APC ActionApps CMS 2.8.1 - Remote File Inclusion

DEVIL TEAM THE BEST POLISH TEAM APC ActionApps CMS 2.8.1 - Remote File Include Vulnerabilities Find by Kacper Rahim. Greetings For ALL DEVIL TEAM members, Special DragonHeart : Contact: [email protected] or http://www.devilteam.yum.pl site: http://sourceforge.net/projects/apc-aa/ / cached.php3:...

Sophos Anti-Virus CAB Unpacking Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Sophos AntiVirus. Authentication is not required to exploit this vulnerability. The specific flaw exists within the unpacking of Microsoft Cabinet files that contain invalid folder count values...

neo-Advisory-20.txt

/ --------------------------------------------------------------- Neo Security Team NST® Advisory 20 --------------------------------------------------------------- Program : CuteNews 1.4.1 Homepage: http://www.cutephp.com Vulnerable Versions: CuteNews 1.4.1 & lower ones Risk: Medium! Impact: Cro...

Avast Linux Home Edition (vulnerability on a temporary folder creation)

Title : Avast Linux Home Edition, vulnerability on a temporary folder creation Protuct : Avast! Linux Home Edition Product : http://www.avast.com/eng/download-avast-for-linux-edition.html Version : 1.0.5, 1.0.5-1 avast4workstation-1.0.5-1.i586.rpm avast4workstation-1.0.5.tar.gz Vuln Found :...

osCommerce 2.2 - 'extras' Source Code Disclosure

---- osCommerce \n"; print nl2brhtmlentitiesimplode$readme, ' '; print "Continue\n"; print "\n"; exit; ... google search: inurl:"extras/update.php" intext:mysql.php -display -------------------------------------------------------------------------------- rgod site: http://retrogod.altervista.org...

osCommerce <= 2.2 (extras) Source Code Disclosure Vulnerability

Exploit for unknown platform in category web applications =============================================================== osCommerce \n"; print nl2brhtmlentitiesimplode$readme, ' '; print "Continue\n"; print "\n"; exit; ... google search: in...

osCommerce 2.2 - extras Source Code Disclosure

osCommerce 2.2 - extras Source Code Disclosure ---- osCommerce \n"; print nl2brhtmlentitiesimplode$readme, ' '; print "Continue\n"; print "\n"; exit; ... google search: inurl:"extras/update.php" intext:mysql.php -display...

[ECHO_ADV_28$2006] Clever Copy &lt;= 3.0 Connect.inc Critical Information Disclosure

/ / | | / // / | | Y / | / / /| / / / / / / .OR.ID ECHOADV28$2006 --------------------------------------------------------------------------- ECHOADV28$2006 Clever Copy = 3.0 Connect.inc Critical Information Disclosure ---------------------------------------------------------------------------...

Virtual War File &#304;nclusion

Virtual War File nclusion --------------------------------- Site:http://www.vwar.de/ Demo:http://www.vwar.de/demo/ --------------------------------------- File nclusion // get functions $vwarroot = "./"; require $vwarroot . "includes/functionscommon.php"; require $vwarroot...

CVE-2006-1476

Windows Firewall in Microsoft Windows XP SP2 produces incorrect application block alerts when the application filename is ".exe" with no characters before the ".", which might allow local user-assisted users to trick a user into unblocking a Trojan horse program, as demonstrated by a malicious...

USN-265-1: cairo/Evolution library vulnerability

When rendering glyphs, the cairo graphics rendering library did not check the maximum length of character strings. A request to display an excessively long string with cairo caused a program crash due to an X library error. Mike Davis discovered that this could be turned into a Denial of Service...

CVE-2006-1355

avast! Antivirus 4.6.763 and earlier sets "BUILTIN\Everyone" permissions to critical system files in the installation folder, which allows local users to gain privileges or disable protection by modifying those files...

Avast! antivirus weak file permissions

Everyone:Full Control permissions are set to program folder...

Microsoft Commerce Server 2002: Logon as known user with a false password

Microsoft Commerce Server 2002: Logon as known user with a false password Vulnerable: Microsoft Windows Server 2000/2003 + Internet Information Server 5/6 + Commerce Server 2002 Discussion: Microsoft Commerce Server is used by company's who want to give customers the opportunity to change there o...

CVE-2006-1161

Absolute path traversal vulnerability in Easy File Sharing EFS Web Server 3.2 allows remote registered users to execute arbitrary code by uploading a malicious file to the Windows startup folder...

CVE-2006-1160

Cross-site scripting XSS vulnerability in Easy File Sharing EFS Web Server 3.2 allows remote attackers to inject arbitrary web script or HTML via the Description field in creating a folder or uploading a file...

Path traversal

Absolute path traversal vulnerability in Easy File Sharing EFS Web Server 3.2 allows remote registered users to execute arbitrary code by uploading a malicious file to the Windows startup folder...

CVE-2006-1161

Absolute path traversal vulnerability in Easy File Sharing EFS Web Server 3.2 allows remote registered users to execute arbitrary code by uploading a malicious file to the Windows startup folder...

CVE-2006-1161

CVE-2006-1161 affects Easy File Sharing Web Server (EFS) Web Server 3.2. It describes an absolute path traversal that allows remote registered users to upload a malicious file to the Windows startup folder and thereby execute arbitrary code. The provided documents consistently identify the vulner...

CVE-2006-1160

Cross-site scripting XSS vulnerability in Easy File Sharing EFS Web Server 3.2 allows remote attackers to inject arbitrary web script or HTML via the Description field in creating a folder or uploading a file...