Vulnerability in the Java Runtime Environment May Allow an Untrusted Applet to Circumvent Network Access Restrictions

Unspecified vulnerability in the Java Runtime Environment JRE Applet Class Loader in Sun JDK and JRE 5.0 Update 11 and earlier, 6 through 6 Update 1, and SDK and JRE 1.4.214 and earlier, allows remote attackers to violate the security model for an applet's outbound connections by connecting to...

Vulnerability in the Java Runtime Environment May Allow an Untrusted Applet to Circumvent Network Access Restrictions

Unspecified vulnerability in the Java Runtime Environment JRE Applet Class Loader in Sun JDK and JRE 5.0 Update 11 and earlier, 6 through 6 Update 1, and SDK and JRE 1.4.214 and earlier, allows remote attackers to violate the security model for an applet's outbound connections by connecting to...

Festival: Privilege elevation

Background Festival is a text-to-speech accessibility program. Description Konstantine Shirow reported a vulnerability in default Gentoo configurations of Festival. The daemon is configured to run with root privileges and to listen on localhost, without requiring a password. Impact A local attack...

CVE-2007-3922

Unspecified vulnerability in the Java Runtime Environment JRE Applet Class Loader in Sun JDK and JRE 5.0 Update 11 and earlier, 6 through 6 Update 1, and SDK and JRE 1.4.214 and earlier, allows remote attackers to violate the security model for an applet's outbound connections by connecting to...

Potential SPAM Server Detection (localhost)

Binary data 4125.prm...

RevokeBB 1.0 RC4 - Blind SQL Injection Hash Retrieve

RevokeBB 1.0 RC4 - Blind SQL Injection Hash Retrieve !/usr/bin/php -q -d shortopentag=on Thanks to rgod for the php code and Marty for the Love ------------------------------------------------------------- "; if $argc 126 $result.=" ."; else $result.=" ".$string$i; if strlendechexord$string$i==2...

OpenBASE 0.6a (root_prefix) Remote File Inclusion Vulnerabilities

Exploit for unknown platform in category web applications ================================================================= OpenBASE 0.6a rootprefix Remote File Inclusion Vulnerabilities ================================================================= DeltaSecurityTEAM Portal Name = OpenBASE Alp...

rdiffweb 0.3.5 - Directory Traversal

source: https://www.securityfocus.com/bid/24092/info rdiffWeb is prone to a directory-traversal vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to retrieve arbitrary files from the vulnerable system in the context of the webserve...

sendmail allows external mail with from address [email protected]

The version of Sendmail 8.13.1-2 on Red Hat Enterprise Linux 4 Update 4 and earlier does not reject the "localhost.localdomain" domain name for e-mail messages that come from external hosts, which might allow remote attackers to spoof messages...

GPB Bulletin Board Multiple Remote File Inclusion Vulnerabilities

Exploit for unknown platform in category web applications ================================================================= GPB Bulletin Board Multiple Remote File Inclusion Vulnerabilities ================================================================= GPB bulletin board Remote file include...

rps62-sql.txt

? //RPS 6.2 SQL Injection Exploit //http://www.rps-project.com/ //Need magicquotesgpc = Off; //by s0cratex //Contact: s0cratexathotmaildotcom //Salu2: rgod, 0pt1x 'n mechas. errorreporting0; iniset"maxexecutiontime",0; iniset"defaultsockettimeout",5; $host = "localhost"; $path="/rps"; $id=1; echo...

Rigter Portal System (RPS) 6.2 Remote Blind SQL Injection Exploit

Exploit for unknown platform in category web applications ================================================================= Rigter Portal System RPS 6.2 Remote Blind SQL Injection Exploit ================================================================= ? //RPS 6.2 SQL Injection Exploit //Need...

nabopoll 1.2 Remote Unprotected Admin Section Vulnerability

By Cr@zyKing [email protected] Thakns : ApAci & Erne & Uyussman & Eno7 & Thehacker & CrackersChild Script : nabopoll 1.1.2 Risk : Remote Add Admin Exploit |High Site : http://nabocorp.com/ Google Dork : inurl:"nabopoll/" Exploit : http://target.com/nabopoll/admin/configedit.php Mysql Config For...

MyServer 0.9.8 - Post.MSCGI Cross-Site Scripting

MyServer 0.9.8 - Post.MSCGI Cross-Site Scripting source: https://www.securityfocus.com/bid/24583/info MyServer is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script...

eNdonesia 8.4 (mod.php/friend.php/admin.php) Multiple Vulnerabilities

No description provided by source. bugs for Endonesia8.4 FInd:z1ckXru mail:[email protected] 1 http://localhost/en/mod.php?mod=XSS&op=viewlink&cid=5 2 http://localhost/en/friend.php your Friend:XSS 3 http://localhost/en/admin.php Main Text: XSS 4...

PHP-Nuke News Module Index.PHP SQL注入漏洞

PHP-Nuke News是一款基于PHP-Nuke的一个新闻模块。 PHP-Nuke News不充分过滤用户提交的URI输入，远程攻击者可以利用漏洞进行SQL注入攻击，获得敏感信息。 问题是'Index.PHP'脚本对用户提交的'sid'参数缺少过滤，提交恶意SQL查询作为参数数据，可更改原来的SQL逻辑，获得敏感信息。 PHP-Nuke PHP-Nuke 7.9 PHP-Nuke PHP-Nuke 7.8 PHP-Nuke PHP-Nuke 7.7 PHP-Nuke PHP-Nuke 7.6 PHP-Nuke PHP-Nuke 7.5 PHP-Nuke PHP-Nuke 7.4...

spg-xss.txt

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ + ;;ii,,:: + + :::: :: ;;tt;;:: + + ;;:: ..,,:: ;;ii,,:: + + ,,,, ii;;,, ii;;:: ;;ii,,:: + + ii:: tt;;,, ..tt;;,,.. ;;ii;;:: + + ii,,:: ttii,, ..ff;;;;::...

Cross site scripting & fullpath disclosure

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ + ;;ii,,:: + :::: :: ;;tt;;:: + ;;:: ..,,:: ;;ii,,:: + ,,,, ii;;,, ii;;:: ;;ii,,:: + ii:: tt;;,, ..tt;;,,.. ;;ii;;:: + ii,,:: ttii,, ..ff;;;;:: ;;ii;;:: +...

Cahier de texte 2.0 (Database Backup/Source Disclosure) Remote Exploit

Exploit for unknown platform in category web applications ====================================================================== Cahier de texte 2.0 Database Backup/Source Disclosure Remote Exploit ====================================================================== !/usr/bin/perl INFORMATIONS...

ae2 (standart.inc.php) Remote File Include Vulnerability

No description provided by source. ae2 standart.inc.php Remote File Inclusion Download Source : http://ae.utbm.fr/equipeinfo/siteae-utbm-latest.tar.gz Found By : k1tk4t - k1tk4t4tnewhack.org Location : Indonesia -- newhackdotorg file ; standart.inc.php bugs ; requireonce$topdir...