3758 matches found
PHP 4.x/5.0 - 'Strip_Tags()' Function Bypass
source: https://www.securityfocus.com/bid/10724/info It is reported that it is possible to bypass PHPs striptags function. It is reported that under certain circumstances, PHPs striptags function will improperly leave malformed tags in place. This vulnerability may mean that previously...
DCP Portal - 5.5 holes
Never use this product if you have turned off magicquotesgpc. And this product won't work anyway if you have turned off registerglobals. All the files in the product, dont check for integrity of variables. You can easily exploit this using some SQL Injection techniques. For example, if you want t...
Weaknesses in MIT magic cookie and XDM X Windows authorization
Overview MIT magic cookie and XDM authorization contain vulnerabilities that could allow remote attackers to connect to X displays. Description Two widely used X Window System authorization schemes have weaknesses in their sample implementations. MIT-MAGIC-COOKIE-1 On some systems built without t...
CVE-2003-0391
Format string vulnerability in Magic WinMail Server 2.3, and possibly other 2.x versions, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via format string specifiers in the PASS command...
Winmail Mail Server 2.3 Build 0402 - Remote Format String
Winmail Mail Server 2.3 Build 0402 - Remote Format String / Magic Winmail Server 2.3Build 0402 Remote Format string exploit. Coded by ThreaT. This one take advantage of a format bug in the SMTP protocol smtp port + The command to execute cannot exceed 90 characters + compile : cl.exe mwmxploit.c ...
CVE-2003-0391
Format string vulnerability in Magic WinMail Server 2.3, and possibly other 2.x versions, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via format string specifiers in the PASS command...
Magic Winmail Server 2.3 USER POP3 - Command Format String
Magic Winmail Server 2.3 USER POP3 - Command Format String // source: https://www.securityfocus.com/bid/7667/info A format string vulnerability has been reported for Magic Winmail Server when processing the USER POP3 command. An attacker may exploit this vulnerability by connecting to the...
Magic Winmail Server format string bug
Format string bug during POP3 logging...
Magic Winmail Server v.2.*: format string
-----BEGIN PGP SIGNED MESSAGE----- Damage Hacking Group security advisory www.dhgroup.org Product: Magic Winmail Server Auth: AMAX Information Technologies Inc. www.magicwinmail.net Vulnerable versions: v.2. founded in 2.3 Vulnerability: format string...
Magic Winmail Server 2.3 USER POP3 - Command Format String
// source: https://www.securityfocus.com/bid/7667/info A format string vulnerability has been reported for Magic Winmail Server when processing the USER POP3 command. An attacker may exploit this vulnerability by connecting to the vulnerable mail server and issuing the USER command with malicious...
CVE-2002-1482
SQL injection vulnerability in login.php for phpGB 1.20 and earlier, when magicquotesgpc is not enabled, allows remote attackers to gain administrative privileges via SQL code in the password entry...
CVE-2002-0287
The vulnerability affects Powie PHP Forum versions prior to 1.15. The root cause is that PHP magic_quotes is not explicitly enabled by default, enabling an attacker to bypass authentication and gain administrator privileges via an SQL injection when the PHP server is not configured to use magic q...
phpnuke60.txt
Informations : °°°°°°°°°°°°°° Language : PHP Website : http://www.phpnuke.org Versions : 6.0 & 6.5? Modules : MembersList, YourAccount Problem : SQL Injection PHP Configuration : This will work if magicquotesgpc=OFF. PHP Code/Location : °°°°°°°°°°°°°°°°°°° /modules/MembersList/index.php :...
CVE-2002-1160
The default configuration of the pamxauth module forwards MIT-Magic-Cookies to new X sessions, which could allow local users to gain root privileges by stealing the cookies from a temporary .xauth file, which is created with the original user's credentials after root uses su...
CVE-2002-1969
Magic Notebook 1.0b and 1.1b allows remote attackers to cause a denial of service crash via an invalid username during login...
phpGB: mysql injection bug
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ppp-design found the following mysql-injection-bug in phpGB: Details - ------- Product: phpGB Affected Version: 1.20 and maybe all versions before Immune Version: 1.40 OS affected: all OS with php Vendor-URL: http://www.walzl.net Vendor-Status:...
Magic Enterprise contains multiple shell scripts that allow arbitrary file overwriting via symlink redirection of temporary file
Overview Some versions of Magic eDeveloper Enterprise Edition contain a symbolic-link vulnerability that allows attackers to overwrite data or execute arbitrary commands. Description Magic eDeveloper is a development environment for large-scale and distributed applications.Magic eDeveloper...
Several problems in CARE 2002
Several problems in CARE 2002 ------------------------------------- What is CARE 2002? CARE 2002 is a free software package for hospitals. It's based on php + mysql. For further information visit http://www.care2x.com/. include + NULL problem Problem description There are several include statemen...
CVE-2002-0536
PHPGroupware 0.9.12 and earlier, when running with the magicquotesgpc feature disabled, allows remote attackers to compromise the database via a SQL injection attack...
CVE-2002-0287
pforum 1.14 and earlier does not explicitly enable PHP magic quotes, which allows remote attackers to bypass authentication and gain administrator privileges via an SQL injection attack when the PHP server is not configured to use magic quotes by default...