Lucene search
K

6092 matches found

RedHat Linux
RedHat Linux
added 2007/02/26 9:49 a.m.5 views

php session extension global variable clobber

PHP 4 before 4.4.5, and PHP 5 before 5.2.1, when registerglobals is enabled, allows context-dependent attackers to execute arbitrary code via deserialization of session data, which overwrites arbitrary global variables, as demonstrated by calling sessiondecode on a string beginning with...

6.8CVSS6.2AI score0.09233EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2007/02/22 11:11 a.m.5 views

php session extension global variable clobber

PHP 4 before 4.4.5, and PHP 5 before 5.2.1, when registerglobals is enabled, allows context-dependent attackers to execute arbitrary code via deserialization of session data, which overwrites arbitrary global variables, as demonstrated by calling sessiondecode on a string beginning with...

6.8CVSS6.2AI score0.09233EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2007/02/21 12:42 p.m.9 views

php session extension global variable clobber

PHP 4 before 4.4.5, and PHP 5 before 5.2.1, when registerglobals is enabled, allows context-dependent attackers to execute arbitrary code via deserialization of session data, which overwrites arbitrary global variables, as demonstrated by calling sessiondecode on a string beginning with...

6.8CVSS6.2AI score0.09233EPSS
Exploits0References4
seebug.org
seebug.org
added 2007/02/07 12:0 a.m.28 views

solaris/sparc connect-back (with XNOR encoded session) 600 bytes

No description provided by source. / black-RXenc-con-back-SOLARIS.c MIPS This is a relitivly small 600 byte shellcode that encodes all network trafic between the exploited process and the attacker. All clear-text shell i/o is encoded using a simple NOT algo before being transmitted on the wire...

7.1AI score
Exploits0
Positive Technologies
Positive Technologies
added 2007/02/06 12:0 a.m.6 views

PT-2007-2219 · Phorum · Phorum

Name of the Vulnerable Software and Affected Versions: Phorum version 5.1.18 Description: A cross-site scripting XSS issue in the register.php file allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. The vendor disputes this issue, stating that characters are...

6.8CVSS5.9AI score0.01182EPSS
Exploits0References8
seebug.org
seebug.org
added 2007/02/05 12:0 a.m.13 views

Imail 8.10-8.12 (RCPT TO) Remote Buffer Overflow Exploit (meta)

No description provided by source. This file is part of the Metasploit Framework and may be redistributed according to the licenses defined in the Authors field below. In the case of an unknown or missing license, this file defaults to the same...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2007/02/04 12:0 a.m.43 views

Ipswitch IMail Server 8.10-8.12 - RCPT TO Remote Buffer Overflow (Metasploit)

This file is part of the Metasploit Framework and may be redistributed according to the licenses defined in the Authors field below. In the case of an unknown or missing license, this file defaults to the same license as the core Framework dual GPLv2 and Artistic. The latest version of the...

7.5CVSS7AI score0.60041EPSS
Exploits8
securityvulns
securityvulns
added 2007/01/29 12:0 a.m.49 views

Webfwlog <= 0.92 (debug.php) Remote File Disclosure Vulnerability

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ + D.Script:ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/packages-stable/All/webfwlog-0.92.tbz + D.Scrpit:http://webfwlog.sourceforge.net/...

1AI score
Exploits0
exploitpack
exploitpack
added 2007/01/29 12:0 a.m.13 views

Webfwlog 0.92 - debug.php Remote File Disclosure

Webfwlog 0.92 - debug.php Remote File Disclosure ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ + D.Script:ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/packages-stable/All/webfwlog-0.92.tbz + D.Scrpit:http://webfwlog.sourceforge.net/...

Exploits0
seebug.org
seebug.org
added 2007/01/25 12:0 a.m.15 views

Aztek Forum 4.0 Multiple Vulnerabilities Exploit

No description provided by source. !/usr/bin/php ?php errorreportingEALL ^ ENOTICE; / header Aztek Forum 4.1 Multiple Vulnerabilities Exploit header ================================================== sploit Owner - root status Trying to register a new user sploit Login/Password - phpsploit8435...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2007/01/25 12:0 a.m.16 views

Aztek Forum 4.0 - Multiple Vulnerabilities

Aztek Forum 4.0 - Multiple Vulnerabilities !/usr/bin/php Aztek Forum 4.1 Multiple Vulnerabilities Exploit header ================================================== sploit Owner - root status Trying to register a new user sploit Login/Password - phpsploit8435 status Trying to get database...

