513 matches found
Mihalism Multi Host Download (Username) Blind SQL Injection Exploit
Exploit for unknown platform in category web applications =================================================================== Mihalism Multi Host Download Username Blind SQL Injection Exploit =================================================================== ?php / Mihalism Multi Host Download -...
CVE-2007-6517
SQL injection vulnerability in the forget password section LostPwd.asp in Eagle Software Aeries Browser Interface ABI 3.7.9.17 allows remote attackers to execute arbitrary SQL commands via the EmailAddress parameter. NOTE: some of these details are obtained from third party information...
SuSE 10 Security Update : cron (ZYPP Patch Number 3831)
By setting hard links to /etc/crontab users were able to prevent cron from running scheduled jobs. CVE-2007-1856 A re-emerged symlink bug allowed users to edit the crontab of other users. CVE-2005-1038 This is a reissue of the SLES10 update after Service Pack 1, since Service Pack 1 merge lost so...
Multiple vulnerabilities in rFactor 1.250
Luigi Auriemma Application: rFactor http://www.rfactor.net Versions: = 1.250 Platforms: Windows Bugs: A buffer-overflow B "Connection lost" crash C crash/possible code execution D port 34397 blocked Exploitation: remote, versus server Date: 18 Aug 2007 Author: Luigi Auriemma e-mail:...
Easily crack open the Lost Password laptop-vulnerability warning-the black bar safety net
For laptops, it is best not easily set a password, because the laptop's boot password is not like a PC that stored in CMOS circuit can through the discharge clear, at the moment a new laptop is the password stored on the motherboard of a few blocks of the logic circuit, our personal is not...
Easily crack open the Lost Password laptop-vulnerability warning-the black bar safety net
For laptops, it is best not easily set a password, because the laptop's boot password is not like a PC that stored in CMOS circuit can through the discharge clear, at the moment a new laptop is the password stored on the motherboard of the few pieces of logic circuits, we personally are unable to...
With Phoenix universal boot disk to resolve local/domain administrator password lost-vulnerability warning-the black bar safety net
The local administrator password is lost, by deleting the SAM file, or by NTPASSWORD software solution. But to solve the domain administrator password is lost, they can not do anything. Then you need to use“Phoenix universal boot disk”, this article will discuss in detail the use of this disk to...
CVE-2006-5530
Multiple cross-site scripting XSS vulnerabilities in Boesch SimpNews before 2.34.01 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters to 1 admin/index.php, 2 admin/pwlost.php, and unspecified other files. NOTE: the provenance of this information is unknown;...
CVE-2006-0633
The makepassword function in ipsclass.php in Invision Power Board IPB 2.1.4 uses random data generated from partially predictable seeds to create the authentication code that is sent by e-mail to a user with a lost password, which might make it easier for remote attackers to guess the code and...
Easily exploitable Pseudo Random Number generator in phpbb version 2.0.19 and under.
I. DESCRIPTION Easily exploitable Pseudo Random Number generator in phpbb version 2.0.19 and under. II. DETAILS Due to poor design the genrandstring can only generate upto 1 million hashes or random strings. This allow an attacker to reset any account through the lost password request form by...
fr-dyn0.txt
FriendsReunited.co.uk - XSS hole -------------------------------- Desc: Theres' a XSS hole in FriendsReunited Risk: Medium to High can be used to include malicious code Discovered by : dyn0 codeslaghatgmail.com http://0xdeadface.co.uk Site blurb : So FriendsReunited is one of those places where...
CVE-2005-2431
The 1 lost password and 2 account pending features in GForge 4.5 do not properly set a limit on the number of e-mails sent to an e-mail address, which allows remote attackers to send a large number of messages to arbitrary e-mail addresses aka mail bomb...
CSS in PHP WEB CHAT
Product: PHP WEB CHAT Version: 2.0 OffSite: http://www.webscriptworld.com Problem: Cross Site Scripting -------------------------------------------- Actions: 1Register http://victim/chatdir/register.php?register=yes&username=OverG&email=scrptalert20"Test!"/scrpt&email1=scrptalert20"Test!"/scrpt 2...