Zen Cart v1.3.9f (typefilter) Local File Inclusion Vulnerability

Exploit for php platform in category web applications ================================================================ Zen Cart v1.3.9f typefilter Local File Inclusion Vulnerability ================================================================ Vendor: Zen Ventures, LLC Product web page:...

win32 9x/NT/2k/XP Generic cmd.exe Shellcode 159 bytes

Exploit for win32 platform in category shellcode ===================================================== win32 9x/NT/2k/XP Generic cmd.exe Shellcode 159 bytes ===================================================== ; Windows 9x/NT/2k/XP Generic cmd.exe Shellcode ; 159 bytes ; ; free of null bytes \x0...

Phpunity Newsmanager Local File Inclusion Vulnerability

Phpunity Newsmanager is prone to local file inclusion vulnerability. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Flatchat Directory Traversal Vulnerability

The host is running Flatchat and is prone to Directory Traversal vulnerability. OpenVAS Vulnerability Test $Id: gbflatchatdirtravvuln.nasl 4865 2016-12-28 16:16:43Z teissa $ Flatchat Directory Traversal Vulnerability Authors: Sharath S Copyright: Copyright c 2009 Greenbone Networks GmbH,...

Flatchat Directory Traversal Vulnerability

Flatchat is prone to a directory traversal vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

win64 (URLDownloadToFileA) download and execute 218+ bytes

No description provided by source. ; ; dexec64.asm - 218+ bytes unoptimised ; ; Win64 asm code, download & execute file using URLDownloadToFileA moniker & WinExec ; ; tested on AMD64 running Windows x64 SP1 ; ; there probably are errors in the code, but this is more of an experimental source if...

MySQL 5.0.18 - Query Logging Bypass

MySQL 5.0.18 - Query Logging Bypass source: https://www.securityfocus.com/bid/16850/info MySQL is prone to a query-logging-bypass vulnerability. This issue is due to a discrepancy between the handling of NULL bytes in the 'mysqlrealquery' function and in the query-logging functionality. This issu...

MySQL 5.0.18 - Query Logging Bypass

source: https://www.securityfocus.com/bid/16850/info MySQL is prone to a query-logging-bypass vulnerability. This issue is due to a discrepancy between the handling of NULL bytes in the 'mysqlrealquery' function and in the query-logging functionality. This issue allows attackers to bypass the...

CVE-2005-4836

The HTTP/1.1 connector in Apache Tomcat 4.1.15 through 4.1.40 does not reject NULL bytes in a URL when allowLinking is configured, which allows remote attackers to read JSP source files and obtain sensitive information...

FreeBSD : mozilla -- NULL bytes in FTP URLs (7c188c55-0cb0-11d9-8a8a-000c41e2cdad)

When handling FTP URLs containing NULL bytes, Mozilla will interpret the file content as HTML. This may allow unexpected execution of JavaScript when viewing plain text or other file types via FTP. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in thi...

PostNuke 0.750.76 Blocks Module - Directory Traversal

PostNuke 0.750.76 Blocks Module - Directory Traversal source: https://www.securityfocus.com/bid/13636/info PostNuke Blocks module is affected by a directory traversal vulnerability. The problem presents itself when an attacker passes a name for a target file, along with directory traversal...

mozilla -- NULL bytes in FTP URLs

When handling FTP URLs containing NULL bytes, Mozilla will interpret the file content as HTML. This may allow unexpected execution of Javascript when viewing plain text or other file types via FTP...

CVE-2000-0983

Microsoft NetMeeting with Remote Desktop Sharing enabled allows remote attackers to cause a denial of service CPU utilization via a sequence of null bytes to the NetMeeting port, aka the "NetMeeting Desktop Sharing" vulnerability...

CVE-2000-0837

CVE-2000-0837 affects FTP Serv-U 2.5e, where a remote attacker can cause a denial of service by sending a large number of null bytes to the FTP service. The underlying issue is the service crashing under大量 null-byte input (as documented in public advisories and the Nessus plugin for Serv-U 2.5e D...

CVE-2000-0983

Microsoft NetMeeting with Remote Desktop Sharing enabled allows remote attackers to cause a denial of service CPU utilization via a sequence of null bytes to the NetMeeting port, aka the "NetMeeting Desktop Sharing" vulnerability...

CVE-2000-0837

FTP Serv-U 2.5e allows remote attackers to cause a denial of service by sending a large number of null bytes...

servu25e.txt

================================================================= Blue Panda Vulnerability Announcement: FTP Serv-U 2.5e 04/08/2000 dd/mm/yyyy [email protected] http://bluepanda.box.sk/ ================================================================= Problem: Sending FTP Serv-U a string...

Microsoft SQL Server 7.07.0 SP1 - NULL Data Denial of Service

Microsoft SQL Server 7.07.0 SP1 - NULL Data Denial of Service // source: https://www.securityfocus.com/bid/817/info If Microsoft SQL Server 7.0 receives a TDS header with three or more NULL bytes as data it will crash. The crash will generate an event in the log with ID 17055 "fatal exception...

Microsoft SQL Server 7.0/7.0 SP1 - NULL Data Denial of Service

// source: https://www.securityfocus.com/bid/817/info If Microsoft SQL Server 7.0 receives a TDS header with three or more NULL bytes as data it will crash. The crash will generate an event in the log with ID 17055 "fatal exception EXCEPTIONACCESS VIOLATION". / sqldos.c -- a DoS attack agains MS...