Microsoft Visual Studio MaskedEdit ActiveX buffer overflow

Added: 09/03/2008 CVE: CVE-2008-3704 BID: 30674 OSVDB: 47475 Background Microsoft Visual Studio is a product for facilitating software development on Windows operating systems. Problem A buffer overflow in the MaskedEdit ActiveX control allows command execution when a user loads a web page which...

Docebo GLOBALS Variable Overwrite Vulnerability (Aug 2008)

Docebo is prone to vulnerable remote and local file inclusion vulnerabilities. SPDX-FileCopyrightText: 2008 Ferdy Riphagen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only Original...

Enumerates List of Windows Hotfixes

This script will enumerates the list of all installed hotfixes on the remote host and sets Knowledge Base. OpenVAS Vulnerability Test $Id: secpodregenum.nasl 5336 2017-02-18 15:08:15Z cfi $ Description: Enumerates List of Windows Hotfixes Authors: Chandan S Updated By: Antu Sanadi on 2010-08-18 -...

CVE-2008-3555

This CVE (CVE-2008-3555) is a directory traversal/local-file-inclusion flaw in index.php across multiple WSN products (WSN Forum 4.1.43 and earlier; Gallery 4.1.30 and earlier; WSNKB 4.1.36 and earlier; Links 4.1.44 and earlier; possibly Classifieds before 4.1.30). The underlying issue is a vulne...

WebmasterSite (Multiple Products) - Remote Command Execution

WebmasterSite Multiple Products - Remote Command Execution source: https://www.securityfocus.com/bid/30572/info Multiple WebmasterSite products are prone to a remote shell command-execution vulnerability because the applications fail to sufficiently sanitize user-supplied data. Successfully...

Wsn (Multiple Products) - Local File Inclusion / Code Execution

Author: otmorozok428, http://forum.antichat.ru Products: Wsn Forum Enter to upload: http://www.site.com/forum/profile.php?action=editprofile&id=Your User ID See the avatar name at your profile. Upload evil avatar and go to: index.php?custom=yes&TID=../../attachments/avatars/Avatar...

wsnprod-lfiexec.txt

Author: otmorozok428, http://forum.antichat.ru Products: Wsn Forum Enter to upload: http://www.site.com/forum/profile.php?action=editprofile&id=Your User ID See the avatar name at your profile. Upload evil avatar and go to: index.php?custom=yes&TID=../../attachments/avatars/Avatar...

WebmasterSite (Multiple Products) - Remote Command Execution

source: https://www.securityfocus.com/bid/30572/info Multiple WebmasterSite products are prone to a remote shell command-execution vulnerability because the applications fail to sufficiently sanitize user-supplied data. Successfully exploiting this issue will allow an attacker to execute arbitrar...

4 kinds of the most popular Trojans bundled Controller skills-vulnerability warning-the black bar safety net

A traditional bundle This principle is very simple, is currently the most used one. Is the B. exe attached to A. exe at the end. So when A. exe to be executed when the B. exe also follow the implementation. This bundle of code over the network. My earliest is from jingtao's an article about the...

Microsoft Security Bulletin MS08-039 – Important Vulnerabilities in Outlook Web Access for Exchange Server Could Allow Elevation of Privilege (953747)

Microsoft Security Bulletin MS08-039 – Important Vulnerabilities in Outlook Web Access for Exchange Server Could Allow Elevation of Privilege 953747 Published: July 8, 2008 Version: 1.0 General Information Executive Summary This security update resolves two privately reported vulnerabilities in...

phpknowledgebase-sql.txt

PROUD TO BE MUSLIM Remote SQL Injection Vulnerability Knowledge Base Software Overview index.php catid AuTh0r : S.L TEAM FA6@L 3RROR --- H3B@R13H H0ME : WwW.MALAKSOFT.CoM Script : Knowledge Base Software Overview site : www.kblance.com -:: SQL ::- www.site.com/...

PHP KnowledgeBase Script 2.4 - 'cat_id' SQL Injection

PROUD TO BE MUSLIM Remote SQL Injection Vulnerability Knowledge Base Software Overview index.php catid AuTh0r : S.L TEAM FA6@L 3RROR --- H3B@R13H H0ME : WwW.MALAKSOFT.CoM Script : Knowledge Base Software Overview site : www.kblance.com -:: SQL ::- www.site.com/...

tornado-xss.txt

/ | || | | | | | | | | /| | | | | || ||| ||||| || C. H. R. O. O. T. SECURITY GROUP - -- ----- --- -- -- ---- --- -- - http://www.chroot.org Hacks In Taiwan | || | | | | | | | Conference 2008 | | | | | | | | | || ||| || |||| http://www.hitcon.org Title =========:: Tornado Knowledge Retrieval...

Tornado Knowledge Retrieval System 4.2 - p Cross-Site Scripting

Tornado Knowledge Retrieval System 4.2 - p Cross-Site Scripting source: https://www.securityfocus.com/bid/29626/info Tornado Knowledge Retrieval System is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue t...

[web-app] Tornado Knowledge Retrieval System <= 4.2 Remote XSS Vulnerability

/ | || | | | | | | | | /| | | | | || ||| ||||| || C. H. R. O. O. T. SECURITY GROUP - -- ----- --- -- -- ---- --- -- - http://www.chroot.org Hacks In Taiwan | || | | | | | | | Conference 2008 | | | | | | | | | || ||| || |||| http://www.hitcon.org Title =========:: Tornado Knowledge Retrieval Syste...

Tornado Knowledge Retrieval System 4.2 - 'p' Cross-Site Scripting

source: https://www.securityfocus.com/bid/29626/info Tornado Knowledge Retrieval System is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspectin...

jiro-sql.txt

Script Name : JiRo´s FAQ Manager eXperience + Version : v 1.0 + Price : Single Website License 34.95 $ 2 Websites License 62.95 $ 5 Websites License 139.95 $ + Author : Underz0ne Crew + Home : http://www.underz0ne.net + Script In short : 'JiRos FAQ Management System is an essential element for...

JiRo?s FAQ Manager (read.asp fID) SQL Injection Vulnerability

No description provided by source. + Script Name : JiRo´s FAQ Manager eXperience + Version : v 1.0 + Price : Single Website License 34.95 $ 2 Websites License 62.95 $ 5 Websites License 139.95 $ + Author : Underz0ne Crew + Home : http://www.underz0ne.net + Script In short : 'JiRos FAQ Management...

JiRo's FAQ Manager eXperience 1.0 - 'fID' SQL Injection

Script Name : JiRo´s FAQ Manager eXperience + Version : v 1.0 + Price : Single Website License 34.95 $ 2 Websites License 62.95 $ 5 Websites License 139.95 $ + Author : Underz0ne Crew + Home : http://www.underz0ne.net + Script In short : 'JiRos FAQ Management System is an essential element for...

PHPKB 1.5 Knowledge Base (ID) SQL Injection Vulnerability

No description provided by source. PHPKB Knowledge Base Software comment.php Sql Injection Vulnerability ------------------------------------------------------------------------------------------------- Author : parad0x Home : www.inso.host.sk Script : PHPKB Knowledge Base Software Script Homepag...