CVE-2007-1104

The CVE-2007-1104 entry concerns PHP Module Implementation (PHP-MIP) 0.1, specifically a vulnerability in top.php that allows remote attackers to execute arbitrary PHP code via a URL supplied to the laypath parameter (remote file inclusion). The problem is caused by improper handling of the laypa...

PHP Module Implementation(top.php laypath)Remote File Include Vul

PHP Module Implementationtop.php laypathRemote File Include Vul ^ Downlaoad S : http://sourceforge.net/projects/phpmip/ ^ Author: GolDM = Mahmoodali && Contact: [email protected] ^ In: /path/top.php ^ Vulnerable Code: ^ include"$laypath/body.php"; Line : 23 ^ Exploit:...

Tyger Bug Tracking System 1.1.3 - 'register.php?PATH_INFO' Cross-Site Scripting

source: https://www.securityfocus.com/bid/22799/info Tyger Bug Tracking System is prone to multiple input-validation vulnerabilities, including one SQL-injection issue and two cross-site scripting issues, because the application fails to sufficiently sanitize user-supplied input. Exploiting these...

PHP-MIP 0.1 - 'top.php?laypath' Remote File Inclusion

PHP Module Implementationtop.php laypathRemote File Include Vul ^ Downlaoad S : http://sourceforge.net/projects/phpmip/ ^ Author: GolDM = Mahmoodali && Contact: [email protected] ^ In: /path/top.php ^ Vulnerable Code: ^ include"$laypath/body.php"; Line : 23 ^ Exploit:...

Oracle 10g Database - 'SUBSCRIPTION_NAME' SQL Injection (1)

source: https://www.securityfocus.com/bid/13236/info Oracle database is prone to an SQL-injection vulnerability because the software fails to properly sanitize user-supplied data. The 'SUBSCRIPTIONNAME' parameter is vulnerable. Packages that employ this parameter execute with 'SYS' user privilege...

Aruba Mobility Controller vulnerable to privilege escalation

Overview The Aruba Mobility Controller Management Interface contains a privilege escalation vulnerability. This vulnerability may allow a remote attacker to execute arbitrary code on a vulnerable system. Description The Aruba Mobility Controllers are used to process and control network traffic in...

MDPro 1.0.76 - index.php SQL Injection

MDPro 1.0.76 - index.php SQL Injection source: https://www.securityfocus.com/bid/22293/info MDPro is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to...

CVE-2007-0024

Integer overflow in the Vector Markup Language VML implementation vgx.dll in Microsoft Internet Explorer 5.01, 6, and 7 on Windows 2000 SP4, XP SP2, Server 2003, and Server 2003 SP1 allows remote attackers to execute arbitrary code via a crafted web page that contains unspecified integer properti...

PHPKit 1.6.1 - comment.php SQL Injection

PHPKit 1.6.1 - comment.php SQL Injection source: https://www.securityfocus.com/bid/21962/info PHPKIT is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to...

CVE-2006-6900

Unspecified vulnerability in the Bluetooth stack in Apple Mac OS 10.4 has unknown impact and attack vectors, related to an "implementation bug."...

CVE-2006-6900

Technical details about CVE-2006-6900 are not publicly available in the provided documents. Monitor for updates; no specifics on affected product versions, impact, vectors, or remediation are included here.

FreeBSD : opera -- multiple vulnerabilities (78ad2525-9d0c-11db-a5f6-000c6ec775d9)

iDefense reports : The vulnerability specifically exists due to Opera improperly processing a JPEG DHT marker. The DHT marker is used to define a Huffman Table which is used for decoding the image data. An invalid number of index bytes in the DHT marker will trigger a heap overflow with partially...

Shopstorenow E-Commerce Shopping Cart - Orange.asp SQL Injection

Shopstorenow E-Commerce Shopping Cart - Orange.asp SQL Injection source: https://www.securityfocus.com/bid/21905/info Shopstorenow E-commerce Shopping Cart is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL...

Drupal core - Denial of service

The way page caching was implemented allows a denial of service attack. An attacker has to have the ability to post content on the site. He or she would then be able to poison the page cache, so that it returns cached 404 page not found errors for existing pages. If the page cache is not enabled,...

Backup implementation

Backup implementation I. Intro II. Tools III. Strategy Well, now let's talk about how to live with all this correctly. The backup process consists of three stages: planning, implementation and support. We have already talked a little about support and implementation, but planning is the most...

CVE-2006-6900

Unspecified vulnerability in the Bluetooth stack in Apple Mac OS 10.4 has unknown impact and attack vectors, related to an "implementation bug."...

csrss.exe double-free vulnerability - arbitrary DWORD overwrite exploit

Hi, For those researchers who are interested in the Csrss Double-Free vulnerability, I have coded an arbitrary DWORD overwrite exploit. This flaw is hard to exploit at least for me due to the the "fail-and-die" situation. Corrupting the heap in a process like Csrss is dangerous. However, by...

Future Internet - 'index.cfm' Multiple SQL Injections

source: https://www.securityfocus.com/bid/21727/info Future Internet is prone to multiple input-validation vulnerabilities, including cross-site scripting and SQL-injection issues, because it fails to sufficiently sanitize user-supplied input. An attacker could exploit these issues to steal...

Xt-News 0.1 - show_news.php?id_news SQL Injection

Xt-News 0.1 - shownews.php?idnews SQL Injection source: https://www.securityfocus.com/bid/21719/info Xt-News is prone to multiple input-validation vulnerabilities, including cross-site scripting and SQL-injection issues, because it fails to sufficiently sanitize user-supplied input. An attacker...

DEBIAN-CVE-2006-6104

The System.Web class in the XSP for ASP.NET server 1.1 through 2.0 in Mono does not properly verify local pathnames, which allows remote attackers to 1 read source code by appending a space %20 to a URI, and 2 read credentials via a request for Web.Config%20...