phpBB 2.0.13 (admin_styles.php) Remote Command Execution Exploit

No description provided by source. !/usr/bin/perl r57phpbbadmin2exec.pl phpBB adminstyles.php commands execution exploit tested on phpBB 2.0.13 by 1dt.w0lf RST/GHC http://rst.void.ru http://ghc.ru screen r57phpbbadmin2exec.pl -p http://blah.com/phpBB/admin/ -s 0864cb0abb396319c589ebc2a98c2c5d -c...

PHP-Nuke 7.8 - 'modules.php' SQL Injection

/ PHP-Nuke 4.0 coded by 1dt.w0lf RST/GHC http://rst.void.ru http://ghc.ru / // tested on 7.8 include include include include include include include define START 47 define END 103 define SZ 1024 define PORT 80 define PREFIX "nuke" define SQL...

PHP-Nuke <= 7.8 (modules.php) SQL Injection Exploit

No description provided by source. / PHP-Nuke =7.8 SQL injection exploit need MySQL 4.0 coded by 1dt.w0lf RST/GHC http://rst.void.ru http://ghc.ru / // tested on 7.8 include stdio.h include string.h include sys/types.h include sys/socket.h include netinet/in.h include netdb.h include regex.h defi...

VulnCheck KEV: CVE-2000-0884

IIS 4.0 and 5.0 allows remote attackers to read documents outside of the web root, and possibly execute arbitrary commands, via malformed URLs that contain UNICODE encoded characters, aka the "Web Server Folder Traversal" vulnerability...

CVE-2004-2334

Multiple cross-site scripting XSS vulnerabilities in EMU Webmail 5.2.7 allow remote attackers to inject arbitrary web script or HTML via 1 a hex-encoded value to the variable parameter in emumail.fcgi, 2 the folder parameter in emumail.fcgi, or Javascript in the 3 username or 4 password field in...

CVE-2005-1989

CVE-2005-1989 is part of a set of Internet Explorer flaws affecting IE 5.0/5.5/6.0 via Web Folder Behaviors Cross‑Domain Vulnerability (CAN-2005-1989) and related issues (CAN-2005-1988 JPEG Rendering; CAN-2005-1990 COM Object Instantiation). The connected records confirm a cross‑domain informatio...

MS05-038: Cumulative Security Update for Internet Explorer (896727)

The remote host contains a version of the Internet Explorer that is vulnerable to multiple security flaws JPEG Rendering, Web Folder, COM Object that could allow an attacker to execute arbitrary code on the remote host by constructing a malicious web page and entice a victim to visit this web pag...

Microsoft Internet Explorer Web Folder Behaviors Cross-Domain Scripting Vulnerability

Description Microsoft Internet Explorer is prone to a security vulnerability that may let a Web page execute malicious script code in the context of an arbitrary domain or browser security zone. This issue is the result of a security flaw in the browser security model when handling URIs when a We...

CVE-2004-2290

The CVE-2004-2290 issue affects Microsoft Windows XP Explorer. It arises when a user browses a self-executing folder containing HTML and script that references an executable within the folder, causing arbitrary code execution when the folder is accessed. The provided documents describe the vulner...

CVE-2004-2289

Microsoft Windows XP Explorer allows local users to execute arbitrary code via a system folder with a Desktop.ini file containing a .ShellClassInfo specifier with a CLSID value that is associated with an executable file...

SAP R/3 Internet Graphics Server directory traversal

Directory traversal on accesing htdocs folder...

CVE-2002-1740

Buffer overflow in WorldClient.cgi in WorldClient in Alt-N Technologies MDaemon 5.0.5.0 and earlier allows local users to execute arbitrary code via a long folder name NewFolder parameter...

CVE-2005-2033

Directory traversal vulnerability in folderview.asp for Blue-Collar Productions i-Gallery 3.3 allows remote attackers to read arbitrary files and directories via the folder parameter...

I-Gallery - Folder Argument Cross-Site Scripting

I-Gallery - Folder Argument Cross-Site Scripting source: https://www.securityfocus.com/bid/14002/info i-Gallery is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input to the 'folder' parameter of 'folderview.asp...

CVE-2005-1727

Apple Mac OS X 10.4.x up to 10.4.1 sets insecure world- and group-writable permissions for the 1 system cache folder and 2 Dashboard system widgets, which allows local users to conduct unauthorized file operations via "file race conditions."...

Mac OS X Multiple Vulnerabilities (Security Update 2005-006)

The remote host is missing Security Update 2005-006. This security update contains security fixes for the following application : - AFP Server - Bluetooth - CoreGraphics - Folder Permissions - launchd - LaunchServices - NFS - PHP - VPN These programs have multiple vulnerabilities, some of which m...

CVE-2004-2130

Multiple cross-site scripting XSS vulnerabilities in privmsg.php in phpBB 2.0.6 allow remote attackers to execute arbitrary script or HTML via the 1 folder or 2 mode variables...

APG Technology ClassMaster - Unauthorized Folder Access

APG Technology ClassMaster - Unauthorized Folder Access source: https://www.securityfocus.com/bid/13604/info ClassMaster is reportedly affected by a vulnerability that may allow attackers to gain unauthorized access to users' folders. An attacker is able to gain complete access to user shares ove...

CVE-2004-1981

The web interface for Crystal Reports allows remote attackers to cause a denial of service disk exhaustion by repeatedly requesting reports without retrieving the associated image files, which are not cleared from the image file folder...

CVE-2005-1416

Directory traversal vulnerability in 04WebServer 1.81 allows remote attackers to read files outside of the web root but within the installation folder...