5314 matches found
pl-PHP Beta 0.9 - Multiple Vulnerabilities
pl-PHP Beta 0.9 - Multiple Vulnerabilities . . . . | . .| . .;/ || Infos --------- Date : 2007-04-10 Product : pL-PHP Version : beta 0.9 - Prior version maybe also be affected Vendor : http://sourceforge.net/projects/pl-php/ - http://www.karlcore.com/programming/blog/ Vendor Status : 2007-04-10 -...
phpwind5. X Exp the php source code version-bug warning-the black bar safety net
? php printr" +------------------------------------------------------------------+ Exploit For Phpwind 5. X Version BY Loveshell Just For Fun : +------------------------------------------------------------------+ "; iniset"maxexecutiontime",0; errorreporting7; $bbspath="$argv2"; $server="$argv1";...
[Full-disclosure] iDefense Security Advisory 04.03.07: Multiple Vendor X Server BDF Font Parsing Integer Overflow Vulnerability
Multiple Vendor X Server BDF Font Parsing Integer Overflow Vulnerability iDefense Security Advisory 04.03.07 http://labs.idefense.com/intelligence/vulnerabilities/ Apr 03, 2007 I. BACKGROUND The X Window System or X11 is a graphical windowing system used on Unix-like systems. It is based on a...
[ECHO_ADV_78$2007] C-Arbre <= 0.6PR7 (root_path) Remote File Inclusion Vulnerability
ECHOADV78$2007 ----------------------------------------------------------------------------------------- ECHOADV78$2007 C-Arbre = 0.6PR7 rootpath Remote File Inclusion Vulnerability ----------------------------------------------------------------------------------------- Author : M.Hasran Addahro...
CVE-2006-7166
IBM WebSphere Application Server WAS 5.1.1.9 and earlier allows remote attackers to obtain JSP source code and other sensitive information via "a specific JSP URL."...
CVE-2006-7166
IBM WebSphere Application Server WAS 5.1.1.9 and earlier allows remote attackers to obtain JSP source code and other sensitive information via "a specific JSP URL."...
CVE-2006-7165
IBM WebSphere Application Server WAS 5.0 through 5.1.1.0 allows remote attackers to obtain JSP source code and other sensitive information via certain "special URIs."...
CVE-2005-4833
The affected product is IBM WebSphere Application Server 6.0 prior to 20050201, vulnerable when serving pages in an Application WAR or an Extended Document Root. The root cause is lack of URL normalization, allowing remote attackers to access the JSP source code and other sensitive information vi...
CVE-2005-4833
IBM WebSphere Application Server WAS 6.0 before 20050201, when serving pages in an Application WAR or an Extended Document Root, allows remote attackers to obtain the JSP source code and other sensitive information via "a specific JSP URL," related to lack of normalization of the URL format...
CVE-2005-4834
IBM WebSphere Application Server WAS 5.0.2.5 through 5.1.1.3 allows remote attackers to obtain JSP source code and other sensitive information, related to incorrect request processing by the web container...
JSP vulnerabilities large-vulnerability warning-the black bar safety net
Overview: The server vulnerability is a security Origin, a hacker on the site of the attack is also mostly from the Find each other's vulnerabilities. So only understand its own vulnerability, the site managers to take appropriate measures to prevent foreign attacks. The following describes some ...
CVE-2007-1478
download.php in McGallery 0.5b allows remote attackers to read arbitrary files and obtain script source code via the filename parameter...
Code injection
download.php in McGallery 0.5b allows remote attackers to read arbitrary files and obtain script source code via the filename parameter...
CVE-2007-1478
download.php in McGallery 0.5b allows remote attackers to read arbitrary files and obtain script source code via the filename parameter...
Groupit 2.00b5 - c_basepath Remote File Inclusion
Groupit 2.00b5 - cbasepath Remote File Inclusion ------------------------------------------------------------------------------------- ECHOADV75$2007 Groupit 2.00b5 cbasepath Remote File Inclusion Vulnerability -------------------------------------- ----------------------------------------------...
PHP CDFP extension cpdf_open information leak
Fragment of source code is printed in diagnostics message...
Pre-open files attack agains locked file
Hello lists, hello Roger. It's me again. Sorry for annoyance, but there is one more attack vector with pre-open files I meant, but forgot to mention. It seems dangerous enough and need to be investigated for different applications. Attack is against application relying on mandatory locks. Attack...
PHP 4.4.6 - 'cpdf_open()' Local Source Code Disclosure
?php / PHP 4.4.6 cpdfopen source code disclosure poc by rgod site: http://retrogod.altervista.org to be launched from the cli this will show as output something like this: ClibPDF: Cannot open A 11111$mypasswordis="suntzu";newline $mypasswordis="suntzu";etc... for PDF output X-Powered-By: PHP/4.4...
Grayscale Blog 0.8.0 - Security Bypass SQL Injection Cross-Site Scripting
Grayscale Blog 0.8.0 - Security Bypass SQL Injection Cross-Site Scripting Security Advisory - Multiple Vulnerabilities in Grayscale Blog 0.8.0 Date : 2007-02-24 Product : Grayscale Blog Version : 0.8.0 - Prior version maybe also be affected Vendor : http://sourceforge.net/projects/gsblogger/ -...
PHP 4.4.6 cpdf_open() Local Source Code Discslosure PoC
No description provided by source. ?php / PHP 4.4.6 cpdfopen source code disclosure poc by rgod site: http://retrogod.altervista.org to be launched from the cli this will show as output something like this: ClibPDF: Cannot open A 11111$mypasswordis="suntzu";newline $mypasswordis="suntzu";etc... f...