Open Azimyt CMS <= 0.22 (lang) Local File Inclusion Vulnerability

No description provided by source. Digital Security Research Group DSecRG Advisory DSECRG-08-026 Application: Open Azimyt CMS Versions Affected: 0.22 minimal, 0.21 stable Vendor URL: http://azimyt.net/ Bug: Local File Include Exploits: YES Reported: 07.06.2008 Vendor Response: 08.06.2008 Solution...

pooya-sql.txt

www.BugReport.ir AmnPardaz Security Research Team Title: Pooya Site Builder PSB SQL Injection Vulnerabilities Vendor: www.paridel.com Vulnerable Version: 6.0 Assembly Version Exploit: Available Impact: High Fix: N/A Original Advisory: www.bugreport.ir/?/42 1. Description: Pooya site builder psb i...

BBSXP the latest vulnerability and the discovery process-vulnerability warning-the black bar safety net

Operating environment: Micromedia Dreamweaver 8.0+IIS 5.0+SQL Server 2 0 0 0+BBSXP 6.00 SP1 SQL Travel back to the days of work relatively easily, just as everyone presented a few days ago found BBSXP new vulnerability, the way to find the ASP program vulnerability method. See here you should thi...

Pooya Site Builder (PSB) 6.0 - Multiple SQL Injections

Pooya Site Builder PSB 6.0 - Multiple SQL Injections www.BugReport.ir AmnPardaz Security Research Team Title: Pooya Site Builder PSB SQL Injection Vulnerabilities Vendor: www.paridel.com Vulnerable Version: 6.0 Assembly Version Exploit: Available Impact: High Fix: N/A Original Advisory:...

Yuhhu 2008 SuperStar (board) Remote SQL Injection Exploit

Exploit for unknown platform in category web applications ========================================================= Yuhhu 2008 SuperStar board Remote SQL Injection Exploit ========================================================= ."; $bul=pregmatch$ara,$tuttum,$rmx;...

MySQL 4.1/5.0 zero-length password Auth. Bypass Exploit

No description provided by source. !/usr/bin/perl The script connects to MySQL and attempts to log in using a zero-length password Based on the vuln found by NGSSecurity The following Perl script can be used to test your version of MySQL. It will display the login packet sent to the server and it...

CVE-2008-1108

Buffer overflow in Evolution 2.22.1, when the ITip Formatter plugin is disabled, allows remote attackers to execute arbitrary code via a long timezone string in an iCalendar attachment...

OneCMS 2.5 (install_mod.php) Local File Inclusion Vulnerability

No description provided by source. Digital Security Research Group DSecRG Advisory DSECRG-08-034 Application: OneCMS Versions Affected: 2.5 Vendor URL: http://www.insanevisions.com/ Bug: Local File Include Exploits: YES Reported: 26.03.2008 Vendor Response: NONE Solution: NONE Date of Public...

IRM Security Advisory : Barracuda Networks Spam Firewall Cross-Site Scripting Vulnerability

Barracuda Networks Spam Firewall Cross-Site Scripting Vulnerability CVE Number: CVE-2008-2333 Vulnerability Type / Importance: Cross-Site Scripting Reflected / Medium Problem Discovered 24 April 2008 Vendor Contacted 24 April 2008 Advisory Published 22 May 2008 Abstract The Barracuda Spam Firewal...

OneCMS 2.5 - 'install_mod.php' Local File Inclusion

Digital Security Research Group DSecRG Advisory DSECRG-08-034 Application: OneCMS Versions Affected: 2.5 Vendor URL: http://www.insanevisions.com/ Bug: Local File Include Exploits: YES Reported: 26.03.2008 Vendor Response: NONE Solution: NONE Date of Public Advisory: 23.05.2008 Author: Digital...

barracuda-xss.txt

Barracuda Networks Spam Firewall Cross-Site Scripting Vulnerability CVE Number: CVE-2008-2333 Vulnerability Type / Importance: Cross-Site Scripting Reflected / Medium Problem Discovered 24 April 2008 Vendor Contacted 24 April 2008 Advisory Published 22 May 2008 Abstract The Barracuda Spam Firewal...

Lha Directory Traversal Vulnerability in Testing and Extracting Process

Overview LHa for UNIX is vulnerable to directory traversal due to improper path validation when testing or extracting an archive. Impact An attacker could bypass access restriction and create arbitrary files in the directories for which he has no permission. Solution Please refer to the 'Vendor...

debianssh-ruby.txt

!/usr/bin/ruby Debian SSH Key Tester L4teral This tool helps to find user accounts with weak SSH keys that should be regenerated with an unaffected version of openssl. You will need the precalculated keys provided by HD Moore See http://metasploit.com/users/hdm/tools/debian-openssl/ for further...

Debian OpenSSL Predictable PRNG Bruteforce SSH Exploit (ruby)

No description provided by source. !/usr/bin/ruby Debian SSH Key Tester L4teral l4teral at gmail com This tool helps to find user accounts with weak SSH keys that should be regenerated with an unaffected version of openssl. You will need the precalculated keys provided by HD Moore...

Integer overflow

gcc 4.2.0 through 4.3.0 in GNU Compiler Collection, when casts are not used, considers the sum of a pointer and an int to be greater than or equal to the pointer, which might lead to removal of length testing code that was intended as a protection mechanism against integer overflow and buffer...

The latest SMSJ Version 8.0 vulnerability-vulnerability warning-the black bar safety net

Author:rover Help a friend testing the site's security, using SMSJ Version 8.0, known as the imitation of the Alibaba stuff, the registered enterprise members, login Manager, find the upload pictures will be categorized into one http://www. rover. com/UserDocument/your registered member account...

PowerBook 1.21 - index.php Local File Inclusion

PowerBook 1.21 - index.php Local File Inclusion DSECRG-08-019 Digital Security Research Group DSecRG Advisory Application: PowerBook Versions Affected: 1.21 Vendor URL: http://www.powerscripts.org/ Bug: Local File Include Exploits: YES Reported: 01.02.2008 Vendor Response: none Solution: none Dat...

PowerPHPBoard 1.00b - Multiple Local File Inclusions

PowerPHPBoard 1.00b - Multiple Local File Inclusions DSECRG-08-021 Digital Security Research Group DSecRG Advisory Application: PowerPHPBoard Versions Affected: 1.00b Vendor URL: http://www.powerscripts.org/ Bug: Multiple Local File Include Exploits: YES Reported: 01.02.2008 Vendor Response: none...

[DSECRG-08-019] LFI in PowerBook 1.21

Hello, bugtraq. DSECRG-08-031 Digital Security Research Group DSecRG Advisory Application: PowerBook Versions Affected: 1.21 Vendor URL: http://www.powerscripts.org/ Bug: Local File Include Exploits: YES Reported: 01.02.2008 Vendor Response: none Solution: none Date of Public Advisory: ..2008...

The CMWAP of the test-vulnerability warning-the black bar safety net

Author: demonalex Source: demonalex the diary of a madman 1 test ARP. The first test is the BAN of inspiration, in the CMWAP under the ARP test, but through the GPRS into the CMWAP is the PPP Protocol with the ARP in different Protocol stacks, so the ARP in GPRS connected to the CMWAP is not...