[SA19325] Xeneo Web Server Script Source Disclosure Vulnerability

TITLE: Xeneo Web Server Script Source Disclosure Vulnerability SECUNIA ADVISORY ID: SA19325 VERIFY ADVISORY: http://secunia.com/advisories/19325/ CRITICAL: Moderately critical IMPACT: Exposure of sensitive information WHERE: From remote SOFTWARE: Xeneo Web Server 2.x http://secunia.com/product/69...

[SA19844] WinAgents TFTP Server Directory Traversal Vulnerability

TITLE: WinAgents TFTP Server Directory Traversal Vulnerability SECUNIA ADVISORY ID: SA19844 VERIFY ADVISORY: http://secunia.com/advisories/19844/ CRITICAL: Less critical IMPACT: Exposure of sensitive information WHERE: From local network SOFTWARE: WinAgents TFTP Server 3.x...

[SA19868] Linux Kernel CIFS chroot Directory Traversal Vulnerability

TITLE: Linux Kernel CIFS chroot Directory Traversal Vulnerability SECUNIA ADVISORY ID: SA19868 VERIFY ADVISORY: http://secunia.com/advisories/19868/ CRITICAL: Less critical IMPACT: Security Bypass WHERE: Local system OPERATING SYSTEM: Linux Kernel 2.6.x http://secunia.com/product/2719/ DESCRIPTIO...

[Full-disclosure] WinISO/UltraISO/MagicISO/PowerISO Directory Traversal Vulnerability

WinISO/UltraISO/MagicISO/PowerISO Directory Traversal Vulnerability By Sowhat of Nevis Labs Date: 2006.04.28 http://www.nevisnetworks.com http://secway.org/advisory/AD20060428.txt CVE: N/A Vendor WinISO Computing Inc. EZB Systems, Inc. MagicISO Inc. PowerISO Computing, Inc. Affected Software WinI...

[SA19869] Linux Kernel SMBFS chroot Directory Traversal Vulnerability

TITLE: Linux Kernel SMBFS chroot Directory Traversal Vulnerability SECUNIA ADVISORY ID: SA19869 VERIFY ADVISORY: http://secunia.com/advisories/19869/ CRITICAL: Less critical IMPACT: Security Bypass WHERE: Local system OPERATING SYSTEM: Linux Kernel 2.6.x http://secunia.com/product/2719/...

Scry Gallery Directory Traversal & Full Path Disclosure Vulnerabilites

Software : Scry Gallery WebSite :http://scry.org/ discovred by :Moroccan Security Team + Directory Traversal : A remote attacker may employ directory traversal strings '../' to access arbitrary files outside of the webroot directory. This flaw is due to an input validation error in the "index.php...

MonsterTopList- Remote Code Execution bug

MonsterTopList- Remote Code Execution bug discovered By: VietMafia ================================= Developer site: http://www.monstertoplist.com/ Software: MTL 1.4 and prior Risk: Moderate Status: unpatched orginal advisory:http://pridels.blogspot.com/2006/04/monstertoplist.html...

[Full-disclosure] Secunia Research: AN HTTPD Script Source Disclosure Vulnerability

====================================================================== Secunia Research 03/04/2006 - AN HTTPD Script Source Disclosure Vulnerability - ====================================================================== Table of Contents Affected...

mediaslashInclude.txt

author: Moroccan Security Team Vendor: www.MediaSlash.com Vendor Contacted greetz to : Moroccan Security Team CiM-TeaM and All Freinds Google : Powered by MediaSlash.com Details: MediaSlash Galleryis is vulnerable to remote URL inclusion vulnerability This flaw is due to an input validation error...

[SA19453] v-creator VCEngine.php Shell Command Injection Vulnerability

TITLE: v-creator VCEngine.php Shell Command Injection Vulnerability SECUNIA ADVISORY ID: SA19453 VERIFY ADVISORY: http://secunia.com/advisories/19453/ CRITICAL: Highly critical IMPACT: System access WHERE: From remote SOFTWARE: v-creator 1.x http://secunia.com/product/9080/ DESCRIPTION: A...

