CVE-2008-5789

Multiple PHP remote file inclusion vulnerabilities affect the Recly Interactive Feederator (com_feederator) component for Joomla! 1.0.5. Exploitation can occur by supplying a URL via mosConfig_absolute_path to includes/tmsp/add_tmsp.php, edit_tmsp.php, tmsp.php, and via GLOBALS[mosConfig_absolute...

FreeBSD : emacs -- run-python vulnerability (66657bd5-ac92-11dd-b541-001f3b19d541)

Emacs developers report : The Emacs command run-python' launches an interactive Python interpreter. After the Python process starts up, Emacs automatically sends it the line : import emacs which normally imports a script named emacs.py which is distributed with Emacs. This script, which is...

Sun Solaris Text Editors Command Execution Vulnerability

Sun Solaris text editors are prone to a command-execution vulnerability. An attacker may leverage this issue to execute arbitrary commands with the privileges of another user on the affected computer. Sun Solaris 8, 9, and 10 are affected. Sun Solaris 9x86 Update 2 Sun Solaris 9 Sun Solaris 8x86...

CVE-2008-4076

CVE-2008-4076 is an XSS vulnerability affecting multiple Tor World CGI-based products (Tor Board 1.3 and earlier; Topics BBS 1.11 and earlier; Simple BBS 1.86 and earlier; Interactive BBS 1.57 and earlier). Public sources describe an ability for remote attackers to inject arbitrary script/HTML in...

JVN#18616622 Multiple Tor World CGI scripts vulnerable to arbitrary script execution

Tor World provides CGI scripts for implementing search engines, message boards, and other tools. Multiple Tor World CGI scripts contain a vulnerability which may allow an attacker to inject an arbitrary script into the web page which is generated by the affected product. This vulnerability is...

AWStats Totals 1.14 - 'AWStatstotals.php' Remote Code Execution

m...

awstats-exec2.txt

\nEx: awtotalh...

AWStats Totals 1.14 - AWStatstotals.php Remote Code Execution

AWStats Totals 1.14 - AWStatstotals.php Remote Code Execution ?php / Remote Execution Exploit for AWStats Totals vulnerability Interactive Shell Version 2 Updated 05/09/08: The exploit now works with magic quotes on or off Author: Ricardo Almeida email: ricardojbaataeiouDoTpt Greetz The hacker...

awstats-exec.txt

\n"; arrayshift$argv; $host = $argv0; Start the interactive shell while1 fwriteSTDOUT, "shell: "...

Sun Solaris 'namefs' Kernel Local Privilege Escalation Vulnerability

Sun Solaris也容易给当地的特权升级的漏洞。 本地攻击者可以利用这个问题上执行任意代码与内核级的特权。成功利用这个问题将导致被完全控制。 Sun Solaris 9x86 Sun Solaris 9 Sun Solaris 8x86 Sun Solaris 8 Sun Solaris 10.0x86 Sun Solaris 10.0 Avaya Interactive Response 3.0 Avaya Interactive Response 2.0 Avaya CMS Server 13.0 Avaya CMS Server 14.1 Avaya CMS Server 14...

Sun Solaris 'snoop(1M)' Utility Multiple Remote Vulnerabilities

The Solaris 'snoop1M' network utility is prone to multiple remote vulnerabilities, including: - Multiple stack-based buffer-overflow vulnerabilities - Multiple format-string vulnerabilities Exploiting these issues will allow attackers to execute arbitrary code with the privileges of the 'nobody'...

Sun Solaris 'sendfilev()' Local Denial of Service Vulnerability

Solaris 'sendfilev' 系统调用造成了本地拒绝服务漏洞。 攻击者可以利用这个问题引发系统挂起，导致在一个拒绝服务。 这个问题影响的Solaris 10和OpenSolaris之前的版本 Sun Solaris 10x86 Sun Solaris 10 Sun OpenSolaris build snv95 Sun OpenSolaris build snv92 Sun OpenSolaris build snv91 Sun OpenSolaris build snv90 Sun OpenSolaris build snv89 Sun OpenSolaris build...

Sun Solaris Platform Information and Control Library picld(1M) Local Denial of S

The Sun Solaris Platform Information and Control Library daemon 'picld1M' is prone to a local denial-of-service vulnerability. A local unprivileged attacker can exploit this issue to disable system monitoring and prevent proper operations of certain system utilities, resulting in a...

CVE-2003-1562

MODE C CVE-2003-1562 refers to a race condition in sshd/OpenSSH 3.6.1p2 and earlier, where with PermitRootLogin disabled and using PAM keyboard-interactive authentication, sshd does not insert a delay after a root password attempt. This timing discrepancy could enable remote attackers to infer wh...

Orca 2.0 (params.php) Remote File Inclusion Vulnerability

No description provided by source. Orca - Interactive Forum Script Remote File Inclusion Vulnerability Discovered by : Ciph3r MAIL : [email protected] SP tanx4: Iranian hacker & Kurdish security TEAM sp TANX2: milw0rm.com & google.com & sourceforge.net CMS download :...

orca-rfi.txt

Orca - Interactive Forum Script Remote File Inclusion Vulnerability Discovered by : Ciph3r MAIL : [email protected] SP tanx4: Iranian hacker & Kurdish security TEAM sp TANX2: milw0rm.com & google.com & sourceforge.net CMS download :...

Orca 2.0/2.0.2 (params.php) Remote File Inclusion Vulnerability

Exploit for unknown platform in category web applications =============================================================== Orca 2.0/2.0.2 params.php Remote File Inclusion Vulnerability =============================================================== Orca - Interactive Forum Script Remote File...

Orca 2.0/2.0.2 - 'params.php?gConf[dir][layouts]' Remote File Inclusion

Orca - Interactive Forum Script Remote File Inclusion Vulnerability Discovered by : Ciph3r MAIL : [email protected] SP tanx4: Iranian hacker & Kurdish security TEAM sp TANX2: milw0rm.com & google.com & sourceforge.net CMS download :...

Orca 2.02.0.2 - params.php?gConf[dir][layouts] Remote File Inclusion

Orca 2.02.0.2 - params.php?gConfdirlayouts Remote File Inclusion Orca - Interactive Forum Script Remote File Inclusion Vulnerability Discovered by : Ciph3r MAIL : [email protected] SP tanx4: Iranian hacker & Kurdish security TEAM sp TANX2: milw0rm.com & google.com & sourceforge.net CMS...

WordPress wpSS插件ss_id参数SQL注入漏洞

BUGTRAQ ID: 28894 wpSS是WordPress中所使用的电子表格插件，允许在WordPress博客中嵌入交互式的电子表格。 wpSS插件的wpSS/ssload.php文件中没有正确地过滤对ssid参数的数便用在了SQL查询中： ssload.php $id = $GET'ssid'; .... ssfunctions.php: function ssload $id, $plain=FALSE .... if $wpdb-query"SELECT FROM $tablename WHERE id='$id'" == 0...