FreeBSD-SA-14:17.kmem

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-14:17.kmem Security Advisory The FreeBSD Project Topic: Kernel memory disclosure in control messages and SCTP notifications Category: core Module: kern, sctp...

Cisco Intelligent Automation for Cloud Form Data Viewer Utility Vulnerability

A vulnerability in the Form Data Viewer utility of Cisco Intelligent Automation for Cloud could allow an authenticated, remote attacker to view passwords of provisioned systems. The vulnerability is due to the inclusion of passwords in the form data. An attacker could exploit this vulnerability b...

Information disclosure

Form Data Viewer in Cisco Intelligent Automation for Cloud in Cisco Cloud Portal places passwords in form data, which allows remote authenticated users to obtain sensitive information by reading HTML source code, aka Bug ID CSCui36976...

CVE-2014-3298

Form Data Viewer in Cisco Intelligent Automation for Cloud in Cisco Cloud Portal places passwords in form data, which allows remote authenticated users to obtain sensitive information by reading HTML source code, aka Bug ID CSCui36976...

Omnicron OmniHTTPD 2.0.4-8 File Source Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2788/info Submitting a specially crafted GET request for a known file .php, .pl, or .shtml, could cause OmniHTTPD to disclose the source code of the requested resource. The GET requested would have to be appended with the...

cyberBB 0.6 - Multiple Remote SQL Injection Vulnerabilities

No description provided by source. Name : cyberBB v. 0.6 Multiply Remote SQL Injection Vulnerabilities Author : cOndemned Dark-Coders Greetz : Avantura, str0ke, ZaBeaTy, voo|doo, irk4z, and many, many more... Conditions : Magic quotes gpc = On & Off / User must be logged into source of...

Litespeed Technologies Web Server Remote Poison null byte Exploit

No description provided by source. Litespeed Technologies Web Server Remote Poison null byte Zero-Day discovered and exploited by Kingcope in June 2010 google gives me over 9million hits Example exploit session: %nc 192.168.2.19 80 HEAD / HTTP/1.0 HTTP/1.0 200 OK Date: Sun, 13 Jun 2010 00:10:38 G...

Mongoose 2.8 Space String Remote File Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/38145/info Mongoose is prone to a remote file-disclosure vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to view the source code of files in the context ...

ZoomStats <= 1.0.2 (mysql.php) Remote File Include Vulnerability

No description provided by source. ToXiC BuG FounD by Drago84 Application Affect:ZoomStats Source Code: http://prdownloads.sourceforge.net/zoomstats/ZoomStats-v1.0.2.zip?usemirror=kent Problem: $GLOBALS'lib''db''path' array not declare Solution : $GLOBALS'lib''db''path' Page Vulnerable : mysql.ph...

Yamamah (news) SQL Injection and Source Code Disclosure Vulnerability

No description provided by source. Exploit Title: Yamamah Vulnerability news SQL Injection / disclosure Vulnerability Date: 12-06-2010 Author: anT!-Tr0J4n My Home : www.Dev-PoinT.com Software Link:http://www.yamamah.org Version: 1.00 Tested on: Win7/Linux DorK : N / A ========== Exploit By...

attachmax dolphin <= 2.1.0 - Multiple Vulnerabilities

No description provided by source. \ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /\ / / / / / .OR.ID ECHOADV101$2008 ----------------------------------------------------------------------------------------- ECHOADV101$2008 Attachmax Dolphin = 2.1.0 Multiple Vulnerability...

Cisco Collaboration Server 5 XSS, Source Code Disclosure

No description provided by source. Cisco Collaboration Server 5 XSS, Source Code Disclosure Discovered by: s4squatch of SecureState R&D Team www.securestate.com Discovered: 08/26/2008 Note: End of Engineering --...

Microsoft IIS 4.0,Microsoft Site Server 3.0 Showcode ASP Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/167/info A sample Active Server Page ASP script installed by default on Microsoft's Internet Information Server IIS 4.0 gives remote users access to view any file on the same volume as the web server that is readable by t...

PhpHostBot <= 1.06 (svr_rootscript) Remote File Inclusion Vulnerability

No description provided by source. \ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /\ / / / / / .OR.ID ECHOADV83$2007 ----------------------------------------------------------------------------------------- ECHOADV83$2007 PhpHostBot = 1.06 svrrootscript Remote File Inclusion...

LiteSpeed Web Server <= 3.2.3 - Remote Source Code Disclosure Vuln

No description provided by source. | | |--.-----.| .-----.' |.---.-.----.-----.--| | | | | | -|| -- | -| || | | -| | || |||||/||| |.|||| TheDefaced.org TheDefaced Security Team Presents An 0-day. LiteSpeed Remote Mime Type Injection Discovered by:Tr3mbl3r Shouts to his kitty kats and tacos...

Interbase 6.0 GDS_Drop Interbase Environment Variable Buffer Overflow (2)

No description provided by source. source: http://www.securityfocus.com/bid/5044/info Interbase is a database distributed and maintained by Borland. It is available for Unix and Linux operating systems. A buffer overflow has been discovered in the gdsdrop program packaged with Interbase. This...

BackLinkSpider (cat_id) - Remote SQL Injection Vulnerability

No description provided by source. \ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /\ / / / / / .OR.ID ECHOADV95$2008 ----------------------------------------------------------------------------------------- ECHOADV95$2008 BackLinkSpider catid Blind Sql Injection Vulnerability...

webERP 4.11.3 SQL Injection

SQL Injection vulnerability in webERP SalesInquiry.php Vulnerability Type: SQL Injection For the exploit source code contact DSquare Security sales team...

Aastra IP Phone 9480i Web Interface Data disclosure Vulnerability

No description provided by source. / / / / / // | / // \ | / / / / / /// / / / / / / / // / / / |/ / // / , / / // / / / / / //// //|///||/,/ / /// Live by the byte |// Members: Pr0T3cT10n -=M.o.B.=- TheLeader Sro Debug Contact: [email protected] -----------------------------------...

Tomcat 3.2.1/4.0,Weblogic Server 5.1 URL JSP Request Source Code Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2527/info BEA Systems WebLogic Server is an enterprise level web and wireless application server. Tomcat can be used together with the Apache web server or a stand alone server for Java Servlets and Java Pages. Tomcat shi...