18 matches found
EUVD-2007-0640
Malware in sbrugna...
EUVD-2007-0781
Malware in sbrugna...
raymondbuilderssupply.com Improper Access Control vulnerability OBB-3808886
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
raymondgirardot.ca Cross Site Scripting vulnerability OBB-3683853
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
raymondribbon.com Cross Site Scripting vulnerability OBB-1270800
Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...
Man gets 25 years for hacking lottery computers and winning $2.2 million
By Waqas In April 2015, it was reported that Eddie Raymond Tipton, This is a post from HackRead.com Read the original post: Man gets 25 years for hacking lottery computers and winning $2.2 million...
Pandora FMS 3.1 - Authentication Bypass / Arbitrary File Upload (Metasploit)
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 "Pandora v3.1 Auth Bypass and Arbitrary File Upload Vulnerability", 'Description' = %q This module exploits an authentication bypass...
Pandora 3.1 Auth Bypass / Arbitrary File Upload
This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 "Pandora v3.1 Auth Bypass and Arbitrary File Upload Vulnerability", 'Description' = %q This module exploits an authentication bypass...
Pandora FMS v3.1 Auth Bypass and Arbitrary File Upload Vulnerability
This module exploits an authentication bypass vulnerability in Pandora FMS v3.1 as disclosed by Juan Galiana Lara. It also integrates with the built-in pandora upload which allows a user to upload arbitrary files to the '/images/' directory. This module was created as an exercise in the Metasploi...
X-Ray 2.0 - VirusTotal frontent version for Suspicious Files Auto Submit
Raymond announce X-Ray 2.0, a program which is frontend for VirusTotal multi scanner. X-Ray will provide users with automatic submission of files that you think are suspicious to 35 Agnitum, Antiy Labs, Avast, AVG, Avira, Bitdefender, QuickHeal, ClamAV, Comodo, Dr.Web, Emsisoft, ESET, F-Prot,...
DataWatch Monarch Business Intelligence (BI) v5.1 admin section stored cross-site scripting
DataWatch Monarch BI v5.1 admin section stored cross-site scripting Class: Input Validation Error Remote: Yes Local: No Published: 26/06/2012 Credit: Raymond Rizk of Dionach Limited [email protected] Vulnerable: DataWatch Monarch BI v5.1 DataWatch's Monarch BI admin section is prone to a stored...
Fetchmail SSL证书显示远程堆溢出漏洞
BUGTRAQ ID: 38088 Fetchmail是免费的软件包,可以从远程POP2、POP3、IMAP、ETRN或ODMR服务器检索邮件并将其转发给本地SMTP、LMTP服务器或消息传送代理。 以verbose模式运行的fetchmail会向用户显示X.509证书的标题和发布者信息,为此要计算并分配一个malloc缓冲区。如果所要显示的内容包含有设置了高位的字符且平台将char类型设置为有符型,由于不可打印字符转义为了\xFF..FFnn(nn为十六进制的80..FF),这可能会在sdump.c文件的sdump函数中触发堆溢出,导致执行任意代码。 Eric Raymond...
Sql injection
SQL injection vulnerability in login.asp for tPassword in the Raymond BERTHOU script collection aka RBL - ASP allows remote attackers to execute arbitrary SQL commands via the 1 User and 2 Password parameters...
CVE-2007-0784
SQL injection vulnerability in login.asp for tPassword in the Raymond BERTHOU script collection aka RBL - ASP allows remote attackers to execute arbitrary SQL commands via the 1 User and 2 Password parameters...
CVE-2007-0784
SQL injection vulnerability in login.asp for tPassword in the Raymond BERTHOU script collection aka RBL - ASP allows remote attackers to execute arbitrary SQL commands via the 1 User and 2 Password parameters...
CVE-2007-0642
CVE-2007-0642 affects tForum 2.00 in the Raymond BERTHOU script collection (RBL - ASP). The vulnerability is an SQL injection in user_confirm.asp that allows remote attackers to execute arbitrary SQL commands via the (1) id and (2) pass parameters. Impact is partial confidentiality, integrity, an...
Fetchmail多个密码信息泄露漏洞
Fetchmail是一款多功能的IMAP和POP客户程序。 Fetchmail存在设计问题,远程攻击者可以利用漏洞可能获得用户密码敏感信息。 具体问题如下: -sslcertck/sslfingerprint选项本来必须应用到"sslproto tls1"来迫使使用TLS协商,但程序没有。 -在配置文件中即使使用"sslproto tls1",但如果STLS/STARTTLS没有使用,获取邮件也是明文过程。 -无论TLS选项是否采用,POP3的抓取完全忽略TLS,因为在检查STLS支持前没有可靠的发送CAPA,而CAPA是STLS所必须的。无论CAPA是否检测到,依靠的是"auth"选项...
Fetchmail POP3客户端缓冲区溢出漏洞
BUGTRAQ ID: 14349 CVECAN ID: CVE-2005-2335 fetchmail是免费的软件包,可以从远程POP2、POP3、IMAP、ETRN或ODMR服务器检索邮件并将其转发给本地SMTP、LMTP服务器或消息传送代理。 fetchmail的POP3客户端在处理服务器回应时存在缓冲区溢出漏洞,恶意服务器可能利用此漏洞在客户端上执行任意指令。...