Lucene search
+L

994 matches found

myhack58
myhack58
added 2005/09/21 12:0 a.m.48 views

The use of TCP hidden channels to bypass the firewall-vulnerability warning-the black bar safety net

From:http://www. oioj. net/ my home ISP a free personal home page service, in the days that followed, I often passed 3 3 8 9 Port to log in, constantly to the IT patch patch the vulnerability, do some management and maintenance, own also grow a lot of knowledge. Recently delving intonetworksecuri...

7.2AI score
Exploits0
exploitpack
exploitpack
added 2005/09/15 12:0 a.m.13 views

phpWebSite 0.10.0 - module SQL Injection

phpWebSite 0.10.0 - module SQL Injection !/usr/bin/perl use LWP::Simple; $serv = $ARGV0; $path = $ARGV1; $name = $ARGV2; sub usage print "\nUsage: $0 server path username \n"; print "sever - URL\n"; print "path - path to index.php\n"; print "username - name register user\n\n"; exit ; sub work pri...

8.6AI score
Exploits0
exploitpack
exploitpack
added 2005/09/02 12:0 a.m.29 views

FileZilla 2.2.15 - FTP Client Hard-Coded Cipher Key

FileZilla 2.2.15 - FTP Client Hard-Coded Cipher Key // source: https://www.securityfocus.com/bid/14730/info FileZilla FTP client may allow local attackers to obtain user passwords and access remote servers. The application uses a hard-coded cipher key to decrypt the password, which is stored in a...

0.2AI score
Exploits0
exploitdb
exploitdb
added 2005/09/02 12:0 a.m.46 views

FileZilla 2.2.15 - FTP Client Hard-Coded Cipher Key

// source: https://www.securityfocus.com/bid/14730/info FileZilla FTP client may allow local attackers to obtain user passwords and access remote servers. The application uses a hard-coded cipher key to decrypt the password, which is stored in an XML file or the Windows Registry. This can allow t...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2005/08/23 12:0 a.m.23 views

Microsoft IS error pages information leak

Request variable SERVERNAME controllable by client is used to validate server access...

2.4AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2005/08/23 12:0 a.m.179 views

Remote IIS 5.x and IIS 6.0 Server Name Spoof

Remote IIS 5.x and IIS 6.0 Server Name Spoof It is possible to remotely spoof the "SERVERNAME" Microsoft® Internet Information Server® 5.0, 5.1 and 6.0 server variable by doing a modified HTTP request. Thus potentially revealing sensitive ASP code through the IIS 500-100.asp error page, the spoof...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2005/08/16 12:0 a.m.92 views

Vulnerability found in CPAINT Ajax Toolkit

I am the original author of the CPAINT Ajax Toolkit http://cpaint.sourceforge.net/. Last night we found a vulnerability affecting all versions of CPAINT prior to v1.3-SP which is the patched version of the software that can allow a user with malicious intent to execute server or ASP/PHP commands...

1.6AI score
Exploits0
exploitpack
exploitpack
added 2005/07/10 12:0 a.m.52 views

PPA 0.5.6 - ppa_root_path File Inclusion

PPA 0.5.6 - pparootpath File Inclusion source: https://www.securityfocus.com/bid/14209/info PPA is susceptible to a remote file include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitra...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2005/07/07 12:0 a.m.28 views

Pngren 2.0.1 - 'Kaiseki.cgi' Remote Command Execution

source: https://www.securityfocus.com/bid/14182/info pngren is prone to a remote arbitrary command execution vulnerability. Reportedly, this issue arises when the user-specified values are passed to the 'kaiseki.cgi' script. Due to this, an attacker can supply arbitrary commands and have them...

