SUSE CVE-2008-0456

CRLF injection vulnerability in the modnegotiation module in the Apache HTTP Server 2.2.6 and earlier in the 2.2.x series, 2.0.61 and earlier in the 2.0.x series, and 1.3.39 and earlier in the 1.3.x series allows remote authenticated users to inject arbitrary HTTP headers and conduct HTTP respons...

HackerOne: Reflected File Download attack allows attacker to 'upload' executables to hackerone.com domain

Hi hackerone team, I'm a friend of Peiying and am looking for a position at hackerone. While playing around with your product, I found a serious vulnerability in your application: it allows attackers to craft executables on the hackerone.com domain rather than the sandboxed one on S3. 1. attacker...

eSmile Script (index.php) SQL Injection Vulnerability

No description provided by source. eSmile index.php Sql Injection Vulnerability ============================================================== .:. Author : AtT4CKxT3rR0r1ST [email protected] .:. Team : Sec Attack Team .:. Home : www.sec-attack.com/vb .:. Script : eSmile .:. Bug Type : Sql InjectionMysq...

eSmile SQL Injection

eSmile index.php Sql Injection Vulnerability ============================================================== .:. Author : AtT4CKxT3rR0r1ST [email protected] .:. Team : Sec Attack Team .:. Home : www.sec-attack.com/vb .:. Script : eSmile .:. Bug Type : Sql InjectionMysql .:. Dork : "Powered by: eSmile" =...

PT-2008-2087 · Apache +2 · Apache Http Server +2

Name of the Vulnerable Software and Affected Versions: Apache HTTP Server versions 1.3.39 and earlier, 2.0.61 and earlier, 2.2.6 and earlier Description: A cross-site scripting XSS issue exists in the mod negotiation module, allowing remote authenticated users to inject arbitrary web script or HT...