ezConvert: phpBB ezBoard converter v0.2 (ezconvert_dir) Remote File Include Exploit

No description provided by source. C xoron Name: ezConvert: phpBB ezBoard converter v0.2 ezconvertdir Remote File Include Exploit Author: xoron Exploit coded by xoron Download: http://sourceforge.net/project/showfiles.php?groupid=114129 xoron.biz - xoron.info www.xoron.info/bugs/ezconvert.txt...

Derdirigent.txt

ToXiC Der dirigent: Remote File Inclusion by ToXiC CreW ToXic Security Italian CreW BuG FounD by Drago84 Application Affect: Derdirigent Source Code: http://www.der-dirigent.de/downloads/derdirigentv1.0.zip Page: insertline.php insertpage.php find.php fullscreen.php changecase.php insertlink.php...

Phpbb-insert.txt

$ BiyoSecurity.Org & SecurityWall.Org $ Script Name : Phpbb insert module $ versions : 0.1.0 and 0.1.1 $ Risk : High $ Regard : KorsaN $ Thanks : Liz0zim , RMx , TRIP , DreamLord , Kubra $ Vulnerable File : functionsmoduser.php $ Vulnerable code : includeonce$phpbbrootpath...

phpBB Insert User Mod 0.1.2 - Remote File Inclusion

phpBB Insert User Mod 0.1.2 - Remote File Inclusion !/usr/bin/perl PHPBB insert user 0.1.2 Class: Remote File Include Vulnerability Patch: unavailable Date: 2006/10/12 Remote: Yes Type: high Site: http://www.grahameames.co.uk/phpbb/downloads/insertuser0.1.2.zip use IO::Socket; use LWP::Simple;...

CVE-2006-4584

Tr Forum 2.0 is affected by CVE-2006-4584, where remote attackers can bypass authentication and add an administrative account via login and password parameters to admin/insert_admin.php. The vulnerability allows partial confidentiality, integrity, and availability impact (CVSS v2 base score 7.5, ...

Directory traversal

Directory traversal vulnerability in scanlanginsert.php in Boris Herbiniere-Seve SPiD 1.3.1 allows remote attackers to read arbitrary files via the lang parameter...

The Shuttle to the firewall under the Black Horse--DBB-vulnerability warning-the black bar safety net

Today want to introduce DarkStorm BePassFireWall Virus V1. 2 is a high success rate is extremely high rebound port through the firewall of the back door program, hereinafter referred to as DBB, and can penetrate 9 9% of the firewall. The back door using a thread insert technology, the concealment...

arabPortalSQL.txt

Hi .. This is small bug for Arab Portal System v2 Beta 2 File name :- global.php Remote:- Yes Credit :- Devil-00 Messenger :- E-Mail :- //-- Devil SQL Injection / This SQL can do when :- magicquotesgpc = Off $sessionid query"DELETE FROM rafiaonline WHERE onlineSID ='$sessionid' or timestamp...

PT-2005-4742 · Sapid · Sapid Cms

Name of the Vulnerable Software and Affected Versions: SAPID CMS versions prior to 1.2.3.03 Description: The issue allows remote attackers to bypass authentication by making direct requests to certain files, including insert file.php, insert image.php, insert link.php, insert qcfile.php, and...

MDKSA-2005:220 - Updated kernel packages fix numerous vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDKSA-2005:220 http://www.mandriva.com/security/ Package : kernel Date : November 30, 2005 Affected: 10.2 Problem Description: Multiple vulnerabilities in the Linux 2.6 kernel have been discovered and corrected in this...

FishCart SQL injections

FishCart contains multiple SQL injection vulnerabilities in the program that can be exploited to modify/delete/insert entries into the database. In addition, the program suffers from cross site scripting vulnerabilities. SPDX-FileCopyrightText: 2005 Noam Rathaus Some text descriptions might be...

security flaw

Array index overflow in the xfrmskpolicyinsert function in xfrmuser.c in Linux kernel 2.6 allows local users to cause a denial of service oops or deadlock and possibly execute arbitrary code via a p-dir value that is larger than XFRMPOLICYOUT, which is used as an index in the sock-skpolicy array...

CVE-2005-2572

MySQL, when running on Windows, allows remote authenticated users with insert privileges on the mysql.func table to cause a denial of service server hang and possibly execute arbitrary code via 1 a request for a non-library file, which causes the Windows LoadLibraryEx function to block, or 2 a...

FreeBSD : mysql-server -- multiple remote vulnerabilities (619ef337-949a-11d9-b813-00d05964249f)

SecurityFocus reports : MySQL is reported prone to an insecure temporary file creation vulnerability. Reports indicate that an attacker that has 'CREATE TEMPORARY TABLE' privileges on an affected installation may leverage this vulnerability to corrupt files with the privileges of the MySQL proces...

IBM DB2 universal database protection bypass

User with only SELECT permissions can can insert, update or delete records...

CVE-2005-0710

MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, allows remote authenticated users with INSERT and DELETE privileges to bypass library path restrictions and execute arbitrary libraries by using INSERT INTO to modify the mysql.func table, which is processed by the udfinit function...

Debian DSA-707-1 : mysql - several vulnerabilities

Several vulnerabilities have been discovered in MySQL, a popular database. The Common Vulnerabilities and Exposures project identifies the following problems : - CAN-2004-0957 Sergei Golubchik discovered a problem in the access handling for similar named databases. If a user is granted privileges...

Mandrake Linux Security Advisory : MySQL (MDKSA-2005:060)

A number of vulnerabilities were discovered by Stefano Di Paola in the MySQL server : If an authenticated user had INSERT privileges on the 'mysql' database, the CREATE FUNCTION command allowed that user to use libc functions to execute arbitrary code with the privileges of the user running the...

CVE-2005-0709

CVE-2005-0709 affects MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10. The vulnerability arises from insufficient input validation in CREATE FUNCTION, allowing a remote authenticated user with INSERT and DELETE privileges to access libc calls (e.g., strcat, on_exit, exit) and potentially execute...

Microsoft SQL Server contains buffer overflow in code used to process "BULK INSERT" queries

Overview The Microsoft SQL Server contains a buffer overflow vulnerability that may allow remote attackers to execute arbitrary code with system privileges. Description The Microsoft SQL Server contains a buffer overflow vulnerability in the code used to process "Bulk Insert" queries. Bulk Insert...