478 matches found
[SA16115] Hosting Controller Multiple Vulnerabilities
---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secuniavacancies/...
Hosting Controller 0.6.1 HotFix 2.1 - Change Credit Limit
Hi, I'm Soroush Dalili from GSG GrayHatz Security Group. Title: Hosting controller program have a security bug in "AccountActions.asp" that an authenticated user can change his/her credit and buy some services! Version: 6.1 HotFix 2.1 and older Developer url: hostingcontroller.com Comment: Hostin...
[badroot security] probe.cgi: Remote Command Execution
BADROOT SECURITY GROUP Security Advisory 2005 - 0x06 http://www.badroot.org irc.us.azzurra.org badroot Authors ....... spher3 spher3 at fatalimpulse dot net Date .......... 04-07-2005 Product ....... probe.cgi Type .......... Remote Command Execution o Info: ================ That script is used t...
prowebExec.txt
BADROOT SECURITY GROUP Security Advisory 2005-0x05 http://www.badroot.org irc.us.azzurra.org badroot - - - - - - - - - - - - - - - - - - - - - - - - - Authors ....... spher3 spher3 at fatalimpulse dot net mozako admin at fatalimpulse dot net Date...
cacti -- potential SQL injection and cross site scripting attacks
iDEFENSE security group disclosed potential SQL injection attacks from unchecked user input and two security holes regarding potential cross site scripting attacks...
MADSHEEP-05SA (security advisory): WebHints <= v1.03 Remote Command Execution Vulnerability
MADSHEEP-05SA security advisory: WebHints = v1.03 Remote Command Execution Vulnerability 06/11/2005 MADSHEEP-05SA security advisory: WebHints = v1.03 Remote Command Execution Vulnerability Published: 06 11 2005 Released: 06 11 2005 Name: WebHints Affected Systems: = 1.03 Issue: Remote Command...
Webhints 1.03 - Remote Command Execution (Perl) (3)
Webhints 1.03 - Remote Command Execution Perl 3 !/usr/bin/perl -w emanuele@blackbox:$ perl M4DR007-hints.pl www.madroot.edu.ms Security Group WebHints Software hints.cgi Remote Command Execution Vulnerability Affected version: = all code by MadSheep 06.11.2005 hostname: localhost port: default: 8...
Webhints <= 1.03 Remote Command Execution Exploit (perl code) (3)
!/usr/bin/perl -w emanuele@blackbox:$ perl M4DR007-hints.pl www.madroot.edu.ms Security Group WebHints Software hints.cgi Remote Command Execution Vulnerability Affected version: = all code by MadSheep 06.11.2005 hostname: localhost port: default: 80 80 path: /cgi-bin/ /cgi-bin/ your ip for rever...
Webhints <= 1.03 Remote Command Execution Exploit (perl code) (3)
Exploit for cgi platform in category web applications ================================================================= Webhints = 1.03 Remote Command Execution Exploit perl code 3 ================================================================= !/usr/bin/perl -w email protected:$ perl...
Webhints 1.03 - Remote Command Execution (Perl) (3)
!/usr/bin/perl -w emanuele@blackbox:$ perl M4DR007-hints.pl www.madroot.edu.ms Security Group WebHints Software hints.cgi Remote Command Execution Vulnerability Affected version: = all code by MadSheep 06.11.2005 hostname: localhost port: default: 80 80 path: /cgi-bin/ /cgi-bin/ your ip for rever...
[HSC Security Group] MaxWebPortal - Multiple SQL injection/XSS
Hackers Center Security Group http://www.hackerscenter.com/ Zinho's Security Advisory Desc: Maxwebportal 1.3.5 and prior Risk: High MaxWebPortal is probably the most spread ASP based web portal script. I've found multiple XSS and Sql injection that could easily lead to password strealing or porta...
activeAuction.txt
This is a multi-part message in MIME format. ------=NextPart000000601C53A39.2224C870 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Dcrab 's Security Advisory Hsc Security Group http://www.hackerscenter.com/...
litecommerceSQL.txt
This is a multi-part message in MIME format. ------=NextPart000000501C53B05.B7FB4460 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Dcrab 's Security Advisory Hsc Security Group http://www.hackerscenter.com/ dP Security http://digitalparadox.org/ Get...
eGroupWare Leaks Files
MasterMind Security Group, Inc. Security Brief Date: April 7, 2005 Contact: Gerald Quakenbush geraldq AT mastermindsecuritygroup.com Severity: Moderate to Serious Product: Confirmed in eGroupWare 1.001 and 1.006 Synopsis ======== The eGroupWare open-source software www.egroupware.org has a flaw...
e107 - include() Remote File Upload
e107 - include Remote File Upload | | | | | | |/ \ \ /\ / / | | | | \ V V / || ||/ // Security Group. -= e107 remote sploit =- by sysbug Attack method: with this sploit u can send an include vuln to a Host victim the upload go to /images/evil.php C:\Perl\binperl sploit.pl www.site.com -= e107...
e107 - 'include()' Remote File Upload
| | | | | | |/ \ \ /\ / / | | | | \ V V / || ||/ // Security Group. -= e107 remote sploit =- by sysbug Attack method: with this sploit u can send an include vuln to a Host victim the upload go to /images/evil.php C:\Perl\binperl sploit.pl www.site.com -= e107 remote sploit =- by sysbug...
PHP local DoS: self-fetching throught HTTP
PHP scripting allows "opening" files througth HTTP: $file=fopen"http://host/page.html","r"; If script opening itself throught HTTP, it will result in DoS attack: as much as possible HTTP connections and great number of executing PHP scripts. Timeout settings are useless. Possible solutions: -...
PHPNUKE4.4.1a Advisory
r 0 t t e n d e v 1 c e C r e w r0tten dev1ce Crew A r g e n t i n i a n S e c u r i t y G r o u p Argentinian Security Group advisory --------------------------------------- rdC270201.adv.en Programa: PHP-NUKE Vendor Homepage: http://www.phpnuke.org Vendor Contacted: 27/feb/2001 Vendor Response:...