CVE-2005-2108

SQL injection vulnerability in XMLRPC server in WordPress 1.5.1.2 and earlier allows remote attackers to execute arbitrary SQL commands via input that is not filtered in the HTTPRAWPOSTDATA variable, which stores the data in an XML file...

CVE-2005-2072

The runtime linker ld.so in Solaris 8, 9, and 10 trusts the LDAUDIT environment variable in setuid or setgid programs, which allows local users to gain privileges by 1 modifying LDAUDIT to reference malicious code and possibly 2 using a long value for LDAUDIT...

CVE-2002-1687

Buffer overflow in the diagnostics library in AIX allows local users to "cause data and instructions to be overwritten" via a long DIAGNOSTICS environment variable...

CVE-2002-1757

PHProjekt 2.0 through 3.1 relies on the $PHPSELF variable for authentication, which allows remote attackers to bypass authentication for scripts via a request to a .php file with "sms" in the URL, which is included in the PATHINFO portion of the $PHPSELF variable, as demonstrated using...

CVE-2002-1721

Off-by-one error in alterMIME 0.1.10 and 0.1.11 allows remote attackers to cause a denial of service crash via an x-header that causes snprintf overwrite the FFGETFILE variable with a null byte...

lpanelClient.txt

Subject: Lpanel.NET's Lpanel all versions up to and including 1.59 is vulnerable to the unauthorized viewing of client invoice information. Severity: High; This vulnerability allows an attacker unauthorized viewing of other clients' invoice information. Preamble: Taken from http://www.lpanel.net/...

SquirrelMail < 1.4.5 Multiple Vulnerabilities

Binary data 3016.prm...

SquirrelMail < 1.45 Multiple Vulnerabilities

According to its banner, the version of SquirrelMail installed on the remote host is prone to multiple flaws : - Post Variable Handling Vulnerabilities Using specially crafted POST requests, an attacker may be able to set random variables in the file 'optionsidentities.php', which could lead to...

File Upload Manager Sploits

Below is some code for a recent unpatched exploit for file managers using php as the base code. Share this with the world and help protect. File Upload Manager - Bypass File Extension and Arbitrary File Delete nothing to see here @ hackthissite.org Through an input validation flaw, users are able...

CVE-2005-1956

File Upload Manager allows remote attackers to upload arbitrary files by modifying the test variable to contain a value of '' six tildes, which bypasses the file extension checks...

C.J. Steele Tattle - Remote Command Execution

source: https://www.securityfocus.com/bid/13883/info tattle is affected by a remote command execution vulnerability. An attacker can supply arbitrary commands prefixed with the '|' character as a value for the 'tld' variable that will be executed in the context of the application. An attacker can...

C.J. Steele Tattle - Remote Command Execution

C.J. Steele Tattle - Remote Command Execution source: https://www.securityfocus.com/bid/13883/info tattle is affected by a remote command execution vulnerability. An attacker can supply arbitrary commands prefixed with the '|' character as a value for the 'tld' variable that will be executed in t...

CVE-2005-1787

CVE-2005-1787 affects phpStat 1.5; setup.php contains a flaw where remote attackers can bypass authentication and gain administrator privileges by setting the $check variable. The connected documents confirm this vulnerability but do not provide detailed exploit steps or patches within the given ...

Fedora Core 2 : mysql-3.23.58-16.FC2.1 (2005-305)

Sat Apr 2 2005 Tom Lane 3.23.58-16.FC2.1 - Repair uninitialized variable in security2 patch. - Enable testing on 64-bit arches; continue to exclude s390x which still has issues. - Fri Mar 18 2005 Tom Lane 3.23.58-15.FC2.1 - Backpatch repair for CVE-2005-0709, CVE-2005-0710, CVE-2005-0711...

Low: Red Hat Security Advisory: glibc security update

Updated glibc packages that address several bugs are now available. This update has been rated as having low security impact by the Red Hat Security Response Team. The GNU libc packages known as glibc contain the standard C libraries used by applications. It was discovered that the use of LDDEBUG...

CVE-2005-1598

SQL injection vulnerability in Invision Power Board IPB 2.0.3 and earlier allows remote attackers to execute arbitrary SQL commands via a crafted cookie password hash passhash that modifies the internal $pid variable...

Apple Mac OS X Foundation Framework vulnerable to buffer overflow via incorrect handling of an environmental variable

Overview A buffer overflow in Mac OS X Foundation Framework's processing of environment variables may lead to elevated privileges. Description A vulnerability is present Mac OS X Foundation Framework shipped in version 10.3.9 of Mac OS X and Mac OSX Server. There is a flaw in the handling of...

e107 search.php search_info Parameter Traversal Arbitrary File Inclusion

The version of e107 installed on the remote host is affected by a remote file inclusion vulnerability because it fails to properly sanitize user-supplied input to the 'searchinfo' parameter of the 'search.php' script. This vulnerability could allow a remote, unauthenticated attacker to view...

CVE-2003-1167

KPopup 0.9.1 exposes two local-privilege/vulnerability issues. First, a format-string vulnerability in main.cpp (kpopup 0.9.1–0.9.5pre2) can allow local users to cause a denial of service (segmentation fault) and potentially execute arbitrary code via crafted format specifiers in command line arg...

CVE-2003-1167

misc.cpp in KPopup 0.9.1 trusts the PATH variable when executing killall, which allows local users to elevate their privileges by modifying the PATH variable to reference a malicious killall program...