859 matches found
[eVuln] vCounter - sourceworkshop SQL Injection Vulnerability
New eVuln Advisory: vCounter - sourceworkshop SQL Injection Vulnerability http://evuln.com/vulns/108/summary.html --------------------Summary---------------- eVuln ID: EV0108 CVE: CVE-2006-1499 Software: vCounter Sowtware's Web Site: http://www.sourceworkshop.com/ Versions: 1.0 Critical Level:...
PayProCart30.txt
This is a multi-part message in MIME format. ------=NextPart000000601C5395C.BF487B20 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Dcrab 's Security Advisory Hsc Security Group http://www.hackerscenter.com/...
AlstraSoft20.txt
This is a multi-part message in MIME format. ------=NextPart000001201C53726.5C0BF6A0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Dcrab 's Security Advisory Hsc Security Group http://www.hackerscenter.com/...
LiteCommerce Sql injection and reveling errors vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Dcrab 's Security Advisory Hsc Security Group http://www.hackerscenter.com/ dP Security http://digitalparadox.org/ Get Dcrab's Services to audit your Web servers, scripts, networks, etc. Learn more at http://www.digitalparadox.org/services.ah Severity...
Multiple sql injection, and xss vulnerabilities in PortalApp
Dcrab 's Security Advisory http://icis.digitalparadox.org/dcrab http://www.hackerscenter.com/ Severity: Medium Title: Multiple sql injection, and xss vulnerabilities in PortalApp. Date: March 30, 2005 Vendor: AspApp Vendor site: http://www.aspapp.com Summary: There are multiple sql injection, xss...
Multiple Sql injection, and multiple XSS vulnerabilities in Photopost PHP Pro Photo Gallery Software.
Dcrab 's Security Advisory http://icis.digitalparadox.org/dcrab http://www.hackerscenter.com/ Severity: High Title: Multiple Sql injection, and multiple XSS vulnerabilities in Photopost PHP Pro Photo Gallery Software. Date: March 29, 2005 Summary: There are multiple sql injection, xss...
HP-UX Security patch : PHNE_13596
The remote host is missing HP-UX Security Patch number PHNE13596 . Security Vulnerability with ftp on HP-UX %NASLMINLEVEL 70300 C Tenable Network Security, Inc. if ! definedfunc"bnrandom" exit0; include'deprecatednasllevel.inc'; include'compat.inc'; ifdescription scriptid16519; scriptversion"1.8"...
Cyrus IMAP Server < 2.2.10 Multiple Remote Overflows
According to its banner, the remote Cyrus IMAPD server is vulnerable to one pre-authentication buffer overflow, as well as three post- authentication buffer overflows. A remote attacker could exploit these issues to crash the server, or possibly execute arbitrary code. %NASLMINLEVEL 70300 C Tenab...
GoScript Remote Command Execution
GoScript Remote Command Execution Version verified: 2.0 Author: Pete Stein http://www.slack.net/pete/perl GoScript v2.0 allow remote commando execution as we can see below: http://www.server.com/go.cgi?|id| http://www.server.com/go.cgi?artarchive=|id| May be possible another methods of attack!...
ShopCartCGI 2.3 - gotopage.cgi Traversal Arbitrary File Access
ShopCartCGI 2.3 - gotopage.cgi Traversal Arbitrary File Access source: https://www.securityfocus.com/bid/9670/info It has been reported that ShopcartCGI is prone to a remote file disclosure vulnerability. This issue is due to insufficient validation of user-supplied input. Upon successful...
MS02-045: Unchecked buffer in Network Share Provider (326830)
Due to a flaw in Microsoft's SMB implementation, the remote host is vulnerable to a denial of service attack. By sending a specially crafted packet request, an attacker could launch a denial of service, causing the affected host to crash. Note that this vulnerability is not exploitable without...
GLSA: amavis
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - -------------------------------------------------------------------- GENTOO LINUX SECURITY ANNOUNCEMENT - - -------------------------------------------------------------------- PACKAGE :amavis SUMMARY :possible dos DATE :2002-09-05 10:30 UTC - -...
Cisco NTP ntpd readvar Variable Remote Overflow (CSCdt93866)
By sending a crafted NTP control packet, it is possible to trigger a buffer overflow in the NTP daemon. This vulnerability can be exploited remotely. The successful exploitation may cause arbitrary code to be executed on the target machine. This vulnerability is documented as Cisco Bug ID...
XMB cross-scripting vulnerability
XMB is a php-based forum. This product contain a Cross Site Scripting vulnerability that allows attackers to insert JavaScript code and other HTML code into existing messages, bypassing the internal JavaScript/HTML code stripper. Exploit: imgjavasCript:alert'Hello world.'/img Vulnerable systems:...
bugtraq submission
All versions of the C version of ePerl 2.2 up to current version 2.2.14 http://www.engelschall.com/sw/eperl/ Severity: Low Systems Affected: Unix systems Description: ePerl allows the user to embed perl code specified inside ePerl delimiters in HTML. ePerl has the ability to "safely" include...
possible rcp hole...
Here is a possible bug in rcp; since I think it calls system. I haven't had much time to play with this, because exama are coming up. It is negated because system calls /bin/cp which with the newer versions of bash, it drops it's effective credientals... $ ls -alF which rcp -rwsr-xr-x 1 root root...
CVE-1999-0352
CVE-1999-0352 affects ControlIT 4.5 and earlier, with weak password encryption as the root cause. Multiple connected sources corroborate the same description. The vulnerability concerns credential protection rather than an explicit code path described in detail in the provided documents. Impact i...
CVE-2018-4826
...
PT-2005-5547 · Debian +4 · Kernel-Source-2.4.27 +15
Name of the Vulnerable Software and Affected Versions: Debian GNU/Linux kernel-image-2.4.27 versions 2.4.27 through 2.4.27-2 Debian GNU/Linux kernel-headers-2.4.27 versions 2.4.27 through 2.4.27-2 Debian GNU/Linux kernel-pcmcia-modules-2.4.27 versions 2.4.27 through 2.4.27-2 Debian GNU/Linux...