Microsoft DirectSpeechSynthesis Module Remote Buffer Overflow Exploit

Exploit for unknown platform in category remote exploits ===================================================================== Microsoft DirectSpeechSynthesis Module Remote Buffer Overflow Exploit ===================================================================== ///add su one, user: sun pass:...

Microsoft DirectSpeechSynthesis Module - Remote Buffer Overflow

///add su one, user: sun pass: tzu shellcode = unescape"%u03eb%ueb59%ue805%ufff8%uffff%u4949%u3749%u4949" + "%u4949%u4949%u4949%u4949%u4949%u4949%u5a51%u456a" + "%u5058%u4230%u4231%u6b41%u4141%u3255%u4241%u3241" + "%u4142%u4230%u5841%u3850%u4241%u6d75%u6b39%u494c" +...

Mambo Module MOStlyCE 2.4 - connector.php Cross-Site Scripting

Mambo Module MOStlyCE 2.4 - connector.php Cross-Site Scripting source: https://www.securityfocus.com/bid/27470/info The MOStlyCE module for Mambo is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this...

CVE-2007-6685

Unspecified vulnerability in the Publish XP module Menalto Gallery before 2.2.4 allows attackers to create albums and upload files via unknown vectors...

CVE-2008-0261

Unspecified vulnerability in the search component and module in Mambo 4.5.x and 4.6.x allows remote attackers to cause a denial of service query flood via unspecified vectors...

Application Inspection Vulnerability in Cisco Firewall Services Module

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...

Cross site request forgery (csrf)

Feature 4.7.x-dev and 5.x-dev before 20071206, a Drupal module, does not follow Drupal's Forms API submission model, which allows remote attackers to conduct cross-site request forgery CSRF attacks...

CVE-2007-6320

Feature 4.7.x-dev and 5.x-dev before 20071206, a Drupal module, does not follow Drupal's Forms API submission model, which allows remote attackers to conduct cross-site request forgery CSRF attacks...

CVE-2007-6320

The provided records identify CVE-2007-6320 as a vulnerability in a Drupal module (Feature 4.7.x-dev and 5.x-dev prior to 20071206). The root cause is that the module does not follow Drupal’s Forms API submission model, enabling remote attackers to perform cross-site request forgery (CSRF) attack...

xoops mylinks module - sql injection

I have found a mysql injection vulnerability in mylinks xoops module brokenlink.php page where $GET'lid' is not validated by intval or any other input validation. See: modules/mylinks/brokenlink.php?lid=120OR201=2 or get an error of fetch in the page title...

CVE-2007-4829

The CVE-2007-4829 entry concerns a directory-traversal flaw in the Archive::Tar Perl module (versions

KwsPHP 1.0 mg2 Module Remote SQL Injection Vulnerability

No description provided by source. -------------------- KwsPHP 1.0 mg2 Module Remote SQL Injection Exploit -------------------- Found : xoron -------------------- Exploit: Name: index.php?mod=mg2&album=-1//union//select//0,1,pseudo,3,4,5//from//users//where//id=1/ Pass:...

CVE-2007-4493

eZ publish before 3.8.9, and 3.9 before 3.9.3, does not properly check permissions on module views that lack a policy function, which has unknown impact and attack vectors, as demonstrated by a vulnerability in the discount functionality in the shop module...

Content Construction Kit - Cross site scripting

The Content Construction Kit CCK allows site admins to create and customize node fields. The Nodereference module included in the CCK bundle defines fields referencing other nodes. Two cross-site scripting XSS vulnerabilities were discovered : when a nodereference field is displayed using the...

Md-Pro 1.0.8x - Topics topicid SQL Injection

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! Site: http://www.maxdev.com Download: http://www.maxdev.com/mod-Areafiles-display-lid-510-cid-1.phtml Dork: "Powered by Md-Pro" !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!...

Directory traversal

Multiple directory traversal vulnerabilities in Module/Galerie.php in XCMS 1.1 allow remote attackers to include and execute arbitrary local files via a .. dot dot in the 1 Ent or 2 Lang parameter...

CVE-2007-3523

Multiple directory traversal vulnerabilities in Module/Galerie.php in XCMS 1.1 allow remote attackers to include and execute arbitrary local files via a .. dot dot in the 1 Ent or 2 Lang parameter...

XOOPS Module XT-Conteudo (spaw_root) RFI Vulnerability

No description provided by source. / \ / \ | | | | | | | | | | | / | | | | | | | ' / | | ' \ / \ | | | | || | || | | | \ | | | | / | , |/ /|| ||| |||| / | |/ INFO: Program Title XT-Conteudo XOOPS Module Remote File Inclusion&n...

XOOPS Module XT-Conteudo - spaw_root Remote File Inclusion

XOOPS Module XT-Conteudo - spawroot Remote File Inclusion / \ / \ | | | | | | | | | | | / | | | | | | | ' / | | ' \ / \ | | | | || | || | | | \ | | | | / | , |/ /|| ||| |||| / | |/ INFO: Program Title XT-Conteudo XOOPS Module Remote File Inclusion Vulnerability Description Content module for...

XOOPS Module cjay content 3 - Remote File Inclusion

/ \ / \ | | | | | | | | | | | / | | | | | | | ' / | | ' \ / \ | | | | || | || | | | \ | | | | / | , |/ /|| ||| |||| / | |/ INFO: Program Title Cjay Content 3 WYSIWYG IE 5.5+ Remote File Inclusion Vulnerability Description Editor module for XOOPS CMS Vuln Code In...