PPC Search Engine 1.61 - INC Multiple Remote File Inclusions

PPC Search Engine 1.61 - INC Multiple Remote File Inclusions ============================ HItamputih Crew ==================== hitamputih Advisory Discovered By : IbnuSina ----------------------------------------------------------- script demo: http://www.hyper-scripts.com/demo/ppc/ Risk : very...

CVE-2006-4423

Multiple PHP remote file inclusion vulnerabilities in Bigace 1.8.2 allow remote attackers to execute arbitrary PHP code via a URL in the 1 GLOBALSBIGACEDIRadmin parameter in a system/command/admin.cmd.php, b admin/include/uploadform.php, and c admin/include/itemmain.php; and the 2...

Cisco VPN Concentrator IKE resource exhaustion DoS Advisory

Cisco VPN Concentrator IKE resource exhaustion DoS Advisory 1. Overview NTA Monitor discovered a denial of service vulnerability in the Cisco VPN 3000 series concentrator products while performing a VPN security test for a customer in July 2005. The vulnerability affects Phase-1 of the IKE...

CVE-2006-2825

cPanel does not automatically synchronize the PHP openbasedir configuration directive between the main server and virtual hosts that share physical directories, which might allow a local user to bypass openbasedir restrictions and access other virtual hosts via a PHP script that uses a main serve...

Buffer overflow

Multiple buffer overflows in the 1 vGetPost and 2 main functions in easy-scart.c through easy-scart6.c in iShopCart allow remote attackers to execute arbitrary code by sending a large amount of data containing "Submit" in an sslinvoice action, and allow remote attackers to have an unknown impact...

My Gaming Ladder Combo System <= 7.0 Remote Code Execution Exploit

Exploit for unknown platform in category web applications ================================================================== My Gaming Ladder Combo System ICQ: 10072 MSN/Main: email protected web: www.nukedx.com Original advisory: http://www.nukedx.com/?viewdoc=28 Usage: ladder.pl Dork: "Ladder...

CilemNews System 1.1 - yazdir.asp haber_id SQL Injection

CilemNews System 1.1 - yazdir.asp haberid SQL Injection !/usr/bin/perl Method found & Exploit scripted by nukedx Contacts ICQ: 10072 MSN/Main: [email protected] web: www.nukedx.com Usage: cilem.pl Original Advisory: http://www.nukedx.com/?viewdoc=10 googledork inurl:yazdir.asp?haberid= 2.140...

PHPGroupWare < 0.9.16.007 Main Screen Message Script Injection

Binary data 3202.prm...

CVE-2005-2761

Cross-site scripting XSS vulnerability in phpGroupWare 0.9.16.000 allows administrators to inject arbitrary web script or HTML by modifying the main screen message...

CVE-2005-2761

Cross-site scripting XSS vulnerability in phpGroupWare 0.9.16.000 allows administrators to inject arbitrary web script or HTML by modifying the main screen message...

UBB Thread printthread.php SQL Injection

UBB Thread /ubbthreads/printthread.php SQL Injection YesNo vulnerability Full Disclosure Bug discovered By: Axl Exploit By: HLL hllhll at gmail.com 1. Introduction There Is a flaw in printthread.php due to insufficient bound checking of the 'main' query parameter wich allows a malicues SQL to be...

Seti@home information leakage and remote compromise

Information leakage and remotely exploitable buffer overflow in various SETI@home ..cc. seti@home clients and the main server. ..--''' $$$$ ,CCcc, .-' "": Januari 15, 2002 by Berend-Jan Wever $$$CCCCCCb ; : $$$$bbCCCCCCc; '. | Y$$$$$$bCCCCCCc : |/ Y$$$$$$$$$bCCCCc: Lined/ "$$$$$$$$$$$bCCc The...