Microsoft Windows Vista/2003/XP/2000 file management security issues

Title: Microsoft Windows Vista/2003/XP/2000 file management security issues Author: 3APA3A, http://securityvulns.com/ Vendor: Microsoft and potentially another vendors Products: Microsoft Windows Vista/2003/XP/2000, Microsoft resource kit for Windows 2000 and different utilities. Access Vector:...

Design/Logic Flaw

Microsoft Windows Explorer on Windows XP and 2003 allows remote user-assisted attackers to cause a denial of service crash via a malformed WMF file, which triggers the crash when the user browses the folder...

Microsoft Windows XP2003 - Explorer .WMF File Handling Denial of Service

Microsoft Windows XP2003 - Explorer .WMF File Handling Denial of Service source: https://www.securityfocus.com/bid/22715/info Microsoft Windows Explorer is prone to a denial-of-service vulnerability. A remote attacker may exploit this vulnerability by presenting a malicious file to a victim user...

Nortel NetDirect client for Linux weak permissions

Weak permissions on temporary folder during installation...

Design/Logic Flaw

Pearson Education PowerSchool 4.3.6 allows remote attackers to list the contents of the admin folder via a URI composed of the admin/ directory name and an arbitrary filename ending in ".js." NOTE: it was later reported that this issue had been addressed by 5.1.2...

CVE-2007-1044

Pearson Education PowerSchool 4.3.6 allows remote attackers to list the contents of the admin folder via a URI composed of the admin/ directory name and an arbitrary filename ending in ".js." NOTE: it was later reported that this issue had been addressed by 5.1.2...

CVE-2007-1044

Pearson Education PowerSchool 4.3.6 allows remote attackers to list the contents of the admin folder via a URI composed of the admin/ directory name and an arbitrary filename ending in ".js." NOTE: it was later reported that this issue had been addressed by 5.1.2...

CVE-2007-1044

The CVE-2007-1044 issue affects Pearson Education PowerSchool 4.3.6, where remote attackers could enumerate contents of the admin folder by requesting a URI composed of the admin/ directory and a .js filename. The underlying impact is partial confidentiality loss. A fix is noted as addressed by P...

Maian Recipe 1.0 (path_to_folder) Remote File Include Vulnerability

Found by Denven Script: http://www.maianscriptworld.co.uk/freestuff1975recipe.html Google Dork: "Powered by Maian Recipe v1.0" ERROR: classes/classmail.inc.php : include$pathtofolder.'classes/class.phpmailer.php'; RFI: http://www.SITE.com/path/classes/classmail.inc.php?pathtofolder=shell...

Remote file inclusion

PHP remote file inclusion vulnerability in theme/includemode/template.php in JV2 Folder Gallery 3.0.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the galleryfilesdir parameter...

CVE-2007-0682

PHP remote file inclusion vulnerability in theme/includemode/template.php in JV2 Folder Gallery 3.0.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the galleryfilesdir parameter...

CVE-2007-0682

PHP remote file inclusion vulnerability in theme/includemode/template.php in JV2 Folder Gallery 3.0.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the galleryfilesdir parameter...

EUVD-2007-0679

PHP remote file inclusion vulnerability in theme/includemode/template.php in JV2 Folder Gallery 3.0.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the galleryfilesdir parameter...

CVE-2007-0682

The CVE-2007-0682 vulnerability affects JV2 Folder Gallery 3.0.2 and earlier, where a PHP remote file inclusion flaw exists in theme/include_mode/template.php. An attacker can cause arbitrary PHP code execution by supplying a URL in the galleryfilesdir parameter. This is a server-side inclusion i...

JV2 Folder Gallery 3.0 - Remote File Inclusion

JV2 Folder Gallery 3.0 - Remote File Inclusion Greatz to:AsB-MaY TeAm & HaCk.eGy & To0oFa ScRiPt:-http://foldergallery.jv2.net/download.php?file=foldergallery3.0.2 Discovered By:- ThE dE@Th template.php:- ExPlOiT: http://www.Site.com/JV2 Folder...

JV2 Folder Gallery <= 3.0 Remote File Include Vulnerability

Exploit for unknown platform in category web applications =========================================================== JV2 Folder Gallery template.php:- ExPlOiT: http://www.Site.com/JV2 Folder Gallery/gallery/theme/includemode/template.php?galleryfilesdir=Shell 0day.today 2018-02-17...

JV2 Folder Gallery 3.0 - Remote File Inclusion

Greatz to:AsB-MaY TeAm & HaCk.eGy & To0oFa ScRiPt:-http://foldergallery.jv2.net/download.php?file=foldergallery3.0.2 Discovered By:- ThE dE@Th template.php:- ExPlOiT: http://www.Site.com/JV2 Folder Gallery/gallery/theme/includemode/template.php?galleryfilesdir=Shell milw0rm.com 2007-01-31...

Hacking tricks of how to register a DLL or OCX file-vulnerability warning-the black bar safety net

大家 注册 DLL 或 OCX 的 方法 应该 用 Regsvr32.exe with much more everyone will certainly think in the running to write a long list of things it is annoying! Here I introduce a kind of trouble a convenient“whole life”approach. This method as long as the right-click you want to register or unregister the OCX ...

Directory traversal

download.php in Joonas Viljanen JV2 Folder Gallery allows remote attackers to read sensitive files via a relative pathname in the file parameter, as demonstrated by config/gallerysetup.php. NOTE: this issue might be resultant from a directory traversal vulnerability...

CVE-2007-0329

CVE-2007-0329 affects the JV2 Folder Gallery (download.php) where a relative pathname in the file parameter enables directory traversal to read sensitive files (as shown by config/gallerysetup.php). Root cause is a path handling flaw; exploitation details are not provided in the supplied document...