274 matches found
[SECURITY] [DLA 1507-1] libapache2-mod-perl2 security update
Package : libapache2-mod-perl2 Version : 2.0.91624218-2+deb8u3 CVE ID : CVE-2011-2767 Debian Bug : 644169 Jan Ingvoldstad discovered that libapache2-mod-perl2 allows attackers to execute arbitrary Perl code by placing it in a user-owned .htaccess file, because contrary to the documentation there ...
Debian: Security Advisory (DLA-1507-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
UBUNTU-CVE-2011-2767
modperl 2.0 through 2.0.10 allows attackers to execute arbitrary Perl code by placing it in a user-owned .htaccess file, because contrary to the documentation there is no configuration option that permits Perl code for the administrator's control of HTTP request processing without also permitting...
Code injection
AlienVault USM and OSSIM before 5.3.7 and NfSen before 1.3.8 have an error in privilege dropping and unnecessarily execute the NfSen Perl code as root, aka AlienVault ID ENG-104945, a different vulnerability than CVE-2017-6970 and CVE-2017-6971...
Movable Type Web Upgrade Remote Code Execution (CVE-2013-0209)
A script injection and execution vulnerability has been reported in Movable Type. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary Perl code and SQL commands on the affected system...
MediaInfo 0.7.61 - Crash (PoC)
Exploit for windows platform in category dos / poc !/usr/bin/perl -w Title : Windows Media Player MediaInfo v0.7.61 - Buffer Overflow Exploit Tested on Windows 7 / Server 2008 Download Link : https://sourceforge.net/projects/mediainfo/files/binary/mediainfo-gui/0.7.61/ Author : Mohammad Reza...
MediaInfo 0.7.61 - Crash (PoC)
MediaInfo 0.7.61 - Crash PoC !/usr/bin/perl -w Title : Windows Media Player MediaInfo v0.7.61 - Buffer Overflow Exploit Tested on Windows 7 / Server 2008 Download Link : https://sourceforge.net/projects/mediainfo/files/binary/mediainfo-gui/0.7.61/ Author : Mohammad Reza Espargham Linkedin :...
Viber 4.2.0 - Non-Printable Characters Handling Denial of Service Vulnerability
Exploit for iOS platform in category dos / poc !/usr/bin/perl -w -- coding: utf-8 - + Title: Viber Non-Printable Characters Handling Denial of Service Vulnerability + Product: Viber + Vendor: http://www.viber.com/en/ + SoftWare Link :...
Viber 4.2.0 Denial Of Service
!/usr/bin/perl -w -- coding: utf-8 - + Title: Viber Non-Printable Characters Handling Denial of Service Vulnerability + Product: Viber + Vendor: http://www.viber.com/en/ + SoftWare Link : https://itunes.apple.com/app/viber-free-phone-calls/id382617920?mt=8 + Vulnerable Versions: Viber 4.2.0 on IO...
Viber 4.2.0 - Non-Printable Characters Handling Denial of Service
Viber 4.2.0 - Non-Printable Characters Handling Denial of Service !/usr/bin/perl -w -- coding: utf-8 - + Title: Viber Non-Printable Characters Handling Denial of Service Vulnerability + Product: Viber + Vendor: http://www.viber.com/en/ + SoftWare Link :...
KMPlayer 3.9.x - .srt Crash (PoC)
KMPlayer 3.9.x - .srt Crash PoC !/usr/bin/perl -w Title : KMPlayer 3.9.x - Crash Proof Of Concept Company : http://www.kmplayer.com Tested : Windows 7 / Windows 8.1 Author : Peyman Motevalli Manesh Linkedin : https://ir.linkedin.com/in/peymanmotevalli E-Mail : meatPDPnetworkdotir Website :...
Viber Remote Crash Proof Of Concept
!/usr/bin/perl -w -- coding: utf-8 - + Author: Mohammad Reza Espargham + Title: Viber Remote Crash on non-printable characters + Product: Viber + Vendor: http://www.viber.com/en/ + SoftWare Link : https://itunes.apple.com/app/viber-free-phone-calls/id382617920?mt=8 + Vulnerable Versions: Viber...
SixApart MovableType Storable Perl Code Execution Vulnerability
MovableType, MT for short, is a weblog blog publishing system introduced by Six Apart, Inc. located in California, USA. A code execution vulnerability exists in SixApart MovableType. An attacker can exploit the vulnerability to execute arbitrary code...
Futomi CGI Cafe MP Form Mail CGI eCommerce Arbitrary Code Execution Vulnerability
Futomi CGI Cafe MP Form Mail CGI eCommerce on Windows is a Windows-based CGI for sending emails from Web forms by Futomi Japan. A security vulnerability exists in Futomi CGI Cafe MP Form Mail CGI eCommerce on Windows platform prior to version 2.0.12. A remote attacker can exploit the vulnerabilit...
CVE-2015-0898
futomi CGI Cafe MP Form Mail CGI eCommerce before 2.0.12 on Windows allows remote attackers to execute arbitrary Perl code via unspecified vectors...
Design/Logic Flaw
futomi CGI Cafe MP Form Mail CGI eCommerce before 2.0.12 on Windows allows remote attackers to execute arbitrary Perl code via unspecified vectors...
CVE-2015-0898
futomi CGI Cafe MP Form Mail CGI eCommerce before 2.0.12 on Windows allows remote attackers to execute arbitrary Perl code via unspecified vectors...
CVE-2015-0898
The CVE concerns Futomi CGI Cafe MP Form Mail CGI eCommerce edition running on Windows. The vulnerability allows a remote attacker to execute arbitrary Perl code due to an injection flaw in the CGI eCommerce implementation, affecting version 2.0.11 and earlier. The impact is remote code execution...
MP Form Mail CGI eCommerce edition vulnerable to code injection
Overview MP Form Mail CGI eCommerce edition provided by futomi Co., Ltd. is a CGI used to send mail from a web form. MP Form Mail CGI eCommerce edition contains a code injection vulnerability. Shoji Baba reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Informatio...
FreeBSD : twiki -- remote Perl code execution (21ce1840-6107-11e4-9e84-0022156e8794)
TWiki developers report : The debugenableplugins request parameter allows arbitrary Perl code execution. Using an HTTP GET request towards a TWiki server, add a specially crafted debugenableplugins request parameter to TWiki's view script typically port 80/TCP. Prior authentication may or may not...