Raisecom MSG1200、Raisecom MSG2100E、Raisecom MSG2200和Raisecom MSG2300 操作系统命令注入漏洞

The Raisecom MSG1200 and others are a Gigabit Converged Gateway from Raisecom China. An OS command injection vulnerability exists in the Raisecom MSG1200, Raisecom MSG2100E, Raisecom MSG2200, and Raisecom MSG2300 version 3.90, which originates from the parameter template/ in file...

Authentication Bypass Vulnerability in CFCMS Editor

CFCMS is a self-service website building platform with full Flash as its core. There is an authentication bypass vulnerability in the editor \xmlEditor\eWebEditor\AdminStyle.asp used in CFCMS, which can be exploited by attackers to bypass the authentication and gain server privileges with Getshel...

Vulnerability in OpenSSL - DH small subgroups

Historically OpenSSL usually only ever generated DH parameters based on “safe” primes. More recently in version 1.0.2 support was provided for generating X9.42 style parameter files such as those required for RFC 5114 support. The primes used in such files may not be “safe”. Where an application ...

Watermark Master 2.2.23 - .wstyle Local Buffer Overflow (SEH)

Watermark Master 2.2.23 - .wstyle Local Buffer Overflow SEH !/usr/bin/perl Exploit Title: Watermark Master v2.2.23 .wstyle Buffer Overflow SEH Date: 10-28-2013 Exploit Author: Mike Czumak Tv3rn1x -- @SecuritySift Vulnerable Software: Watermark Master v2.2.23 Software Link:...

Photodex ProShow Producer 5.0.3297 Memory Corruption

Inshell Security Advisory http://www.inshell.net 1. ADVISORY INFORMATION ----------------------- Product: Photodex ProShow Producer Vendor URL: www.photodex.com Type: Improper Restriction of Operations within the Bounds of a Memory BufferCWE-119 Date found: 2013-02-14 Date published: 2013-02-14...

Talk about Ewebeditor editor of each version of the problem-the vulnerability warning-the black bar safety net

Source: Tosec Security Team 'Blog Recently read something about ewebeditor for this editor, with regard to this vulnerability or a lot, in fact a lot of people doingsecurity testingwhen most of the bias in the injection context, sometimes attention under editor aspect is good, there are mainly as...

DEBIAN-CVE-2005-3737

Buffer overflow in the SVG importer style.cpp of inkscape 0.41 through 0.42.2 might allow remote attackers to execute arbitrary code via a SVG file with long CSS style property values...

OpenConnect Webconnect read-only directory traversal vulnerability in jretest.html

Overview OpenConnect Webconnect contains a read-only directory traversal vulnerability in the file jretest.html. Description OpenConnect Webconnect provides secured web access and emulation services for backend mainframes and UNIX servers. Versions of Webconnect prior to 6.4.5 and 6.5.1 running o...