9564 matches found
phpix 1.0 - Directory Traversal vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/1773/info PHPix is a web-based photo-album system written in PHP. It is vulnerable to an attack that allows a malicious remote user to view arbitrary files on the target webserver with the privileges of the webserver. The...
Joomla LMO Component <= 1.0b2 Remote Include Vulnerability
No description provided by source. Application : LMO - Joomla! Component URL : http://forge.joomla.org/sf/projects/lmo Variable $mosConfigabsolutepath not sanitized: xpl works with registerglobals=on in components/comlmo/lmo.php on line 11-12...
Libc locale exploit (2)
No description provided by source. / source: http://www.securityfocus.com/bid/1634/info ectiva 4.x/5.x,Debian 2.x,IBM AIX 3.x/4.x,Mandrake 7,RedHat 5.x/6.x,IRIX 6.x, Solaris 2.x/7/8,Turbolinux 6.x,Wirex Immunix OS 6.2 Locale Subsystem Format String Many UNIX operating systems provide...
S.u.S.E. Linux 6.2 sscw HOME Environment Variable Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/656/info A buffer overflow vulnerability in sscw's handling of the HOME environment variable allows local users to gain root privileges. !/bin/bash Linux x86 exploit for /usr/bin/sccw on SuSE 6.2 -Brock Tellier...
UCCASS <= 1.8.1 - Blind SQL Injection Vulnerability
No description provided by source. :::::::-. ... ::::::. :::. ;;, ';, ;; ;;;;;;;, ;;; ' . ' $$, $$$$ $$$ $$$ Y$c$$ 888,o8P'88 .d888 888 Y88 MMMMP YmmMMMM MMM YM Discovered by dun \ posdubatgmail.com 2012-06-22 UCCASS = v1.8.1 Blind SQL Injection Vulnerability Script: The Unit Command Climate...
Firebird 1.0 GDS_Inet_Server Interbase Environment Variable Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/7546/info Interbase is a database distributed and maintained by Borland. It is available for Unix and Linux operating systems. As Firebird is based on Borland/Inprise Interbase source code, it is very likely that Interbas...
id Software Quake II Server 3.20/3.21 Remote Information Disclosure Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/4744/info Quake II is a multiplayer game released by id Software. The source code has been made publically available, and versions are available for Windows and Linux. A vulnerability has been reported in some versions of...
Caldera OpenLinux 2.2 ,Debian 2.1/2.2,RedHat <= 6.0 Vixie Cron MAILTO Sendmail Vulnerability
No description provided by source. Caldera OpenLinux 2.2 ,Debian Linux 2.1/2.2,RedHat Linux = 6.0 Vixie Cron MAILTO Sendmail Vulnerability source: http://www.securityfocus.com/bid/611/info Failure by the vixie cron daemon from validating the contents of a user supplied environment variable allow ...
BloofoxCMS Registration Plugin SQL Injection Vulnerability
No description provided by source. Vulnerability ID: HTB22658 Reference: http://www.htbridge.ch/advisory/sqlinjectioninbloofoxcmsregistrationplugin.html Product: BloofoxCMS Vendor: bloofox.com http://bloofox.com/ Vulnerable Version: 0.3.5 and probably prior versions Vendor Notification: 13 Octobe...
McKesson ActiveX File/Environmental Variable Enumeration
No description provided by source. html !-- McKesson ActiveX File/Environmental Variable Enumeration Vendor: McKesson Version: 11.0.10.38 Tested on: Windows XP SP3 / IE Download: N/A Author: Blake Additional Details: This activex control is packaged with the Horizon Rad Station software used by...
study planner (studiewijzer) <= 0.15 - Remote File Inclusion Vulnerability
No description provided by source. \ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /\ / / / / / .OR.ID ECHOADV77$2007 ----------------------------------------------------------------------------------------- ECHOADV77$2007 Study planner Studiewijzer = 0.15 Remote File Inclusion...
OpenDock Easy Gallery <= 1.4 (doc_directory) File Include Vulnerabilities
No description provided by source. ECHOADV52$2006 ----------------------------------------------------------------------------------------------- ECHOADV52$2006OpenDock Easy Gallery =1.4 docdirectory Multiple Remote File Inclusion Vulnerability...
PHP 4.x/5.0.x File Upload GLOBAL Variable Overwrite Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/15250/info PHP is prone to a vulnerability that allows attackers to overwrite the GLOBAL variable via HTTP POST requests. By exploiting this issue, remote attackers may be able to overwrite the GLOBAL variable. This may...
PHP 3/4/5 ZendEngine Variable Destruction Remote Denial of Service Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/22764/info PHP is prone to a denial-of-service vulnerability because it fails to properly sanitize user-supplied input. An attacker who can run PHP code on a vulnerable computer may exploit this vulnerability to crash PHP...
Linuxconf 1.1.x/1.2.x Local Environment Variable Buffer Overflow Vulnerability (2)
No description provided by source. source: http://www.securityfocus.com/bid/5585/info Linuxconf is a Linux configuration utility from Solucorp. It is typically installed as a setuid root utility for the management and configuration of Linux operating systems. A buffer overflow vulnerability has...
Linuxconf 1.1.x/1.2.x Local Environment Variable Buffer Overflow Vulnerability (3)
No description provided by source. source: http://www.securityfocus.com/bid/5585/info Linuxconf is a Linux configuration utility from Solucorp. It is typically installed as a setuid root utility for the management and configuration of Linux operating systems. A buffer overflow vulnerability has...
Linuxconf 1.1.x/1.2.x Local Environment Variable Buffer Overflow Vulnerability (1)
No description provided by source. source: http://www.securityfocus.com/bid/5585/info Linuxconf is a Linux configuration utility from Solucorp. It is typically installed as a setuid root utility for the management and configuration of Linux operating systems. A buffer overflow vulnerability has...
davfs2 1.4.6/1.4.7 - Local Privilege Escalation Exploit
No description provided by source. davfs2 1.4.6/1.4.7 local privilege escalation exploit Bug Description: davfs2 is a Linux utility which allows OS users to mount a remote webdav server as a local partition. The bug is well documented at http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=723034...
XAMPP 1.6.8 - (CSRF) Change Administrative Password Exploit
No description provided by source. XAMPP change administrative password: -------------------------------------------------------------------------------- Written by Michael Brooks special thanks to str0ke Affects XAMPP 1.6.8. homepage: http://www.apachefriends.org/ XAMPP has 17+ million downloads...
Greg Matthews Classifieds.cgi 1.0 Hidden Variable Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/2019/info Classifieds.cgi is a perl script part of the classifieds package by Greg Matthews which provides simple classified ads to web sites. Due to improper input validation it can be used to execute any command on the...