6972 matches found
SMF-xss.txt
title: Simple Machines Forum SMF XSS issue author: Jose Carlos Norte discovered by: Jose Carlos Norte 1. introduction Simple machines forum is a popular scalable free bulletin board system written in php over mysql database, the url of the project: http://www.simplemachines.org/ 2. XSS problem SM...
HP-UX 11i - 'LIBC TZ' Enviroment Variable Privilege Escalation
/ HP-UX libc timezone environment overflow exploit ================================================ HP-UX libc contains an exploitable stack overflow in the handling of "TZ" environment variable. The problem occurs due to insufficient bounds checking in the localtimer and related functions. Any...
Simple Machines Forum (SMF) XSS issue
title: Simple Machines Forum SMF XSS issue author: Jose Carlos Norte discovered by: Jose Carlos Norte 1. introduction Simple machines forum is a popular scalable free bulletin board system written in php over mysql database, the url of the project: http://www.simplemachines.org/ 2. XSS problem SM...
PHP Top webs (config.php) Remote File Inclue Vulnerability
===================================================================== PHP Top webs config.php Remote File Inclue Vulnerability ===================================================================== Author : Le CoPrA ===================================================================== Download...
cPanel <= 10.8.x (cpwrap via mysqladmin) Local Root Exploit (php)
Exploit for unknown platform in category web applications ================================================================= cPanel cPanel Sorry Safe-mode Is On Script Not Work On This Server "; echo "Powered By Ashiyane Security Corporation www.Ashiyane.ir"; exit; $disablef =...
phpBB Import Tools Mod <= 0.1.4 Remote File Include Vulnerability
Exploit for unknown platform in category web applications ================================================================= phpBB Import Tools Mod = 0.1.4 Remote File Include Vulnerability ================================================================= Title: phpBB Import Tools Mod = 0.1.4...
phpBB Import Tools Mod <= 0.1.4 Remote File Include Vulnerability
No description provided by source. Title: phpBB Import Tools Mod = 0.1.4 phpbbrootpath Remote File Inclusion Author/Discovery: boecke Vulnerability Type: Remote File Inclusion Risk: High Risk Software Affected: phpBB Import Tools Mod = 0.1.4 Literally shouts to: str0ke and henrik Don't promote...
CVE-2006-4927
The a NAVENG NAVENG.SYS and b NAVEX15 NAVEX15.SYS device drivers 20061.3.0.12 and later, as used in Symantec AntiVirus and security products, allow local users to gain privileges by overwriting critical system addresses using a crafted Irp to the IOCTL functions 1 0x222AD3, 2 0x222AD7, and 3...
phpBB User Viewed Posts Tracker 1.0 - Remote File Inclusion
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= phpBB User Viewed Posts Tracker Version = 1.0 phpbbrootpath File Include Vulnerability -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Discovered by XORONturkish...
CVE-2006-4927
The a NAVENG NAVENG.SYS and b NAVEX15 NAVEX15.SYS device drivers 20061.3.0.12 and later, as used in Symantec AntiVirus and security products, allow local users to gain privileges by overwriting critical system addresses using a crafted Irp to the IOCTL functions 1 0x222AD3, 2 0x222AD7, and 3...
CVE-2006-5153
The 1 fwdrv.sys and 2 khips.sys drivers in Sunbelt Kerio Personal Firewall 4.3.268 and earlier do not validate arguments passed through to SSDT functions, including NtCreateFile, NtDeleteFile, NtLoadDriver, NtMapViewOfSection, NtOpenFile, and NtSetInformationFile, which allows local users to caus...
USN-338-1: MySQL vulnerabilities
Dmitri Lenev discovered that arguments of setuid SQL functions were evaluated in the security context of the functions' definer instead of its caller. An authenticated user with the privilege to call such a function could exploit this to execute arbitrary statements with the privileges of the...
iziContents <= RC6 GLOBALS[] Remote Code Execution Exploit
Exploit for unknown platform in category web applications ========================================================== iziContents include/rssfunctions.php line 32-40: .... $GLOBALS"rootdp" = './'; requireonce $GLOBALS"rootdp"."include/config.php"; requireonce $GLOBALS"rootdp"."include/db.php";...
startpage10.txt
-------------------------------------------------------------------------------------------- Startpage 1.0 cfgLanguage Remote File Inclusion -------------------------------------------------------------------------------------------- Author : Sh3ll Date : 2006/08/10 HomePage : http://www.sh3ll.ir...
Integramod Portal 2.0 rc2 - phpbb_root_path Remote File Inclusion
Integramod Portal 2.0 rc2 - phpbbrootpath Remote File Inclusion matasanos Integramod Portal 2.x File Inclusion Vulnerabilities affected software: Integramod Portal vendor: Integramod . you can donwload it from http://www.integramod.com level: Highly Critical muy critico...
kernel security update
CentOS Errata and Security Advisory CESA-2006:0575 Updated kernel packages are now available as part of ongoing support and maintenance of Red Hat Enterprise Linux version 4. This update has been rated as having important security impact by the Red Hat Security Response Team. The Linux kernel...
RealVNC integer overflow
Integer overflow in clipboard processing functions readClientCutText/readServerCutText...
CVE-2006-4127
Multiple format string vulnerabilities in DConnect Daemon 0.7.0 and earlier allow remote administrators to execute arbitrary code via format string specifiers that are not properly handled when calling the 1 privmsg or 2 pubmsg functions from a cmd.user.c, b penalties.c, or c cmd.dc.c...
Microsoft Windows Server Service RPC Request Buffer Overrun (MS06-040; CVE-2006-3439)
The Server Service SRVSVC is one of the network services supplied by Microsoft. It supports file, print, and named-pipe sharing over Windows-based networks, and allows named pipe communication between applications running on distributed systems. By supplying malformed parameters to some of the AP...
SAPID CMS remote File Inclusion vulnerabilities
Title: SAPID CMS remote File Inclusion Vulnerabilities Author: Simo64 simo64atmorxorg Discovered: 06 Aout 2006 MorX Security Research Team http://www.morx.org Vendor : SAPID CMS Version : 123 rc3 Website : http://sapid.sourceforge.net Severity: Critical Details: + Remote File Inclusion 1 vulnerab...