1915 matches found
KloNews Cross Site Scripting
KloNews Cross-Site Scripting XSS Author : cr4wl3r Download : http://easy-script.com/scripts-dl/klonews2.rar Tested on: GNU/LINUX PoC : KloNewspath/cat.php?cat=alertdocument.cookie;...
DSA-1975-1 etch - end of life
Security Support for Debian GNU/Linux 4.0 to be discontinued on February 15th One year after the release of Debian GNU/Linux 5.0 alias 'lenny' and nearly three years after the release of Debian GNU/Linux 4.0 alias 'etch' the security support for the old distribution 4.0 alias 'etch' is coming to ...
[SECURITY] [DSA 1973-1] New glibc packages fix information disclosure
------------------------------------------------------------------------ Debian Security Advisory DSA-1973-1 [email protected] http://www.debian.org/security/ Aurelien Jarno January 19, 2010 http://www.debian.org/security/faq -...
[SECURITY] [DSA-1970-1] New openssl packages fix denial of service
------------------------------------------------------------------------ Debian Security Advisory DSA-1970-1 [email protected] http://www.debian.org/security/ Stefan Fritsch January 13, 2010 http://www.debian.org/security/faq -...
[SECURITY] [DSA-1969-1] New krb5 packages fix denial of service
------------------------------------------------------------------------ Debian Security Advisory DSA-1969-1 [email protected] http://www.debian.org/security/ Giuseppe Iuculano January 12, 2010 http://www.debian.org/security/faq -...
[SECURITY] [DSA-1965-1] New phpldapadmin packages fix remote file inclusion
------------------------------------------------------------------------ Debian Security Advisory DSA-1965 [email protected] http://www.debian.org/security/ Giuseppe Iuculano January 06, 2010 http://www.debian.org/security/faq -...
[SECURITY] [DSA-1953-2] New expat packages fix regression
------------------------------------------------------------------------ Debian Security Advisory DSA-1953-2 [email protected] http://www.debian.org/security/ Stefan Fritsch December 31, 2009 http://www.debian.org/security/faq -...
Mandriva Security Advisory MDVSA-2009:244-1 (xfig)
The remote host is missing an update to xfig announced via advisory MDVSA-2009:244-1. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR...
Ptag 4.0.0 Remote File Inclusion
Exploit Title: Ptag sqltable = ptagprefix."session"; $this - cookiename = ptagprefix."session"; //If RSS mode, switch session to non-viewed tracker. if ptagoutput == "rss" parent::construct$ptagsql, sha1""; else parent::construct$ptagsql; ? PoC Ptagpath/lib/session.php?ptagdir=Shell Code sql.php...
FestOS 2.2.1 Remote File Inclusion
Exploit Title: FestOs $reports header"Location:index.php"; include "includes/reportheader.php"; ? 3xplo!t : festospath/admin/reportsplacement.php?ABSOLUTEFILEPATH=Shell Code : FestOS.php requireonce$config'ABSOLUTEFILEPATH'."core/sessions.php"; 3xplo!t :...
3Com OfficeConnect Routers DoS (Content-Type)
No description provided by source. Model - Tested on 3Com OfficeConnect ADSL Wireless 11g Firewall Router 3CRWDR100A-72 and 3CRWDR100Y-72 Software Version - Tested on 2.06T13 Apr 2007, last version for these routers Attacker - Tested from GNU/Linux Sidux and Ubuntu and Windows 7 Exploit languaje ...
60cycleCMS 2.5.0 Remote File Inclusion
60cycleCMS = 2.5.0 Remote File Include Exploit Date: 19-12-2009 Author: cr4wl3r Software Link: http://60cycle.net Tested on: GNU/LINUX 60cycleCMSpath/common/sqlConnect.php?DOCUMENTROOT=SHELL DIRECTORY/something...
SaurusCMS 4.6.4 Remote File Inclusion
Exploit Title: SaurusCMS = 4.6.4 Multiple RFI Exploit Date: 19-12-2009 Author: cr4wl3r Software Link: http://www.saurus.info Version: N/A Tested on: GNU/LINUX Code class.writeexcelworkbook.inc.php global $classpath; requireonce $classpath."excel/class.writeexcelbiffwriter.inc.php"; requireonce...
SaurusCMS <= 4.6.4 Multiple RFI Exploit
Exploit for unknown platform in category web applications ======================================= SaurusCMS = 4.6.4 Multiple RFI Exploit ======================================= Exploit Title: SaurusCMS = 4.6.4 Multiple RFI Exploit Date: 19-12-2009 Author: cr4wl3r Software Link:...
FestOs <= 2.2.1 Multiple RFI Exploit
No description provided by source. Exploit Title: FestOs = 2.2.1 Multiple RFI Exploit Date: 19-12-2009 Author: cr4wl3r Software Link: http://code.google.com/p/festos/downloads/list Version: N/A Tested on: GNU/LINUX Code : reportsplacement.php ?php $title = "Jury Sheet Report";...
Ptag 4.0.0 - Multiple Remote File Inclusions
Exploit Title: Ptag sqltable = ptagprefix."session"; $this - cookiename = ptagprefix."session"; //If RSS mode, switch session to non-viewed tracker. if ptagoutput == "rss" parent::construct$ptagsql, sha1""; else parent::construct$ptagsql; ? PoC Ptagpath/lib/session.php?ptagdir=Shell Code sql.php...
3Com OfficeConnect Routers - Remote Denial of Service
3Com OfficeConnect Routers - Remote Denial of Service Model - Tested on 3Com OfficeConnect ADSL Wireless 11g Firewall Router 3CRWDR100A-72 and 3CRWDR100Y-72 Software Version - Tested on 2.06T13 Apr 2007, last version for these routers Attacker - Tested from GNU/Linux Sidux and Ubuntu Exploit...
CFAGCMS SQL Injection Exploit
No description provided by source. Exploit Title: CFAGCMS SQL Injection Exploit Date: 20-12-2009 Author: cr4wl3r Software Link: http://sourceforge.net/project/showfiles.php?groupid=197936 Version: N/A Tested on: GNU/LINUX Code right.php $title = $GET'title'; $query = "SELECT FROM pages WHERE titl...
Lizard Cart Multiple SQL Injection Exploit
Exploit for unknown platform in category web applications ========================================== Lizard Cart Multiple SQL Injection Exploit ========================================== Exploit Title: Lizard Cart Multiple SQL Injection Exploit Date: 20-12-2009 Author: cr4wl3r Software Link:...
FestOs <= 2.2.1 Multiple RFI Exploit
Exploit for unknown platform in category web applications ==================================== FestOs $reports header"Location:index.php"; include "includes/reportheader.php"; ? 3xplo!t : festospath/admin/reportsplacement.php?ABSOLUTEFILEPATH=Shell Code : FestOS.php...