1138 matches found
cijfer-mnxpl.pl.txt
!/usr/bin/perl Magic News Plus All rights reserved. An input validation flaw exists within 'settings.php' of Magic News Plus which can lead to the changing of the administrative password. Here is where the problem is line 108 of 426: ... 1 elseif $action == "change" ... 2 if $passwd !=...
WinProxy < 6.1a HTTP Proxy Multiple Vulnerabilities
The remote host is running WinProxy, a proxy server for Windows. The installed version of WinProxy's HTTP proxy fails to handle long requests as well as requests with long Host headers. An attacker may be able to exploit these issues to crash the proxy or even execute arbitrary code on the affect...
Magic News Plus 1.0.3 - Admin Pass Change
Magic News Plus 1.0.3 - Admin Pass Change !/usr/bin/perl Magic News Plus All rights reserved. An input validation flaw exists within 'settings.php' of Magic News Plus which can lead to the changing of the administrative password. Here is where the problem is line 108 of 426: ... 1 elseif $action ...
Blue Coat WinProxy proxy server multiple vulnerabilities
HTTP proxy buffer overflow and DoS, telnet proxy DoS...
Dev Web Management System <= 1.5 (cat) Remote SQL Injection Exploit
Exploit for unknown platform in category web applications =================================================================== Dev Web Management System this works regardless of magicquotesgpc setting usage: launch from Apache, fill in requested fields, then go! Sun-Tzu: "Prohibit the taking of...
ProjectForum 4.7.0 vuln.
ProjectForum 4.7.0 vuln. Vuln. dicovered by : r0t Date: 14 dec. 2005 orginal advisory:http://pridels.blogspot.com/2005/12/projectforum-470-vuln.html vendor:http://www.projectforum.com/pf/ affected version:4.7.0 and prior Product Description: ProjectForum provides a professional and easy-to-use...
SimpleBBS 1.1 - Remote Command Execution
this works regardless of magicquotesgpc settings usage: launch from Apache, fill in requested fields, then go! Sun-Tzu: "He will win who knows when to fight and when not to fight." errorreporting0; iniset"maxexecutiontime",0; iniset"defaultsockettimeout", 2; obimplicitflush 1; echo' SimpleBBS bod...
DoceboLms 2.0.4 - 'connector.php' Arbitrary File Upload
DoceboLMS body background-color:111111; SCROLLBAR-ARROW-COLOR: ffffff; SCROLLBAR-BASE-COLOR: black; CURSOR: crosshair; color: 1CB081; img background-color: FFFFFF !important input background-color: 303030 !important option background-color: 303030 !important textarea background-color: 303030...
AD20051202.txt
WinEggDropShell Multiple Remote Stack Overflow by Sowhat 2005.12.02 http://secway.org/advisory/AD20051202.txt http://secway.org/exploit/wineggdropshellbof.py.txt Affected: WinEggDropShell Eterntiy version 1.7 Other version may be vulnerable toooooo Overview: WinEggDropShell is a popular Chinese R...
Xaraya <= 1.0.0 RC4 create() Denial of Service Exploit
No description provided by source. ?php ---XarayaDOS.php 17.30 28/11/2005 Xaraya =1.0.0 RC4 D.O.S coded by rgod site: http://rgod.altervista.org usage: launch from Apache, fill in requested fields, then go! Sun-Tzu: "Hold out baits to entice the enemy. Feign disorder, and crush him."...
EUVD-2003-1276
HTTP Proxy in Sambar Server before 6.0 beta 6, when security.ini lacks a 127.0.0.1 proxydeny entry, allows remote attackers to send proxy HTTP requests to the Sambar Server's administrative interface and external web servers, by making a "Connection: keep-alive" request before the proxy requests...
CVE-2003-1286
HTTP Proxy in Sambar Server before 6.0 beta 6, when security.ini lacks a 127.0.0.1 proxydeny entry, allows remote attackers to send proxy HTTP requests to the Sambar Server's administrative interface and external web servers, by making a "Connection: keep-alive" request before the proxy requests...
CVE-2003-1286
The CVE-2003-1286 issue affects Sambar Server prior to 6.0 beta 6. An HTTP Proxy vulnerability arises when security.ini lacks a 127.0.0.1 proxydeny entry, allowing remote attackers to send proxy HTTP requests to the server’s administrative interface and external web servers by issuing a Connectio...
Mambo 4.5.2 - Globals Overwrite / Remote Command Execution
Mambo body background-color:111111; SCROLLBAR-ARROW-COLOR: ffffff; SCROLLBAR-BASE-COLOR: black; CURSOR: crosshair; color: 1CB081; img background-color: FFFFFF !important input backgr...
Mambo 4.5.2 - Globals Overwrite Remote Command Execution
Mambo 4.5.2 - Globals Overwrite Remote Command Execution Mambo body background-color:111111; SCROLLBAR-ARROW-COLOR: ffffff; SCROLLBAR-BASE-COLOR: black; CURSOR: crosshair; color: 1CB081; img background-color: F...
Header overflow against HTTP proxy
It was possible to kill the HTTP proxy by sending an invalid request with a too long header A cracker may exploit this vulnerability to make your proxy server crash continually or even execute arbitrary code on your system. OpenVAS Vulnerability Test $Id: avirtproxyoverflow.nasl 6702 2017-07-12...
Anti-Scanner Defenses (HTTP)
It seems that the remote web server rejects HTTP requests from the Scanner. It is probably protected by a reverse proxy, WAF or IDS/IPS. SPDX-FileCopyrightText: 2005 Michel Arboi SPDX-FileCopyrightText: New / improved detection code since 2018 Greenbone AG Some text descriptions might be excerpte...
CuteNews <= 1.4.1 (shell inject) Remote Command Execution Exploit
Exploit for unknown platform in category web applications ================================================================= CuteNews CuteNews 1.4.1 re...
CuteNews <= 1.4.1 (shell inject) Remote Command Execution Exploit
No description provided by source. ?php ---cuten141xpl.php 7.13 03/11/2005 CuteNews 1.4.1 shell injection by rgod site: http://rgod.altervista.org usage: launch form Apache, fill in requested fields, then go! make these changes in php.ini if you have troubles with this script:...
Header Overflow Attack against HTTP Proxy
It was possible to crash the HTTP proxy by sending an invalid request with a too long header. SPDX-FileCopyrightText: 2003 Michel Arboi Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...