7.4AI score
Exploits0
packetstorm
packetstorm
added 2005/07/01 12:0 a.m.45 views

hostingController.txt

Cross-Site Scripting CSS in Hosting Controller All Version and hot fix it hehe ; [email protected] Ashiyane Security Team SegmentationFault Group iam sun-os hehe :P Greetz to : S4P0 - failed - Xsupr3mo - Status-x - Stealh Greetz to : berhooz - nima - ehsan - Mehrtash and...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2005/04/25 12:0 a.m.28 views

artmedic_links5 remote file access exploit

You can read details of this vulnerability here: http://www.securityfocus.com/archive/1/367144 Very simple source of exploit, enjoy. / artmediclinks5 remote file access exploit Adam Simuntis [email protected] / include stdio.h include stdlib.h include arpa/inet.h include sys/types.h include sys/socket.h...

7.2AI score
Exploits0
nessus
nessus
added 2005/04/21 12:0 a.m.30 views

Coppermine Photo Gallery < 1.3.2 Multiple SQL Injections

According to its version number, the version of Coppermine Photo Gallery installed on the remote host suffers from multiple SQL injection vulnerabilities due to its failure to sanitize user-supplied cookie data before using it in SQL queries in the scripts 'include/functions.inc.php' as well as...

7.5CVSS6AI score0.01727EPSS
Exploits1References5
nessus
nessus
added 2005/02/28 12:0 a.m.77 views

CERN httpd Double Slash Protected Webpage Bypass

The remote web server allows an attacker to access protected web pages by replacing slashes in the URL with '//' or '/./', which is a known problem in older versions of CERN web server. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid17230; scriptversion"1.19";...

5.6AI score
Exploits0
nessus
nessus
added 2005/02/23 12:0 a.m.123 views

News Server (NNTP) Anonymous Read / Write Access

The remote server seems open to remote users. Some people prefer open public NNTP servers to be able to read or post articles anonymously. Unwanted connections could waste your bandwidth or put you into legal trouble if a malicious person were to use your server to post abusive articles. Keep in...

5.7AI score
Exploits0
nessus
nessus
added 2005/01/18 12:0 a.m.40 views

Cisco ONS Multiple Remote Vulnerabilities (20040219-ONS)

According to its version number, the remote Cisco ONS platform has the following vulnerabilities : - The TFTP server allows unauthenticated access to TFTP GET and PUT commands. An attacker may exploit this flaw to upload or retrieve the system files of the remote ONS platform. - A denial of servi...

10CVSS5.5AI score0.02792EPSS
Exploits0References11
nessus
nessus
added 2005/01/12 12:0 a.m.21 views

POP Password Changer (poppassd_pam) Arbitrary User Remote Password Modification

The remote host is running POP Password Changer, a server to change POP user's passwords. According to the version number, the remote software is vulnerable to an unauthorized access. An attacker, exploiting this flaw, will be able to change user's password. C Tenable Network Security, Inc...

5.6AI score
Exploits0
cvelist
cvelist
added 2004/09/01 4:0 a.m.27 views

CVE-2002-1510

xdm, with the authComplain variable set to false, allows arbitrary attackers to connect to the X server if the xdm auth directory does not exist...

6.7AI score0.01967EPSS
Exploits0References6
nessus
nessus
added 2004/08/30 12:0 a.m.25 views

GLSA-200402-04 : Gallery 1.4.1 and below remote exploit vulnerability

The remote host is affected by the vulnerability described in GLSA-200402-04 Gallery 1.4.1 and below remote exploit vulnerability Starting in the 1.3.1 release, Gallery includes code to simulate the behaviour of the PHP 'registerglobals' variable in environments where that setting is disabled. It...

5.8AI score
Exploits0References1
securityvulns
securityvulns
added 2004/08/17 12:0 a.m.20 views

QuiXplorer directory traversal

Title: QuiXplorer directory traversal Affects: = QuiXplorer 2.3 Effect: file disclosure, web server's user read access Id: cbsa-0003 Release Date: 2004 08 14 Author: Cyrille Barthelemy [email protected] -- 1. Introduction ------------------ From QuiXplorer documentation : "QuiXplorer is a...

0.5AI score
Exploits0
securityvulns
securityvulns
added 2004/07/26 12:0 a.m.39 views

APC PowerChute DoS

It's possible to prevent access to server or agent...

3AI score
Exploits0References1Affected Software1
Rows per page
Query Builder