CVE-2014-2366

CVE-2014-2366 affects Advantech WebAccess prior to 7.2, where upAdminPg.asp can disclose credentials to remote authenticated users by exposing them in the HTML source. Evidence from NVD/NIST and multiple advisories confirms the vulnerable component and the credential disclosure flaw, with a high ...

Netsparker v3.5 - Web Application Security Scanner

Netsparker Web Application Security Scanner can find and report web application vulnerabilities such as SQL Injection and Cross-site Scripting XSS and security issues on all web applications and websites regardless of the platform and the technology they are built on. Netsparker is very easy to u...

Litespeed Technologies Web Server Remote Poison null byte Exploit

No description provided by source. Litespeed Technologies Web Server Remote Poison null byte Zero-Day discovered and exploited by Kingcope in June 2010 google gives me over 9million hits Example exploit session: %nc 192.168.2.19 80 HEAD / HTTP/1.0 HTTP/1.0 200 OK Date: Sun, 13 Jun 2010 00:10:38 G...

JDownloader Webinterface Source Code Disclosure Vulnerability

No description provided by source. Exploit Title: JDownloader Webinterface Source Code Disclosure Date: 11/24/10 Author: Sil3ntDre4m Software Link: http://jdownloader.org Version: Latest 0.9.850 Tested on: Windows, Linux JDownloader WebInterface is vulnerable to a source code disclosure exploit t...

Yamamah (news) SQL Injection and Source Code Disclosure Vulnerability

No description provided by source. Exploit Title: Yamamah Vulnerability news SQL Injection / disclosure Vulnerability Date: 12-06-2010 Author: anT!-Tr0J4n My Home : www.Dev-PoinT.com Software Link:http://www.yamamah.org Version: 1.00 Tested on: Win7/Linux DorK : N / A ========== Exploit By...

Cisco Collaboration Server 5 XSS, Source Code Disclosure

No description provided by source. Cisco Collaboration Server 5 XSS, Source Code Disclosure Discovered by: s4squatch of SecureState R&D Team www.securestate.com Discovered: 08/26/2008 Note: End of Engineering --...

Merak Mail Server 7.4.5 settings.html Multiple Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/10966/info The webmail package embedded in Merak Mail Server is reported prone to multiple vulnerabilities. The vulnerabilities reported are: - Multiple cross-site scripting vulnerabilities - An HTML injection vulnerabili...

Netmechanica NetDecision Traffic Grapher Server Information Disclosure Vulnerability

No description provided by source. Title : Netmechanica NetDecision Traffic Grapher Server Information Disclosure Vulnerability Author : Prabhu S Angadi SecPod Technologies www.secpod.com Vendor : http://www.netmechanica.com Advisory : http://secpod.org/blog/?p=481...

microsoft iis 6.0 and 7.5 - Multiple Vulnerabilities

No description provided by source. THIS IS A GENUINE ISOWAREZ RELEASE ------------------------------------------------------------------------------------------------------------------------------------------------------------ Title: Microsoft IIS 6.0 with PHP installed Authentication Bypass...

Allaire JRun 2.3 File Source Code Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1833/info Allaire JRun is a web application development suite with JSP and Java Servlets. JRun contains a vulnerability that allows a user to access documents outside of the webroot. Requesting a malformed URL using the...

MODx 0.9.6.1 'htcmime.php' Source Code Information Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/27096/info MODx is prone to a vulnerability that allows attackers to access source code because the application fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to retrieve...

Merak Mail Server 7.4.5 attachment.html attachmentpage_text_error Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/10966/info The webmail package embedded in Merak Mail Server is reported prone to multiple vulnerabilities. The vulnerabilities reported are: - Multiple cross-site scripting vulnerabilities - An HTML injection vulnerabili...

Phaos R4000 Version (file) - Remote File Disclosure Vulnerability

No description provided by source. Remote File Disclosure Vulnerability in showSource.php phaos4.0.1 MY HOmE : WWW.PAL-HACkEr.COM WWW.ATSDP.COM AUTHOR : HaCkeREgY My HoMe : www.PaL-HaCker.com & www.ATSDP.com ConTacT : [email protected] ----------------------------------------------- script:...

WebTrends Enterprise Reporting Server 3.1 c/3.5 Source Code Disclosure

No description provided by source. source: http://www.securityfocus.com/bid/2812/info WebTrends Live is a web-based reporting service which provides interactive tracking of usage statistics and E-commerce revenue. It is possible to view the source code of arbitrary scripts on the WebTrends Live...

Ipswitch WhatsUp Professional 2006 0 NmConsole/ToolResults.asp sHostname Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/17964/info WhatsUp Professional is prone to multiple input-validation vulnerabilities. The issues include remote file-include, information-disclosure, source-code disclosure, cross-site scripting, and input-validation...

Microsoft IIS 5.0 CodeBrws.ASP Source Code Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/4525/info Microsoft IIS 5.0 ships with a sample script that may be used to view the source code of other scripts in the sample scripts /IISSAMPLES directory. However, this script CodeBrws.asp does not adequately filter...

Dolphin 7.0.3 - Multiple Vulnerabilities

No description provided by source. Exploit Title: Dolphin Mullti Vulnerability Date : 29-10-2010 Author : anT!-Tr0J4n Version : 7.0.3 DorK : Powered by Dolphin Greetz : Dev-PoinT.com inj3ct0r.com All Dev-poinT members and my friends Home : www.Dev-PoinT.com : http://inj3ct0r.com Email :...

IBM WebSphere 5.0/5.1/6.0 Application Server Web Server Root JSP Source Code Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/13160/info A remote JSP source disclosure vulnerability reportedly affects the IBM WebSphere Application Server. This issue is due to a failure of the application to properly handle various requests under certain...

GoAhead Webserver 2.1.x ASP Script File Source Code Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/9239/info A vulnerability in GoAhead webserver may result in the disclosure of the source code of ASP script files. The vulnerability occurs because the application fails to sanitize HTTP requests. An attacker can append...

modx cms 0.9.6.1 - Multiple Vulnerabilities

No description provided by source. WwW.BugReport.ir AmnPardaz Security Research Team Title: MODx CMS Vulnerabilities Vendor: http://modxcms.com Bugs: Source code disclosure, local file inclusion Vulnerable Version: 0.9.6.1 prior versions also may be affected Exploitation: Remote with browser Fix...