Mozilla Firefox <= 1.5.0.2 (js320.dll/xpcom_core.dll) Denial of Service PoC

Exploit for multiple platform in category dos / poc =========================================================================== Mozilla Firefox var textarea = document.getElementsByName"xOtherInfo"; textarea=textarea.item0; var htmlarea = document.createElement"div"; htmlarea.className =...

CanfTool v1.1 Cross Site Scripting Attack

Cross Site Scripting Attack CanfTool v1.1 ========================================= Description : Conftool is a Web-based online system that was developed to supports many administrative tasks of conferences, workshops and seminars. It can help to make the management of events easier and much mor...

[eVuln] Vegas Forum SQL Injection Vulnerability

New eVuln Advisory: Vegas Forum SQL Injection Vulnerability http://evuln.com/vulns/90/summary.html --------------------Summary---------------- eVuln ID: EV0090 CVE: CVE-2006-1020 Software: Vegas Forum Sowtware's Web Site: http://www.battlereports.com/downloads.php Versions: 1.0 Critical Level:...

vbulletinXSSpasswd.txt

——–Summary——– Software: vBulletin Sowtware’s Web Site: http://www.vBulletin.com Versions: 3.0.12-3.5.3 Class: Remote Status: Unpatched Exploit: Available Solution: Available Discovered by: imei addmimistrator Risk Level: Mediume ——-Description——- There is a security bug in most powerfull & common...

[eVuln] Skate Board Multimple Vulnerabilities

New eVuln Advisory: Skate Board Multimple Vulnerabilities http://evuln.com/vulns/84/summary.html --------------------Summary---------------- eVuln ID: EV0084 CVE: CVE-2006-0809 CVE-2006-0810 CVE-2006-0811 Software: Skate Board Sowtware's Web Site: http://bb.jiraiya.se/main.php?content=start...

EV0076.txt

New eVuln Advisory: Guestex Shell Command Execution Vulnerability http://evuln.com/vulns/76/summary.html --------------------Summary---------------- eVuln ID: EV0076 CVE: CVE-2006-0777 Software: Guestext Sowtware's Web Site: http://www.teca-scripts.com/ Versions: 1.0 Critical Level: Dangerous Typ...

[eVuln] Magic Downloads Unauthorized Data Modification

New eVuln Advisory: Magic Downloads Unauthorized Data Modification http://evuln.com/vulns/73/summary.html --------------------Summary---------------- eVuln ID: EV0073 CVE: CVE-2006-0722 Vendor: Reamday Enterprises Vendor's Web Site: http://reamdaysoft.com Software: Magic Downloads Sowtware's Web...

EV0080.txt

New eVuln Advisory: M. Blom HTML::BBCode perl module XSS Vulnerabilities http://evuln.com/vulns/80/summary.html --------------------Summary---------------- eVuln ID: EV0080 Software: M. Blom HTML::BBCode Sowtware's Web Site: http://menno.b10m.net/perl/ Versions: 1.04 1.03 and earlier Critical...

Microsoft WINS replication service pointer corruption

Added: 02/10/2006 CVE: CVE-2004-1080 BID: 11763 OSVDB: 12378 Background The Windows Internet Naming Service WINS maps Netbios names to IP addresses. The WINS replication service runs on port 42/TCP and allows WINS servers to share Netbios name information with other WINS servers. Problem The WINS...

MyBB-search.txt

http://127.0.0.1/mybb/search.php?action=dosearch&keywords=&postthread=1&author=imei&matchusername=1&forums=all&findthreadst=1&numreplies=&postdate=0&pddir=1&sortby="alertdocument.cookie&sorder=1&showresults=threads&submit=Search --------------------Summary---------------- Software: MyBB Sowtware'...

Note-A-Day-2.1.txt

New eVuln Advisory: Note-A-Day Weblog Sensitive Information Disclosure http://evuln.com/vulns/44/summary.html --------------------Summary---------------- Software: Note-A-Day Sowtware's Web Site: http://noteaday.com/ Versions: 2.1 Critical Level: Moderate Type: Sensitive Information Disclosure...

[eVuln] CaLogic Calendars Multiple XSS Vulnerabilities

New eVuln Advisory: CaLogic Calendars Multiple XSS Vulnerabilities http://evuln.com/vulns/24/summary/bt/ --------------------Summary---------------- Software: CaLogic Calendars Sowtware's Web Site: http://www.calogic.de/ Versions: 1.2.2 Critical Level: Moderate Type: Cross-Site Scripting Class:...

kapda-phpp.txt

KAPDA New advisory Vendor: http://www.php-post.co.uk/ Vulnerable Version: v1.0 Bug: XSS and HTML Injection Exploitation: Remote with browser Description: -------------------- PHPP is a free message board powered by PHP and MySQL. Vulnerability: -------------------- HTML Injection: The software do...

CVE-2005-3845

SQL injection vulnerability in invoices.php in EZ Invoice Inc 2.0 allows remote attackers to execute arbitrary SQL commands via the i parameter. NOTE: the vendor has stated "EZ Invoice, Inc has a patah available. Please email [email protected] and EZI will email you the patch to fix this...

CVE-2005-3845

SQL injection vulnerability in invoices.php in EZ Invoice Inc 2.0 allows remote attackers to execute arbitrary SQL commands via the i parameter. NOTE: the vendor has stated "EZ Invoice, Inc has a patah available. Please email [email protected] and EZI will email you the patch to fix this...

SEC-20051107-0.txt

SEC-CONSULT Security Advisory 20051107-0 ============================================================================= title: toendaCMS multiple vulnerabilites program: toendaCMS vulnerable version: .xml, where is string composed of 5 bytes e.g. 2ac336ff0d.xml. Each XML file contains username...

EZsite Forum Discloses Passwords to Remote Users

The remote host is running EZsite Forum. It is reported that this software stores usernames and passwords in plaintext form in the 'Database/EZsiteForum.mdb' file. A remote user can reportedly download this database. OpenVAS Vulnerability Test $Id: EZsiteForum.nasl 6703 2017-07-12 13:57:25Z...

Dell OpenManage Web Server <= 3.7.1

Dell OpenManage Web Servers 3.2.0-3.7.1 are vulnerable to a heap based buffer overflow attack. A proof of concept denial of service attack has been released. SPDX-FileCopyrightText: 2004 Tomi Hanninen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

WoltlabSQL.txt

Woltlab Burning Board infodb.php multiple SQL injection -discovered by R Vendor: "Trooper" URL: www.wbbcoderforum.de Version: = 2.7 Type: SQL-injection Description: ------------------------ Info-DB is a very powerful and popular download-module with many features. Information:...

myBloggie &quot;username&quot; SQL Injection Vulnerability

Secunia Advisory: SA16699 Release Date: 2005-09-05 Critical: Moderately critical Impact: Security Bypass Manipulation of data Where: From remote Solution Status: Vendor Patch Software: myBloggie 2.x Select a product and view a complete list of all Patched/Unpatched Secunia advisories affecting it...