5315 matches found
acidcat cms 3.4.1 - Multiple Vulnerabilities
No description provided by source. www.BugReport.ir AmnPardaz Security Research Team Title: Acidcat CMS Multiple Vulnerabilities. Vendor: www.acidcat.com Vulnerable Version: 3.4.1 Exploit: Available Impact: High Fix: N/A Original Advisory: http://bugreport.ir/index.php?/36 1. Description: Acidcat...
webERP 4.11.3 SQL Injection
SQL Injection vulnerability in webERP SalesInquiry.php Vulnerability Type: SQL Injection For the exploit source code contact DSquare Security sales team...
tgs cms 0.x (xss/sql/fd) Multiple Vulnerabilities
No description provided by source. | | | / | | / | | | \ / | | | / / | |/ \ / / |/ | |/| | | ' \ / | / / | | | | | | | | | | | | | |/ / ||//\||| |||| ||,/| +-+-+-+-+ |C|r|e|w| +-+-+-+-+ TGS CMS Cross Site Scripting,SQL injection,Blind SQL/XPath injection,Source code disclosure, Multiple...
Microsoft Windows NT 4/2000 NetBIOS Name Conflict Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/1514/info An attacker can send the NetBIOS name service a NetBIOS Name Conflict message even when the receiving machine is not in the process of registering its NetBIOS name. The target will then not attempt to use that...
SCO Unixware 7.1 pkginstall Buffer Overflow
No description provided by source. source: http://www.securityfocus.com/bid/853/info It is possible to view the entries in /etc/shadow through exploiting a buffer overflow in pkgcat and pkginstall. Though neither of these binaries are setuid, the dacread permissions which are granted in...
Perl2Exe 1.0 9/5.0 2/6.0 Code Obfuscation Weakness
No description provided by source. source: http://www.securityfocus.com/bid/6909/info Perl2Exe obfuscates Perl source code using a reversible algorithm when converting it to an executable format. This occurs when the encrypt option is selected. Those who use Perl2Exe with the expectation that the...
VWD-CMS - CSRF Vulnerability
No description provided by source. ''' | / |/ \ /\ | | | | \ | \ / | | | | / \ | | | | | | | |/| | | | |/ /\ | | | | | | | | || / \ || | | | || ||// \/|/ Title : VWD-CMS CSRF Vulnerability Affected Version : VWD-CMS version 2.1 Discovery : www.abysssec.com Vendor : http://www.vwd-cms.com/ Demo...
MySQL <= 5.0.45 COM_CREATE_DB Format String PoC (auth)
No description provided by source. MySQL tested: Version 5.0.45 on CentOS Linux Format String Vulnerability MySQL General Available GA Release is vulnerable. Latest MySQL Version is not vulnerable since the bug if ifdef'ed off. from mysql-5.0.75 source mysql-5.0.75.tar.gz in the file...
Online Rental Property Script <= 4.5 (pid) SQL Injection Vulnerability
No description provided by source. \ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /\ / / / / / .OR.ID ECHOADV91$2008 ----------------------------------------------------------------------------------------- ECHOADV91$2008 Online Rental Property Script = 4.5 pid Blind Sql Injection...
Resin Application Server 4.0.36 Source Code Disclosure Vulnerability
No description provided by source. Resin Application Server 4.0.36 Source Code Disclosure Vulnerability Vendor: Caucho Technology, Inc. Product web page: http://www.caucho.com Affected version: Resin Professional Web And Application Server 4.0.36 Summary: Resin is the Java Application Server for...
Mono XSP 1.x/2.0 Source Code Information Disclosure Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/21687/info XSP is prone to a source code information-disclosure vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to retrieve arbitrary files from the...
GoAheaad Webserver Source Code Disclosure Vulnerability
No description provided by source. Exploit Title: GoAheaad Webserver Source Code Disclosure Vulnerability Date: 5-28-10 Author: Sil3ntDre4m Software Link: http://data.goahead.com/Software/Webserver/2.1.8/webs218.zip Version: 2.18 and earlier Tested on: Windows Affects: Windows platform only Code ...
Litespeed Technologies Web Server Remote Poison null byte Exploit
No description provided by source. Litespeed Technologies Web Server Remote Poison null byte Zero-Day discovered and exploited by Kingcope in June 2010 google gives me over 9million hits Example exploit session: %nc 192.168.2.19 80 HEAD / HTTP/1.0 HTTP/1.0 200 OK Date: Sun, 13 Jun 2010 00:10:38 G...
Yaws 1.5x Remote Source Code Disclosure Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/13981/info A vulnerability has been reported in Yaws that may result in the disclosure of script files' source code. Information obtained in this manner may be used by the attacker to launch further attacks against a...
Microsoft IIS 4.0,Microsoft Site Server 3.0 Showcode ASP Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/167/info A sample Active Server Page ASP script installed by default on Microsoft's Internet Information Server IIS 4.0 gives remote users access to view any file on the same volume as the web server that is readable by t...
gdm 1.0 .x/2.0 .x BETA/2.2 .0 XDMCP Buffer Overflow Vulnerability (1)
No description provided by source. source: http://www.securityfocus.com/bid/1233/info A buffer overrun exists in the XDMCP handling code used in 'gdm', an xdm replacement, shipped as part of the GNOME desktop. By sending a maliciously crafted XDMCP message, it is possible for a remote attacker to...
HP-UX 10.x stmkfont Alternate Typeface Library Buffer Overflow Vulnerability (1)
No description provided by source. source: http://www.securityfocus.com/bid/6836/info A buffer overflow vulnerability has been reported in the stmkfont utility shipped with HP-UX systems. The problem occurs due to insufficient bounds checking on user-suplied data to the alternate typeface library...
PoPToP PPTP <= 1.1.4-b3 Remote Root Exploit (poptop-sane.c)
No description provided by source. / Fixed Exploit against PoPToP in Linux poptop-sane.c ./r4nc0rwh0r3 of blightninjas [email protected] blightninjas: bringing pain, suffering, and humiliation to the security world Expect more great release like helloworld-annotated.c and cd explained...
Perception LiteServe 2.0 CGI Source Disclosure Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/6188/info By constructing a malicious web request, it is possible for a remote attacker to disclose the source code of CGI scripts. Information gained through exploiting this issue may aid an attacker in launching further...
Phaos R4000 Version (file) - Remote File Disclosure Vulnerability
No description provided by source. Remote File Disclosure Vulnerability in showSource.php phaos4.0.1 MY HOmE : WWW.PAL-HACkEr.COM WWW.ATSDP.COM AUTHOR : HaCkeREgY My HoMe : www.PaL-HaCker.com & www.ATSDP.com ConTacT : [email protected] ----------------------------------------------- script:...