322 matches found
CVE-2012-4077
Cisco NX-OS Software contains a vulnerability (CVE-2012-4077) due to improper filtering of parameters passed to the sed -e option. An authenticated, local attacker can exploit this to gain access to the bash shell and execute arbitrary commands with administrative privileges, effectively enabling...
CVE-2012-4077
Cisco NX-OS allows local users to gain privileges and execute arbitrary commands via the sed e option, aka Bug IDs CSCtf25457 and CSCtf27651...
Cisco NX-OS Software Input Validation Vulnerability
A vulnerability in the Stream Editor sed command-line filter in Cisco NX-OS Software could allow an authenticated, local attacker to read and write arbitrary files. The vulnerability is due to an input validation issue. An attacker could exploit this vulnerability by using the sed r and sed w...
D2-Shoutbox 4.2 IPB Mod - load SQL Injection
D2-Shoutbox 4.2 IPB Mod - load SQL Injection !/usr/bin/perl | | | \ | | |/ D2-Shoutbox 4.2IPB Mod=SQL injection Created By SkOd SED security Team http://www.sed-team.be [email protected] ISRAEL google: "Powered By D2-Shoutbox 4.2" use IO::Socket; $host = $ARGV0; $user = $ARGV2; $uid = $ARGV3; $pi...
D2-Shoutbox 4.2 IPB Mod (load) Remote SQL Injection Exploit
No description provided by source. !/usr/bin/perl | | | \ | | |/ D2-Shoutbox 4.2IPB Mod=SQL injection Created By SkOd SED security Team http://www.sed-team.be [email protected] ISRAEL google: "Powered By D2-Shoutbox 4.2" use IO::Socket; $host = $ARGV0; $user = $ARGV2; $uid = $ARGV3; $pid = $ARGV4...
D2-Shoutbox 4.2 IPB Mod - 'load' SQL Injection
!/usr/bin/perl | | | \ | | |/ D2-Shoutbox 4.2IPB Mod=SQL injection Created By SkOd SED security Team http://www.sed-team.be [email protected] ISRAEL google: "Powered By D2-Shoutbox 4.2" use IO::Socket; $host = $ARGV0; $user = $ARGV2; $uid = $ARGV3; $pid = $ARGV4; $type = $ARGV5; sub type...
Invision Power Board 2.1.4 - Register Users Denial of Service
Invision Power Board 2.1.4 - Register Users Denial of Service !/usr/bin/perl use IO::Socket; | | | \ | | |/ IPB Register Multiple Users Denial of Service Doesn't Work on forums using "Code Confirmation" Created By SkOd SED security Team http://www.sed-team.be [email protected] ISRAEL print q...
Invision Power Board 2.1.4 - Register Users Denial of Service
!/usr/bin/perl use IO::Socket; | | | \ | | |/ IPB Register Multiple Users Denial of Service Doesn't Work on forums using "Code Confirmation" Created By SkOd SED security Team http://www.sed-team.be [email protected] ISRAEL print q Invision Power Board Multiple Users DOS Tested on IPB 2.0.1 create...
phpBB 2.0.19 - Style ChangerDemo Mod SQL Injection
phpBB 2.0.19 - Style ChangerDemo Mod SQL Injection !/usr/bin/perl | | | \ | | |/ phpBB Style Changer/Demo Mod--GET HASH EXPLOIT Created By SkOd SED security Team http://www.sed-team.be [email protected] ISRAEL google: "Powered by phpBB" inurl:"index.php?s" OR inurl:"index.php?style" use IO::Socke...
phpBB 2.0.19 - Style Changer/Demo Mod SQL Injection
!/usr/bin/perl | | | \ | | |/ phpBB Style Changer/Demo Mod--GET HASH EXPLOIT Created By SkOd SED security Team http://www.sed-team.be [email protected] ISRAEL google: "Powered by phpBB" inurl:"index.php?s" OR inurl:"index.php?style" use IO::Socket; if @ARGV 3 print q phpBB Style Changer\Viewer MO...
phpBB 2.0.19 (Style Changer/Demo Mod) SQL Injection Exploit
Exploit for unknown platform in category web applications =========================================================== phpBB 2.0.19 Style Changer/Demo Mod SQL Injection Exploit =========================================================== !/usr/bin/perl | | | \ | | |/ phpBB Style Changer/Demo Mod--G...
phpBB 2.0.19 (Style Changer/Demo Mod) SQL Injection Exploit
No description provided by source. !/usr/bin/perl | | | \ | | |/ phpBB Style Changer/Demo Mod--GET HASH EXPLOIT Created By SkOd SED security Team http://www.sed-team.be [email protected] ISRAEL google: "Powered by phpBB" inurl:"index.php?s" OR inurl:"index.php?style" use IO::Socket; if @ARGV 3...
Invision Power Board Dragoran Portal Mod 1.3 - SQL Injection
Invision Power Board Dragoran Portal Mod 1.3 - SQL Injection !/usr/bin/perl IPB Portal 1.3-Invision Power Board plugin Created By SkOd SED security Team , http://sed-team.be google: "Portal 1.3 by Dragoran" use IO::Socket; if @ARGV new Proto = "tcp", PeerAddr = "$serv", PeerPort = "80" || die...
[ MDKSA-2006:027 ] - Updated gzip packages fix zgrep vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDKSA-2006:027 http://www.mandriva.com/security/ Package : gzip Date : January 30, 2006 Affected: 10.1, 10.2, 2006.0, Corporate 2.1, Corporate 3.0, Multi Network Firewall 2.0 Problem Description: Zgrep in gzip before...
Invision Power Board Dragoran Portal Mod 1.3 - SQL Injection
!/usr/bin/perl IPB Portal 1.3-Invision Power Board plugin Created By SkOd SED security Team , http://sed-team.be google: "Portal 1.3 by Dragoran" use IO::Socket; if @ARGV new Proto = "tcp", PeerAddr = "$serv", PeerPort = "80" || die "-Connect Failed\r\n"; print "+Connecting...\n"; print $socket...
Invision Power Board Dragoran Portal Mod <= 1.3 SQL Injection Exploit
No description provided by source. !/usr/bin/perl IPB Portal 1.3-Invision Power Board plugin Created By SkOd SED security Team , http://sed-team.be google: "Portal 1.3 by Dragoran" use IO::Socket; if @ARGV 3 print q IPB Portal 1.3 SQL injection Get Hash Exploit Tested on Invision Power Board 1.3....
security flaw
zgrep in gzip before 1.3.5 does not properly sanitize arguments, which allows local users to execute arbitrary commands via filenames that are injected into a sed script...
security flaw
zgrep in gzip before 1.3.5 does not properly sanitize arguments, which allows local users to execute arbitrary commands via filenames that are injected into a sed script...
CVE-2005-0758
zgrep in gzip before 1.3.5 does not properly sanitize arguments, which allows local users to execute arbitrary commands via filenames that are injected into a sed script...
CVE-2005-0758
zgrep in gzip before 1.3.5 does not properly sanitize arguments, which allows local users to execute arbitrary commands via filenames that are injected into a sed script...