Design/Logic Flaw

stap-server in SystemTap 1.1 does not properly restrict the value of the -B aka BUILD option, which allows attackers to have an unspecified impact via vectors associated with executing the make program, a different vulnerability than CVE-2009-4273...

CVE-2010-0412

SystemTap 1.1 and earlier contain two CVEs tracked with this entry: CVE-2009-4273 and CVE-2010-0411. CVE-2009-4273 allows remote code execution via stap-server by unsafely handling shell metacharacters in stap command-line arguments; stap-server may run with root privileges, and remote exploitati...

CVE-2010-0412

stap-server in SystemTap 1.1 does not properly restrict the value of the -B aka BUILD option, which allows attackers to have an unspecified impact via vectors associated with executing the make program, a different vulnerability than CVE-2009-4273...

Abee Chm Maker 1.9.5 - '.CMP' Local Stack Overflow

exploit.py Abee Chm Maker 1.9.5 Stack overflow Exploit By:Encrypt3d.M!nd After importing "Devilinside.cmp" file into the program go to FileMake CHM.. Then...watch : . i've used SEH overwrite method to make it more stable. btw:it's universal so don't bother your self with finding addresses ; ns =...

Abee Chm Maker 1.9.5 - .CMP Local Stack Overflow

Abee Chm Maker 1.9.5 - .CMP Local Stack Overflow exploit.py Abee Chm Maker 1.9.5 Stack overflow Exploit By:Encrypt3d.M!nd After importing "Devilinside.cmp" file into the program go to FileMake CHM.. Then...watch : . i've used SEH overwrite method to make it more stable. btw:it's universal so don'...

Fedora Update for kdevelop FEDORA-2007-2985

Check for the Version of kdevelop OpenVAS Vulnerability Test Fedora Update for kdevelop FEDORA-2007-2985 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

PHP Weather 2.2.2 (LFI/XSS) Multiple Remote Vulnerabilities

No description provided by source. Lfi/xss script: phpweather-2.2.2 download from:http://downloads.sourceforge.net/phpweather/phpweather-2.2.2.zip?modtime=1087430400&bigmirror=0 vul: /test.php line 48: requirePHPWEATHERBASEDIR . "/output/pwtext$language.php"; xpl:...

PHP Weather 2.2.2 (LFI/XSS) Multiple Remote Vulnerabilities

Exploit for unknown platform in category web applications =========================================================== PHP Weather 2.2.2 LFI/XSS Multiple Remote Vulnerabilities =========================================================== Lfi/xss script: phpweather-2.2.2 download...

CMME 1.12 (LFI/XSS/CSRF/Backup/MkDir) Multiple Vulnerabilities

No description provided by source. + CMME 1.12 LFI/XSS/CSRF/Download Backup/MkDir Multiple Remote Vulnerabilities + Discovered By SirGod + www.mortal-team.org + Greetz : E.M.I.N.E.M,Ras,Puscasmarin,ToxicBlood,MesSiAH,xZu,HrN,kemrayz + Local File Inclusion Note : magicquotesgpc must be off. Exampl...

cmme-lfixsscsrf.txt

CMME 1.12 LFI/XSS/CSRF/Download Backup/MkDir Multiple Remote Vulnerabilities + Discovered By SirGod + www.mortal-team.org + Greetz : E.M.I.N.E.M,Ras,Puscasmarin,ToxicBlood,MesSiAH,xZu,HrN,kemrayz + Local File Inclusion Note : magicquotesgpc must be off. Example :...

CMME 1.12 (LFI/XSS/CSRF/Backup/MkDir) Multiple Vulnerabilities

No description provided by source. + CMME 1.12 LFI/XSS/CSRF/Download Backup/MkDir Multiple Remote Vulnerabilities + Discovered By SirGod + www.mortal-team.org + Greetz : E.M.I.N.E.M,Ras,Puscasmarin,ToxicBlood,MesSiAH,xZu,HrN,kemrayz + Local File Inclusion Note : magicquotesgpc must be off. Exampl...

CMME 1.12 - Local File Inclusion / Cross-Site Scripting / Cross-Site Request Forgery/Download Backup/Make Directory

CMME 1.12 LFI/XSS/CSRF/Download Backup/MkDir Multiple Remote Vulnerabilities + Discovered By SirGod + www.mortal-team.org + Greetz : E.M.I.N.E.M,Ras,Puscasmarin,ToxicBlood,MesSiAH,xZu,HrN,kemrayz + Local File Inclusion Note : magicquotesgpc must be off. Example :...

CMME 1.12 - Local File Inclusion Cross-Site Scripting Cross-Site Request ForgeryDownload BackupMake Directory

CMME 1.12 - Local File Inclusion Cross-Site Scripting Cross-Site Request ForgeryDownload BackupMake Directory + CMME 1.12 LFI/XSS/CSRF/Download Backup/MkDir Multiple Remote Vulnerabilities + Discovered By SirGod + www.mortal-team.org + Greetz :...

CMME 1.12 (LFI/XSS/CSRF/Backup/MkDir) Multiple Vulnerabilities

Exploit for unknown platform in category web applications ============================================================== CMME 1.12 LFI/XSS/CSRF/Backup/MkDir Multiple Vulnerabilities ============================================================== + Local File Inclusion Note : magicquotesgpc must be...

GNU make /tmp 漏洞

GNU make处理通过标准输入提供的makefile内容时存在一个漏洞。GNU make没有检查这些文件是否存在或是这些文件是否是符号连接，就在/tmp目录下创建文件，攻击者可以简单的创建一个指向系统其他文件的符号连接。攻击者可以以运行make用户的身份创建文件，如果这个用户是root，将会获得root权限。 GNU make 3.77-44 S.u.S.E. Linux 6.3 S.u.S.E. Linux 6.1 SuSE已经发布补丁程序： ftp://ftp.suse.com/pub/suse/i386/update for Intel processors...

Directory traversal

Multiple directory traversal vulnerabilities in viewsource.php in Make our Life Easy Mole 2.1.0 allow remote attackers to read arbitrary files via directory traversal sequences in the 1 dirn and 2 fname parameters...

CVE-2008-1857

CVE-2008-1857 affects Make our Life Easy (Mole) 2.1.0, specifically the web component viewsource.php. The vulnerability arises in the dirn and fname parameters, enabling remote attackers to perform directory traversal and read arbitrary files. Connections from the documents indicate the issue is ...

rpc.ypupdated command injection vulnerability

Added: 03/28/2008 CVE: CVE-1999-0208 BID: 1749 OSVDB: 11517 Background Network Information Service NIS is a distributed database that allows you to maintain consistent configuration files throughout your network. rpc.ypupdated is an NIS service which is responsible for duplicating information fro...

Debian: Security Advisory (DSA-944-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2007-6344

Directory traversal vulnerability in modules/cms/index.php in Mcms Easy Web Make 1.3, allows remote attackers to include and execute arbitrary local files via a .. dot dot in the template parameter...