EUVD-2006-1035

Malware in sbrugna...

iGenus邮件系统<=5.0任意代码执行漏洞

No description provided by source...

iGenus mail system 5. 0 and the following version in the login. php at the presence of XSS vulnerabilities

No description provided by source...

iGENUS系统COOKIE注入

简要描述： RT 详细说明： GET /login.php?Cmd=error&Code=-1&Lang= HTTP/1.1 Host: ... Cache-Control: max-age=0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/;q=0.8 Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 Macintosh; Intel Mac OS X 10105 AppleWebKit/537.36 KHTML, like...

iGENUS系统某处任意文件遍历

简要描述： RT 详细说明： 开始提交的是看到http://.../bugs/wooyun-2010-0136712。还以为是重复了。仔细看看原来不是重复的。同样的是Lang存在遍历，%00截断 http://...//sys/login.php?Lang=../../../../../../../../../../etc/passwd%00.jpeg&cmd=form 谷歌搜索关键字:iGENUS-系统管理中心 ...:8090/sys/login.php?cmd=form 部分案例 http://...:8090/sys/login.php?cmd=form...

iGENUS 邮件系统 V5.0 任意文件读取漏洞

login.php 文件中，选择语言环境后会读取语言文件，并加载到页面，后台接到请求后，没有对 Lang 参数过滤，就直接读取文件，从而造成任意文件读取漏洞。 http://221.130.182.230/igenus/login.php?Lang=../../../../../../../../../../etc/passwd%00.jpg...

iGENUS WebMail <= 2.0.2 (config_inc.php) Remote Code Execution Exploit

No description provided by source. !/usr/bin/perl use IO::Socket; print \r\n; print iGENUS WebMail = 2.0.2 remote commads xctn\r\n; print - works against PHP5 with registerglobals = On\r\n; print & allowurlfopen = On\r\n; print by rgod rgodATautisticiDOTorg\r\n; print site:...

iGenus邮件系统 邮件储存型XSS(打开自动触发，多家政府，企业在使用）

简要描述： - iGenus邮件系统 邮件储存型XSS打开自动触发，多家政府，企业在使用） - 中国科学技术大学选用爱琴思邮件系统 - 北京市丰台教委量身定制教委应用邮件系统 - 浙江财经学院牵手爱琴思邮件系统 - 北京锐迪科微电子再次牵手爱琴思邮件 - 北京汉王科技再次选购爱琴思邮件系统 - 西安乐尚网络选购爱琴思邮件系统 - 北京瑞地通信选购爱琴思邮件系统 - 北京理工大学再次签约爱琴思邮件 - 上海宏洋网络选购爱琴思邮件系统 - 东软集团股份有限公司选购爱琴思邮件系统 - 上海劲霸投资公司选购爱琴思邮件系统 - 热烈祝贺中铁八局再次采购爱琴思邮件系统 - 卢米埃影业选购爱琴思邮件系...

Code injection

config/configinc.php in iGENUS Webmail 2.02 and earlier allows remote attackers to include arbitrary local files via the SGHOME parameter...

CVE-2006-1031

config/configinc.php in iGENUS Webmail 2.02 and earlier allows remote attackers to include arbitrary local files via the SGHOME parameter...

CVE-2006-1031

config/configinc.php in iGENUS Webmail 2.02 and earlier allows remote attackers to include arbitrary local files via the SGHOME parameter...

CVE-2006-1031

CVE-2006-1031 affects iGENUS Webmail 2.02 and earlier. The vulnerability allows a remote attacker to include arbitrary local files via the SG_HOME parameter in config/config_inc.php. This can impact confidentiality, integrity, and availability (partial). The NVD entry lists a base CVSS v2 score o...

[SA19036] iGENUS Webmail File Inclusion Vulnerability

TITLE: iGENUS Webmail File Inclusion Vulnerability SECUNIA ADVISORY ID: SA19036 VERIFY ADVISORY: http://secunia.com/advisories/19036/ CRITICAL: Moderately critical IMPACT: Exposure of sensitive information WHERE: From remote SOFTWARE: iGENUS Webmail 2.x http://secunia.com/product/8368/ DESCRIPTIO...

igenus_remote.txt

!/usr/bin/perl use IO::Socket; print "\r\n"; print "iGENUS WebMail works against PHP5 with registerglobals = On\r\n"; print " & allowurlfopen = On\r\n"; print "by rgod rgodautisticiorg\r\n"; print "site: http://retrogod.altervista.org\r\n\r\n"; print "dork: intitle:"igenus webmail login"\r\n";...

iGENUS WebMail <= 2.0.2 (config_inc.php) Remote Code Execution Exploit

Exploit for unknown platform in category web applications ====================================================================== iGENUS WebMail works against PHP5 with registerglobals = On\r\n"; print " & allowurlfopen = On\r\n"; print "by rgod rgodautisticiorg\r\n"; print "dork: intitle:"igenus...

iGENUS WebMail &lt;= 2.0.2 (config_inc.php) Remote Code Execution Exploit

No description provided by source. !/usr/bin/perl use IO::Socket; print "\r\n"; print "iGENUS WebMail = 2.0.2 remote commads xctn\r\n"; print "- works against PHP5 with registerglobals = On\r\n"; print " & allowurlfopen = On\r\n"; print "by rgod rgodATautisticiDOTorg\r\n"; print "site:...

iGENUS WebMail 2.0.2 - &#039;config_inc.php&#039; Remote Code Execution

!/usr/bin/perl use IO::Socket; print "\r\n"; print "iGENUS WebMail works against PHP5 with registerglobals = On\r\n"; print " & allowurlfopen = On\r\n"; print "by rgod rgodautisticiorg\r\n"; print "site: http://retrogod.altervista.org\r\n\r\n"; print "dork: intitle:"igenus webmail login"\r\n";...

iGENUS WebMail 2.0.2 - config_inc.php Remote Code Execution

iGENUS WebMail 2.0.2 - configinc.php Remote Code Execution !/usr/bin/perl use IO::Socket; print "\r\n"; print "iGENUS WebMail works against PHP5 with registerglobals = On\r\n"; print " & allowurlfopen = On\r\n"; print "by rgod rgodautisticiorg\r\n"; print "site:...