26 matches found
Design/Logic Flaw
Gallery 2 up to 2.0.2 allows remote attackers to spoof their IP address via a modified X-Forwarded-For XFORWARDEDFOR HTTP header, which is checked by Gallery before other more reliable sources of IP address information, such as REMOTEADDR...
Limbo <= 1.0.4.2 _SERVER[REMOTE_ADDR] Overwrite Remote Exploit
Exploit for unknown platform in category web applications ============================================================== Limbo this works wtih registerglobals off & regardless of magicquotesgpc settings usage: launch from Apache, fill in requested fields, then go! Sun-Tzu: "Humble words and...
Limbo 1.0.4.2 - '_SERVER[REMOTE_ADDR]' Remote Command Execution
this works wtih registerglobals off & regardless of magicquotesgpc settings usage: launch from Apache, fill in requested fields, then go! Sun-Tzu: "Humble words and increased preparations are signs that the enemy is about to advance. Violent language and driving forward as if to the attack are...
Guppy 4.5.9 - REMOTE_ADDR Remote Command Execution
Guppy 4.5.9 - REMOTEADDR Remote Command Execution Guppy body background-color:111111; SCROLLBAR-ARROW-COLOR: ffffff; SCROLLBAR-BASE-COLOR: black; CURSOR: crosshair; color: 1CB081; img backgro...
Guppy 4.5.9 - 'REMOTE_ADDR' Remote Command Execution
Guppy body background-color:111111; SCROLLBAR-ARROW-COLOR: ffffff; SCROLLBAR-BASE-COLOR: black; CURSOR: crosshair; color: 1CB081; img background-color: FFFFFF !imp...
SCO OpenServer 5.0.x - mana REMOTE_ADDR Authentication Bypass
SCO OpenServer 5.0.x - mana REMOTEADDR Authentication Bypass !/bin/sh source: https://www.securityfocus.com/bid/8616/info It has been reported that SCO OpenServer Internet Manager 'mana' process is prone to an authentication bypass issue. The issue is reported to occur as a local user is able to...