48 matches found
PPLive TCP/9415 端口免费公用代理服务器漏洞
BUGTRAQ ID: 47508 PPLive网络电视是PPLive旗下媒体,一款全球安装量最大的网络电视,支持对海量高清影视内容的“直播+点播”功能。 PPLive在实现上存在配置漏洞,远程攻击者可利用此漏洞非授权使用客户端TCP/9415的代理。 代理服务器应该仅应监听在127.0.0.1,但事实上是在所有接口监听的。 PPLive 1.9.21 厂商补丁: PPLive ------ 目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本: http://www.pplive.com/en/index.html...
PT-2010-3299 · Squirrelmail +1 · Squirrelmail +1
Name of the Vulnerable Software and Affected Versions: SquirrelMail versions 1.4.20 and earlier Description: The issue allows remote authenticated users to bypass firewall restrictions and use SquirrelMail as a proxy to scan internal networks via a modified POP3 port number. This is made possible...
NukeSentinel 2.5.05 (nukesentinel.php) File Disclosure Exploit
No description provided by source. !/usr/bin/php File Disclosure Maybe work on other versions. Interesting exploit = if$argc URL: http://www.acid-root.new.fr/ ------------------------------------------------------------------ Usage: $argv0 -url -file Options Example: $argv0 -url...
[badroot.org] The Includer remote commands execution exploit
badroot security includer.cgi remote commands execution vulnerability remote exploit. !/usr/bin/python The Includer remote commands execution exploit v. 2 Exploit by: mozako - mozakoatmyboxdotit Vuln. discovered by: Francisco Alisson C 2005 - badroot security http://www.badroot.org PRIVATE - FUNN...
PerlDesk 1.x SQL-Injection Exploit
Exploit for cgi platform in category web applications ================================== PerlDesk 1.x SQL-Injection Exploit ================================== !/usr/bin/perl Example: kb.cgi?view=0 UNION SELECT 1,3,password,username,3,7 FROM users Exploit is attached. ./pde.pl...
Problem With IP Logging In Invision Power Board?
IPB like many other forum systems logs visitors IP's However I have noticed in the past that people who are surfing through some proxies have their internal private IP logged instead of their "real" IP Address. Here are a few screenshots I took of my LAN IP being logged instead of my internet IP...
TrendMicro InterScan VirusWall open proxy
There is no limitation for CONNECT usage...
KTH Kerberos 4 - Arbitrary Proxy Usage
source: https://www.securityfocus.com/bid/2090/info Kerberos is a widely used network service authentication system. The version of Kerberos developed and maintained by KTH Swedish Royal Institute of Technology contains a vulnerability that may allow/assist in a local or remote root compromise. K...