HostingController: An attacker can gain reseller privileges and after that can gain admin privileges

Hi, I'm Soroush Dalili from GrayHatz Security Group GSG. I publish the most important bugs of hosting controller program, after 3 weeks from reporting to the main company for more security Title: An attacker can gain reseller privileges and after that can gain admin privileges Version: 6.1 Hotfix...

DreamAccount <= 3.1 (auth.api.php) Remote File Include Exploit

No description provided by source. !/usr/bin/perl use HTTP::Request; use LWP::UserAgent; ---------------------------------------------------- DREAMACCOUNT V3.1 Remote Command Execution Exploit ---------------------------------------------------- Discovered By CrAshoVeRrIdEArabian Security Team...

Amrtalk.txt

SaVSaK.CoM | SpC-x - TheBeKiR | Amr Talkbox talkbox.PHP - Remote File Include Vulnerabilities Risk : High Class: Remote Script : Amr Talkbox Credits : SpC-x Thanks : TheBeKiR - Ejder - FasTBoY - ERNE - RMx Code : if $lang == "eng" include "$direct/langeng.txt"; elseif $lang =="ita" include...

Design/Logic Flaw

An unspecified script in EVA-Web 2.1.2 and earlier, probably index.php, allows remote attackers to obtain the full path of the web server via invalid 1 perso or 2 aide parameters...

Community Link Pro webeditor login.cgi remote command execution

The remote host is running Community Link Pro, a web-based application written in Perl. The remote version of this software contains a flaw in the script 'login.cgi' which may allow an attacker to execute arbitrary commands on the remote host. OpenVAS Vulnerability Test $Id:...

[SECURITY] [DSA 933-1] New hylafax packages fix arbitrary command execution

-------------------------------------------------------------------------- Debian Security Advisory DSA 933-1 [email protected] http://www.debian.org/security/ Michael Stone January 9, 2006 http://www.debian.org/security/faq -...

The Central People's Government portal gov. cn small BUG-vulnerability warning-the black bar safety net

To view the source file. Didn't find the asp. Home like The are htm. Then just find a linkhttp://www. gov. cn/banshi/wjrs/lssf. htm. There is a search, I see the source of the file also didn't find the action words. It seems like there is a jsp linkslater found. And then enterscriptalert"wolf...

flat.txt

Description: A PHP Website Engine not using any database. Support for different languages. Using the directory-structure for menue creation. Directory names are the menue topicscategories, filenames beneath are menue items. XHTML compliant. Supports Modules like P version: flatCMS 1.01 vendor:...

CuteNews 1.4.0 - Shell Injection Remote Command Execution

CuteNews 1.4.0 - Shell Injection Remote Command Execution ?php cutenxpl.php CuteNews 1.4.0possibly prior versions remote code execution by rgod site: http://rgod.altervista.org usage: launch form Apache, fill in requested fields, then go! make these changes in php.ini if you have troubles with th...

Zorum 3.5 remote code execution poc exploit

Zorum 3.5 remote code execution poc exploit software: description: Zorum is a freely available, open source Web-based forum application implemented in PHP. It is available for UNIX, Linux, and any other platform that supports PHP script execution. author site: http://zorum.phpoutsourcing.com/ 1...

Community Link Pro login.cgi file Parameter Arbitrary Command Execution

The remote host is running Community Link Pro, a web-based application written in Perl. The remote version of this software fails to sanitize user input to the 'file' parameter of the 'login.cgi' script of shell metacharacters before using it to run a command. An unauthenticated attacker can...

ViRobot Advanced Server 2.0 (addschup) Remote Cookie Exploit

Exploit for linux platform in category remote exploits ============================================================ ViRobot Advanced Server 2.0 addschup Remote Cookie Exploit ============================================================ !/usr/bin/perl ViRobot 2.0 remote cookie exploit - ala addsch...

CVE-2004-2113

BremsServer 1.2.4 is affected by an XSS vulnerability that allows a remote attacker to inject arbitrary web script or HTML via the URL. The impact is partial integrity violation with no confidentiality or availability impact as per the CVE metrics; no specific exploit details or patches are provi...

McNews 1.x - install.php Arbitrary File Inclusion

McNews 1.x - install.php Arbitrary File Inclusion source: https://www.securityfocus.com/bid/12835/info mcNews is reportedly affected by a remote file include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input to the 'install.php' script. This...

Stadtaus PHP Form Mail formmail.inc.php Remote File Inclusion

There is a version of Form Mail Script, a PHP script by Ralf Stadtaus, installed on the remote host that suffers from a remote file include vulnerability involving the 'scriptroot' parameter of the 'inc/formmail.inc.php' script. By leveraging this flaw, an attacker may be able to view arbitrary...

[SIG^2 G-TEC] RaidenHTTPD Server Buffer Overflow and CGI Source Disclosure Vulnerabilities

SIG^2 Vulnerability Research Advisory RaidenHTTPD Server Buffer Overflow and CGI Source Disclosure Vulnerabilities by Tan Chew Keong Release Date: 01 Mar 2005 ADVISORY URL http://www.security.org.sg/vuln/raidenhttpd1132.html SUMMARY RaidenHTTPD Server http://www.raidenhttpd.com/en/index.html is a...

CoolForum Multiple SQL Injections

The version of CoolForum, a bulletin-board application written in PHP, installed on the remote host fails to sanitize input to several parameters to scripts in the 'admin' directory before using it in database queries. An attacker could leverage these issues to manipulate SQL queries or attack th...

AWStats: Remote code execution

Background AWStats is an advanced log file analyzer and statistics generator. Description When 'awstats.pl' is run as a CGI script, it fails to validate specific inputs which are used in a Perl open function call. Furthermore, a user could read log file content even when plugin rawlog was not...

CVE-2004-2200

Cross-site scripting XSS vulnerability in DUware DUforum 3.0 through 3.1 allows remote attackers to inject arbitrary web script or HTML via via the message text...

Debian DSA-033-1 : analog - buffer overflow

The author of analog, Stephen Turner, has found a buffer overflow bug in all versions of analog except of version 4.16. A malicious user could use an ALIAS command to construct very long strings which were not checked for length and boundaries. This bug is particularly dangerous if the form...