44 matches found
EUVD-2008-5677
Malware in sbrugna...
EUVD-2009-2564
Malware in sbrugna...
EUVD-2007-5301
Malware in sbrugna...
EUVD-2008-5676
Malware in sbrugna...
CVE-2009-2569
Multiple cross-site scripting XSS vulnerabilities in Verlihub Control Panel VHCP 1.7e allow remote attackers to inject arbitrary web script or HTML via 1 the nick parameter in a login action to index.php or 2 the URI in a news request to index.html...
verlihub <= 0.9.8d-RC2 Remote Command Execution Vulnerability
No description provided by source. == verlihub =0.9.8d-RC2 remote r00t / command execution ======================= | ' / | / / \---'-|---\ | |' / / / '. V ,--' ':./ description:-------------------------------------------------------------------- Verlihub is a Direct Connect protocol server; runs...
Verlihub Control Panel <= 1.7.x Local File Inclusion Vulnerability
No description provided by source. Verlihub Control Panel v 1.7 PHP 4.x Local File Inclusion http://vhcp.verlihub- project.org/ Bug Found By Methodman From TEAMELITE - dchub.nemesis.te-home.net:4120 Bug: Line: 27 - inisetmagicquotesgpc,1; ............................ Line: 71 - $pagename =...
Verlihub Control Panel 1.7 Multiple Cross-Site Scripting Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/34856/info Verlihub Control Panel is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrar...
CVE-2009-2569
Multiple cross-site scripting XSS vulnerabilities in Verlihub Control Panel VHCP 1.7e allow remote attackers to inject arbitrary web script or HTML via 1 the nick parameter in a login action to index.php or 2 the URI in a news request to index.html...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Verlihub Control Panel VHCP 1.7e allow remote attackers to inject arbitrary web script or HTML via 1 the nick parameter in a login action to index.php or 2 the URI in a news request to index.html...
CVE-2009-2569
Multiple cross-site scripting XSS vulnerabilities in Verlihub Control Panel VHCP 1.7e allow remote attackers to inject arbitrary web script or HTML via 1 the nick parameter in a login action to index.php or 2 the URI in a news request to index.html...
CVE-2009-2569
Multiple cross-site scripting XSS vulnerabilities in Verlihub Control Panel VHCP 1.7e allow remote attackers to inject arbitrary web script or HTML via 1 the nick parameter in a login action to index.php or 2 the URI in a news request to index.html...
CVE-2009-2569
Verlihub Control Panel (VHCP) 1.7e contains cross-site scripting (XSS) vulnerabilities that allow remote attackers to inject arbitrary script/HTML via (1) the nick parameter in a login action to index.php and (2) the URI in a news request to index.html. The connected documents confirm these two v...
VerliHub Control Panel 1.7e Cross Site Scripting
VerliHub Control Panel - v 1.7e XSS & Iframe Injection Vulnerability http://vhcp.verlihub-project.org -6-05-2009 -Methodman - http://nemesis.te-home.net -Example:- Cross-site scripting vulnerability on login page http://vhcp.com/index.php?page=login&nick="alert"Vulnerable";...
Verlihub Control Panel 1.7 - Multiple Cross-Site Scripting Vulnerabilities
Verlihub Control Panel 1.7 - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/34856/info Verlihub Control Panel is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may...
Verlihub Control Panel 1.7 - Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/34856/info Verlihub Control Panel is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an...
FreeBSD Ports: verlihub
The remote host is missing an update to the system as announced in the referenced advisory. VID 58997463-e012-11dd-a765-0030843d3802 OpenVAS Vulnerability Test $ Description: Auto generated from VID 58997463-e012-11dd-a765-0030843d3802 Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...
FreeBSD Ports: verlihub
The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
FreeBSD : verlihub -- insecure temporary file usage and arbitrary command execution (58997463-e012-11dd-a765-0030843d3802)
securityfocus reports : An attacker with local access could potentially exploit this issue to perform symbolic-link attacks, overwriting arbitrary files in the context of the affected application. Successfully mounting a symlink attack may allow the attacker to delete or corrupt sensitive files,...
Verlihub创建不安全文件及远程代码执行漏洞
BUGTRAQ ID: 32889,32420 CVECAN ID: CVE-2008-5705,CVE-2008-5706 Verlihub是运行在Linux操作系统上的Direct Connect协议服务器。 Verlihub没有正确地过滤通过trigger机制传送给shell的用户输入,此外Verlihub守护程序还可能配置为以root用户权限运行,这就允许连接到hub的用户通过提交恶意请求执行任意命令,或允许本地攻击者通过对/tmp/trigger.tmp临时文件的符号链接攻击覆盖任意文件。以下是src/ctrigger.cpp文件的cTrigger::DoIt函数中的有漏洞代码...