Joomla Mac Gallery <= 1.5 Arbitrary File Download Exploit

Joomla Mac Gallery component versions 1.5 and below suffer from an arbitrary file download vulnerability. Exploit Title : Joomla Mac Gallery = 1.5 Arbitrary File Download Exploit Author : Claudio Viviani Vendor Homepage : https://www.apptha.com Software Link :...

Livefyre LiveComments Plugin - Persistent Cross-Site Scripting

Livefyre LiveComments Plugin - Persistent Cross-Site Scripting Title : Stored XSS in Livefyre LiveComments Plugin CVE : 2014-6420 Vendor Homepage : http://livefyre.com Software Link : http://web.livefyre.com/streamhub/liveComments Version : v3.0 Author : Brij Kishore Mishra Date : 03-Sept-2014...

PhpMyAdmin REQUEST Superglobal Remote Variable Manipulation

A remote variable manipulation vulnerability has been reported in PhpMyAdmin. The vulnerability is due to insufficient validation of request parameters. A remote attacker could exploit this vulnerability by sending a malicious request to the server. Successful exploitation could result in...

Microsoft Internet Explorer Empty CAttrValue Uninitialized Variable Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The vulnerability relates to how...

Mandriva Linux Security Advisory : glibc (MDVSA-2014:175)

Multiple vulnerabilities has been found and corrected in glibc : When converting IBM930 code with iconv, if IBM930 code which includes invalid multibyte character 0xffff is specified, then iconv segfaults CVE-2012-6656. Off-by-one error in the gconvtranslitfind function in gconvtrans.c in GNU C...

Joomla Spider Form Maker 3.4 SQL Injection

Exploit Title : Joomla Spider Form Maker = 3.4 SQL Injection Exploit Author : Claudio Viviani Vendor Homepage : http://web-dorado.com/ Software Link : http://web-dorado.com/products/joomla-form.html Dork Google: inurl:comformmaker Date : 2014-09-07 Tested on : Windows 7 / Mozilla Firefox Linux /...

Joomla! Component com_formmaker 3.4 - SQL Injection

Joomla! Component comformmaker 3.4 - SQL Injection Exploit Title : Joomla Spider Form Maker = 3.4 SQL Injection Exploit Author : Claudio Viviani Vendor Homepage : http://web-dorado.com/ Software Link : http://web-dorado.com/products/joomla-form.html Dork Google: inurl:comformmaker Date : 2014-09-...

CVE-2014-5119

Off-by-one error in the gconvtranslitfind function in gconvtrans.c in GNU C Library aka glibc allows context-dependent attackers to cause a denial of service crash or execute arbitrary code via vectors related to the CHARSET environment variable and gconv transliteration modules...

CVE-2014-5119

Off-by-one error in the gconvtranslitfind function in gconvtrans.c in GNU C Library aka glibc allows context-dependent attackers to cause a denial of service crash or execute arbitrary code via vectors related to the CHARSET environment variable and gconv transliteration modules...

CVE-2014-5119

Off-by-one error in the gconvtranslitfind function in gconvtrans.c in GNU C Library aka glibc allows context-dependent attackers to cause a denial of service crash or execute arbitrary code via vectors related to the CHARSET environment variable and gconv transliteration modules...

Code injection

Off-by-one error in the gconvtranslitfind function in gconvtrans.c in GNU C Library aka glibc allows context-dependent attackers to cause a denial of service crash or execute arbitrary code via vectors related to the CHARSET environment variable and gconv transliteration modules...

frcms 注入一枚 。

简要描述： 无视gpc。 详细说明： 在plus/count/count.php中 if$ccome=='' $ccome="网址输入或收藏夹打开"; $cpage=$SERVER"HTTPREFERER"; $cyear=date'Y';$cmonth=date'm';$cday=date'd';$chour=date'H'; $ctime=date'Y-m-d H:i:s';$cweek=date'w'; $cwhere=trimgetipfrom$cip; $date=date"Y-m-d"; $rss = $db-getone"SELECT cip FROM...

DSA-2984-2 acpi-support - regression update

Bulletin has no description...

net-snmp -- snmptrapd crash

Murray McAllister reports: A remote denial-of-service flaw was found in the way snmptrapd handled certain SNMP traps when started with the "-OQ" option. If an attacker sent an SNMP trap containing a variable with a NULL type where an integer variable type was expected, it would cause snmptrapd to...

CVE-2014-0475

Multiple directory traversal vulnerabilities in GNU C Library aka glibc or libc6 before 2.20 allow context-dependent attackers to bypass ForceCommand restrictions and possibly have other unspecified impact via a .. dot dot in a 1 LC, 2 LANG, or other locale environment variable...

Directory traversal

Multiple directory traversal vulnerabilities in GNU C Library aka glibc or libc6 before 2.20 allow context-dependent attackers to bypass ForceCommand restrictions and possibly have other unspecified impact via a .. dot dot in a 1 LC, 2 LANG, or other locale environment variable...

CVE-2014-0475

Multiple directory traversal vulnerabilities in GNU C Library aka glibc or libc6 before 2.20 allow context-dependent attackers to bypass ForceCommand restrictions and possibly have other unspecified impact via a .. dot dot in a 1 LC, 2 LANG, or other locale environment variable...

CVE-2014-0475

Multiple directory traversal vulnerabilities in GNU C Library aka glibc or libc6 before 2.20 allow context-dependent attackers to bypass ForceCommand restrictions and possibly have other unspecified impact via a .. dot dot in a 1 LC, 2 LANG, or other locale environment variable...

Destoon 2 0 1 4 0 5 3 0 the latest version of the super-global variable coverage lead to security issues-vulnerability warning-the black bar safety net

The code fragment 0x1 /common. inc. php, line 1 7 | 1 2 3 4 | foreacharray'POST', 'GET', 'COOKIE' as $R if$$R foreach$$R as $k = $v ifisset$$k && $$k == $v unset$$k; ---|--- The logic here is that if the post get cookie request of$the$key and$value are equal on the unset out$the$key If we are to ...

c99 2.0 登录绕过漏洞

@extract$REQUEST"c99shcook";这行代码导致变量覆盖可以使得$login=0，直接登陆if $login if empty$md5pass $md5pass = md5$pass; if $SERVER"PHPAUTHUSER" != $login or md5$SERVER"PHPAUTHPW" != $md5pass if $logintxt === false $logintxt = ""; elseif empty$logintxt $logintxt = striptagseregreplace"nbsp;|br", " ", $donatedhtml;...