EUVD-2006-7180

Malware in sbrugna...

EUVD-2006-7178

Malware in sbrugna...

CVE-2006-7200

EMC RSA Security SiteKey issues challenge-bypass tokens that persist forever without a cancellation interface for end users, which makes it easier for attackers to bypass one stage of authentication by stealing and replaying a token...

CVE-2006-7199

EMC RSA Security SiteKey allows remote attackers to display the correct image via a man-in-the-middle MITM attack in which an attacker-controlled server proxies authentication data to and from a legitimate SiteKey server. NOTE: the vendor disputes the severity of the issue, stating that it is...

CVE-2006-7201

EMC RSA Security SiteKey does not set the secure qualifier on the SiteKey Flash token aka the PassMark Flash shared object, which might allow remote attackers to obtain the token via HTTP...

Open Source Social Network Encryption Problem Vulnerability

Open Source Social Network OSSN is a source social network engine by the Swiss Ossn team. An encryption vulnerability exists in OSSN 5.3 and earlier versions. The vulnerability can be exploited to read arbitrary files by performing a brute force attack on a SiteKey to insert a specially crafted U...

CVE-2020-10560

An issue was discovered in Open Source Social Network OSSN through 5.3. A user-controlled file path with a weak cryptographic rand can be used to read any file with the permissions of the webserver. This can lead to further compromise. The attacker must conduct a brute-force attack against the...

CVE-2020-10560

An issue was discovered in Open Source Social Network OSSN through 5.3. A user-controlled file path with a weak cryptographic rand can be used to read any file with the permissions of the webserver. This can lead to further compromise. The attacker must conduct a brute-force attack against the...

Discuz! X1-1.5 notify_credit.php Blind SQL injection exploit

No description provided by source. ?php printr' +---------------------------------------------------------------------------+ Discuz! X1-1.5 notifycredit.php Blind SQL injection exploit by toby57 2010.11.05 mail: toby57 at 163 dot com team: http://www.wolvez.org...

AuraCMS 2.x - user.php Security Code Bypass Arbitrary Add Administrator

AuraCMS 2.x - user.php Security Code Bypass Arbitrary Add Administrator !/usr/bin/perl Indonesian Newhack Security Advisory ------------------------------------ AuraCMS 2.x user.php - Security Code Bypass & Add Administrator Exploit Waktu : Feb 28 2008 08:00PM Software : AuraCMS Versi : 2.0 2.1...

CVE-2006-7200

EMC RSA Security SiteKey issues challenge-bypass tokens that persist forever without a cancellation interface for end users, which makes it easier for attackers to bypass one stage of authentication by stealing and replaying a token...

CVE-2006-7201

EMC RSA Security SiteKey does not set the secure qualifier on the SiteKey Flash token aka the PassMark Flash shared object, which might allow remote attackers to obtain the token via HTTP...

CVE-2006-7199

EMC RSA Security SiteKey allows remote attackers to display the correct image via a man-in-the-middle MITM attack in which an attacker-controlled server proxies authentication data to and from a legitimate SiteKey server. NOTE: the vendor disputes the severity of the issue, stating that it is...

CVE-2006-7199

CVE-2006-7199 describes a MITM-based exposure in EMC RSA Secur ity SiteKey where a malicious, attacker-controlled proxy can relay authentication data to and from a legitimate SiteKey server, allowing an attacker to cause the correct image to be displayed remotely. The description notes the vendor...

CVE-2006-7201

EMC RSA Security SiteKey does not set the secure qualifier on the SiteKey Flash token aka the PassMark Flash shared object, which might allow remote attackers to obtain the token via HTTP...

CVE-2006-7201

CVE-2006-7201 affects EMC RSA Security SiteKey where the secure qualifier is not set on the SiteKey Flash token (PassMark Flash). This misconfiguration could allow remote attackers to obtain the token over HTTP, enabling exposure of authentication-related data. The Connected documents describe th...

CVE-2006-7200

EMC RSA Security SiteKey issues challenge-bypass tokens that persist forever without a cancellation interface for end users, which makes it easier for attackers to bypass one stage of authentication by stealing and replaying a token...

CVE-2006-7200

CVE-2006-7200 concerns EMC RSA Security SiteKey. The issue describes challenge-bypass tokens that persist indefinitely due to the lack of a user-facing cancellation interface, enabling attackers to bypass one authentication stage by stealing and replaying a token. The connected sources consistent...

CVE-2006-7199

EMC RSA Security SiteKey allows remote attackers to display the correct image via a man-in-the-middle MITM attack in which an attacker-controlled server proxies authentication data to and from a legitimate SiteKey server. NOTE: the vendor disputes the severity of the issue, stating that it is...

CVE-2001-0088

common.inc.php in phpWebLog 0.4.2 does not properly initialize the $CONF array, which inadvertently sets the password to a single character, allowing remote attackers to easily guess the SiteKey and gain administrative privileges to phpWebLog...