46 matches found
EUVD-2008-6078
Malware in sbrugna...
EUVD-2008-2694
Malware in sbrugna...
EUVD-2008-6218
Malware in sbrugna...
EUVD-2008-6219
Malware in sbrugna...
EUVD-2008-2693
Malware in sbrugna...
Apache-mod_cgi-Shellshock
Shellshock apache modcgi remote exploit rhost: victim host rport: victim port for TCP shell binding lhost: attacker host for TCP shell reversing lport: attacker port for TCP shell reversing pages: specific cgi vulnerable pages separated by comma proxy: host:port proxy ! /usr/bin/env python from...
Apache mod_cgi - Shellshock Remote Command Injection
Apache modcgi - Shellshock Remote Command Injection ! /usr/bin/env python from socket import from threading import Thread import thread, time, httplib, urllib, sys stop = False proxyhost = "" proxyport = 0 def usage: print """ Shellshock apache modcgi remote exploit Usage: ./exploit.py var= Vars:...
Apache mod_cgi Remote Command Execution
! /usr/bin/env python from socket import from threading import Thread import thread, time, httplib, urllib, sys stop = False proxyhost = "" proxyport = 0 def usage: print """ Shellshock apache modcgi remote exploit Usage: ./exploit.py var= Vars: rhost: victim host rport: victim port for TCP shell...
Galatolo Web Manager <= 1.0 - Remote SQL Injection Exploit
No description provided by source. !/usr/bin/perl -w Portal : Galatolo WebManager 1.0 exploit aported password crypted exploit tatjibe password mcrypté :d mgharba :d:d:d:d Founded & Exploited by : Stack Contact: Ev!L = see down Greetz : Houssamix & Djekmani & Jadi & Simo64 & iuoisn & All muslims...
CVE-2008-6300
Galatolo WebManager 1.3a allows remote attackers to bypass authentication and gain administrative access by setting the 1 gwmuser and 2 gwmpass cookies to admin. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
Authentication flaw
Galatolo WebManager 1.3a allows remote attackers to bypass authentication and gain administrative access by setting the 1 gwmuser and 2 gwmpass cookies to admin. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
CVE-2008-6300
Galatolo WebManager 1.3a allows remote attackers to bypass authentication and gain administrative access by setting the 1 gwmuser and 2 gwmpass cookies to admin. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
CVE-2008-6300
Galatolo WebManager 1.3a is affected by an authentication bypass vulnerability. CVE-2008-6300 allows remote attackers to gain administrative access by setting the gwm_user and gwm_pass cookies to admin. Root cause described as cookie-based auth bypass; no explicit exploit code or in-the-wild deta...
CVE-2008-6249
SQL injection vulnerability in plugins/users/index.php in Galatolo WebManager 1.3a and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter...
Sql injection
SQL injection vulnerability in plugins/users/index.php in Galatolo WebManager 1.3a and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter...
Cross site scripting
Cross-site scripting XSS vulnerability in all.php in Galatolo WebManager 1.3a and earlier allows remote attackers to inject arbitrary web script or HTML via the tag parameter...
CVE-2008-6248
Cross-site scripting XSS vulnerability in all.php in Galatolo WebManager 1.3a and earlier allows remote attackers to inject arbitrary web script or HTML via the tag parameter...
CVE-2008-6249
CVE-2008-6249 affects Galatolo WebManager (v1.3a and earlier). The vulnerability is in plugins/users/index.php and allows remote attackers to inject SQL via the id parameter, enabling execution of arbitrary SQL commands. The available records do not provide a confirmed patch version or remediatio...
CVE-2008-6248
This entry relates to CVE-2008-6248, a Cross-site Scripting (XSS) vulnerability affecting Galatolo WebManager 1.3a and earlier. The issue is in all.php, with the tag parameter enabling remote attackers to inject arbitrary web script or HTML. Affected component: all.php in Galatolo WebManager; roo...
CVE-2008-6249
SQL injection vulnerability in plugins/users/index.php in Galatolo WebManager 1.3a and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter...