CVE-2008-2029

Multiple SQL injection vulnerabilities in 1 setupmysql.php and 2 setupoptions.php in miniBB 2.2 and possibly earlier, when registerglobals is enabled, allow remote attackers to execute arbitrary SQL commands via the xtr parameter in a userinfo action to index.php...

Sql injection

Multiple SQL injection vulnerabilities in 1 setupmysql.php and 2 setupoptions.php in miniBB 2.2 and possibly earlier, when registerglobals is enabled, allow remote attackers to execute arbitrary SQL commands via the xtr parameter in a userinfo action to index.php...

PHP Classifieds 6.20 - Multiple Cross-Site Scripting Authentication Bypass Vulnerabilities

PHP Classifieds 6.20 - Multiple Cross-Site Scripting Authentication Bypass Vulnerabilities source: https://www.securityfocus.com/bid/28521/info PHP Classifieds is prone to multiple cross-site scripting vulnerabilities and an authentication-bypass vulnerability. An attacker may leverage these issu...

Linksys WRT54G (firmware 1.00.9) Security Bypass Vulnerabilities

Exploit for hardware platform in category remote exploits ================================================================ Linksys WRT54G firmware 1.00.9 Security Bypass Vulnerabilities ================================================================ regurgitated by: meathive url: kinqpinz.info ;...

linksys-bypass.txt

regurgitated by: meathive url: kinqpinz.info ; Tue, 05 Feb 2008 07:51:41 -0700 CVE-2008-1247 WRT54G firmware version: v1.00.9 Default LAN IP: 192.168.1.1 Default auth: user:blank - pass:admin Authorization: Basic OmFkbWlu php print base64decode"OmFkbWlu"; :admin https://kinqpinz.info/lib/wrt54g/...

Linksys WRT54G Firmware 1.00.9 - Security Bypass (1)

regurgitated by: meathive url: kinqpinz.info ; Tue, 05 Feb 2008 07:51:41 -0700 CVE-2008-1247 WRT54G firmware version: v1.00.9 Default LAN IP: 192.168.1.1 Default auth: user:blank - pass:admin Authorization: Basic OmFkbWlu php print base64decode"OmFkbWlu"; :admin https://kinqpinz.info/lib/wrt54g/...

Design/Logic Flaw

LScube Feng 0.1.15 and earlier allows remote attackers to cause a denial of service NULL dereference and daemon crash via 1 a malformed Transport header, which triggers misparsing in parsetransportheader in RTSPsetup.c, as demonstrated by a Transport header that contains only a...

Design/Logic Flaw

The Setup Wizard in Atlassian JIRA Enterprise Edition before 3.12.1 does not properly restrict setup attempts after setup is complete, which allows remote attackers to change the default language...

CVE-2007-6619

The Setup Wizard in Atlassian JIRA Enterprise Edition before 3.12.1 does not properly restrict setup attempts after setup is complete, which allows remote attackers to change the default language...

CVE-2007-6619

CVE-2007-6619 affects Atlassian Jira Enterprise Edition prior to 3.12.1. The Setup Wizard does not properly restrict setup attempts after completion, enabling remote actors to change the default language. The issue is described alongside related vulnerabilities in 3.12.0-era Jira (noted in Nessus...

CVE-2007-6619

The Setup Wizard in Atlassian JIRA Enterprise Edition before 3.12.1 does not properly restrict setup attempts after setup is complete, which allows remote attackers to change the default language...

Atlassian JIRA < 3.12.1 Multiple Vulnerabilities

Binary data 4329.prm...

MailMachine Pro 2.2.4 Remote SQL Injection Vulnerability

No description provided by source. --------------------------------------------------------------- / | |\ \ / | / |/ | | |/ \ | | / \ \ | \ \ | | | \ | |/ \ | | // | || | ||| /| / /\ | |||| /| / / &nb...

MailMachine Pro 2.2.4 - SQL Injection

--------------------------------------------------------------- / | |\ \ / | / |/ | | |/ \ | | | |||| /| / / --------------------------------------------------------------- Http://www.inj3ct-it.org Staffatinj3ct-itdotorg --------------------------------------------------------------- Remote Sql...

SuSE 10 Security Update : rsync (ZYPP Patch Number 4798)

This update fixes a bug in rsync that allowed remote attackers to access restricted files outside a module's hierarchy if no chroot setup was used. CVE-2007-6199 Please read http://rsync.samba.org/security.html entry from November 28th, 2007 to get more information about a secure configuration of...

CVE-2007-6502

Hosting Controller 6.1 Hot fix 3.3 and earlier allows remote authenticated users to obtain sensitive information via 1 the AdminName and AdminLevel parameters to fp2000/NEWSRVR.asp, which discloses usernames; and 2 certain XML HTTP requests to hosting/css.asp using Microsoft.XMLHTTP or...

CVE-2007-6502

Hosting Controller 6.1 Hot fix 3.3 and earlier allows remote authenticated users to obtain sensitive information via 1 the AdminName and AdminLevel parameters to fp2000/NEWSRVR.asp, which discloses usernames; and 2 certain XML HTTP requests to hosting/css.asp using Microsoft.XMLHTTP or...

CVE-2007-6502

Hosting Controller 6.1 Hot fix 3.3 and earlier allows remote authenticated users to obtain sensitive information via 1 the AdminName and AdminLevel parameters to fp2000/NEWSRVR.asp, which discloses usernames; and 2 certain XML HTTP requests to hosting/css.asp using Microsoft.XMLHTTP or...

hc-multi.txt

Title: Multiple Security Bugs In Hosting Controller Critical: Extremely critical Impact: Full system administrator access Vendor: Hosting Controller Version: 6.1 Hot fix = 3.3 Vendor URL: www.hostingcontroller.com Solution: N/A From company - There is temporary solution in this report Exploit:...

SERV-U 6.4 provide the right method,pass to kill SERV-U version-bug warning-the black bar safety net

Modify ftpport 2 1 Modify the newdomain behind goldsun| IPas to the right of the server's IP address| Modify the newuser behind-IP=IP address the same as aboveto the right of the IP address of the server...OK..... Provide the right...will use FTP to add a can Execute command the user..... Have a...