php-Board (php)

Informations : °°°°°°°°°°°°°° Website : http://www.hp-planet.de Version : 1 Problem : Informations disclosure PHP Code/Location : °°°°°°°°°°°°°°°°°°° login.php : ----------------------------------------- function passwd2$user $password="nicht registriert"; if fileexists"user/".$user.".txt" $fp =...

Blackboard 5.x Password Retrieval

-- Overview Through the exploitation of a SQL injection vulnerability it is possible for an unauthenticated user to query the Blackboard user directory and: - Enumerate users with a given password. - Extract the MD5 password of any given user. Blackboard Learning System 5.x, level 1 and 2 are...

Microsoft Virtual Machine incorrectly parses the domain portion of URLs containing a colon

Overview Some versions of the Microsoft virtual machine Microsoft VM contain a flaw that could allow untrusted Java applets from an attacker's site to be run instead of the trusted applet from the intended site. Description The Microsoft virtual machine Microsoft VM enables Java programs to run o...

PHP Topsites < 2.2 - Multiple Vulnerabilities

PHP Topsites Multiple Vulnerabilities Vendor: iTop 10 Product: PHP Topsites Version: tag of the description page, when submitting website, it may be possible to cause an administrator to edit or delete database entries. This issue will occur when an unsuspecting administrator loads the submitted...

CVE-2002-2310

ClickCartPro 4.0 stores the adminuser.db data file under the web document root with insufficient access control on servers other than Apache, which allows remote attackers to obtain usernames and passwords...

PHP-Nuke 5.x6.06.5 Beta 1 - Multiple Cross-Site Scripting Vulnerabilities

PHP-Nuke 5.x6.06.5 Beta 1 - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/6244/info everal cross site scripting vulnerabilities have been reported for PHP-Nuke. An attacker may exploit this vulnerability by enticing a victim user to follow a malicious lin...

Killer Protection 1.0 - Information Disclosure

Killer Protection 1.0 - Information Disclosure source: https://www.securityfocus.com/bid/5905/info The Killer Protection PHP script is prone to an information-disclosure issue. Reportedly, unauthorized users can access sensitive user data by requesting the 'vars.inc' file in a malicious HTTP...

Cisco VPN 5000 Client Multiple Vulnerabilities

...

Nevrona Designs MiraMail stores all configuration and user account information in unencrypted text file

Overview Some versions of MiraMail store username and passwords in a text file without using encryption. Description MiraMail is a news server for Windows-based hosts. Versions of MiraMail up to and including 1.04 store MiraMail user data, including usernames and passwords, in unencrypted plainte...

Cacheflow CacheOS 3.1.x4.0.x4.1 - Unresolved Domain Cross-Site Scripting

Cacheflow CacheOS 3.1.x4.0.x4.1 - Unresolved Domain Cross-Site Scripting source: https://www.securityfocus.com/bid/5305/info CacheOS is the firmware designed and distributed with CacheFlow web cache systems. It is maintained and distributed by CacheFlow. User supplied data is not sanitized before...

Uudecode performs inadequate checks on user-specified output files

Overview The uudecode utility contains a vulnerability that allows an attacker to overwrite arbitrary files, symbolic links, and named pipes. Description The uudecode utility is used to decode files that have been encoded in the 7-bit printable format generated by uuencode. This format allows for...

Metacart vuln.

Summary MetaCart2.sql is an ASP based shopping Cart application with SQL database. A security vulnerability in the product allows attackers to access the database used for storing user provided data Credit cart numbers, Names, Surnames, Addresses, E-mails, etc. Details Exploit: Accessing any of t...

Splatt Forum 3.0 - Image Tag HTML Injection

source: https://www.securityfocus.com/bid/4953/info Splatt Forum does not filter HTML from image tags. This may allow an attacker to inject arbitrary script code in forum messages. Injected script code will be executed in the browser of an arbitrary web user who views the malicious forum message,...

ansi outer join syntax in Oracle allows access to any data

Hi all I thought this list may be interested in this issue, apologies if its known here already. Oracle 9i includes the new ANSI outer join syntax. Oracle still supports the old syntax but in the new syntax there is a serious security issue that allows any user to view any data. here is an exampl...

CVE-2001-1111

EFTP 2.0.7.337 stores user passwords in plaintext in the eftp2users.dat file...

CaupoShop: cross-site-scripting bug

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ppp-design found the following cross-site-scripting bug in CaupoShop and probably in CaupoShopPro: Details - ------- Product: CaupoShop and probably CaupoShopPro Version: 1.30a CaupoShop and maybe all versions before OS affected: all OS with php and...

Phorum Discussion Board Security Bug (Email Disclosure)

Concerning latest Phorum version 3.3.2 A bug in the PHP based forum script Phorum makes it possible to obtain the email addresses of the 10 most active users. In the 'admin/' directory of the forum there is a script called 'stats.php' that allows administrators and anyone else, since there is no...

kebi-webmail_vul.txt

kebi-Webmail Solution vulnerability Tested by secret e-mail: [email protected] Summary : Get webmail server's admin competence by remote attack in kebi-Webmail Solution. Platform: Attacker platform : All Operating Systems + Web browser Target platform: All kebi Webmail solution loading server ke...

Web Server Generic XSS

The remote host is running a web server that fails to adequately sanitize request strings of malicious JavaScript. A remote attacker can exploit this issue, via a specially crafted request, to execute arbitrary HTML and script code in a user's browser within the security context of the affected...

Слабое шифрование в Datek Streamer (weak encryption)

Часть важных данных о пользователе уходит по незащищенному каналу...