CVE-2013-5724

Phpbb3 before 3.0.11-4 for Debian GNU/Linux uses world-writable permissions for cache files, which allows local users to modify the file contents via standard filesystem write operations...

CVE-2013-5724

Phpbb3 before 3.0.11-4 for Debian GNU/Linux uses world-writable permissions for cache files, which allows local users to modify the file contents via standard filesystem write operations...

Code injection

Phpbb3 before 3.0.11-4 for Debian GNU/Linux uses world-writable permissions for cache files, which allows local users to modify the file contents via standard filesystem write operations...

CVE-2013-5724

CVE-2013-5724 affects phpBB3 up to version 3.0.11-4 used in Debian GNU/Linux. The issue arises from world-writable permissions on cache files, enabling local users to modify file contents through standard filesystem writes. The vulnerability is localized to systems running the affected phpBB3 pac...

CVE-2013-1662

vmware-mount in VMware Workstation 8.x and 9.x and VMware Player 4.x and 5.x, on systems based on Debian GNU/Linux, allows host OS users to gain host OS privileges via a crafted lsbrelease binary in a directory in the PATH, related to use of the popen library function...

Design/Logic Flaw

vmware-mount in VMware Workstation 8.x and 9.x and VMware Player 4.x and 5.x, on systems based on Debian GNU/Linux, allows host OS users to gain host OS privileges via a crafted lsbrelease binary in a directory in the PATH, related to use of the popen library function...

CVE-2013-1662

CVE-2013-1662 affects VMware Workstation (8.x/9.x) and VMware Player (4.x/5.x) on Debian-based systems. A local attacker can escalate privileges to root by exploiting a crafted lsb_release binary in PATH via vmware-mount’s use of popen(3). The issue is rooted in how vmware-mount handles PATH and ...

CVE-2013-2162

Race condition in the post-installation script mysql-server-5.5.postinst for MySQL Server 5.5 for Debian GNU/Linux and Ubuntu Linux creates a configuration file with world-readable permissions before restricting the permissions, which allows local users to read the file and obtain sensitive...

CVE-2013-2162

Race condition in the post-installation script mysql-server-5.5.postinst for MySQL Server 5.5 for Debian GNU/Linux and Ubuntu Linux creates a configuration file with world-readable permissions before restricting the permissions, which allows local users to read the file and obtain sensitive...

Integrated CMS 1.0 - SQL Injection

========================================================================================================== /Exploit Title : Integrated CMS Saudi SQL Injection \ /Exploit Author : DSST \ /Vendor Home Page : in2sol.com \ /Tested on: Windows 7,GNU/Linux,Windows XP,Windows 8 \ /Google Dork:...

Integrated CMS - SQL Injection Vulnerability

Exploit for php platform in category web applications ========================================================================================================== /Exploit Title : Integrated CMS Saudi SQL Injection \ /Exploit Author : DSST \ /Vendor Home Page : in2sol.com \ /Tested on: Windows...

Prestige Software CMS File Disclosure

Exploit Title : Prestige Software CMS Local File Disclosure Author : IrIsT.Ir Discovered By : BeniVanda Home : http://IrIsT.Ir/en/ Software Link : http://www.prestijsoftware.com/tr/ Security Risk : High Version : All Version Tested on : GNU/Linux Ubuntu/BT/Fedora - win7 Dork : intext:Bu site...

CVE-2013-2162

Race condition in the post-installation script mysql-server-5.5.postinst for MySQL Server 5.5 for Debian GNU/Linux and Ubuntu Linux creates a configuration file with world-readable permissions before restricting the permissions, which allows local users to read the file and obtain sensitive...

MiniUPnPd 1.0 Stack Buffer Overflow Remote Code Execution

This Metasploit module exploits the MiniUPnP 1.0 SOAP stack buffer overflow vulnerability present in the SOAPAction HTTP header handling. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more...

MiniUPnPd 1.0 - Remote Stack Buffer Overflow Remote Code Execution (Metasploit)

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 'MiniUPnPd 1.0 Stack Buffer Overflow...

Monkey HTTPD 1.1.1 - Denial of Service Vulnerability

Title: ====== Monkey HTTPD 1.1.1 - Denial of Service Vulnerability Date: ===== 2013-05-28 References: =========== http://bugs.monkey-project.com/ticket/181 Introduction: ============= Monkey is a lightweight and powerful web server for GNU/Linux. It has been designed to be very scalable with low...

Monkey HTTPD 1.1.1 Denial Of Service

Title: ====== Monkey HTTPD 1.1.1 - Denial of Service Vulnerability Date: ===== 2013-05-28 References: =========== http://bugs.monkey-project.com/ticket/181 Introduction: ============= Monkey is a lightweight and powerful web server for GNU/Linux. It has been designed to be very scalable with low...

Immunity Canvas: PERF_SWEVENT_INIT

Name| perfsweventinit ---|--- CVE| CVE-2013-2094 Exploit Pack| CANVAS Description| perfsweventinit local root Notes| Repeatability: Infinite Notes: Tested on: - Ubuntu 12.10 quantal x8664 3.5.0-27-generic VENDOR: GNU/Linux CVE Url: https://vulners.com/cve/CVE-2013-2094 CVE Name: CVE-2013-2094...

MyBB Games Cross Site Scripting

Exploit Title :Mybb Games xss Vul Author : DarkSnipper ,Dream.Killer & Soulinj3ctor Discovered By : [email protected] Home : http://cybercoders.org Link : http://mods.mybb.com/view/game-section Security Risk : High Version : All Tested on : GNU/Linux Ubuntu - Windows Server - win7 Dork :...

ClamAV < 0.97.8 Multiple Vulnerabilities

According to its version, the ClamAV clamd antivirus daemon on the remote host is earlier than 0.97.8 and is, therefore, potentially affected by the following vulnerabilities : - An overflow condition exists in the 'getsisstring' function in 'libclamav/sis.c' when handling SIS content. This flaw...