5314 matches found
my-colex 1.4.2 (AB/XSS/SQL) Multiple Remote Vulnerabilities
No description provided by source. || || || -----------------------------------------\ == -- ----------- ---------------------------- ------------------/ ¡VIVA SPAIN!...¡GANAREMOS EL MUNDIAL!...o.O ¡PROUD TO BE SPANISH! ----------------------------------...
Irssi 0.8.13 - 'WALLOPS' Message Off-by-One Heap Memory Corruption
source: https://www.securityfocus.com/bid/35399/info Irssi is prone to an off-by-one, heap-based, memory-corruption vulnerability because it fails to properly bounds-check user-supplied data before copying it into a memory buffer. Attackers can exploit this issue to crash the vulnerable client,...
StrawBerry 1.1.1 - Local File Inclusion Remote Command Execution
StrawBerry 1.1.1 - Local File Inclusion Remote Command Execution ?php / StrawBerry 1.1.1 LFI / Remote Command Execution Exploit Site: http://strawberry.goodgirl.ru/ magicquotesgpc = Off Author: AVT Date : 10.05.09 My Site: http://antichat.ru/ / settimelimit0; errorreporting0; list$cli,$host,$path...
PHP recommend 1.3 - Authentication Bypass Remote File Inclusion Code Injection
PHP recommend 1.3 - Authentication Bypass Remote File Inclusion Code Injection Php Recommend "; $d = ""; $content = "".$b."?php // Php Recommmend // Created By Frax.dk // GNU Licens // Please do not delete this text $".$d."page = '".$formpage."'; $".$d."includetemplate = '".$formincludetemplate."...
Important: Red Hat Security Advisory: kernel-rt security and bug fix update
Updated kernel-rt packages that fix several security issues and a bug are now available for Red Hat Enterprise MRG 1.1.2. This update has been rated as having important security impact by the Red Hat Security Response Team. The kernel-rt packages contain the Linux kernel, the core of any Linux...
EZ-Blog Beta2 (category) Remote SQL Injection Vulnerability
No description provided by source. || || || -----------------------------------------\ == -- ----------- ---------------------------- ------------------/ ¡VIVA SPAIN!...¡GANAREMOS EL MUNDIAL!...o.O ¡PROUD TO BE SPANISH! ------------------...
EZ-Blog Beta2 - 'category' SQL Injection
|| || || -----------------------------------------\ == -- ----------- ---------------------------- ------------------/ ¡VIVA SPAIN!...¡GANAREMOS EL MUNDIAL!...o.O ¡PROUD TO BE SPANISH! ---------------------------------------------------------------------------------------------- | SQL INJECTIO...
Apache Httpd < 2.2.12 : APR-util off-by-one overflow
An off-by-one overflow flaw was found in the way the bundled copy of the APR-util library processed a variable list of arguments. An attacker could provide a specially-crafted string as input for the formatted output conversion routine, which could, on big-endian platforms, potentially lead to th...
Mandriva Linux Security Advisory : nasm (MDVSA-2008:120)
An off-by-one error was found in nasm 2.02 that allowed context-dependent attackers to cause a denial of service crash or possibly execute arbitrary code via a crafted file that triggers a stack-based buffer overflow CVE-2008-2719. The updated packages have been patched to prevent this issue...
Mandriva Linux Security Advisory : clamav (MDVSA-2008:229)
An off-by-one error was found in ClamAV versions prior to 0.94.1 that could allow remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted VBA project file CVE-2008-5050. Other bugs have also been corrected in 0.94.1 which is being provided with this update...
Mandrake Linux Security Advisory : tcpdump (MDKSA-2007:155)
Off-by-one buffer overflow in the parseelements function in the 802.11 printer code print-80211.c for tcpdump 3.9.5 and earlier allows remote attackers to cause a denial of service crash via a crafted 802.11 frame. Updated packages have been patched to prevent this issue. %NASLMINLEVEL 70300 C...
Fedora 10 : DevIL-1.7.5-2.fc10 (2009-0867)
Fix missing symbols rh 480269 - Fix off by one error in CVE-2008-5262 check rh 479864 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without...
FreeBSD : ModSecurity for Apache 2.x remote off-by-one overflow (c2e10368-77ab-11d8-b9e8-00e04ccb0a62)
When the directive 'SecFilterScanPost' is enabled, the Apache 2.x version of ModSecurity is vulnerable to an off-by-one overflow %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the FreeBSD VuXML database : Copyright...
ClanTiger 1.1.1 - Authentication Bypass
ClanTiger 1.1.1 - Authentication Bypass || || || -----------------------------------------\ == -- ----------- ---------------------------- ------------------/ ¡VIVA SPAIN!...¡GANAREMOS EL MUNDIAL!...o.O ¡PROUD TO BE SPANISH!...
chCounter 3.1.3 - Authentication Bypass
chCounter 3.1.3 - Authentication Bypass chCounter 3.1.3 Login Bypass ======================================================================================================================= Critical Level : Dangerous Vendor site : http://chcounter.org/ Download :...
RQms (Rash) 1.2.2 - Multiple SQL Injections
RQms Rash 1.2.2 - Multiple SQL Injections Product : RQMS Version : 1.2.2 Dork : Rash Version: 1.2.1 Site: http://rqms.sourceforge.net Found by: Dimi4 Greetz: UASC http://uasc.org.ua, antichat Multiple Remote Vulnerabilities Need: magicquotesgpc = OFF 1Auth BYPASS http://127.0.0.1/rash-v1.2.2/?adm...
HTML Email Creator <= 2.1b668 (html) Local SEH Overwrite Exploit
No description provided by source. / :::::::-. ... ::::::. :::. ;;, ';, ;; ;;;;;;;, ;;; ' . ' $$, $$$$ $$$ $$$ "Y$c$$ 888,o8P'88 .d888 888 Y88 MMMMP" "YmmMMMM"" MMM YM Discovered and Exploited by dun HTML Email Creator = 2.1 build 668 html Local SEH Overwrite Exploit Vendor:...
Aqua CMS (username) SQL Injection Vulnerability
Exploit for unknown platform in category web applications =============================================== Aqua CMS username SQL Injection Vulnerability =============================================== ================================================================================ Found : halkfild...
RQMS (Rash) <= 1.2.2 Multiple SQL Injection Vulnerabilities
No description provided by source. Product : RQMS Version : 1.2.2 Dork : Rash Version: 1.2.1 Site: http://rqms.sourceforge.net Found by: Dimi4 Greetz: UASC http://uasc.org.ua, antichat Multiple Remote Vulnerabilities Need: magicquotesgpc = OFF 1Auth BYPASS http://127.0.0.1/rash-v1.2.2/?admin Logi...
CVE-2009-1290
The CVE-2009-1290 entry documents CSRF vulnerabilities in the IBM BladeCenter AMM web administration interface (including BladeCenter H with BPET36H 54). The underlying issue is cross-site request forgery that can enable remote attackers to hijack administrator authentication, demonstrated by a p...