1511 matches found
CVE-2006-7192
Microsoft ASP .NET Framework 2.0.50727.42 does not properly handle comment / / enclosures, which allows remote attackers to bypass request filtering and conduct cross-site scripting XSS attacks, or cause a denial of service, as demonstrated via an xss:expression STYLE attribute in a closing XSS...
CYBSEC Release: SAP Security - Paper & Tool release
I am proud to announce the release of a White-paper and an open-source tool, both addressing security of SAP R/3 systems. The paper describes vulnerabilities discovered in the SAP RFC interface implementation and library, as well as some attacks that can be performed over SAP systems. The tool,...
Really Simple PHP and Ajax (RSPA) 2007-03-23 RFI Vulnerability
No description provided by source. RSPA Remote File Inclusion Really Simple PHP and Ajax RSPA RSPA is a component based event driven ajax enabled framework for PHP4 and PHP 5. It is a combination of plane PHP class and HTML/Javascript.RSPA allows calling server side PHP functions from client...
Horde Framework and IMP 2.x/3.x - Cleanup Cron Script Arbitrary File Deletion
source: https://www.securityfocus.com/bid/22985/info Horde Framework and IMP are prone to a vulnerability that allows a local attacker to delete arbitrary files in the context of the user running the application. A successful attack can reduce the integrity of affected computers and may aid in...
Opera <= 9.10 Configuration Overwrite
No description provided by source. $Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require...
Solaris 1011 Telnet - Remote Authentication Bypass (Metasploit)
Solaris 1011 Telnet - Remote Authentication Bypass Metasploit $Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
Imail 8.10-8.12 (RCPT TO) Remote Buffer Overflow Exploit (meta)
No description provided by source. This file is part of the Metasploit Framework and may be redistributed according to the licenses defined in the Authors field below. In the case of an unknown or missing license, this file defaults to the same...
[ECHO_ADV_63$2007] Cadre remote file inclusion
ECHOADV63$2007 Cadre remote file inclusion ----------------------------------------------- Author : Ahmad Muammar W.K a.k.a y3dips Date Found : January, 31st 2007 Location : Indonesia, Jakarta web : http://echo.or.id/adv/adv63-y3dips-2007.txt Critical Lvl : Critical...
Echo Security Advisory 2007.63
ECHOADV63$2007 Cadre remote file inclusion ----------------------------------------------- Author : Ahmad Muammar W.K a.k.a y3dips Date Found : January, 31st 2007 Location : Indonesia, Jakarta web : http://echo.or.id/adv/adv63-y3dips-2007.txt Critical Lvl : Critical...
Cadre PHP Framework - Remote File Inclusion
\ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /\ / / / / / .OR.ID ECHOADV63$2007 ------------------------------------------------------------------------------------ ECHOADV63$2007 Cadre remote file inclusion...
PhP Generic library & framework (include_path) Remote File Include Exploit
----------------------------------------------- PhP Generic library & framework includepath Remote File Include Exploit ----------------------------------------------- Author: xoron xoron.biz ----------------------------------------------- Code: require $GLOBALSincludepath."configmember.php";...
PhP Generic library & framework (include_path) RFI Vulnerability
No description provided by source. ----------------------------------------------- PhP Generic library & framework includepath Remote File Include Exploit ----------------------------------------------- Author: xoron xoron.biz ----------------------------------------------- Code: require...
PHP Generic library & Framework - 'INCLUDE_PATH' Remote File Inclusion
----------------------------------------------- PhP Generic library & framework includepath Remote File Include Exploit ----------------------------------------------- Author: xoron xoron.biz ----------------------------------------------- Code: require $GLOBALSincludepath."configmember.php";...
PhP Generic library & framework (include_path) RFI Vulnerability
Exploit for unknown platform in category web applications ================================================================ PhP Generic library & framework includepath RFI Vulnerability ================================================================ -----------------------------------------------...
bitweaver 1.3.1 XSS Exploit
No description provided by source. -=--------------------ADVISORY-------------------=- bitweaver 1.3.1 Author: CorryL [email protected] -=-----------------------------------------------=- -=+ Application: bitweaver -=+ Version: 1.3.1 -=+ Vendor's URL: http://www.bitweaver.org/articles/...
Apple WebKit build 18794 - WebCore Remote Denial of Service
source: https://www.securityfocus.com/bid/22059/info Apple WebKit is prone to a denial-of-service vulnerability. Attackers may exploit this issue by enticing victims into opening a malicious HTML document with an application using the affected framework. Successful exploits will result in...
Apple WebKit build 18794 - WebCore Remote Denial of Service
Apple WebKit build 18794 - WebCore Remote Denial of Service source: https://www.securityfocus.com/bid/22059/info Apple WebKit is prone to a denial-of-service vulnerability. Attackers may exploit this issue by enticing victims into opening a malicious HTML document with an application using the...
phpWebThings 1.5.2 (editor.php) Remote File Include Vulnerability
+------------------------------------------------------------------------------------------- + phpWebThings 1.5.2 editor.php Remote File Include Vulnerability +------------------------------------------------------------------------------------------- + Affected Software .: phpWebThings 1.5.2 +...
ASPNuke <= 0.80 (register.asp) Remote SQL Injection Vulnerability
No description provided by source. Title : ASPNuke = 0.80 register.asp Remote SQL Injection Vulnerability Author : ajann S.Page : http://www.aspnuke.com D.Page : http://sourceforge.net/project/showfiles.php?groupid=92470...
ASPNuke <= 0.80 (register.asp) Remote SQL Injection Vulnerability
Exploit for unknown platform in category web applications ================================================================= ASPNuke = 0.80 register.asp Remote SQL Injection Vulnerability ================================================================= Title : ASPNuke = 0.80 register.asp Remote S...