Adobe Macromedia ColdFusion source code leak

Adding twice encoded NULL byte to path allows .CFM file content disclosure...

gb03-db.txt

Discovered by:Aria-Security Team Type:Remote Password Disclosure Download: http://www.planet-source-code.com/vb/scripts/ShowCode.asp?lngWId=4&txtCodeId=6847 PoC: target/path/db/gbook.mdb target/path/db/gbook97.mdb Contact: [email protected]...

CVE-2006-5858

Adobe ColdFusion MX 7 through 7.0.2, and JRun 4, when run on Microsoft IIS, allows remote attackers to read arbitrary files, list directories, or read source code via a double URL-encoded NULL byte in a ColdFusion filename, such as a CFM file...

SoftArtisans FileUp(TM) viewsrc.asp remote script source disclosure exploit

Inge Henriksen Security Advisory - Full Disclosure Proof of Concept at http://ingehenriksen.blogspot.com/ Advisory Name: SoftArtisans FileUpTM viewsrc.asp remote script source disclosure exploit Tested and Confirmed Vulerable: SoftArtisans SAFileUpTM 5.0.14 Standard Severity: High Type: Script...

About the database the simple intrusion and rogue damage-vulnerability warning-the black bar safety net

For domestic and foreign a lot of news, BBS and e-Commerce site using ASP+SQL design, and write an ASP programmer many many have just graduated, so, ASP+SQL attack success rate is relatively high. This type of attack method with the NT version and SQL version is not much relationship, there is no...

CVE-2006-6757

Directory traversal vulnerability in index.php in cwmExplorer 1.0 allows remote attackers to read arbitrary files and source code, and obtain sensitive information via directory traversal sequences in the showfile parameter...

Mono XSP for ASP.NET Server Crafted Request Script Source Code Disclosure

The remote host is running Mono XSP, a lightweight web server for hosting ASP.NET applications. The version of Mono XSP installed on the remote Windows host fails to properly validate filename extensions in URLs. A remote attacker may be able to leverage this issue to disclose the source of scrip...

PHP Advanced Transfer Manager <= 1.30 Source Code Disclosure Exploit

No description provided by source. ? / ::::::::: :::::::::: ::: ::: ::::::::::: ::: :+: :+: :+: :+: :+: :+: :+: +:+ +:+ +:+ +:+ +:+ +:+ +:+ ++ +:+ +++:++ ++ +:+ ++ ++ ++ ++ ++ ++ ++ ++ ++ + + + +++ + + ::::::::::: :::::::::: ::: :::: :::: :+: :+: :+: :+: +:+:+: :+:+:+ +:+ +:+ +:+ +:+ +:+ +:+:+ +:...

DEBIAN-CVE-2006-6104

The System.Web class in the XSP for ASP.NET server 1.1 through 2.0 in Mono does not properly verify local pathnames, which allows remote attackers to 1 read source code by appending a space %20 to a URI, and 2 read credentials via a request for Web.Config%20...

CVE-2006-6104

The System.Web class in the XSP for ASP.NET server 1.1 through 2.0 in Mono does not properly verify local pathnames, which allows remote attackers to 1 read source code by appending a space %20 to a URI, and 2 read credentials via a request for Web.Config%20...

CVE-2006-6104

CVE-2006-6104 affects the Mono platform’s XSP/ASP.NET server. The System.Web class does not properly verify local pathnames, allowing remote attackers to read sensitive content: source code by appending a space to a URI, and Web.Config via a Web.Config%20 request. The vulnerability lies in Mono 1...

CVE-2006-6104

The System.Web class in the XSP for ASP.NET server 1.1 through 2.0 in Mono does not properly verify local pathnames, which allows remote attackers to 1 read source code by appending a space %20 to a URI, and 2 read credentials via a request for Web.Config%20...

CVE-2006-6104

The System.Web class in the XSP for ASP.NET server 1.1 through 2.0 in Mono does not properly verify local pathnames, which allows remote attackers to 1 read source code by appending a space %20 to a URI, and 2 read credentials via a request for Web.Config%20...

Mono XSP ASP.NET Server sourcecode disclosure vulnerability

Mono XSP ASP.NET Server sourcecode disclosure vulnerability Version: Tested on mono 1.2.1 XSP for ASP.NET 1.1 and 2.0 This is a regression as this issue didn't exists in Mono 1.0 Discovered by: Jose Ramon Palanco: jose.palancoateazeldotes http://www.eazel.es Time Line: Nov 29, 2006: Discovered...

cwmExplorer 1.0 (show_file) Source Code Disclosure Vulnerability

Title : cwmExplorer 1.0 showfile Source Code Disclosure Vulnerability Author : ajann Contact : : ERROR------------------------------------------------------ .... .. $datei = "dirs/".$d."/".$GETshowfile; .... .. ERROR--------------------------------------------------------- Example:...

PHP Advanced Transfer Manager 1.30 - Source Code Disclosure

DEVIL TEAM IRC: irc.milw0rm.com:6667 devilteam http://www.rahim.webd.pl/ ======== Contact: [email protected] -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Greetings DragonHeart and all DEVIL TEAM Patriots : - Leito & Leon | friend str0ke ; Blund Coder, D0han, d3m0n...

PHP Advanced Transfer Manager 1.30 - Source Code Disclosure

PHP Advanced Transfer Manager 1.30 - Source Code Disclosure DEVIL TEAM IRC: irc.milw0rm.com:6667 devilteam http://www.rahim.webd.pl/ ======== Contact: [email protected] -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Greetings DragonHeart and all DEVIL TEAM Patriots ...

PHP Advanced Transfer Manager <= 1.30 Source Code Disclosure Exploit

Exploit for unknown platform in category web applications ==================================================================== PHP Advanced Transfer Manager = 1.30 Source Code Disclosure Exploit ==================================================================== ? / ::::::::: :::::::::: ::: :::...

cwmExplorer 1.0 (show_file) Source Code Disclosure Vulnerability

Exploit for unknown platform in category web applications ================================================================ cwmExplorer 1.0 showfile Source Code Disclosure Vulnerability ================================================================ Title : cwmExplorer 1.0 showfile Source Code...

cwmExplorer 1.0 - &#039;show_file&#039; Source Code Disclosure

Title : cwmExplorer 1.0 showfile Source Code Disclosure Vulnerability Author : ajann Contact : : ERROR------------------------------------------------------ .... .. $datei = "dirs/".$d."/".$GETshowfile; .... .. ERROR--------------------------------------------------------- Example:...