1684 matches found
Sql injection
SQL injection vulnerability in property.php in elkagroup Image Gallery 1.0 allows remote attackers to execute arbitrary SQL commands via the pid parameter...
CVE-2007-3461
SQL injection vulnerability in property.php in elkagroup Image Gallery 1.0 allows remote attackers to execute arbitrary SQL commands via the pid parameter...
CVE-2007-3461
SQL injection vulnerability in property.php in elkagroup Image Gallery 1.0 allows remote attackers to execute arbitrary SQL commands via the pid parameter...
httpd scoreboard lack of PID protection
Apache httpd 1.3.37, 2.0.59, and 2.2.4 with the Prefork MPM module, allows local users to cause a denial of service by modifying the workerscore and processscore arrays to reference an arbitrary process ID, which is sent a SIGUSR1 signal from the master process, aka "SIGUSR1 killer."...
Sql injection
SQL injection vulnerability in index.asp in fipsCMS 2.1 allows remote attackers to execute arbitrary SQL commands via the pid parameter, a different vector than CVE-2006-6115...
CVE-2007-1152
Multiple directory traversal vulnerabilities in Pyrophobia 2.1.3.1 allow remote attackers to read arbitrary files via a .. dot dot in the 1 act or 2 pid parameter to the top-level URI index.php, or the 3 action parameter to admin/index.php. NOTE: some of these details are obtained from third part...
Dev-C++ 4.9.9.2 CPP File Parsing Local Stack Overflow PoC
Exploit for unknown platform in category dos / poc ========================================================= Dev-C++ 4.9.9.2 CPP File Parsing Local Stack Overflow PoC ========================================================= !/usr/bin/env python print...
CVE-2006-6559
SQL injection vulnerability in ProductDetails.asp in Lotfian Request For Travel 1.0 allows remote attackers to execute arbitrary SQL commands via the PID parameter...
CVE-2006-6559
The CVE-2006-6559 entry documents an SQL injection vulnerability in Lotfian Request For Travel 1.0, specifically in ProductDetails.asp where the PID parameter can be exploited to execute arbitrary SQL commands remotely. Affected component: ProductDetails.asp in Lotfian Request For Travel 1.0. Roo...
CVE-2006-6280
SQL injection vulnerability in viewthread.php in Oxygen O2PHP Bulletin Board 1.1.3 and earlier allows remote attackers to execute arbitrary SQL commands via the pid parameter, a different vector than CVE-2006-1572...
Kept in purdah who did not know: FU_Rootkit-vulnerability warning-the black bar safety net
I in 2 0 0 4 year 1 1 period of black anti-posted on the gadgets clever to delete the Guest/Administrator accounts on this article, there are a lot of friends asking about tools is how to write, in fact this tool inside most of the code is my copy FURootkit over. Since friends like, these days I'...
linux/x86 getppid + execve/proc/pid/exe 51 bytes
linux/x86 getppid + execve/proc/pid/exe 51 bytes. Shellcode exploit for linx86 platform / linux/x86 getppid + execve"/proc//exe", "/proc//exe", NULL - 51 bytes - izik / char shellcode = "\x6a\x40" // push $0x40 "\x58" // pop %eax "\xcd\x80" // int $0x80 // // : // "\x4c" // dec %esp "\x99" // clt...
linux/x86 getppid() + execve(/proc/pid/exe) 51 bytes
No description provided by source. / linux/x86 getppid + execve"/proc/pid/exe", "/proc/pid/exe", NULL - 51 bytes - izik [email protected] / char shellcode = "\x6a\x40" // push $0x40 "\x58" // pop %eax "\xcd\x80" // int $0x80 // // convert: // "\x4c" // dec %esp "\x99" // cltd "\x6a\x0a" // push $0xa...
Ubuntu 4.10 : libdbi-perl vulnerabilities (USN-70-1)
Javier Fernandez-Sanguino Pena from the Debian Security Audit Project discovered that the module DBI::ProxyServer in Perl's DBI library created a PID file in an insecure manner. This could allow a symbolic link attack to create or overwrite arbitrary files with the privileges of the user invoking...
CVE-2005-2714
passwd in Directory Services in Mac OS X 10.3.x before 10.3.9 and 10.4.x before 10.4.5 allows local users to overwrite arbitrary files via a symlink attack on the .pwtmp.PID temporary file...
Overflow keyboard program vulnerability to get administrator permissions-bug warning-the black bar safety net
No computer is safe without a security perimeter is not compromised. We have to do is use all the resources for invasion. Here you can see the most exciting invasion of record, you can learn the most practical intrusion techniques. Here are all invasion lovers Paradise. But remember yo, the...
linux/x86 examples of long-term payloads hide-wait-change 187 bytes+
No description provided by source. /---------------------------------------------------------------------------- Mystique Project: Examples of long-term payloads hide-wait-change code by [email protected] & [email protected] ----------------------------------------------------------------------------...
CVE-2005-1877
Cross-site scripting XSS vulnerability in viewticket.php in Lpanel 1.59 and earlier allows remote attackers to inject arbitrary web script or HTML and obtain sensitive information via the pid parameter...
CVE-2005-1598
SQL injection vulnerability in Invision Power Board IPB 2.0.3 and earlier allows remote attackers to execute arbitrary SQL commands via a crafted cookie password hash passhash that modifies the internal $pid variable...
CVE-2004-1966
Multiple SQL injection vulnerabilities in Open Bulletin Board OpenBB 1.0.6 and earlier allow remote attackers to execute arbitrary SQL commands via the 1 FID parameter in board.php, 2 sortorder, perpage, or id parameters in member.php, 3 forums parameter in search.php, or 4 PID or FID parameters ...