6416 matches found
Remote file inclusion
Multiple PHP remote file inclusion vulnerabilities in the creator in vBulletin Google Yahoo Site Map vBGSiteMap 2.41 for vBulletin allow remote attackers to execute arbitrary PHP code via a URL in the base parameter to 1 vbgsitemap/vbgsitemap-config.php or 2 vbgsitemap/vbgsitemap-vbseo.php...
CVE-2007-2941
Multiple PHP remote file inclusion vulnerabilities in the creator in vBulletin Google Yahoo Site Map vBGSiteMap 2.41 for vBulletin allow remote attackers to execute arbitrary PHP code via a URL in the base parameter to 1 vbgsitemap/vbgsitemap-config.php or 2 vbgsitemap/vbgsitemap-vbseo.php...
vbgsitemap-rfi.txt
============================================= vBulletin Google Site Map Creator base Remote File Include Vulnerability ============================================= Found by : Host4vb.com & Cold z3ro Contact : [email protected] , [email protected] Homepage : Host4vb.com , Hack-Teach.Org...
vBulletin vBGSiteMap 2.41 (root) Remote File Inclusion Vulnerabilities
No description provided by source. ============================================= vBulletin Google Site Map Creator base Remote File Include Vulnerability ============================================= Found by : Host4vb.com & Cold z3ro Contact : [email protected] , [email protected] Homepage :...
vBulletin vBGSiteMap 2.41 - root Remote File Inclusion
vBulletin vBGSiteMap 2.41 - root Remote File Inclusion ============================================= vBulletin Google Site Map Creator base Remote File Include Vulnerability ============================================= Found by : Host4vb.com & Cold z3ro Contact : [email protected] ,...
Code injection
The MS-RPC functionality in smbd in Samba 3.0.0 through 3.0.25rc3 allows remote attackers to execute arbitrary commands via shell metacharacters involving the 1 SamrChangePassword function, when the "username map script" smb.conf option is enabled, and allows remote authenticated users to execute...
DEBIAN-CVE-2007-2447
The MS-RPC functionality in smbd in Samba 3.0.0 through 3.0.25rc3 allows remote attackers to execute arbitrary commands via shell metacharacters involving the 1 SamrChangePassword function, when the "username map script" smb.conf option is enabled, and allows remote authenticated users to execute...
samba -- multiple vulnerabilities
The Samba Team reports: A bug in the local SID/Name translation routines may potentially result in a user being able to issue SMB/CIFS protocol operations as root. When translating SIDs to/from names using Samba local list of user and group accounts, a logic error in the smbd daemon's internal...
Code injection
The LLTD Mapper in Microsoft Windows Vista allows remote attackers to spoof hosts, and nonexistent bridge relationships, into the network topology map by using a MAC address that differs from the MAC address provided in the Real Source field of the LLTD BASE header of a HELLO packet, aka the "Spo...
CVE-2007-0774
Stack-based buffer overflow in the mapuritoworker function native/common/jkuriworkermap.c in modjk.so for Apache Tomcat JK Web Server Connector 1.2.19 and 1.2.20, as used in Tomcat 4.1.34 and 5.5.20, allows remote attackers to execute arbitrary code via a long URL that triggers the overflow in a...
CVE-2007-0774
Stack-based buffer overflow in the mapuritoworker function native/common/jkuriworkermap.c in modjk.so for Apache Tomcat JK Web Server Connector 1.2.19 and 1.2.20, as used in Tomcat 4.1.34 and 5.5.20, allows remote attackers to execute arbitrary code via a long URL that triggers the overflow in a...
CVE-2007-0774
Stack-based buffer overflow in the mapuritoworker function native/common/jkuriworkermap.c in modjk.so for Apache Tomcat JK Web Server Connector 1.2.19 and 1.2.20, as used in Tomcat 4.1.34 and 5.5.20, allows remote attackers to execute arbitrary code via a long URL that triggers the overflow in a...
security flaw
Stack-based buffer overflow in the mapuritoworker function native/common/jkuriworkermap.c in modjk.so for Apache Tomcat JK Web Server Connector 1.2.19 and 1.2.20, as used in Tomcat 4.1.34 and 5.5.20, allows remote attackers to execute arbitrary code via a long URL that triggers the overflow in a...
CVE-2006-4543
Cross-site scripting XSS vulnerability in index.php in HLStats 1.34 allows remote attackers to inject arbitrary web script or HTML via the 1 game parameter in players mode, the 2 weapon parameter in weaponinfo mode, the 3 st parameter in search mode, the 4 action parameter in actioninfo mode, and...
CVE-2006-4543
CVE-2006-4543 is an XSS vulnerability in HLStats 1.34 (index.php). The issue allows remote attackers to inject arbitrary script or HTML via specific parameters across multiple modes: (1) game in players mode, (2) weapon in weaponinfo mode, (3) st in search mode, (4) action in actioninfo mode, and...
CVE-2006-3783
Sun Solaris 10 allows local users to cause a denial of service panic via unspecified vectors involving 1 the /net mount point and 2 the "-hosts" map in a mount point...
CVE-2006-3628
Multiple format string vulnerabilities in Wireshark aka Ethereal 0.10.x to 0.99.0 allow remote attackers to cause a denial of service and possibly execute arbitrary code via the 1 ANSI MAP, 2 Checkpoint FW-1, 3 MQ, 4 XML, and 5 NTP dissectors...
CVE-2006-3628
Multiple format string vulnerabilities in Wireshark aka Ethereal 0.10.x to 0.99.0 allow remote attackers to cause a denial of service and possibly execute arbitrary code via the 1 ANSI MAP, 2 Checkpoint FW-1, 3 MQ, 4 XML, and 5 NTP dissectors...
security flaw
fs/exec.c in Linux 2.6, when one thread is tracing another thread that shares the same memory map, might allow local users to cause a denial of service deadlock by forcing a core dump when the traced thread is in the TASKTRACED state...
CVE-2006-3628
Multiple format string vulnerabilities in Wireshark aka Ethereal 0.10.x to 0.99.0 allow remote attackers to cause a denial of service and possibly execute arbitrary code via the 1 ANSI MAP, 2 Checkpoint FW-1, 3 MQ, 4 XML, and 5 NTP dissectors...