ODAT - Oracle Database Attacking Tool

ODAT Oracle Database Attacking Tool is an open source penetration testing tool that test the security of Oracle Databases remotely. Usage examples of ODAT: You have an Oracle database listening remotely and want to find valid SIDs and credentials in order to connect to the database You have a val...

SchneiderWEB Server Directory Traversal Vulnerability

OVERVIEW Independent researcher Billy Rios has identified a directory traversal vulnerability in Schneider Electric’s SchneiderWEB, a web HMI. Schneider Electric has produced a firmware update that mitigates this vulnerability. Billy Rios has tested the update to validate that it resolves the...

Power Up HTML 0.8033 beta Directory Traversal Arbitrary File Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/3304/info Power Up HTML is a set of HTML-like commands that can be placed into web pages. It provides a central routing point to simplify programming and customization of CGI scripts. A vulnerability exists in Power Up HT...

Huawei HG866 Authentication Bypass

No description provided by source. Exploit Title: Huawei HG866 Authentication Bypass Date: Jun 14 2012 Exploit Author: hkm Vendor Homepage: http://www.huawei.com Version: V1R2C01SPC202, R3.2.4.92sbn - R3.4.2.257sbn, 3FE53864AOCB16 Tested on: HG866GTAVER.C, 01, 02 Advisory:...

SiteWare 2.5/3.0/3.1 Editor Desktop Directory Traversal Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2868/info Screaming Media is a provider for custom web content. SiteWare Editor Desktop is the web-based administration tool for managing Screaming Media content. SiteWare Editor Desktop is prone to directory traversal...

elron im anti-virus 3.0.3 - Directory Traversal vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2519/info Elron IM is a suite of tools providing internet filtering, virus protection, and other features. Certain non-current versions of products in the Internet Manager suite, including IM Anti-Virus, are vulnerable to...

Polycom ViaVideo 2.2/3.0 - Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/5962/info Polycom ViaVideo devices are prone to a denial of service condition upon receipt of numerous incomplete HTTP requests. This may restrict availability of the device for legitimate users. The device may need to be...

SquirrelMail 1.2.11 move_messages.php Arbitrary File Moving

No description provided by source. source: http://www.securityfocus.com/bid/7952/info Multiple vulnerabilities have been reported for Squirrelmail which could allow for information disclosure, data corruption, and privilege escalation. The problems appear to occur due to insufficient sanitization...

SquirrelMail 1.2.11 Remote Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/7952/info Multiple vulnerabilities have been reported for Squirrelmail which could allow for information disclosure, data corruption, and privilege escalation. The problems appear to occur due to insufficient sanitization...

VisNetic ActiveDefense 1.3.1 - Multiple GET Request Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7428/info A denial of service vulnerability has been discovered in VisNetic ActiveDefense. The problem occurs when multiple HTTP requests are subsequently made to a server, containing a specific amount of data. After...

CUPS 1.1.x Cupsd Request Method Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7637/info The cupsd has been reported prone to a denial of service vulnerability. Reportedly the cupsd does not adequately apply a time-out process for malicious HTTP requests and service is denied to subsequent cupsd...

MiniShare Server 1.3.2 - Remote Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/10417/info Minishare is affected by a remote denial of service vulnerability. This issue is due to a failure of the application to handle improperly formed HTTP requests. This issue will allow an attacker to cause the...

Global Spy Software Cyber Web Filter 2 IP Filter Bypass Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/11562/info Global Spy Software Cyber Web Filter is affected by an IP filter bypass vulnerability. This issue is due to a failure of the application to properly handle exceptional HTTP requests. An attacker may leverage th...

Stark CRM 1.0 - Multiple Vulnerabilities

No description provided by source. ? Stark CRM v1.0 Multiple Script Injection And Session Riding Vulnerabilities Vendor: IWCn Systems Inc. Product web page: http://www.iwcn.ws Affected version: 1.0 Summary: This is a light weight CRM which simplifies process of managing staff, client and projects...

QuickCommerce 2.5/3.0,Cart32 2.5 a/3.0,Shop Express 1.0,StoreCreator 3.0 Web Shopping Cart Hidden Form Field Vulnerability

No description provided by source. E-Commerce Exchange QuickCommerce 2.5/3.0,McMurtrey/Whitaker & Associates Cart32 2.5 a/3.0,Shop Express 1.0,StoreCreator 3.0 Web Shopping Cart Hidden Form Field Vulnerability source: http://www.securityfocus.com/bid/1237/info Various shopping cart applications u...

Edimax EW-7206-APg and EW-7209APg - Multiple Vulnerabilities

No description provided by source. Device Name: EW-7206APg / EW-7209APg Vendor: Edimax ============ Vulnerable Firmware Releases: ============ Device: EW-7206APg Hardware Version Rev. A Runtime Code Version v1.32 Runtime Code Version V1.33 Device: EW-7209APg Hardware Version Rev. A Runtime Code...

Vizer Web Server 1.9.1 - Remote Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/9678/info It has been reported that Vizer Web Server may be prone to a remote denial of service vulnerability that may allow an attacker to cause the affected server to crash, denying service to legitimate users. Vizer We...

PHPWCMS 1.4.5 r398 Cross Site Request Forgery Vulnerability

No description provided by source. ?php / Exploit Title: PHPWCMS Cross-Site Request Forgery Vulnerability Date: 06/16/2010 Author: Jeremiah Talamantes Software Link: http://phpwcms.googlecode.com/files/phpwcmsr398.zip Version: 1.4.5 r398 Tested on: WinXP SP2 EN on WAMP 2.0 CVE: N/A Jeremiah...

Mailtraq 2.2 Webmail Utility Path Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7815/info A vulnerability has been reported for Mailtraq that may result in the disclosure of path information. The vulnerability exists due to insufficient sanitization of HTTP requests. Specifically, a request for...

Apache Web Server 2.0.x MS-DOS Device Name Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/6662/info A vulnerability has been reported in Apache Web server for Microsoft Windows. The vulnerability exists in the way some HTTP requests are handled by the Apache Web server. Specifically, HTTP GET requests that...