9831 matches found
FreeBSD : coppermine -- File Inclusion Vulnerabilities (77cceaef-e9a4-11da-b9f4-00123ffe8333)
Secunia reports : Coppermine Photo Gallery have a vulnerability, which can be exploited by malicious people and by malicious users to compromise a vulnerable system. 1 Input passed to the 'lang' parameter in include/init.inc.php isn't properly verified, before it is used to include files. This ca...
unb_161p1_incl_xpl.txt
!/usr/bin/php -q -d shortopentag=on ? echo "Unclassified NewsBoard = 1.6.1 patch 1 ABBCConfigsmileset arbitrary\r\n"; echo "local inclusion\r\n"; echo "by rgod [email protected]\r\n"; echo "site: http://retrogod.altervista.org\r\n\r\n"; echo "works with registerglobals = On & magicquotesgpc =...
FreeBSD : phpmyadmin -- register_globals emulation 'import_blacklist' manipulation (23afd91f-676b-11da-99f6-00123ffe8333)
Secunia reports : Stefan Esser has reported a vulnerability in phpMyAdmin, which can be exploited by malicious people to conduct cross-site scripting attacks, disclose sensitive information, and compromise a vulnerable system. The vulnerability is caused due to an error in the registerglobals...
Unclassified NewsBoard <= 1.6.1 patch 1 Arbitrary Local Inclusion Exploit
No description provided by source. !/usr/bin/php -q -d shortopentag=on ? echo "Unclassified NewsBoard = 1.6.1 patch 1 ABBCConfigsmileset arbitrary\r\n"; echo "local inclusion\r\n"; echo "by rgod [email protected]\r\n"; echo "site: http://retrogod.altervista.org\r\n\r\n"; echo "works with...
Unclassified NewsBoard <= 1.6.1 patch 1 Arbitrary Local Inclusion Exploit
Exploit for unknown platform in category web applications ========================================================================= Unclassified NewsBoard = 1.6.1 patch 1 Arbitrary Local Inclusion Exploit ========================================================================= !/usr/bin/php -q -...
coppermine -- "file" Local File Inclusion Vulnerability
Secunia reports: Coppermine Photo Gallery have a vulnerability, which can be exploited by malicious people to disclose sensitive information. Input passed to the "file" parameter in "index.php" isn't properly verified, before it is used to include files. This can be exploited to include arbitrary...
[SA19288] MailEnable Webmail and Unspecified POP Vulnerabilities
TITLE: MailEnable Webmail and Unspecified POP Vulnerabilities SECUNIA ADVISORY ID: SA19288 VERIFY ADVISORY: http://secunia.com/advisories/19288/ CRITICAL: Moderately critical IMPACT: Unknown, DoS WHERE: From remote SOFTWARE: MailEnable Standard 1.x http://secunia.com/product/3882/ MailEnable...
GuestBook Script <= 1.7 (include_files) Remote Code Execution Exploit
Exploit for unknown platform in category web applications ===================================================================== GuestBook Script ' . $txt'txtfilenotfound' . ': ' . $val . ''; $tpl-register'guest', $key; ... here is includecontent function: function includecontent$path if isfile$pa...
MDaemon IMAP Server Mail Folder Name Format String
The remote host is running Alt-N MDaemon, an SMTP/IMAP server for the Windows operating system family. The IMAP server component of MDaemon is affected by a format string vulnerability involving folders with format string specifiers in their names . An authenticated attacker can leverage this iss...
Alt-N MDaemon 8.1.1 IMAP Server - Remote Format String
source: https://www.securityfocus.com/bid/16854/info Alt-N MDaemon IMAP Server is affected by a remote format-string vulnerability. This issue is due to the application's failure to properly sanitize user-supplied input before using it in the format-specifier argument to a formatted printing...
Ipswitch WhatsUp Professional 2006 - Remote Denial of Service
Ipswitch WhatsUp Professional 2006 - Remote Denial of Service source: https://www.securityfocus.com/bid/16771/info Ipswitch WhatsUp Professional 2006 is susceptible to a remote denial-of-service vulnerability. This issue is due to the application's failure to properly handle certain HTTP GET...
Ipswitch WhatsUp Professional 2006 - Remote Denial of Service
source: https://www.securityfocus.com/bid/16771/info Ipswitch WhatsUp Professional 2006 is susceptible to a remote denial-of-service vulnerability. This issue is due to the application's failure to properly handle certain HTTP GET requests. This issue allows remote attackers to consume excessive...
[SECURITY] [DSA 966-1] New adzapper packages fix denial of service
-------------------------------------------------------------------------- Debian Security Advisory DSA 966-1 [email protected] http://www.debian.org/security/ Martin Schulze February 9th, 2006 http://www.debian.org/security/faq -...
CVE-2006-0432
Unspecified vulnerability in BEA WebLogic Server and WebLogic Express 9.0, when an Administrator uses the WebLogic Administration Console to add custom security policies, causes incorrect policies to be created, which prevents the server from properly protecting JNDI resources...
Security feature bypass
Unspecified vulnerability in BEA WebLogic Server and WebLogic Express 9.0, when an Administrator uses the WebLogic Administration Console to add custom security policies, causes incorrect policies to be created, which prevents the server from properly protecting JNDI resources...
CVE-2006-0432
Unspecified vulnerability in BEA WebLogic Server and WebLogic Express 9.0, when an Administrator uses the WebLogic Administration Console to add custom security policies, causes incorrect policies to be created, which prevents the server from properly protecting JNDI resources...
CVE-2006-0428
Unspecified vulnerability in BEA WebLogic Portal 8.1 SP3 through SP5, when using Web Services Remote Portlets WSRP, allows remote attackers to access restricted web resources via crafted URLs...
CVE-2006-0432
CVE-2006-0432 concerns BEA WebLogic Server and WebLogic Express 9.0. The available connected documents indicate that when an Administrator uses the WebLogic Administration Console to add custom security policies, incorrect policies can be created, which prevents the server from properly protectin...
[SA18589] Kerio WinRoute Firewall Web Browsing Denial of Service
TITLE: Kerio WinRoute Firewall Web Browsing Denial of Service SECUNIA ADVISORY ID: SA18589 VERIFY ADVISORY: http://secunia.com/advisories/18589/ CRITICAL: Less critical IMPACT: DoS WHERE: From remote SOFTWARE: Kerio WinRoute Firewall 6.x http://secunia.com/product/3613/ DESCRIPTION: A vulnerabili...
Ubuntu 4.10 : samba vulnerability (USN-22-1)
Karol Wiesek discovered a Denial of Service vulnerability in samba. A flaw in the input validation routines used to match filename strings containing wildcard characters may allow a remote user to consume more than normal amounts of CPU resources, thus impacting the performance and response of th...