8 matches found
USN-7257-1 krb5 vulnerability
Goldberg, Miro Haller, Nadia Heninger, Mike Milano, Dan Shumow, Marc Stevens, and Adam Suhl discovered that Kerberos incorrectly authenticated certain responses. An attacker able to intercept communications between a RADIUS client and server could possibly use this issue to forge responses, bypas...
SolarView Compact 6.00 - (time_begin) Cross-Site Scripting Vulnerability
Exploit Title: SolarView Compact 6.00 - 'timebegin' Cross-Site Scripting XSS Exploit Author: Ahmed Alroky Author Company : AIactive Version: ver.6.00 Vendor home page : https://www.contec.com/ Authentication Required: No CVE : CVE-2022-29299 Tested on: Windows Proof Of Concept:...
ZSQL: Aging Time of Non-Authentication Sessions
To prevent DOS attacks from malicious clients that occupy server resources. Set the UNAUTHSESSIONEXPIRETIME parameter to forcibly disconnect from the server if no authentication is performed at the specified time after the TCP connection is established. SPDX-FileCopyrightText: 2020 Greenbone AG...
PowerNews (Newsscript) 2.5.6 - Local File Inclusion Vulnerabilities
No description provided by source. Digital Security Research Group DSecRG Advisory DSECRG-08-014 Application: PowerNews Newsscript Versions Affected: 2.5.6 Vendor URL: http://www.powerscripts.org/ Bug: Multiple Local File Include Exploits: YES Reported: 01.02.2008 Vendor Response: none Solution:...
PowerBook 1.21 (index.php page) Local File Inclusion Vulnerability
No description provided by source. DSECRG-08-019 Digital Security Research Group DSecRG Advisory Application: PowerBook Versions Affected: 1.21 Vendor URL: http://www.powerscripts.org/ Bug: Local File Include Exploits: YES Reported: 01.02.2008 Vendor Response: none Solution: none Date of Public...
PowerBook 1.21 - index.php Local File Inclusion
PowerBook 1.21 - index.php Local File Inclusion DSECRG-08-019 Digital Security Research Group DSecRG Advisory Application: PowerBook Versions Affected: 1.21 Vendor URL: http://www.powerscripts.org/ Bug: Local File Include Exploits: YES Reported: 01.02.2008 Vendor Response: none Solution: none Dat...
[DSECRG-08-014] Multiple LFI in PowerNews (Newsscript) 2.5.6
Digital Security Research Group DSecRG Advisory DSECRG-08-014 Application: PowerNews Newsscript Versions Affected: 2.5.6 Vendor URL: http://www.powerscripts.org/ Bug: Multiple Local File Include Exploits: YES Reported: 01.02.2008 Vendor Response: none Solution: none Date of Public Advisory:...
DSECRG-08-014.txt
Digital Security Research Group DSecRG Advisory DSECRG-08-014 Application: PowerNews Newsscript Versions Affected: 2.5.6 Vendor URL: http://www.powerscripts.org/ Bug: Multiple Local File Include Exploits: YES Reported: 01.02.2008 Vendor Response: none Solution: none Date of Public Advisory:...