DZ! sodb-2 0 0 8-1 3 EXP published-vulnerability warning-the black bar safety net

!/ usr/bin/php ? php / Discuz! 6. x/7. x SODB-2 0 0 8-1 3 Exp By www.80vul.com Notes the value of the variable, add your own modifications / $host = ‘www.80vul.com’; // Server domain or IP $path = ‘/discuz/’; // Where the program path $key = 0; // The above variable is edited, make will the value...

Bugzilla quips.cgi Unspecified Crafted Variable Security Bypass

Binary data 4742.prm...

Discuz!4.x wap\index.php 变量覆盖漏洞

Discuz!4.x一直存在着一个变量覆盖漏洞n年了.代码如下: $chs = ''; if$POST && $charset != 'utf-8' $chs = new Chinese'UTF-8', $charset; foreach$POST as $key = $value $$key = $chs-Convert$value; //foreach处理$POST导致变量覆盖 unset$chs;...

CVE-2008-4763

Multiple cross-site scripting XSS vulnerabilities in sample.php in WiKID wClient-PHP 3.0-2 and earlier allow remote attackers to inject arbitrary web script or HTML via the PHPSELF variable...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in sample.php in WiKID wClient-PHP 3.0-2 and earlier allow remote attackers to inject arbitrary web script or HTML via the PHPSELF variable...

CVE-2008-4763

Multiple cross-site scripting XSS vulnerabilities in sample.php in WiKID wClient-PHP 3.0-2 and earlier allow remote attackers to inject arbitrary web script or HTML via the PHPSELF variable...

PHPWind passport_client.php文件UPDATE参数远程SQL注入漏洞

PHPWind的实现上存在变量过滤漏洞，远程攻击者可能利用此漏洞执行SQL注入攻击，非授权操作数据库，完全控制论坛。 PHPWind的passportclient.php文件里变量没有初始化，可以通过构造特定的变量值判断： codeif!$passportifopen || $passporttype != 'client' exit"Passport closedPHPWind"; //可以提交“passportifopen =1&passporttype=client”绕过 ifmd5$action.$userdb.$forward.$passportkey != $verify...

kasracms-xss.txt

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ KasraCMS Cross Site Scripting Vulnerability Discovered by d3b4g ============================================== AUTHOR : d3b4g DATE : 26 oct 2008 EMAIL : [email protected] APPLICATION : KasraCMS WebSite: http://kasracms.com...

phpMyAdmin Import_Blacklist变量覆盖漏洞

BugCVE: CVE-2005-4079 BUGTRAQ: 15761 phpMyAdmin对某些变量的处理上存在漏洞，远程攻击者可能利用此漏洞在主机上执行任意命令。 phpMyAdmin将不应该被registerglobals仿真层覆盖的变量黑名单存储在全局变量中，但却没有包含$importblacklist变量名，因此攻击者可以覆盖该变量。如果覆盖了该变量的话，攻击者就可以用任意内容覆盖$GLOBALS数组，导致执行任意代码。 phpMyAdmin phpMyAdmin 2.7/2.7.0 beta1 phpMyAdmin ----------...

asicms-rfi.txt

=========================================================================================== o asiCMS alpha 0.208 Multiple Remote File Inclusion Vulnerability Software : asiCMS version alpha 0.208 Vendor : http://asicms.sourceforge.net/ Download :...

Design/Logic Flaw

pamkrb5 2.2.14 in Red Hat Enterprise Linux RHEL 5 and earlier, when the existingticket option is enabled, uses incorrect privileges when reading a Kerberos credential cache, which allows local users to gain privileges by setting the KRB5CCNAME environment variable to an arbitrary cache filename a...

Design/Logic Flaw

The Hash-based Message Authentication Code HMAC provider in Java on Apple Mac OS X 10.4.11, 10.5.4, and 10.5.5 uses an uninitialized variable, which allows remote attackers to execute arbitrary code via a crafted applet, related to an "error checking issue."...

Fedora 9 : phpMyAdmin-2.11.9.1-1.fc9 (2008-8370)

This update by upstream to phpMyAdmin 2.11.9.1 solves a not yet clearly specified code execution vulnerability. - auth Links to version number on login screen - core PMA does not start if iniset is disabled - bookmarks Saved queries greater than 1000 chars not displayed - export Export type...

Gentoo Security Advisory GLSA 200511-08 (PHP)

The remote host is missing updates announced in advisory GLSA 200511-08. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[NOBYTES.COM: #12] osCommerce 2.2rc2a - Information Disclosure

Application: osCommerce 2.2rc2a Authors Site: http://www.oscommerce.com/ +--------------------------------------------------------------+ Information Disclosure: Manipulation of the 'DOB' Variable on createaccount.php can cause information disclosure: In this example the POST variable 'DOB' has...

CVE-2008-4105

JRequest in Joomla! 1.5 before 1.5.7 does not sanitize variables that were set with JRequest::setVar, which allows remote attackers to conduct "variable injection" attacks and have unspecified other impact...

Sql injection

JRequest in Joomla! 1.5 before 1.5.7 does not sanitize variables that were set with JRequest::setVar, which allows remote attackers to conduct "variable injection" attacks and have unspecified other impact...

CVE-2008-4105

Affected product: Joomla! 1.5 (before 1.5.7). The issue arises from JRequest::setVar not being sanitized, allowing remote attackers to perform variable injection with unspecified impact. Base CVSS v2.0 score 7.5 (HIGH) with network access, low attack complexity, no authentication required. Remedi...

oscom-disclose.txt

Application: osCommerce 2.2rc2a Authors Site: http://www.oscommerce.com/ +--------------------------------------------------------------+ Information Disclosure: Manipulation of the 'DOB' Variable on createaccount.php can cause information disclosure: In this example the POST variable 'DOB' has...

[20080901] - Core - JRequest Variable Injection

A flaw in JRequest exists where variables set with JRequest::setVar are not cleaned when fetching the variable at a later point in the request. This can result in variable injection unwanted characters injected into returned data...