62 matches found
PHP <= 5.2.0 (php_iisfunc.dll) Local Buffer Overflow PoC (win32)
Exploit for unknown platform in category dos / poc ================================================================ PHP // Risk: Local Buffer Overflow Medium - High Risk // Notes: Various other functions are exploitable, all of which convert the // string arguments to unicode. // // extern "C"...
Webspell 4.x Local File Inclusion
muH - $Title: Webspell 4.x Local File Inclusion Win $Damage Factor: Medium - High $Requires: Win Box & Php Supporting 00 $Discovered by muH $Usage: http://server.com/index.php?site=c:windowsrepairsam00...
hotmailmsnxss.txt
Hotmail/MSN Cross Site Scripting Exploit Author: Simo64 Contact: simo64atmorxdotorg Discovered: 07/25/2006 Published: 08/10/2006 Vendor: MSN.com Service: Hotmail.com Webmail Service Vulnerability: Cross Site Scripting Cookie-Theft Severity: Medium/High Tested on: IE 6.0 designed for firefox 1.5 a...
ActualAnalyzer688.txt
======================================================================================= XOR Crew :: Security Advisory 4/10/2006 ======================================================================================= ActualAnalyzer Pro v6.88 - Remote Command Execution Vulnerability...
[Full-disclosure] [XPA] ActualAnalyzer Pro v6.88 - Remote Command Execution Vulnerability
======================================================================================= XOR Crew :: Security Advisory 4/10/2006 ======================================================================================= ActualAnalyzer Pro v6.88 - Remote Command Execution Vulnerability...
[Full-disclosure] [XPA] - ISPConfig <= 2.2.2 - Remote Command Execution Vulnerability
======================================================================================= XOR Crew :: Security Advisory 5/6/2006 ======================================================================================= ISPConfig = 2.2.2 - Remote Command Execution Vulnerability...
[Full-disclosure] HostAdmin - Remote Command Execution Vulnerability
======================================================================================= XOR Crew :: Security Advisory 2/11/2006 ======================================================================================= HostAdmin - Remote Command Execution Vulnerability...
7a69Adv#19 - ZipGenius unpack path disclosure
------------------------------------------------------------------ 7a69ezine Advisories 7a69Adv19 - ------------------------------------------------------------------ http://www.7a69ezine.org 02/02/2005 - ------------------------------------------------------------------ Title: ZipGenius unpack...
[Powie's PSCRIPT Forum] Multiple SQL-Injection Vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Multiple SQL-Injection Vulnerabilities in Powie's PSCRIPT Forum Summary Product Powie's PSCRIPT Forum Version = 1.26 OS affected All with PHP and mySQL Remote Exploit Yes Risk Lvl Medium High Vendor Thomas 'Powie' Erhardt http://www.pscript.de/ Inform...
SCSA028.txt
================================================= Security Corporation Security Advisory SCSA-028 Nuked-Klan Multiple Vulnerabilities ================================================= PROGRAM: Nuked-KlaN HOMEPAGE: http://www.nuked-klan.org VULNERABLE VERSIONS: b1.4, b1.5, SP2 RISK: MEDIUM/HIGH...
Network Intelligence Advisory - Denial of Service Vulnerability in ColdFusion MX
Name: Denial of Service Vulnerability in ColdFusion MX Systems Affected: Version 6.0 and earlier Severity: Medium-High Category: Denial of Service Vendor URL: Macromedia ColdFusion MX Discovered by: Network Intelligence I Pvt. Ltd. www.nii.co.in Online location: http://www.nii.co.in/vuln/cfdos.ht...
cdp buffer overflow vulnerability
Product: cdp - console cd player Versions: All Bug: Buffer overflow Impact: Attackers can execute arbitrary code Risk: Medium/High Date: March 31, 2004 Author: Shaun Colley Email: shaunige yahoo co uk WWW: http://www.nettwerked.co.uk Introduction cdp is... "cdp is a program that plays CDs at the...
hpjadmadv.txt
Product: HP Web JetAdmin Version 7.5.2546 Others that use this codebase assumed vulnerable Note: Only tested on the Windows Platform. Vulnerability: Denial of Service, Upload Any file to the filesystem to a known location, Write to any file on the file system, Read any file from the filesystem...
SCSA026.txt
====================================================================== Security Corporation Security Advisory SCSA-026 DUWARE Products Admin Access and Arbitrary File Upload Vulnerability ====================================================================== PROGRAM: DUWARE Products HOMEPAGE:...
goahead.txt
Luigi Auriemma Application: Goahead webserver http://www.goahead.com/webserver/webserver.htm Versions: = 2.1.8 Platforms: multiplatform Bug: resources consumption Risk: medium/high Exploitation: remote Date: 19 Jan 2004 Author: Luigi Auriemma e-mail: [email protected] web:...
Resources consumption in Goahead webserver <= 2.1.8
Luigi Auriemma Application: Goahead webserver http://www.goahead.com/webserver/webserver.htm Versions: = 2.1.8 Platforms: multiplatform Bug: resources consumption Risk: medium/high Exploitation: remote Date: 19 Jan 2004 Author: Luigi Auriemma e-mail: [email protected] web:...
XMB 1.8 Partagium SQL Injection Bug
Binary Bugs Advisory BB-2003-1 XMB SQL injection - Product: XMB 1.8 Partagium Final Vendor: http://www.xmbforum.com Versions affected: 1.8, possibly others Impact: SQL injection vulnerability Risk: Medium/High Vendor status: Notified/New version available Release date: April 22, 2003 I. Overview...
Buffer Overflow in iSMTP Gateway
================================================= Advisory: Buffer Overflow in iSMTP Gateway Software: iSMTP Gateway Severity: Medium-High Vendor: Incognito Systems http://www.incognito.com Systems Affected: Banyan VINES Version: 5.0.1, ? Type of Vulnerability: Buffer Overflow Discovered by: K. K...
Back Office Web Administrator Authentication Bypass (#NISR17042002A)
NGSSoftware Insight Security Research Advisory Name: Back Office Web Administration Authentication Bypass Systems Affected: Microsoft's Back Office Web Administrator 4.0, 4.5 Severity: Medium/High Vendor URL: http://www.microsoft.com Author: David Litchfield [email protected] Date: 17th April...
pforum: mysql-injection-bug
ppp-design has found a mysql-injection-bug in pforum: Details ------- Product: pforum Version: 1.14 and maybe all versions before OS affected: all OS with php and mysql Vendor-URL: www.powie.de Vendor-Status: informed, workaround available Security-Risk: Medium-High Remote-Exploit: Yes Introducti...