CVE-2011-1316

The Session Initiation Protocol SIP Proxy in the HTTP Transport component in IBM WebSphere Application Server WAS before 7.0.0.15 allows remote attackers to cause a denial of service worker thread exhaustion and UDP messaging outage by sending many UDP messages...

CVE-2011-1316

CVE-2011-1316 affects IBM WebSphere Application Server (WAS) SIP Proxy in the HTTP Transport, where sending a flood of UDP messages can exhaust worker threads and cause UDP messaging outage, leading to a DoS condition. Vulnerable: WAS versions before 7.0.0.15. Red Hat and OpenVAS entries corrobor...

#OpGoogle - Operation Google started by Anonymous Hackers !

OpGoogle - Operation Google started by Anonymous Hackers ! OPGoogle Operation Google : Mar 6 At 18:00 GMT+1. IRC CHAN : oPGoogle . GUIDES : https://bit.ly/gFFTM5 . The complete press release as shown below : OpGoogle INDEX 1. English - done 2. Spanish - done 3. German - not yet, translators...

WordPress Plugin PHP Speedy 0.5.2 - admin_container.php Remote Code Execution

WordPress Plugin PHP Speedy 0.5.2 - admincontainer.php Remote Code Execution -d OPTIONS host: target s...

WordPress Plugin PHP Speedy 0.5.2 - 'admin_container.php' Remote Code Execution

-d OPTIONS host: target server ip/hostname path: directo...

JAKCMS 2.01 RC1 - Blind SQL Injection

!/usr/bin/python jakCMS = v2.01 RC1 Blind SQL Injection Exploit Understanding: The parameters 'JAKCOOKIENAME' and 'JAKCOOKIEPASS' are parsed via cookies to the application and are unchecked for malicious characters. The contents of these variables are directly inserted into an SQL statement,...

Lingxia I.C.E CMS Remote Blind SQL Injection Exploit

Exploit for php platform in category web applications !/usr/bin/python ICE CMS Blind SQLi 0day. email protected ice$ python icecold.py -p localhost:8080 -t 10.3.100.25:8500 -d /ice/ | ---------------------------------------------------- | | Lingxia I.C.E CMS Remote Blind SQL Injection Exploit | |...

Openedit 5.1294 Code Execution

!/usr/bin/python Openedit = v5.1294 Remote Code Execution Exploit http://net-ninja.net/blog/?p=553 watch http://www.zeitgeistmovie.com/ Explanation: Vuln 1: Admin hash disclosure Vuln 2: Login with the hash Vuln 3: Unprotected file upload mrme@pluto openedit$ sudo python ./openown.py -p...

CVE-2010-4431

Unspecified vulnerability in Oracle Sun Java System Portal Server 7.1 and 7.2 allows local users to affect confidentiality via unknown vectors related to Proxy...

Design/Logic Flaw

Unspecified vulnerability in Oracle Sun Java System Portal Server 7.1 and 7.2 allows local users to affect confidentiality via unknown vectors related to Proxy...

CVE-2010-4431

CVE-2010-4431 affects Oracle Sun Java System Portal Server 7.1 Update 2 on Solaris (SPARC/X86). The vulnerability is described as an unspecified local-confidentiality issue related to the Portal’s proxy handling. Nessus/NVD references suggest patches are available: Solaris patch 124301-16 (SPARC)...

Lotus CMS Fraise v3.0 LFI - Remote Code Execution Exploit

No description provided by source. !/usr/bin/python Lotus CMS Fraise v3.0 LFI - Remote Code Execution Exploit greetz Tecr0C :0 Vuln: lines 15-23 in core/lib/router.php ---------- sof //Get page request if any $page = $this-getInputString"page", "index"; //Get plugin request if any $plugin =...

Lotus CMS Fraise 3.0 Local File Inclusion / Code Execution

!/usr/bin/python Lotus CMS Fraise v3.0 LFI - Remote Code Execution Exploit greetz Tecr0C :0 Vuln: lines 15-23 in core/lib/router.php ---------- sof //Get page request if any $page = $this-getInputString"page", "index"; //Get plugin request if any $plugin = $this-getInputString"system", "Page"; //...

Fedora Update for tor FEDORA-2010-19159

Check for the Version of tor OpenVAS Vulnerability Test Fedora Update for tor FEDORA-2010-19159 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of...

TYPO3 - Arbitrary File Retrieval

?php / TYPO3-SA-2010-022.php Exploit Title: TYPO3 Unauthenticated Arbitrary File Retrieval TYPO3-SA-2010-020, TYPO3-SA-2010-022 Date: 29/12/2010 Author: ikki Software Link: http://typo3.org/download/, http://sourceforge.net/projects/typo3/files/ Version: 4.2.15, 4.3.7 or 4.4.4 Tested on: php CVE ...

CVE-2010-4508

The WebSockets implementation in Mozilla Firefox 4 through 4.0 Beta 7 does not properly perform proxy upgrade negotiation, which has unspecified impact and remote attack vectors, related to an "inherent problem" with the WebSocket specification...

CVE-2010-4508

The WebSockets implementation in Mozilla Firefox 4 through 4.0 Beta 7 does not properly perform proxy upgrade negotiation, which has unspecified impact and remote attack vectors, related to an "inherent problem" with the WebSocket specification...

Symantec IM Manager IMAdminReportTrendFormRun.asp SQL Injection (CVE-2010-0112)

Symantec IM Manager is a software-based proxy to secure, manage, and log IM messages for enterprise and public IM protocols. It provides real-time threat protection against IM viruses, worms, and other types of attacks delivered through IM messages. Symantec IM Manager allows the definition of...

Fedora Update for squid FEDORA-2010-14149

Check for the Version of squid OpenVAS Vulnerability Test Fedora Update for squid FEDORA-2010-14149 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms...

Arachni v0.2.1 - penetration testers Framework - latest release

"Arachni is a feature-full, modular, high-performance Ruby framework aimed towards helping penetration testers and administrators evaluate the security of web applications." This is the official change log: Major performance improvements Major system refactoring and code clean-up Major module API...