CVE-2008-6139

Directory traversal vulnerability in faqsupport/wce.download.php in WebBiscuits Modules Controller 1.1 allows remote attackers to read arbitrary files via a .. dot dot in the download parameter...

CVE-2008-6138

The CVE-2008-6138 entry concerns a PHP remote file inclusion in adminhead.php of WebBiscuits Modules Controller 1.1 and earlier. The vulnerability allows an attacker to execute arbitrary PHP code by supplying a crafted URL in the path[docroot] parameter, enabling remote code execution. Affected s...

CVE-2008-6139

CVE-2008-6139 describes a directory traversal vulnerability in WebBiscuits Modules Controller 1.1, where the download parameter in faqsupport/wce.download.php can be manipulated with .. to read arbitrary files. Supported by NVD/NIST records and multiple references; exploitation details are not de...

CVE-2008-6138

PHP remote file inclusion vulnerability in adminhead.php in WebBiscuits Modules Controller 1.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the pathdocroot parameter...

[SECURITY] Fedora 9 Update: dahdi-tools-2.0.0-1.fc9

DAHDI stands for Digium Asterisk Hardware Device Interface. This package contains the userspace tools to configure the DAHDI kernel modules. DAHDI is the replacement for Zaptel, which must be renamed due to trademark issues...

[SECURITY] Fedora 10 Update: python-fedora-0.3.9-1.fc10

Python modules that help with building Fedora Services. This includes a JS ON based auth provider for authenticating against FAS2 over the network and a client that handles communication with the servers. The client module can be used to build programs that communicate with Fedora Infrastructure'...

[SECURITY] Fedora 9 Update: python-fedora-0.3.9-1.fc9

Python modules that help with building Fedora Services. This includes a JS ON based auth provider for authenticating against FAS2 over the network and a client that handles communication with the servers. The client module can be used to build programs that communicate with Fedora Infrastructure'...

ProFTPd SQL injection

SQL injections in database modules...

Directory traversal

Directory traversal vulnerability in admin/modules/aa/preview.php in Syntax Desktop 2.7 allows remote attackers to include and execute arbitrary local files via a .. dot dot in the synTarget parameter...

CVE-2009-0457

Multiple directory traversal vulnerabilities in AJA Portal 1.2 allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the currentlang parameter to admin/case.php in the 1 ContactPlus and 2 Reviews modules, and 3 the modulename parameter to...

CVE-2009-0448

CVE-2009-0448 concerns a directory traversal vulnerability in Syntax Desktop 2.7. The flaw resides in admin/modules/aa/preview.php, where a crafted synTarget parameter containing ".." allows remote attackers to include and execute arbitrary local files. The vulnerability enables partial impact to...

AJA Modules Rapidshare 1.0.0 Remote Shell Upload Vulnerability

No description provided by source. AJA Modules Rapidshare 1.0.0 Remote Shell Upload Vulnerability AUTHOR : Hussin X Home : WwW.IQ-TY.CoM & WwW.TrYaG.cc Mail : [email protected] script : http://www.magtrb.com/en/modules.php?name=Downloads&op=getit&lid=6 exploit : 1. Change Type Shell from...

4Site CMS <= 2.6 Multiple Remote SQL Injection Vulnerabilities

No description provided by source. WSEC-09-002 4Site CMS = 2.6 Multiple Remote SQL Injections Developer site: http://www.4site.ru/ Discovered by D.Mortalov // wsec.ru 1. Auth Bypass Login: 1'or'1 Password: 1'or’1 2. Multiple Remote SQL Injections in 4site CMS modules "Pages" module:...

Syntax Desktop 2.7 Local File Inclusion

-----------------:local File Include:----------------- ------------------------------------------------------- script: syntax-desktop 2-7 ------------------------------------------------------------------ download...

AJA Modules Rapidshare 1.0.0 - Arbitrary File Upload

AJA Modules Rapidshare 1.0.0 Remote Shell Upload Vulnerability AUTHOR : Hussin X Home : WwW.IQ-TY.CoM & WwW.TrYaG.cc Mail : [email protected] script : http://www.magtrb.com/en/modules.php?name=Downloads&op=getit&lid=6 exploit : 1. Change Type Shell from c99.Php to c99.php.rar and go to...

4Site CMS 2.6 - Multiple SQL Injections

4Site CMS 2.6 - Multiple SQL Injections WSEC-09-002 4Site CMS = 2.6 Multiple Remote SQL Injections Developer site: http://www.4site.ru/ Discovered by D.Mortalov // wsec.ru 1. Auth Bypass Login: 1'or'1 Password: 1'or’1 2. Multiple Remote SQL Injections in 4site CMS modules "Pages" module:...

AJA Modules Rapidshare 1.0.0 - Arbitrary File Upload

AJA Modules Rapidshare 1.0.0 - Arbitrary File Upload AJA Modules Rapidshare 1.0.0 Remote Shell Upload Vulnerability AUTHOR : Hussin X Home : WwW.IQ-TY.CoM & WwW.TrYaG.cc Mail : [email protected] script : http://www.magtrb.com/en/modules.php?name=Downloads&op=getit&lid=6 exploit : 1. Change...

4Site CMS 2.6 SQL Injection

WSEC-09-002 4Site CMS = 2.6 Multiple Remote SQL Injections Developer site: http://www.4site.ru/ Discovered by D.Mortalov // wsec.ru 1. Auth Bypass Login: 1'or'1 Password: 1'or’1 2. Multiple Remote SQL Injections in 4site CMS modules "Pages" module:...

AJA Modules Rapidshare 1.0.0 Remote Shell Upload Vulnerability

Exploit for unknown platform in category web applications ============================================================== AJA Modules Rapidshare 1.0.0 Remote Shell Upload Vulnerability ============================================================== AJA Modules Rapidshare 1.0.0 Remote Shell Upload...

Fedora Core 10 FEDORA-2009-0943 (dia)

The remote host is missing an update to dia announced via advisory FEDORA-2009-0943. OpenVAS Vulnerability Test $Id: fcore20090943.nasl 6624 2017-07-10 06:11:55Z cfischer $ Description: Auto-generated from advisory FEDORA-2009-0943 dia Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...