Blind Sql-Injection in Joomla 1.5 RC3

Thanks to team of Darkc0de.com Blind Sql-Injection in Joomla 1.5 RC3 URL : http://localhost/index.php 1. Parameter = view The following changes were applied to the original request: • Set parameter 'view's value to 'somechars'20+20'article' POC URL :...

Several persistent XSS and CSRF on Wireless-G ADSL Gateway with SpeedBooster (WAG54GS)

http://www.gnucitizen.org/blog/persistent-xss-and-csrf-on-wireless-g-adsl-gateway-with-speedbooster-wag54gs The following vulns were found on 24 June 2007 and were tested against firmware V1.00.06. The specific persistent XSS holes mentioned in this advisory were fixed by Cisco on firmware versio...

irb, ruby security update

CentOS Errata and Security Advisory CESA-2007:0961 Updated ruby packages that fix several security issues are now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Ruby is an interpreted scripting languag...

Moderate: Red Hat Security Advisory: ruby security update

Updated ruby packages that fix several security issues are now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Ruby is an interpreted scripting language for object-oriented programming. A flaw was...

Cross site scripting

Cross-site scripting XSS vulnerability in Hitachi Web Server 01-00 through 03-10, as used by certain Cosminexus products, allows remote attackers to inject arbitrary web script or HTML via unspecified HTTP requests that trigger creation of a server-status page...

PYSEC-2007-1

The internationalization i18n framework in Django 0.91, 0.95, 0.95.1, and 0.96, and as used in other products such as PyLucid, when the USEI18N option and the i18n component are enabled, allows remote attackers to cause a denial of service memory consumption via many HTTP requests with large...

Cross site scripting

Cross-site scripting XSS vulnerability in the CAD service in IBM Tivoli Storage Manager TSM Client 5.3.5.3 and 5.4.1.2 for Windows allows remote attackers to inject arbitrary web script or HTML via HTTP requests to port 1581, which generate log entries in a dsmerror.log file that is accessible...

Design/Logic Flaw

The internationalization i18n framework in Django 0.91, 0.95, 0.95.1, and 0.96, and as used in other products such as PyLucid, when the USEI18N option and the i18n component are enabled, allows remote attackers to cause a denial of service memory consumption via many HTTP requests with large...

CVE-2007-4348

Cross-site scripting XSS vulnerability in the CAD service in IBM Tivoli Storage Manager TSM Client 5.3.5.3 and 5.4.1.2 for Windows allows remote attackers to inject arbitrary web script or HTML via HTTP requests to port 1581, which generate log entries in a dsmerror.log file that is accessible...

CVE-2007-5712

The internationalization i18n framework in Django 0.91, 0.95, 0.95.1, and 0.96, and as used in other products such as PyLucid, when the USEI18N option and the i18n component are enabled, allows remote attackers to cause a denial of service memory consumption via many HTTP requests with large...

CVE-2007-4348

Cross-site scripting XSS vulnerability in the CAD service in IBM Tivoli Storage Manager TSM Client 5.3.5.3 and 5.4.1.2 for Windows allows remote attackers to inject arbitrary web script or HTML via HTTP requests to port 1581, which generate log entries in a dsmerror.log file that is accessible...

CVE-2007-4348

CVE-2007-4348 affects IBM Tivoli Storage Manager Client CAD Service (Windows) versions 5.3.5.3 and 5.4.1.2. The vulnerability arises from insufficient sanitisation of input in HTTP requests to port 1581, which is logged to dsmerror.log and exposed via a web interface. This XSS can allow remote at...

CVE-2007-5712

The internationalization i18n framework in Django 0.91, 0.95, 0.95.1, and 0.96, and as used in other products such as PyLucid, when the USEI18N option and the i18n component are enabled, allows remote attackers to cause a denial of service memory consumption via many HTTP requests with large...

CVE-2007-5712

The internationalization i18n framework in Django 0.91, 0.95, 0.95.1, and 0.96, and as used in other products such as PyLucid, when the USEI18N option and the i18n component are enabled, allows remote attackers to cause a denial of service memory consumption via many HTTP requests with large...

Secunia Research: IBM Tivoli Storage Manager Client CAD Service Script Insertion

====================================================================== Secunia Research 29/10/2007 - IBM Tivoli Storage Manager Client CAD Service Script Insertion - ====================================================================== Table of Contents Affected...

smf-blind.txt

SMF is a very hardened php application. If anyone wants an example of some interesting PHP security SMF is a good place to look. Even after being able to injection SQL I had to take another step and bypass some difficult filters found in the dbquery function. Ultimately i was able to do so. This...

Simple Machines Forum (SMF) 1.1.3 - Blind SQL Injection

!/usr/bin/perl Written By Michael Brooks contact: th3dotr00katgmaildotcom SMF 1.1.3 Extremely fast Blind SQL Injection Exploit! -Binary Search -Multi-Threaded -NO benchmark's Two SQL Injection flaws. Works with magicquotesgpc=On or Off. Total Bypass of SMF's SQL Injection filter. I submitted a...

mdpro1076-sql.txt

!/usr/bin/perl use strict; use IO::Socket; my $app = "MDPro 1.0.76"; my $type = "SQL Injection"; my $author = "undefined1"; my $settings = "magicquotesruntime = off, mysql = 4.1.0"; $| = 1; print ":: $app $type - by $author ::\n\n\n"; my $url = shift || usage; if$url = m/^?:http://./ $url = $1;...

Boa 0.93.15 - Administrator Password Overwrite Authentication Bypass

Boa 0.93.15 - Administrator Password Overwrite Authentication Bypass source: https://www.securityfocus.com/bid/25676/info Boa is prone to an authentication-bypass vulnerability because the application fails to ensure that passwords are not overwritten by specially crafted HTTP Requests. An attack...

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in the device management interface in Buffalo AirStation WHR-G54S 1.20 allows remote attackers to make configuration changes as an administrator via HTTP requests to certain HTML pages in the res parameter with an inp req parameter to cgi-bin/cgi, as...