426 matches found
SquareCMS 0.3.1 (post.php) SQL Injection Vulnerability
Exploit for php platform in category web applications SquareCMS 0.3.1 post.php Remote SQL Injection Vulnerability found by cOndemned vendor: http://spoolio.co.cc/ download: http://webscripts.softpedia.com/script/Content-Management/Square-CMS-66303.html prior versions may also be affected source o...
SquareCMS 0.3.1 - 'post.php' SQL Injection
SquareCMS 0.3.1 post.php Remote SQL Injection Vulnerability found by cOndemned vendor: http://spoolio.co.cc/ download: http://webscripts.softpedia.com/script/Content-Management/Square-CMS-66303.html prior versions may also be affected source of post.php lines 15 - 31: $token = $GET'id'; // 1 if...
Directory traversal
Directory traversal vulnerability in the FTP client in Serengeti Systems Incorporated Robo-FTP 3.7.3, and probably other versions before 3.7.5, allows remote FTP servers to write arbitrary files via a .. dot dot in a filename in a server response...
CVE-2010-4095
Directory traversal vulnerability in the FTP client in Serengeti Systems Incorporated Robo-FTP 3.7.3, and probably other versions before 3.7.5, allows remote FTP servers to write arbitrary files via a .. dot dot in a filename in a server response...
Basic Web Server 1.0 Denial Of Service
------------------------------------------------------------------------ Software................Basic Web Server 1.0 Vulnerability...........Denial Of Service Download................http://www.bit4free.com/ Release Date............9/16/2010 Tested On...............Windows XP...
Microsoft XML Core Services memory corruption
Memory corruption on server's response pasrsing in XMLHTTP...
iputils ping DoS
Utility may hang on server response parsing...
Eureka Mail buffer overflow
Buffer overflow on POP3 / SMTP server response parsing...
CVE-2009-0234
CVE-2009-0234 concerns the DNS Resolver Cache Service (DNSCache) in Windows DNS Server. The vulnerability arises from the DNS server’s handling of crafted DNS responses, where improper caching could let remote attackers predict transaction IDs and poison caches by sending numerous crafted queries...
RoundCube Webmail <= 0.2b Remote Code Execution Exploit
Exploit for unknown platform in category web applications ======================================================= RoundCube Webmail echoiniget'disablefunctions'; exec, system PHP passthru"id; uname -a"; uid=666www-data gid=666www-data groups=666www-data Linux mail 2.6.28 0 Sun Jan 01 10:05:33 CET...
DEBIAN-CVE-2008-5660
Format string vulnerability in the vinagreutilsshowerror function src/vinagre-utils.c in Vinagre 0.5.x before 0.5.2 and 2.x before 2.24.2 might allow remote attackers to execute arbitrary code via format string specifiers in a crafted URI or VNC server response...
CVE-2008-5660
Format string vulnerability in the vinagreutilsshowerror function src/vinagre-utils.c in Vinagre 0.5.x before 0.5.2 and 2.x before 2.24.2 might allow remote attackers to execute arbitrary code via format string specifiers in a crafted URI or VNC server response...
CVE-2008-5660
Format string vulnerability in the vinagreutilsshowerror function src/vinagre-utils.c in Vinagre 0.5.x before 0.5.2 and 2.x before 2.24.2 might allow remote attackers to execute arbitrary code via format string specifiers in a crafted URI or VNC server response...
CVE-2008-5660
Format string vulnerability in the vinagreutilsshowerror function src/vinagre-utils.c in Vinagre 0.5.x before 0.5.2 and 2.x before 2.24.2 might allow remote attackers to execute arbitrary code via format string specifiers in a crafted URI or VNC server response...
Microsoft Windows LDAP users enumeration
Different serverreply on invalid username and invalid password...
[NT] Microsoft Windows Active Directory LDAP Server Information Disclosure Vulnerability
The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion The SecuriTeam alerts list - Free, Accurate, Independent. Get your security news from a reliable source...
No-IP DUC <= 2.1.7 Remote Code Execution Exploit-vulnerability warning-the black bar safety net
/ | |/ / / |/ / / / | / / / / /|/ / / / / / / / / / / / / // / / / / // / // // / //|// //// //,//,/ xenomuta arroba phreaker punto net http://xenomuta.tuxfamily.org/ - Methylxantina 256mg Permlink: http://xenomuta.tuxfamily.org/exploits/noIPwn3r.c noIPwn3r Exploit 0-day para el cliente...
OpenNMS < 1.5.96 - Multiple Vulnerabilities
OpenNMS Multiple Vulnerabilities -------------------------------- BugSec | Security Advisory Moshe Ben-Abu | Security Expert Advisory URL PDF: http://www.bugsec.com/upfiles/OpenNMSMultipleVulnerabilities.pdf Vendor ------ OpenNMS Group – http://www.opennms.com OpenNMS Project –...
Apache Tomcat处理包含MS-DOS设备名请求信息泄漏漏洞
BUGTRAQ ID: 28484 CVE ID: CVE-2005-4703 CNCVE ID:CNCVE-20054703 Tomcat是一款由Apache软件基金会下属的Jakarta项目开发的一个Servlet容器。 Apache Tomcat 4.0.3不正确处理包含MS-DOS设备名的请求,远程攻击者可以利用漏洞获得敏感信息。 当请求的文件匹配MS-DOS文件名时,就会出现错误。服务器会返回包含安装路径等敏感信息。 Apache Software Foundation Tomcat 4.0.3 Apache Software Foundation Tomcat 4.0.3...
Debian Security Advisory DSA 209-1 (wget)
The remote host is missing an update to wget announced via advisory DSA 209-1. OpenVAS Vulnerability Test $Id: deb2091.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 209-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...