14 matches found
EUVD-2008-6490
Malware in sbrugna...
EUVD-2008-6491
Malware in sbrugna...
CVE-2008-6523
auth.php in openInvoice 0.90 beta and earlier allows remote attackers to bypass authentication and gain privileges by setting the oiauth cookie. NOTE: this can be leveraged with a separate vulnerability in resetpass.php to modify passwords for arbitrary users...
CVE-2008-6524
resetpass.php in openInvoice 0.90 beta and earlier allows remote authenticated users to change the passwords of arbitrary users via a modified uid parameter. NOTE: this can be leveraged with a separate vulnerability in auth.php to modify passwords without authentication...
Authentication flaw
auth.php in openInvoice 0.90 beta and earlier allows remote attackers to bypass authentication and gain privileges by setting the oiauth cookie. NOTE: this can be leveraged with a separate vulnerability in resetpass.php to modify passwords for arbitrary users...
CVE-2008-6524
resetpass.php in openInvoice 0.90 beta and earlier allows remote authenticated users to change the passwords of arbitrary users via a modified uid parameter. NOTE: this can be leveraged with a separate vulnerability in auth.php to modify passwords without authentication...
CVE-2008-6523
The CVE-2008-6523 issue affects openInvoice 0.90 beta and earlier where auth.php allows remote authentication bypass by setting the oiauth cookie, enabling privilege gain. The note indicates this can be combined with a separate vulnerability in resetpass.php to modify passwords for arbitrary user...
CVE-2008-6524
CVE-2008-6524 affects openInvoice up to version 0.90 beta and earlier. It allows remote authenticated users to change arbitrary user passwords via a modified uid parameter in resetpass.php. The description notes this can be leveraged with a separate vulnerability in auth.php to modify passwords w...
CVE-2008-6523
auth.php in openInvoice 0.90 beta and earlier allows remote attackers to bypass authentication and gain privileges by setting the oiauth cookie. NOTE: this can be leveraged with a separate vulnerability in resetpass.php to modify passwords for arbitrary users...
openinvoice-passwd.txt
!/usr/bin/perl OpenInvoice 0.9 Arbitrary Change User Password Exploit Discovered && Coded By t0pP8uZz Discovered On: 18 April 2008 Vendor has not been notified! see exploit for more details.. Greetz: milw0rm.com, h4ck-y0u.org, CipherCrew! use strict; use LWP::UserAgent; use HTTP::Cookies; print...
OpenInvoice 0.9 Arbitrary Change User Password Exploit
No description provided by source. !/usr/bin/perl OpenInvoice 0.9 Arbitrary Change User Password Exploit Discovered && Coded By t0pP8uZz Discovered On: 18 April 2008 Vendor has not been notified! see exploit for more details.. Greetz: milw0rm.com, h4ck-y0u.org, CipherCrew! use strict; use...
OpenInvoice 0.9 - Arbitrary Change User Password
OpenInvoice 0.9 - Arbitrary Change User Password !/usr/bin/perl OpenInvoice 0.9 Arbitrary Change User Password Exploit Discovered && Coded By t0pP8uZz Discovered On: 18 April 2008 Vendor has not been notified! see exploit for more details.. Greetz: milw0rm.com, h4ck-y0u.org, CipherCrew! use stric...
OpenInvoice 0.9 Arbitrary Change User Password Exploit
Exploit for unknown platform in category web applications ====================================================== OpenInvoice 0.9 Arbitrary Change User Password Exploit ====================================================== !/usr/bin/perl OpenInvoice 0.9 Arbitrary Change User Password Exploit...
OpenInvoice 0.9 - Arbitrary Change User Password
!/usr/bin/perl OpenInvoice 0.9 Arbitrary Change User Password Exploit Discovered && Coded By t0pP8uZz Discovered On: 18 April 2008 Vendor has not been notified! see exploit for more details.. Greetz: milw0rm.com, h4ck-y0u.org, CipherCrew! use strict; use LWP::UserAgent; use HTTP::Cookies; print...