0.2AI score
Exploits0
CERT
CERT
added 2007/01/24 12:0 a.m.25 views

Online Media Technologies NCTsoft NCTAudioFile2 ActiveX buffer overflow

Overview The Online Media Technologies NCTsoft NCTAudioFile2 ActiveX control contains a buffer overflow vulnerability, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Online Media Technologies NCTsoft provides an ActiveX control...

9.3CVSS7.2AI score0.35162EPSS
Exploits4References26
0day.today
0day.today
added 2007/01/21 12:0 a.m.27 views

Upload Service 1.0 (top.php maindir) Remote File Inclusion Vulnerability

Exploit for unknown platform in category web applications ======================================================================== Upload Service 1.0 top.php maindir Remote File Inclusion Vulnerability ========================================================================...

7.1AI score
Exploits0
CERT
CERT
added 2007/01/19 12:0 a.m.39 views

Adobe Acrobat allows pointer overwrite via specially crafted PDF file

Overview Adobe Acrobat and Adobe Reader fail to properly handle a specially crafted PDF file, which may allow a remote attacker to execute arbitrary code on a vulnerable system. Description Adobe Acrobat and Adobe Reader are applications designed to create and view Portable Document Format PDF...

9.3CVSS7.2AI score0.09089EPSS
Exploits0References8
Cvelist
Cvelist
added 2007/01/16 7:0 p.m.25 views

CVE-2006-6487

Cross-site scripting XSS vulnerability in index.php in DT Guestbook dtguestbook 1.0f, when registerglobals is enabled, allows remote attackers to inject arbitrary web script or HTML via the error parameter...

5.7AI score0.02142EPSS
Exploits2References7
Prion
Prion
added 2007/01/11 12:28 a.m.18 views

Directory traversal

Directory traversal vulnerability in index.php in L2J Statistik Script 0.09 and earlier, when registerglobals is enabled and magicquotes is disabled, allows remote attackers to include and execute arbitrary local files via a .. dot dot in the page parameter, as demonstrated by injecting PHP...

6.8CVSS7.6AI score0.02455EPSS
Exploits1References5Affected Software1
exploitpack
exploitpack
added 2007/01/09 12:0 a.m.13 views

Magic Photo Storage Website - userregister.php?_config[site_path] Remote File Inclusion

Magic Photo Storage Website - userregister.php?configsitepath Remote File Inclusion source: https://www.securityfocus.com/bid/21965/info Magic Photo Storage Website is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting...

0.3AI score
Exploits0
seebug.org
seebug.org
added 2007/01/08 12:0 a.m.16 views

L2J Statistik Script <= 0.09 (index.php page) Local File Include Exploit

No description provided by source. ? print ' | \ | \ \ / | | | | | | | \ \ \ / \ \ | \ \ / \ | \ | | | / \ | \ \ \ / / | | | | | | | | | | ||/ // |./ |/\ ./ |/ ||...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2007/01/05 12:0 a.m.17 views

QUOTE&ORDERING SYSTEM 1.0 (ordernum) Multiple Vulnerabilities

No description provided by source. Title : QUOTE&ORDERING SYSTEM 1.0 ordernum Multiple Vulnerabilities Author : ajann Contact : : S.Page : ... $$ : $250.00 SQL--------------------------------------------------------- Register & Login Before Injection.. http://target/path//search.asp?ordernum=SQL...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2007/01/05 12:0 a.m.14 views

Aratix <= 0.2.2b11 (inc/init.inc.php) Remote File Include Vulnerability

No description provided by source. +------------------------------------------------------------------------------------------- + Aratix = 0.2.2b11 inc/init.inc.php Remote File Include Vulnerability +------------------------------------------------------------------------------------------- +...

7.1AI score
Exploits0
Rows per page
Query Builder