69 matches found
Wordpress Plugin WP-Syntax <= 0.9.1 Remote Command Execution
No description provided by source. ====================================================================== Wordpress plugin WP-Syntax = 0.9.1 Remote Code Execution ====================================================================== This vulnerability was originally discovered by Raz0r on...
WordPress WP-Syntax 0.9.1 Command Execution
====================================================================== Wordpress plugin WP-Syntax $functions if isnull$functions continue; foreach$functions as $function $string = calluserfuncarray$function, array$string; return $string; ... Global variable testfilter is not defined, so...
Session fixation
Session fixation vulnerability in phpFreeChat 1.1 allows remote authenticated users to hijack web sessions by setting the sessionid parameter to match the victim's nickid parameter...
CVE-2007-3799
The sessionstart function in ext/session in PHP 4.x up to 4.4.7 and 5.x up to 5.2.3 allows remote attackers to insert arbitrary attributes into the session cookie via special characters in a cookie that is obtained from 1 PATHINFO, 2 the sessionid function, and 3 the sessionstart function, which...
Dokeos <= 1.6.5 (courseLog.php scormcontopen) SQL Injection Exploit
Exploit for unknown platform in category web applications =================================================================== Dokeos = 1.6.5 courseLog.php scormcontopen SQL Injection Exploit =================================================================== !/usr/bin/perl -w Dokeos = 1.6.5 SQL...
Advisory4-20022007.txt
--------------------------------------------------------------------------------- | . | | \ \ / /||/ | | | \ Y / | \ \ \ | \ \ \ / / | | \ / | || | /| | | | // \ | | / |||| || |/ //\ \ | | / / | | Security without illusions | | www.virtuax.be | | |...
PostNuke <= 0.763 (PNSV lang) Remote Code Execution Exploit
Exploit for unknown platform in category web applications =========================================================== PostNuke = 0.763 PNSV lang Remote Code Execution Exploit =========================================================== ? print ' ::::::::: :::::::::: ::: ::: ::::::::::: ::: :+: :+:...
Invision Power Board 2.* commands execution exploit
Exploit for php platform in category web applications !/usr/bin/perl Invision Power Board 2. commands execution exploit by RST/GHC vulnerable versions new Proto = "tcp", PeerAddr = "$host", PeerPort = "80" || die "- CONNECTION FAILED"; $login = s/./"%".ucsprintf"%2.2x",ord$1/eg; $password =...
CVE-2003-1245
The CVE-2003-1245 issue affects Mambo Site Server (CMS) in version 4.0.12, where index2.php allows a remote attacker to gain administrator access by sending a URL with session_id set to the MD5 hash of a valid session cookie. Root cause is improper validation of cookies, enabling session imperson...