6972 matches found
CVE-2006-6834
Multiple unspecified vulnerabilities in Joomla! before 1.0.12 have unknown impact and attack vectors related to 1 "unneeded legacy functions" and 2 "Several low level security fixes."...
CVE-2006-5974
fetchmail 6.3.5 and 6.3.6 before 6.3.6-rc4, when refusing a message delivered via the mda option, allows remote attackers to cause a denial of service crash via unknown vectors that trigger a NULL pointer dereference when calling the 1 ferror or 2 fflush functions...
CVE-2006-6808
Cross-site scripting XSS vulnerability in wp-admin/templates.php in WordPress 2.0.5 allows remote attackers to inject arbitrary web script or HTML via the file parameter. NOTE: some sources have reported this as a vulnerability in the getfiledescription function in wp-admin/admin-functions.php...
CVE-2006-6771
Multiple PHP remote file inclusion vulnerabilities in Irokez CMS 0.7.1 and earlier, when registerglobals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the 1 GLOBALSPTHfunc parameter in a scripts/gallery.scr.php; the 2 GLOBALSPTHspaw parameter in b...
PHP-Update 2.7 - adminuploads.php Remote Code Execution
PHP-Update 2.7 - adminuploads.php Remote Code Execution !/usr/bin/perl rgod u fucking little piece of shit faggot. way to ruin a private exploit, scumbag use strict; use IO::Socket; use MIME::Base64; use Getopt::Std; my $app = "PHP-Update 2.7"; my $type = "Remote Code Execution"; my $author =...
Sun Java Runtime Environment multiple security vulnerabilities
Multiple vulnerabilities allow sandbox protection bypass and system functions access...
Multiple Mozilla Firefox / Thunderbird / Seamonkey security vulnerabilities
Crossite scripting with functions prototypes. Information leak. Buffer overflows on oversized Content-Type fields in messages. Memory corruption on SVG header. Crossite scripting with img.src. DoS. JavaScript watchpoint privilege escalation. CSS image cursor property buffer overflow. Multiple...
cwmVote 1.0 - 'archive.php' Remote File Inclusion
cwmVote 1.0 File Include Vulnerability F0und3R: bd0rk || SOH-Crew Website: www.soh-crew.it.tt Download: http://explorer.cwm-design.de/dirs/41/cwmVote.rar Vulnerable Code in archive.php Code: include$abs."inc/functions.inc.php"; include$abs."inc/conf.mysql.inc.php";...
CVE-2006-5581
Unspecified vulnerability in Microsoft Internet Explorer 6 allows remote attackers to execute arbitrary code via certain DHTML script functions, such as normalize, and "incorrectly created elements" that trigger memory corruption, aka "DHTML Script Function Memory Corruption Vulnerability."...
phpNewsManagerfunctions.php脚本文件泄露漏洞 Exploit
No description provided by source. G00db0y ([email protected])提供了如下测试方法: http://address/directory/functions.php?clang=../../../../../../../../../../../../etc/passwd...
Microsoft Netware Client Service Memory Corruption (MS06-066; CVE-2006-4688)
Client Services for NetWare CSNW provides a Windows workstation with access to NetWare file, print, and directory services. This gives users the ability to store and retrieve documents from NetWare file servers, print to NetWare print queues, and log on to Novell Directory Services NDS. By...
PhotoCart 3.9 (adminprint.php) Remote File Include Vulnerability
PhotoCart 3.9 adminprint.php Remote File Include Vulnerability Script site: http://www.picturespro.com/store/programs/129-photocart.html Dork : inurl :/PhotoCart/ Bug Found By : irvian GreetZ: jipank,kacung,trangkil,ibnusina,cah|gemblunkz,zoid Special greetz: patihack hitamputih nyubicrew bug fou...
Outpost Firewall privilege escalation
Insufficient incoming data validation for DeviceSandBox device driver and SSDT hoocked functions...
CVE-2006-5777
Creasito E-Commerce Content Manager 1.3.08 allows remote attackers to bypass authentication and perform privileged functions via a non-empty finame parameter to 1 addnewcont.php, 2 adminpassw.php, 3 amministrazione.php, 4 artins.php, 5 bgcolor.php, 6 cancartcat.php, 7 canccat.php, 8 cancelart.php...
CVE-2006-5777
Creasito E-Commerce Content Manager 1.3.08 allows remote attackers to bypass authentication and perform privileged functions via a non-empty finame parameter to 1 addnewcont.php, 2 adminpassw.php, 3 amministrazione.php, 4 artins.php, 5 bgcolor.php, 6 cancartcat.php, 7 canccat.php, 8 cancelart.php...
Soholaunch Pro <= 4.9 r36 Remote File Inclusion Vulnerabilities
Exploit for unknown platform in category web applications =============================================================== Soholaunch Pro = 4.9 r36 Remote File Inclusion Vulnerabilities =============================================================== \ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ /...
Soholaunch Pro 4.9 r36 - Remote File Inclusion
\ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /\ / / / / / .OR.ID ECHOADV57$2006 ----------------------------------------------------------------------------------------------- ECHOADV57$2006Soholaunch Pro =4.9 r36 Multiple Remote File Inclusion Vulnerability...
BlooMooWeb ActiveX unauthorized access
Control has unsafe functions...
CVE-2006-5540
backend/parser/analyze.c in PostgreSQL 8.1.x before 8.1.5 allows remote authenticated users to cause a denial of service daemon crash via certain aggregate functions in an UPDATE statement, which are not properly handled during a "MIN/MAX index optimization."...
USN-369-1: PostgreSQL vulnerabilities
Michael Fuhr discovered an incorrect type check when handling unknown literals. By attempting to coerce such a literal to the ANYARRAY type, a local authenticated attacker could cause a server crash. Josh Drake and Alvaro Herrera reported a crash when using aggregate functions in UPDATE statement...