Pacer Edition CMS 2.1 Local File Inclusion

Pacer Edition CMS 2.1 l param Local File Inclusion Vulnerability Vendor: The Pacer Edition Product web page: http://www.thepaceredition.com Affected version: RC 2.1 SVN: 867 Summary: The 'Pacer Edition' is a Content Management SystemCMS written using PHP 5.2.9 as a minimum requirement. The Pacer...

Pacer Edition CMS 2.1 - 'l' Local File Inclusion

Pacer Edition CMS 2.1 l param Local File Inclusion Vulnerability Vendor: The Pacer Edition Product web page: http://www.thepaceredition.com Affected version: RC 2.1 SVN: 867 Summary: The 'Pacer Edition' is a Content Management SystemCMS written using PHP 5.2.9 as a minimum requirement. The Pacer...

CultBooking 2.0.4 Local File Inclusion

CultBooking 2.0.4 lang Local File Inclusion Vulnerability Vendor: Cultuzz Digital Media GmbH Product web page: http://www.cultuzz.com Affected version: 2.0.4 Summary: Open source hotel booking system Internet Booking Engine IBE. Via a central api called CultSwitch it is possible to make bookings...

Code injection

Unspecified vulnerability in the Services for Beehive component in Oracle Fusion Middleware 2.0.1.0, 2.0.1.1, 2.0.1.2, 2.0.1.2.1, and 2.0.1.3 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the...

Zen Cart v1.3.9f (typefilter) Local File Inclusion Vulnerability

Exploit for php platform in category web applications ================================================================ Zen Cart v1.3.9f typefilter Local File Inclusion Vulnerability ================================================================ Vendor: Zen Ventures, LLC Product web page:...

Zen Cart 1.3.9f Local File Inclusion

Zen Cart v1.3.9f typefilter Local File Inclusion Vulnerability Vendor: Zen Ventures, LLC Product web page: http://www.zen-cart.com Version affected: 1.3.9f Summary: Zen Cart is an online store management system. It is PHP-based, using a MySQL database and HTML components. Support is provided for...

Zen Cart v1.3.9f (typefilter) Local File Inclusion Vulnerability

Summary Zen Cart is an online store management system. It is PHP-based, using a MySQL database and HTML components. Support is provided for numerous languages and currencies, and it is freely available under the GNU GPL. Description Zen Cart v1.3.9f suffers from a file inlcusion vulnerability LFI...

win32 9x/NT/2k/XP Generic cmd.exe Shellcode 159 bytes

Exploit for win32 platform in category shellcode ===================================================== win32 9x/NT/2k/XP Generic cmd.exe Shellcode 159 bytes ===================================================== ; Windows 9x/NT/2k/XP Generic cmd.exe Shellcode ; 159 bytes ; ; free of null bytes \x0...

CVE-2010-1078

SQL injection vulnerability in archive.php in XlentProjects SphereCMS 1.1 alpha allows remote attackers to execute arbitrary SQL commands via encoded null bytes "%00" in the view parameter, which bypasses a protection mechanism...

Sql injection

SQL injection vulnerability in archive.php in XlentProjects SphereCMS 1.1 alpha allows remote attackers to execute arbitrary SQL commands via encoded null bytes "%00" in the view parameter, which bypasses a protection mechanism...

Phpunity Newsmanager Local File Inclusion Vulnerability

Phpunity Newsmanager is prone to local file inclusion vulnerability. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE Security Update : postgresql (postgresql-1773)

An unprivileged, authenticated PostgreSQL user could create a table which references functions with malicious content. Maintenance operations carried out be the database superuser could execute such functions CVE-2009-4136. Embedded null bytes in the common name of SSL certificates could bypass...

Flatchat Directory Traversal Vulnerability

The host is running Flatchat and is prone to Directory Traversal vulnerability. OpenVAS Vulnerability Test $Id: gbflatchatdirtravvuln.nasl 4865 2016-12-28 16:16:43Z teissa $ Flatchat Directory Traversal Vulnerability Authors: Sharath S Copyright: Copyright c 2009 Greenbone Networks GmbH,...

Flatchat Directory Traversal Vulnerability

Flatchat is prone to a directory traversal vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

MagicISO 5.4 (build239) - '.cue' File Local Buffer Overflow

/ -- poc/demo for magiciso exploit, found by n00b -- by: [email protected] -- original email reply comments: I actually looked into this when you posted this on milw0rm. I was able to get it to run arbitrary code, however it was so unreliable it wasn't worth me posting... however, it was informative...

win64 (URLDownloadToFileA) download and execute 218+ bytes

No description provided by source. ; ; dexec64.asm - 218+ bytes unoptimised ; ; Win64 asm code, download & execute file using URLDownloadToFileA moniker & WinExec ; ; tested on AMD64 running Windows x64 SP1 ; ; there probably are errors in the code, but this is more of an experimental source if...

MySQL 5.0.18 - Query Logging Bypass

MySQL 5.0.18 - Query Logging Bypass source: https://www.securityfocus.com/bid/16850/info MySQL is prone to a query-logging-bypass vulnerability. This issue is due to a discrepancy between the handling of NULL bytes in the 'mysqlrealquery' function and in the query-logging functionality. This issu...

MySQL 5.0.18 - Query Logging Bypass

source: https://www.securityfocus.com/bid/16850/info MySQL is prone to a query-logging-bypass vulnerability. This issue is due to a discrepancy between the handling of NULL bytes in the 'mysqlrealquery' function and in the query-logging functionality. This issue allows attackers to bypass the...

CVE-2005-4836

The HTTP/1.1 connector in Apache Tomcat 4.1.15 through 4.1.40 does not reject NULL bytes in a URL when allowLinking is configured, which allows remote attackers to read JSP source files and obtain sensitive information...

FreeBSD : mozilla -- NULL bytes in FTP URLs (7c188c55-0cb0-11d9-8a8a-000c41e2cdad)

When handling FTP URLs containing NULL bytes, Mozilla will interpret the file content as HTML. This may allow unexpected execution of JavaScript when viewing plain text or other file types via FTP. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in thi...