[SA19341] Blazix Web Server JSP Source Code Disclosure Vulnerability

TITLE: Blazix Web Server JSP Source Code Disclosure Vulnerability SECUNIA ADVISORY ID: SA19341 VERIFY ADVISORY: http://secunia.com/advisories/19341/ CRITICAL: Moderately critical IMPACT: Exposure of sensitive information WHERE: From remote SOFTWARE: Blazix 1.x http://secunia.com/product/8961/...

[SA19312] Baby Web Server ASP Code Disclosure Vulnerability

TITLE: Baby Web Server ASP Code Disclosure Vulnerability SECUNIA ADVISORY ID: SA19312 VERIFY ADVISORY: http://secunia.com/advisories/19312/ CRITICAL: Moderately critical IMPACT: Exposure of sensitive information WHERE: From remote SOFTWARE: Baby ASP Web Server 2.x http://secunia.com/product/8915/...

[SA19306] Quick 'n Easy Web Server ASP Code Disclosure Vulnerability

TITLE: Quick 'n Easy Web Server ASP Code Disclosure Vulnerability SECUNIA ADVISORY ID: SA19306 VERIFY ADVISORY: http://secunia.com/advisories/19306/ CRITICAL: Moderately critical IMPACT: Exposure of sensitive information WHERE: From remote SOFTWARE: Quick and Easy Web Server 3.x...

CORE-2006-0124: Cross-Site Scripting in Verisign’s haydn.exe CGI script

Core Security Technologies - Corelabs Advisory http://www.coresecurity.com/corelabs/ Cross-Site Scripting in Verisign’s haydn.exe CGI script Date Published: 2006-03-20 Last Update: 2006-03-20 Advisory ID: CORE-2006-0124 Bugtraq ID: None currently assigned CVE Name: None currently assigned Title:...

Cross-Site Scripting in Verisign’s haydn.exe CGI script

Date Published: 2006-03-20 Last Update: 2006-03-20 Advisory ID: CORE-2006-0124 Bugtraq ID: 17170 CVE Name: CVE-2006-1344 Title: Cross-Site Scripting in Verisign’s haydn.exe CGI script Class: Input Validation Error Remotely Exploitable: Yes Locally Exploitable: No Advisory...

Secunia Research: Dwarf HTTP Server Source Disclosure and Cross-Site Scripting

====================================================================== Secunia Research 13/03/2006 - Dwarf HTTP Server Source Disclosure and Cross-Site Scripting - ====================================================================== Table of Contents Affected...

[Full-disclosure] Secunia Research: NetworkActiv Web Server Script Source Disclosure Vulnerability

====================================================================== Secunia Research 01/03/2006 - NetworkActiv Web Server Script Source Disclosure Vulnerability - ====================================================================== Table of Contents Affected...

SAP Business Connector 4.64.7 - deleteSingle?fullName Arbitrary File Deletion

SAP Business Connector 4.64.7 - deleteSingle?fullName Arbitrary File Deletion source: https://www.securityfocus.com/bid/16668/info SAP Business Connector is prone to a file-access/deletion vulnerability. This issue arises due to an access-validation error. A successful attack will result in the...

SAP Business Connector 4.64.7 - chopSAPLog.dsp?fullName Arbitrary File Disclosure

SAP Business Connector 4.64.7 - chopSAPLog.dsp?fullName Arbitrary File Disclosure source: https://www.securityfocus.com/bid/16668/info SAP Business Connector is prone to a file-access/deletion vulnerability. This issue arises due to an access-validation error. A successful attack will result in t...

SAP Business Connector 4.6/4.7 - 'chopSAPLog.dsp?fullName' Arbitrary File Disclosure

source: https://www.securityfocus.com/bid/16668/info SAP Business Connector is prone to a file-access/deletion vulnerability. This issue arises due to an access-validation error. A successful attack will result in the disclosure of sensitive or privileged information. An attacker may also delete...