Progress Sitefinity 安全漏洞

Progress Sitefinity is an open source platform for building corporate websites and intranets from Progress, Inc. in the United States. A security vulnerability exists in Progress Sitefinity, which stems from an error message vulnerability that could lead to information disclosure...

Progress Sitefinity 安全漏洞

Progress Sitefinity is an open source platform for building corporate websites and intranets from Progress, Inc. in the United States. A security vulnerability exists in Progress Sitefinity that stems from the presence of a session expiration vulnerability that allows session repair...

Plone CMS 4.3.11 / 5.0.6 XSS / Traversal / Open Redirection

Product Description Plone is a free and open source content management system built on top of the Zope application server. Plone is positioned as an "Enterprise CMS" and is most commonly used for intranets and as part of the web presence of large organizations Systems Affected Product : Plone...

Debian Security Advisory DSA 2772-1 (typo3-src - cross-site scripting)

Markus Pieton and Vytautas Paulikas discovered that the embedded video and audio player in the TYPO3 web content management system is suspectible to cross-site-scripting. OpenVAS Vulnerability Test $Id: deb2772.nasl 6611 2017-07-07 12:07:20Z cfischer $ Auto-generated from advisory DSA 2772-1 usin...

[Zarp v0.1.3] Local Network Attack Tool

Zarp is a network attack tool centered around the exploitation of local networks. This does not include system exploitation, but rather abusing networking protocols and stacks to take over, infiltrate, and knock out. Sessions can be managed to quickly poison and sniff multiple systems at once,...

Nginx 1.3.9/1.4.0 (x86) - Brute Force

nginx 1.3.9/1.4.0 x86 brute force remote exploit copyright c 2013 kingcope ---------------------------- fix for internet exploitation, set MTU: ifconfig mtu 60000 up !!! WARNING !!! this exploit is unlikely to succeed when used against remote internet hosts. the reason is that nginx uses a...

Baby Gekko CMS 1.1.5c Cross Site Scripting

Baby Gekko CMS v1.1.5c Multiple Stored Cross-Site Scripting Vulnerabilities Vendor: Baby Gekko, Inc. Product web page: http://www.babygekko.com Affected version: 1.1.5c Summary: BabyGekko strives to deliver high quality websites and other web content fast and easy for all end users. It is a...

Apple Supplier Foxconn's Servers Hacked, Exposing Vendor Usernames and Passwords

Apple Supplier Foxconn's Servers Hacked, Exposing Vendor Usernames and Passwords Apple supplier Foxconn has reportedly been hacked, exposing the usernames and passwords of the company's clients and employees. Hacker group SwaggSec just released a dump of Foxconn internal information, including a...

jspwiki-xss.txt

Application: JSPWiki Multiple Vulnerabilities Version: 2.4.103 and 2.5.139 Credit: Jason Kratzer Date: 9/24/2007 Background ------------------------------------------------------------ JSPWiki is wiki software built around the standard J2EE components of Java, servlets and JSP. It was written by...

JSPWiki Multiple Vulnerabilities

Application: JSPWiki Multiple Vulnerabilities Version: 2.4.103 and 2.5.139 Credit: Jason Kratzer Date: 9/24/2007 Background ------------------------------------------------------------ JSPWiki is wiki software built around the standard J2EE components of Java, servlets and JSP. It was written by...

PHPNuke78.txt

NewAngels Advisory 7PHP Nuke sqlquery"SELECT active, view FROM ".$prefix."modules WHERE title='$name'"; The $name variable is not checked so you could inject malicious SQL Code. In an file which is included whe have the following code: $queryString = strtolower$SERVER'QUERYSTRING'; if...

PHP Nuke <= 7.8 Multiple SQL Injections

NewAngels Advisory 7PHP Nuke = 7.8 Multiple SQL Injections ============================================================================= Software: PHP Nuke 7.8 Type: SQL Injections Risk: High Date: Sep. 10 2005 Vendor: PHP-Nuke phpnuke.org Credit: ======= Robin 'onkelfisch' Verton from...