174 matches found
Joomla! Component RD-Autos 1.5.5 - SQL Injection
Joomla Component RDAutos SQL Injection Vulnerability Vulnerability found by: H!tm@N Contact: khghitmanatgmaildotcom Site: www.khg-crew.ws Greetz: boom3rang, KHG, urtan, warning, chs, redc00de -=Kosova Hackers Group=--=KHG-Crew=- ScriptName: "Joomla" Component: "RDAutos comrdautos" Version: "1.5.5...
Generic x86 Debug Trap
Generate a debug trap in the target process This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 1 include Msf::Payload::Single def initializeinfo = supermergeinfoinfo, 'Name' = 'Generi...
Joomla Component pcchess <= 0.8 Remote SQL Injection Vulnerability
No description provided by source. joomla SQL Injectioncompcchess AUTHOR : S@BUN HOME : http://www.hackturkiye.com MA陌L : [email protected] DORK 1 : allinurl: compcchess "userid" DORK 2 : allinurl: compcchess EXPLOIT :...
Remote file inclusion
PHP remote file inclusion vulnerability in db/PollDB.php in Robert Ladstaetter ActionPoll 1.1.1 allows remote attackers to execute arbitrary PHP code via a URL in the CONFIGDATAREADERWRITER parameter, a different vector than CVE-2001-1297. NOTE: the provenance of this information is unknown; the...
Remote file inclusion
Multiple PHP remote file inclusion vulnerabilities in Robert Ladstaetter ActionPoll 1.1.0, and possibly 1.1.1, allow remote attackers to execute arbitrary PHP code via a URL in 1 the CONFIGPOLLDB parameter to actionpoll.php or 2 the CONFIGDB parameter to db/DataReaderWriter.php, different vectors...
CVE-2007-2064
CVE-2007-2064 describes multiple PHP remote file inclusion vulnerabilities in Robert Ladstaetter ActionPoll 1.1.0 (and possibly 1.1.1). The flaws allow an attacker to execute arbitrary PHP code by supplying a URL in the CONFIG_POLLDB parameter to actionpoll.php or in the CONFIG_DB parameter to db...
Linux Kernel 2.6.20 with DCCP Support - Memory Disclosure (1)
Linux Kernel 2.6.20 with DCCP Support - Memory Disclosure 1 / Linux Kernel DCCP Memory Disclosure Vulnerability Synopsis: The Linux kernel is susceptible to a locally exploitable flaw which may allow local users to steal data from the kernel memory. Vulnerable Systems: Linux Kernel Versions: =...
CVE-2006-4760
Multiple cross-site scripting XSS vulnerabilities in Benjamin Pasero and Tobias Eichert RSSOwl allow remote attackers to inject arbitrary web script or HTML via a web feed, as demonstrated by certain test cases of the Robert Auger and Caleb Sima RSS and Atom feed reader test suite...
CVE-2006-4761
Multiple cross-site scripting XSS vulnerabilities in Luke Hutteman SharpReader allow remote attackers to inject arbitrary web script or HTML via a web feed, as demonstrated by certain test cases of the Robert Auger and Caleb Sima RSS and Atom feed reader test suite...
CVE-2006-4760
Multiple cross-site scripting XSS vulnerabilities in Benjamin Pasero and Tobias Eichert RSSOwl allow remote attackers to inject arbitrary web script or HTML via a web feed, as demonstrated by certain test cases of the Robert Auger and Caleb Sima RSS and Atom feed reader test suite...
CVE-2006-4762
Technical details about CVE-2006-4762 are not publicly provided in the supplied documents. Monitor for updates from NVD/CVE listings; current records describe XSS in Ykoon RssReader but lack specific affected versions, vectors, root cause, or fixes.
GLSA-200504-26 : Convert-UUlib: Buffer overflow
The remote host is affected by the vulnerability described in GLSA-200504-26 Convert-UUlib: Buffer overflow A vulnerability has been reported in Convert-UUlib where a malformed parameter can be provided by an attacker allowing a read operation to overflow a buffer. The vendor credits Mark Martine...
Trojan file issue in Musicmatch software
Hyperdose Security Advisory Name: Arbitrary file overwrite in Musicmatch Systems Affected: Musicmatch v10.00.2047 or earlier according to Yahoo v9.00.5059 and earlier are also affected Severity: Moderate Author: Robert Fly - [email protected] Advisory URL:...
Debian DSA-517-1 : cvs - buffer overflow
Derek Robert Price discovered a potential buffer overflow vulnerability in the CVS server, based on a malformed Entry, which serves the popular Concurrent Versions System. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted fr...