDaemon IMAP server 9.6.4 (FETCH) Remote Buffer Overflow Exploit
No description provided by source. !/usr/bin/python MDAEMON POST AUTH REMOTE R00T IMAP FETCH COMMAND UNIVERSAL EXPLOIT 0day Bug discovered and coded by Matteo Memelli aka ryujin http://www.gray-world.net http://www.be4mind.com Affected Versions : MDaemon IMAP server v9.6.4 Tested on OS : Windows...
Unlock the high strength folder encryption master inside the"secret"-vulnerability warning-the black bar safety net
Title: unlock the high strength folder encryption master inside the“secret” The author of the article: ice sugarJ. S. T&E. S. T This article has been published in the hacker X-Files of 0 8 year-Issue No. 1 magazine By the author of this article ice sugar friendship submit to the evil octal Forum ...
Fedora 7 : viewvc-1.0.5-1.fc7 (2008-2143)
These security issues have been fixed: - omit commits of all-forbidden files from query results - disallow direct URL navigation to hidden CVSROOT folder - strip forbidden paths from revision view - don't traverse log history thru forbidden locations - honor forbiddenness via diff view path...
Netkom Internet Solutions (folder_id) Remote SQL Injection Vulnerability
Title : Netkom Internet Solutions folderid Remote SQL Injection Vulnerability Author : By Cr@zyKing [email protected] Greetz : Str0ke,CrackersChild,TheBekir,Eno7,Sabotaqe,Jani zary,GencTurk and Ayyildiz Team Users Dork : Powered by Netkom Internet Solutions | http://www.netkombelize.com...
Chat vulnerabilities in TinTin++ 1.97.9
Luigi Auriemma Application: TinTin++ / WinTin++ http://tintin.sourceforge.net Versions: = 1.97.9 Platforms: Windows, Linux and Mac Bugs: A chat buffer-overflow B chat YES NULL pointer C chat home folder empty files creation Exploitation: remote Date: 06 Feb 2008 Author: Luigi Auriemma e-mail:...
PT-2008-2240 · WordPress · Dmsguestbook
Name of the Vulnerable Software and Affected Versions: DMSGuestbook plugin for WordPress versions 1.7.0 through 1.8.0 Description: A directory traversal issue exists, allowing remote authenticated users to read arbitrary files. This is achieved by using a .. dot dot in the folder and file...
Code injection
Unspecified vulnerability in the Installation application in Menalto Gallery before 2.2.4 has unknown impact and attack vectors related to "web-accessibility protection of the storage folder."...
CVE-2007-6688
Unspecified vulnerability in the Installation application in Menalto Gallery before 2.2.4 has unknown impact and attack vectors related to "web-accessibility protection of the storage folder."...
CVE-2007-6688
Unspecified vulnerability in the Installation application in Menalto Gallery before 2.2.4 has unknown impact and attack vectors related to "web-accessibility protection of the storage folder."...
CVE-2007-6688
Unspecified vulnerability in the Installation application in Menalto Gallery before 2.2.4 has unknown impact and attack vectors related to "web-accessibility protection of the storage folder."...
CVE-2007-6688
CVE-2007-6688 affects Menalto Gallery installations up to version 2.2.4 (Installation application) with an unspecified vulnerability tied to the web-accessibility protection of the storage folder. The Gentoo GLSA and related advisories note multiple vulnerabilities in Gallery (including CVE-2007-...
Remote file inclusion
Multiple PHP remote file inclusion vulnerabilities in TeamCal Pro 3.1.000 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the CONFapproot parameter to 1 tcuser.class.php, 2 absencecount.inc.php, 3 avatar.inc.php, 4 csvhandler.class.php, 5 functions.tcpro.php, 6...
CVE-2007-6495
incnewuser.asp in Hosting Controller 6.1 Hot fix 3.3 and earlier allows remote authenticated users to change the permissions of directories named 1 db, 2 www, 3 Special, and 4 log at arbitrary locations under the web root via a modified Dirroot parameter in an AddUser action to...
Phpay - Local File Inclusion
By Michael Brooks Vulnerability Type:Local File Inclusion Software: Phpay Homepage:http://sourceforge.net/projects/phpay/ Version Affected:2.02.1 Phpay has been affected by multiple local file include flaws, as a result this patch was written: $config = eregreplace":","", $config; $config =...
DosBox sandbox protection bypass
Any application inside emulator can use mount command to mount any folder...
Quickly remove illegal file name The code of 0day-vulnerability warning-the black bar safety net
allyesno: we will encounter many so-called illegal file name For example .. con, nul, etc. FlowerCode gives the following method can quickly delete these file names http://hi.baidu.com/flowercode/blog/item/3f68be02a7cfd10d4bfb519f.html References Two lines of code get deleted quickly using illega...
CVE-2007-5692
Multiple cross-site scripting XSS vulnerabilities in SiteBar 3.3.8 allow remote attackers to inject arbitrary web script or HTML via 1 the lang parameter to integrator.php; 2 the token parameter in a New Password action, 3 the nidacl parameter in a Folder Properties action, or 4 the uid parameter...
F-Secure Anti-Virus for Windows system32 Directory Crafted File Detection Bypass
The remote host is running F-Secure Anti-Virus for Windows Servers. According to its version, the installation of this software on the remote host may allow an attacker by bypass antivirus scanning by placing a specially crafted archive or packed executable into the 'system32' folder. Note that...