FlexBB 0.5.5 - incstart.php?_COOKIE SQL Bypass

FlexBB 0.5.5 - incstart.php?COOKIE SQL Bypass !/usr/bin/perl -w FlexBB : DONT FORGET TO DO YOUR CONFIG !! DONT FORGET TO DO YOUR CONFIG !! DONT FORGET TO DO YOUR CONFIG !! use IO::Socket; -- Start -- $host = "127.0.0.1"; $path = "/flexbb/"; -- END -- $host :- The Host Name Without http:// | exm...

MyBB104SQL.txt

!/usr/bin/perl -w MyBB : DONT FORGET TO DO YOUR CONFIG !! DONT FORGET TO DO YOUR CONFIG !! DONT FORGET TO DO YOUR CONFIG !! use IO::Socket; -- Start -- $host = "127.0.0.1"; $path = "/mybb3/"; $userid = 1; $mycookie = "mybbuser=1xommhw5h9kZZGSFUppacVfacykK1gnd84PLehjlhTGC1ZiQkXr;"; -- END -- $host...

MyBulletinBoard (MyBB) <= 1.04 (misc.php COMMA) SQL Injection (2)

Exploit for unknown platform in category web applications ================================================================= MyBulletinBoard MyBB : DONT FORGET TO DO YOUR CONFIG !! DONT FORGET TO DO YOUR CONFIG !! DONT FORGET TO DO YOUR CONFIG !! use IO::Socket; -- Start -- $host = "127.0.0.1";...

minimuke.pl.txt

I create exploit for a bug at Mininuke ; this bug at "membership.asp" and you can with this exploit change members password : if you inject: " /membership.asp&pass=New password&passa=confirm new password&x=member name " This bug found by nukedx & exploit by Hessam-x --------- + APP name : Mininuk...

Ubuntu 5.04 : awstats vulnerability (USN-167-1)

Peter Vreugdenhil discovered a command injection vulnerability in AWStats. As part of the statistics reporting function, AWStats displays information about the most common referrer values that caused users to visit the website. Referer URLs could be crafted in a way that they contained arbitrary...

Hot Links Pro 3.x XSS vuln.

Hot Links Pro 3.x XSS vuln. Vuln. dicovered by : r0t Date: 5 dec. 2005 Orginal advisory:http://pridels.blogspot.com/2005/12/hot-links-pro-3x-xss-vuln.html vendor:http://www.mrcgiguy.com/hl3details.shtml affected version:3.x and prior Product Description: Directory style index allows for easy...

gpsdrive 2.09 (x86) - &#039;friendsd2&#039; Remote Format String

!/usr/bin/perl -w Code by KF, although it is most likely ripped from John H. kflistsatdigitalmunitiondotcom http://www.digitalmunition.com FrSIRT 24/24 & 7/7 - Centre de Recherche on Donkey Testicles. Free 14 day Testicle licking trial available! friendsd.c:367: fprintf stderr, txt; Tested on int...

Novell NetWare HTTP POST Perl Code Execution Vulnerability

Novell Netware contains multiple default web server installations. The Netware Enterprise Web Server Netscape/IPlanet has a perl handler which will run arbitrary code given to in a POST request version 5.x through SP4 and 6.x through SP1 are effected. OpenVAS Vulnerability Test $Id:...

CVE-2005-2837

Multiple eval injection vulnerabilities in PlainBlack Software WebGUI before 6.7.3 allow remote attackers to execute arbitrary Perl code via 1 Help.pm, 2 International.pm, or 3 WebGUI.pm...

CVE-2005-2837

CVE-2005-2837 affects Plain Black Software WebGUI prior to 6.7.3. Multiple eval injection flaws in the modules Help.pm, International.pm, and WebGUI.pm allow remote attackers to execute arbitrary Perl code. This is a remote code execution risk on WebGUI installations exposed to an attacker; explo...

CVE-2005-2837

Multiple eval injection vulnerabilities in PlainBlack Software WebGUI before 6.7.3 allow remote attackers to execute arbitrary Perl code via 1 Help.pm, 2 International.pm, or 3 WebGUI.pm...

PT-2005-3703 · Plain Black · Webgui

Name of the Vulnerable Software and Affected Versions: WebGUI versions prior to 6.7.3 Description: The issue allows remote attackers to execute arbitrary Perl code via multiple eval injection vulnerabilities in the following modules: 1 Help.pm, 2 International.pm, or 3 WebGUI.pm. Recommendations:...

WebGUI Perl Code Execution Vulnerabilities

Secunia Advisory: SA16682 Release Date: 2005-09-02 Critical: Highly critical Impact: System access Where: From remote Solution Status: Vendor Patch Software: WebGUI 6.x Select a product and view a complete list of all Patched/Unpatched Secunia advisories affecting it. Description: Some...

CVE-2005-1527

Eval injection vulnerability in awstats.pl in AWStats 6.4 and earlier, when a URLPlugin is enabled, allows remote attackers to execute arbitrary Perl code via the HTTP Referrer, which is used in a $url parameter that is inserted into an eval function call...

CVE-2005-1527

Eval injection vulnerability in awstats.pl in AWStats 6.4 and earlier, when a URLPlugin is enabled, allows remote attackers to execute arbitrary Perl code via the HTTP Referrer, which is used in a $url parameter that is inserted into an eval function call...

CVE-2005-1527

Eval injection vulnerability in awstats.pl in AWStats 6.4 and earlier, when a URLPlugin is enabled, allows remote attackers to execute arbitrary Perl code via the HTTP Referrer, which is used in a $url parameter that is inserted into an eval function call...

USN-167-1: AWStats vulnerability

Peter Vreugdenhil discovered a command injection vulnerability in AWStats. As part of the statistics reporting function, AWStats displays information about the most common referrer values that caused users to visit the website. Referer URLs could be crafted in a way that they contained arbitrary...

AWStats Referrer Header Arbitrary Command Execution

The remote host is running AWStats, an open source web analytics tool used for analyzing data from internet services such as web, streaming, media, mail and FTP servers. The version of AWStats installed on the remote host collects data about the web referrers and uses them without proper sanitati...

[Full-disclosure] iDEFENSE Security Advisory 08.09.05: AWStats ShowInfoURL Remote Command Execution Vulnerability

AWStats ShowInfoURL Remote Command Execution Vulnerability iDEFENSE Security Advisory 08.09.05 www.idefense.com/application/poi/display?id=290&type=vulnerabilities August 09, 2005 I. BACKGROUND AWStats is a free tool that generates web, streaming, ftp or mail server statistics, graphically. It ca...

Microsoft Internet Explorer - &#039;javaprxy.dll&#039; COM Object Remote Overflow

Bindshell on port 28876 - Based on Berend-Jan Wever's IE exploit 01 July 2005 Description - http://www.frsirt.com/english/advisories/2005/0935 Workarounds - http://www.microsoft.com/technet/security/advisory/903144.mspx sec-consult - http://www.sec-consult.com/184.html Solution : Set Internet and...