3370 matches found
PixelPost 1.7.1 SQL Injection / XSS
=========================================== PixelPost Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 0 -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-1 + Discovered By : Inj3ct0r + Site : Inj3ct0r.com + support e-mail : submitatinj3ct0r.com...
IBM WebSphere Application Server 7.0 < Fix Pack 5
IBM WebSphere Application Server 7.0 before Fix Pack 5 appears to be running on the remote host. As such, it is reportedly affected by multiple vulnerabilities : - Non-standard HTTP methods are allowed. PK73246 - If the admin console is directly accessed from HTTP, the console fails to redirect t...
Hackers can invade Vientiane, the server of the method of analysis-vulnerability warning-the black bar safety net
Today, many Internet cafes have installed a Vientiane cafe management system, this system brings convenience is obvious. However, the more convenient the system The existence of security risks is greater, many hackers will come up with a hack of this management system approach, and some can even...
Three hidden Webshell method-vulnerability warning-the black bar safety net
Author: Rist First: In our to tricks of the asp file added the following contents %if request"action"="ok" then% the shell code is inserted here %end if% Visit time on your hand leg of the asp files back plus? action=ok,you can The second: In our to tricks of the asp file added the following...
“Broiler”get the insider Secret's to exploit system vulnerabilities-vulnerability warning-the black bar safety net
It has been, by a large number of“broiler”is composed of the zombiesweb, all the time not a threat to all web users safe.“ Chicken”, refers to those who are the attacker full control of a computer network, it is the composition of the botnet of the main factors. Therefore, in order to eliminate t...
iDefense COMRaider ActiveX控件多个不安全方法漏洞
Bugraq ID: 35725 CNCAN ID:CNCAN-2009071804 iDefense COMRaider是一款设计用于Fuzz COM对象接口的程序。 iDefense COMRaider ActiveX控件不正确调用方法,远程攻击者可以利用漏洞建立任意目录并拷贝任意本地文件。 问题存在于CreateFolder和Copy方法处理过程中,构建恶意WEB页,诱使用户打开,可建立任意目录并拷贝任意本地文件。造成拒绝服务等其他攻击。 iDefense COMraider 目前没有详细解决方案提供:...
Campus Virtual-LMS XSRF / XSS / SQL Injection
+-----------------------------------------------------------------------------+ LMS: Campus Virtual-LMS WEB: http://campusvirtualcomputrade.cae.net Autor: Yasión Fecha: 12 jun 2009 +-----------------------------------------------------------------------------+...
IBM WebSphere Application Server < 6.0.2.35 Multiple Vulnerabilities
IBM WebSphere Application Server 6.0.2 before Fix Pack 35 appears to be running on the remote host. As such, it is reportedly affected by multiple vulnerabilities : - Non-standard HTTP methods are allowed. PK73246 - A login using the LPTAToken cookie may result in extending LTPAToken expiration...
PT-2009-4156 · Sun · Sun Java Runtime Environment
Name of the Vulnerable Software and Affected Versions: Sun Java SE Runtime Environment JRE 6 Update 13 Description: The issue allows remote attackers to execute arbitrary code via a .jnlp URL in the argument to the launch method. Additionally, it might allow remote attackers to launch JRE...
Adobe reader multiple security vulnerabilities
Vulnerabilities in different jkavascript methods...
Mandriva Update for perl-SOAP-Lite MDKA-2007:009 (perl-SOAP-Lite)
Check for the Version of perl-SOAP-Lite OpenVAS Vulnerability Test Mandriva Update for perl-SOAP-Lite MDKA-2007:009 perl-SOAP-Lite Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it...
CVE-2009-1212
Multiple insecure method vulnerabilities in PRECIS2.DLL in the PrecisionID Datamatrix ActiveX control DMATRIXLib.Datamatrix allow remote attackers to overwrite arbitrary files via the 1 SaveBarCode and 2 SaveEnhWMF methods...
PT-2009-2001 · Atlassian · Jira
Name of the Vulnerable Software and Affected Versions: Atlassian JIRA versions prior to 3.13.2 Description: The issue allows remote attackers to invoke exposed public JIRA methods via a crafted URL. This is achieved through a dynamic transformation of the URL into method calls. Recommendations: F...
VulnCheck KEV: CVE-2007-5659
Adobe Acrobat and Reader contain a buffer overflow vulnerability that allows remote attackers to execute code via a PDF file with long arguments to unspecified JavaScript methods...
SupportSoft DNA Editor ActiveX unauathorized access
Multiple unsafe methods...
SupportSoft DNA Editor Module (dnaedit.dll v6.9.2205) remote code execution exploit (IE6/7)
!-- SupportSoft DNA Editor Module dnaedit.dll v6.9.2205 remote code execution exploit IE6/7 by Nine:Situations:Group::bruiser vendor url: http://www.supportsoft.com/ our site: http://retrogod.altervista.org/ details: CLSID: 01110800-3E00-11D2-8470-0060089874ED Progid: Tioga.Editor.1 Binary Path:...
Web hang horse works completely analysis-vulnerability warning-the black bar safety net
Typically, the Microsoft Internet work process is described as follows: ! As a Web hang horse spread, and its object is the Trojan downloaded to the user's local, and a step executed, when the Trojan get executed, it means that there will be more Trojans to be downloaded, and further is performed...
Mozilla Seamonkey Multiple Vulnerabilities Feb-09 (Windows)
The host is installed with Mozilla Seamonkey browser and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: secpodseamonkeymultvulnfeb09win.nasl 5122 2017-01-27 12:16:00Z teissa $ Mozilla Seamonkey Multiple Vulnerabilities Feb-09 Windows Authors: Sharath S Copyright: Copyright ...
Mozilla Firefox Multiple Vulnerabilities Feb-09 (Linux)
The host is installed with Mozilla Firefox browser and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: secpodfirefoxmultvulnfeb09lin.nasl 5055 2017-01-20 14:08:39Z teissa $ Mozilla Firefox Multiple Vulnerabilities Feb-09 Linux Authors: Sharath S Copyright: Copyright c 2009...
SAP GUI 7.1 WebViewer2D ActiveX — Insecure Methods
Application: EAI WebViewer2D EnjoySAP, SAP GUI for Windows 6.4 and 7.1 Versions Affected:Tested on 7100.2.7.1038 PL 7 Vendor URL: Bugs: Insecure method, File owervriting Exploits: YES Reported: 02.07.2009 Vendor response: 02.07.2009 Date of Public Advisory: 28.09.2009 Author: Alexandr Polyakov...