2841 matches found
Edikon Release 0.6 of PHPShop
Product : Edikon Release 0.6 of PHPShop Version : 0.6.1 WebSite : http://www.phpshop.org Problem : Viewing dbase information Description: ------------ eng In phpShop we can get access to a database of the server as the file of a configuration is accessible to each user. As we can find out a full...
CVE-2002-1544
Directory traversal vulnerability in CooolSoft Personal FTP Server 2.24 allows remote attackers to read or modify arbitrary files via .. dot dot sequences in the commands 1 LIST ls, 2 mkdir, 3 put, or 4 get...
Wordit Logbook Version 0.98b3
Wordit Limited 2000. http://scripts.wordit.com/ User can read any files and execute any commands. Example: www.idontknowperl.com/logbook.pl? file=../../../../../../../bin/cat20logbook.pl00| / Alexey Sintsov aka DonHuan irc.megik.net brrr / include best/regards.h...
Invision Power Board (PHP)
Informations : °°°°°°°°°°°°°° Website : http://www.invisionboard.com -------------------------- Version : 1.0.1 Problem : phpinfo -------------------------- Version : 1.1.1 Problem : File Including PHP Code/Location : °°°°°°°°°°°°°°°°°°° v1.0.1 : phpinfo.php : ---------- ?php phpinfo; ? ---------...
DSA-211 micq - denial of service
Bulletin has no description...
DSA-199 mhonarc - cross site scripting
Bulletin has no description...
Cisco VPN Concentrator 3000 ISAKMP DoS details
Hi list, the subject says it all. I would like to share the details of the Cisco VPN Concentrator 3000 ISAKMP packet parsing vulnerability mentioned at http://www.cisco.com/warp/public/707/vpn3k-multiple-vuln-pub.shtml The bug affects all software versions including 3.6.0 and I hope everyone got...
Resin MS-DOS Device Request Path Disclosure
Resin will reveal the physical path of the webroot when asked for a special DOS device, e.g. lpt9.xtp An attacker may use this flaw to gain further knowledge about the remote filesystem layout. C Tenable Network Security, Inc. Script audit and contributions from Carmichael Security Erik Anderson...
CVE-2002-0580
WorkforceROI Xpede 4.1 allows remote attackers to obtain the database username via a request to datasource.asp, which leaks the username in a form and allows the attacker to more easily conduct brute force password guessing attacks...
popper_mod 1.2.1 and previous accounts compromise
description: poppermod is a free, full featured web based POP3 email client written in PHP. It is an extension of the now abandoned "popper" project. It can be downloaded from http://www.symatec-computer.com/forums/ bug report: poppermod 1.2.1 relied on administrators using htaccess authenticatio...
Cisco SN 5420 Storage Router vulnerable to DoS via HTTP request containing long headers
Overview It is possible to cause a denial of service of the Cisco SN 5420 Storage Router by sending a HTTP request with a large header. Description A vulnerability has been discovered in the Cisco SN 5420 Storage Router software versions 1.15 and earlier. By sending an HTTP request with a huge...
Shopping Cart Version 1.23
User can execute command, but can't use "../" www.server.com/cgi- local/shop.pl/SID=947626980.19094/page=;ls| XP-TEAM DonHuan [email protected]...
Cisco Catalyst 2900XL crashes with empty UDP packet when SNMP is disabled.
Hi It's possible to crash Cisco Catalyst 2900XL with a empty UDP packet to port 161 when SNMP is disabled. Other switches also? The crash only occurs when the switch is booted with SNMP disabled. Seems that SNMP is listening, even if SNMP is disabled.. ? I have only tested this with Software...
STAT Security Advisory: Trend Micro's ScanMail for Exchange stores passwords in registry unprotected
================================================================================ == STAT Security Advisory http://www.statonline.com/ Software Vendor: Trend Micro www.antivirus.com Software Package: ScanMail for Exchange Versions Affected: 3.5 Evaluation possibly others Synopsis: Account names an...
Cisco Virtual Central Office 4000 (VCO/4K) 5.1.3 - Remote Username / Password Retrieval
source: https://www.securityfocus.com/bid/1885/info A vulnerability exists in the Cisco Virtual Central Office 4000 VCO/4K programmable voice switch running software versions 5.13 and earlier. The usernames and passwords for the device's SNMP administration interface are protected by a simple...
Fwd: APlio PRO web shell
This URL allows for the execution of commands via /bin/sh...
Re: An Analysis of the TACACS+ Protocol and its Implementations
-----BEGIN PGP SIGNED MESSAGE----- Hello, We acknowledge that a buffer overflow mentioned in the analysis by Solar Designer is indeed present in an unsupported free version of TACACS+ server officially it is a "developer's kit" and can be found at...
Remote vulnerability in LCDproc 0.4
-----BEGIN PGP SIGNED MESSAGE----- ============================================================== === Title: Vulnerability in LCDproc === === Date: 20 April 2000 === === Author: Andrew Hobgood [email protected] === ============================================================== Note: The LCDproc...
vqserver /........../
Version tested: vqserver 1.9.9 for windows The webserver vqserver follows /........../ in requests. http://host/........../autoexec.bat gives the autoexec.bat file. More serious, http://host/........../some/path/vq/server/cfg/server.cfg where /some/path/ could be anything, but normally...
CVE-2020-12582
...