822 matches found
6rbscript33-sql.txt
|| | | 6rbScript V3.3 singerid Remote SQL Injection Vulnerability | | |---------------------Hussin X----------------------| | | Author: Hussin X | | Home : WwW.IQ-ty.CoM | WwW.TrYaG.CC | | email: darkangelg85atYahooDoTcom | | | | | | | | script : www.6rbscript.com | | DorK :...
Vim: Netrw: FTP User Name and Password Disclosure
Vim: Netrw: FTP User Name and Password Disclosure 1. SUMMARY Product : Vim -- Vi IMproved Versions : Tested with Vim 7.1.266, 7.2, autoload/netrw.vim v131, v109 Impact : Credentials disclosure Wherefrom: Remote Original : http://www.rdancer.org/vulnerablevim-netrw-credentials-dis.html The Vim Net...
vim-ftp.txt
Vim: Netrw: FTP User Name and Password Disclosure 1. SUMMARY Product : Vim -- Vi IMproved Versions : Tested with Vim 7.1.266, 7.2, autoload/netrw.vim v131, v109 Impact : Credentials disclosure Wherefrom: Remote Original : http://www.rdancer.org/vulnerablevim-netrw-credentials-dis.html The Vim Net...
PHP-Fusion Mod Kroax 4.42 - 'category' SQL Injection
========================================================== The kroax phpfusion Remote SQL-injection. ========================================================== Author : boom3rang Contact : [email protected] webpage : www.khg-crew.ws --- Remote SQL Injection --- +Google Dork:...
Motorola Timbuktu login request buffer overflow
Added: 05/15/2008 CVE: CVE-2007-4221 BID: 25454 OSVDB: 40124 Background Motorola Timbuktu is remote control software for Windows and Mac. It runs a service which listens for connections on port 407/TCP or 407/UDP. Problem A buffer overflow vulnerability when processing login requests allows remot...
CVE-2008-1705
Format string vulnerability in the logging function in IBM solidDB 06.00.1018 and earlier allows remote attackers to execute arbitrary code via format string specifiers in the 1 user name, 2 peer name, and possibly unspecified other fields...
Input validation
Timbuktu Pro 8.6.5 for Windows, and possibly 8.7 for Mac OS X, does not perform input validation before logging information fields taken from packets from a remote peer, which allows remote attackers to generate crafted log entries, and possibly avoid detection of attacks, via modified 1 computer...
CVE-2008-1127
Format string vulnerability in the cryactio function in Crysis 1.1.1.5879 allows remote authenticated users to execute arbitrary code via format string specifiers in the user name, which is triggered when the game character is killed...
CVE-2008-1127
Format string vulnerability in the cryactio function in Crysis 1.1.1.5879 allows remote authenticated users to execute arbitrary code via format string specifiers in the user name, which is triggered when the game character is killed...
HTTP File Serve multiple security vulnerabilities
Crossite scripting, information disclosure, unauthroized files creation, log manipulation, user name spoofing...
PHP-AGTC membership system 1.1a Remote Add Admin Exploit
No description provided by source. !-- - Product : AGTC-Membership system - Version : 1.1a - Website : http://www.agtc.co.uk - Author : 0x90 - Homepage: WwW.0x90.CoM.Ar - Contact : Gunsat0x90dotcomdotar - Problem : Admin Added Access. -- form name="form1" method="post"...
Softbiz Jobs Recruitment - SQL Injection
Softbiz Jobs Recruitment - SQL Injection Softbiz Jobs & Recruitment Script SQL INJECTION BY IRCRASH AUTHOR : IRCRASH Dr.Crash Script Download : http://www.softbizscripts.com/ DORK: "Powered by SoftbizScripts" "ALL JOBS" Injection Adress : http://site.com/browsecats.php?cid=sql cod Sql code For se...
Buffer overflow
Multiple buffer overflows in Motorola Timbuktu Pro before 8.6.5 for Windows allow remote attackers to cause a denial of service daemon crash or possibly execute arbitrary code via 1 a long user name and 2 certain malformed requests; and 3 allow remote Timbuktu servers to have an unknown impact vi...
Live for Speed S1S2Demo - .spr Local Buffer Overflow
Live for Speed S1S2Demo - .spr Local Buffer Overflow / 0day Live for speed patch x s2 /s1 and demo local .Spr File buffer over flow Spr file's are also exploitable although i had to go about it a different Way,At first it wasn't possible to do a jmp esp,But with a little more buffer i Managed to...
CVE-2007-4159
index.html in the HTTP administration interface in certain daemons in TIBCO Rendezvous RV 7.5.2 allows remote attackers to obtain sensitive information, such as a user name and IP addresses, via a direct request...
CVE-2007-3807
Multiple cross-site scripting XSS vulnerabilities in SiteScape Forum before 7.3 allow remote attackers to inject arbitrary web script or HTML via the user name field in the login procedure, and other unspecified vectors...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in SiteScape Forum before 7.3 allow remote attackers to inject arbitrary web script or HTML via the user name field in the login procedure, and other unspecified vectors...
Assign Groups to Project Role screen allows entry of users as groups
When assigning groups to a project role, the screen allows the user to specify a group that is really a user name...
Assign Groups to Project Role screen allows entry of users as groups
When assigning groups to a project role, the screen allows the user to specify a group that is really a user name...
CVE-2007-1183
WebAPP before 0.9.9.5 allows remote authenticated users to spoof another user's Real Name via whitespace, which has unknown impact and attack vectors...