2661 matches found
Absolute File Send 1.0 - Remote Cookie Handling Vulnerability
No description provided by source. | | / | \ \ / / / | / | | | | \ | | | | \ V / | | | | | | | | | | | | | || | | | | | | | | | | | | | | || | / || | || \ | Author : Hakxer Home : Www.educ-up.com Type Gap : Insecure cookie handling script : Absloute File Send see script...
Savant Web Server 3.1 - Buffer Overflow Exploit (Egghunter)
No description provided by source. !/usr/bin/python import socket targetaddress=10.10.10.129 targetport=80 buffer2 = R0cX + R0cX msfpayload windows/shellbindtcp LPORT=4444 R | msfencode -e x86/shikataganai -c 4 -t c buffer2 += \xbd\xec\x37\x93\x4b\xdb\xcf\xd9\x74\x24\xf4\x58\x31\xc9\xb1...
Ez Cart 1.0 - Multiple CSRF Vulnerabilities
No description provided by source. ----------------------------------------------------------------------------------------------- Title: Ez Cart Multiple XSRF Vulnerabilities Author: Milos Zivanovic Email: milosz.securityatgmail.com Date: 15. December 2009...
XLight FTP Server 1.52 Remote Send File Request Denial of Service Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/9668/info A remote denial of service vulnerability has been reported to exist in the Send File Request functionality of the XLight FTP server. Due to this issue a remote attacker may be able cause the affected server to...
Spreecommerce < 0.50.0 Arbitrary Command Execution
No description provided by source. $Id: spreesearchlogicexec.rb 12397 2011-04-21 19:38:42Z swtornio $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and...
mIRC 6.1 DCC SEND Buffer Overflow Vulnerability (1)
No description provided by source. source: http://www.securityfocus.com/bid/8818/info A vulnerability has been reported to exist in the mIRC client that may allow a remote attacker to crash a vulnerable mIRC client. The condition is most likely present due to insufficient boundary checking...
mxBB Module FAQ & RULES 2.0.0 - Remote File Inclusion Exploit
No description provided by source. !/usr/bin/php -q -d shortopentag=on ? print ' mxBB Module MX Faq & Rules = 2.0.0 faq.php Remote File Include Exploit Vendor: http://www.mx-system.com/modules/mxpafiledb/dload.php?action=download&fileid=371 Bug found and Exploit by bd0rk from SOH-Crew Website1:...
Wordpress Google Maps via Store Locator Plugin 2.7.1 - 3.0.1 - Multiple Vulnerabilities
No description provided by source. Description : Wordpress Plugins - Google Maps via Store Locator Plus Multiple Vulnerability Version : 2.7.1 - 3.0.1 Link : http://wordpress.org/extend/plugins/store-locator-le/ Plugins : http://downloads.wordpress.org/plugin/store-locator-le.3.0.1.zip Date :...
Recipe Script 5.0 - Shell Upload/CSRF/XSS Multiple Vulnerabilities
No description provided by source. ----------------------------------------------------------------------------------------------- Title: Recipe Script v5.0 Shell Upload/XSRF/XSS Multiple Vulnerabilities Author: Milos Zivanovic Email: milosz.securityatgmail.com Date: 16. December 2009...
I-net Multi User Email Script SQLi Vulnerability
No description provided by source. Name : I-net Multi User Email Script SQLi Vulnerability Date : june, 27 2010 Critical Level : HIGH Vendor Url : http://www.i-netsolution.com/ Google Dork: inurl:/jobsearchengine/ Author : Sid3^effects aKa HaRi shellc99atyahoo.com special thanks to : r0073r...
SapporoWorks Black JumboDog 2.6.4/2.6.5 HTTP Proxy Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/3858/info Black JumboDog 2.6.4 and 2.6.5 HTTP proxy is vulnerable to an exploitable buffer overflow. The buffer overflow can be exploited by sending excessively long expires, if-modified-since, and LastModified strings...
OpenSSL <= 0.9.8k, 1.0.0-beta2 DTLS Remote Memory Exhaustion DoS
No description provided by source. / cve-2009-1378.c OpenSSL = 0.9.8k, 1.0.0-beta2 DTLS Remote Memory Exhaustion DoS Jon Oberheide [email protected] http://jon.oberheide.org Information: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1378 In dtls1processoutofseqmessage the check if the...
Fedora 20 : mingw-gnutls-3.1.25-1.fc20 (2014-6953)
Version 3.1.25 released 2014-05-30 - libgnutls: Eliminated memory corruption issue in Server Hello parsing. Issue reported by Joonas Kuorilehto of Codenomicon. - libgnutls: Increased the maximum certificate size buffer in the PKCS 11 subsystem. - libgnutls: Check the return code of getpwuidr...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in api/sms/send-sms in the Web UI 11.010.06.01.858 on Huawei E303 modems with software 22.157.18.00.858 allows remote attackers to hijack the authentication of administrators for requests that perform API operations and send SMS messages via a request...
Wemux 'Send()'函数安全绕过漏洞
Bugtraq ID:66234 wemux是一个多用户终端复用工具。 wemux "Send"函数存在错误,允许攻击者利用漏洞绕过安全限制在只读受限的会话中发送命令。 0 wemux 3.x wemux 3.2.0已经修复该漏洞,建议用户下载更新: https://github.com/zolrath/wemux...
AIX 6.1 TL 6 : bos.net.tcp.client (U849877)
The remote host is missing AIX PTF U849877, which is related to the security of the package bos.net.tcp.client. AIX could allow a remote attacker to cause a denial of service, caused by an error when the TCP large send offload option is enabled on a network interface. By sending a specially craft...
AIX 7.1 TL 1 : bos.net.tcp.client (U849490)
The remote host is missing AIX PTF U849490, which is related to the security of the package bos.net.tcp.client. AIX could allow a remote attacker to cause a denial of service, caused by an error when the TCP large send offload option is enabled on a network interface. By sending a specially craft...
AIX 6.1 TL 7 : bos.net.tcp.client (U848193)
The remote host is missing AIX PTF U848193, which is related to the security of the package bos.net.tcp.client. AIX could allow a remote attacker to cause a denial of service, caused by an error when the TCP large send offload option is enabled on a network interface. By sending a specially craft...
CVE-2014-1694
Multiple cross-site request forgery CSRF vulnerabilities in 1 CustomerPreferences.pm, 2 CustomerTicketMessage.pm, 3 CustomerTicketProcess.pm, and 4 CustomerTicketZoom.pm in Kernel/Modules/ in Open Ticket Request System OTRS 3.1.x before 3.1.19, 3.2.x before 3.2.14, and 3.3.x before 3.3.4 allow...
DEBIAN-CVE-2014-1694
Multiple cross-site request forgery CSRF vulnerabilities in 1 CustomerPreferences.pm, 2 CustomerTicketMessage.pm, 3 CustomerTicketProcess.pm, and 4 CustomerTicketZoom.pm in Kernel/Modules/ in Open Ticket Request System OTRS 3.1.x before 3.1.19, 3.2.x before 3.2.14, and 3.3.x before 3.3.4 allow...