1496 matches found
A vulnerability in Kaspersky Antivirus
Hello Bugtraq. I write to notify a vulnerability in Kaspersky Antivirus that allows the code injection in the process that is executed in user's context, allowing: 1. The modification, creation and elimination of the values and keys in the Registration with respect to the configuration of the...
al3jeb script - Remote Authentication Bypass
'/ -.- --------------------oOO------OOo------------------- | al3jeb script Remote Login Bypass Exploit | | works only with magicquotesgpc = off | ------------------------------------------------------ ! Discovered: cr4wl3r ! Date: 19.01.2010 ! Remote: yes ! Vulnerability Code login.php : ! PoC:...
CVE-2009-4035
The FoFiType1::parse function in fofi/FoFiType1.cc in Xpdf 3.0.0, gpdf 2.8.2, kpdf in kdegraphics 3.3.1, and possibly other libraries and versions, does not check the return value of the getNextLine function, which allows context-dependent attackers to execute arbitrary code via a PDF file with a...
KDE KDELibs 'dtoa()'远程代码执行漏洞
Bugraq ID: 37080 CVE ID:CVE-2009-0689 KDE是一款UNIX工下开源图形桌面环境。 KDELibs是建立在Qt框架之上,它提供框架和众多功能来开发KDE程序。其中dtoa实现存在错误,处理特殊构建的浮点数可导致内存覆盖。由于Kmac定义为15,dtoa函数没有检查Kmac限制,可能调用大于等于16的freelist数组元素。 KDE 4.3.3 目前没有详细解决方案提供: http://www.kde.org/ - ----------------------- script var a=0.?php echo strrepeat"1",296450;...
[SECURITY] [DSA 1844-1] New Linux 2.6.24 packages fix several vulnerabilities
---------------------------------------------------------------------- Debian Security Advisory DSA-1844-1 [email protected] http://www.debian.org/security/ Dann Frazier July 28, 2009 http://www.debian.org/security/faq - ----------------------------------------------------------------------...
OpenJDK: Possibility of trusted applet run in older, vulnerable version of JRE (6706490)
The Java Plug-in in Java SE Development Kit JDK and Java Runtime Environment JRE 6 Update 12, 11, and 10 allows user-assisted remote attackers to cause a trusted applet to run in an older JRE version, which can be used to exploit vulnerabilities in that older version, aka CR 6706490...
CVE-2009-0065
creationtimestamp| type| source ---|---|--- 2009-04-28 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/8556...
Format string
Format string vulnerability in the minicalendar component in Citadel.org WebCit 7.22, and other versions before 7.39, allows remote attackers to execute arbitrary code via unspecified vectors...
CentOS Update for ed CESA-2008:0946 centos4 i386
Check for the Version of ed OpenVAS Vulnerability Test CentOS Update for ed CESA-2008:0946 centos4 i386 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
ccms40-sql.txt
Author: !DoktOR! Date found: 21.08.08 Product: CCMS Gaming Portal Version: 4.0 The price: $55 URL: customcms.net Vulnerability Class: SQL injection print.php Vuln code: $q = mysqlquery"SELECT from ccmsnewscomments WHERE wid='$id'"; magicquotesgpc = Off http://localhost/installdir/ Exploit:...
plusphp-rfi.txt
Author: DR.TOXIC / [email protected] Title: plusPHP Multi-User Short URL and Statistics plus.php RFI Vulnerability Script Download: http://www.hotscripts.com/jump.php?listingid=80293&jumptype=1 Vulnerability Code: plus.php "include $pagesdir.'config.php';" Example;...
DSA-1566-1 cpio - programming error
Bulletin has no description...
sabros.us 1.75 (thumbnails.php) Remote File Disclosure Vulnerability
Exploit for unknown platform in category web applications ==================================================================== sabros.us 1.75 thumbnails.php Remote File Disclosure Vulnerability ==================================================================== sabrosus 1.75 thumbnails.php AUTHO...
PhpBlock a8.4 (PATH_TO_CODE) Remote File Inclusion Vulnerability
No description provided by source. Script Name : PHP Block a8.4 Download : http://sourceforge.net/project/downloading.php?groupid=186381&usemirror=surfnet&filename=a8.4.zip&73507325 Error : includeonce $PATHTOCODE."/script/fonction.php"; Vul Code :...
cuteflow-sqlxss.txt
CuteFlow Version 1.5.0 Multiple Remote Vulnerabilities sql injection & Xss Virangar Security Team www.virangar.org www.virangar.net -------- Discoverd By : hadihadi special tnx to:MR.nosrati,black.shadowes,MR.hesy,Zahra & all virangar members & all iranian hackerz greetz:to my best friend in the...
Design/Logic Flaw
Unspecified vulnerability in Dokeos 1.8.4 before SP3 allows attackers to execute arbitrary code via unspecified vectors...
X.Org xorg-x11-xfs 1.0.2-3.1 - Local Race Condition
X.Org xorg-x11-xfs 1.0.2-3.1 - Local Race Condition !/bin/sh Xorg-x11-xfs Race Condition Vuln local root exploit CVE-2007-3103 Another lame xploit by vl4dZ : works on redhat el5 and before $ id uid=1001kecos gid=1001user groups=1001user $ sh xfs-RaceCondition-root-exploit.sh Generate large data...
DTSA-54-1 poppler - arbitrary code execution
Bulletin has no description...
FirmWorX 0.1.2 Multiple Remote File Inclusion Vulnerabilities
Exploit for unknown platform in category web applications ============================================================= FirmWorX 0.1.2 Multiple Remote File Inclusion Vulnerabilities ============================================================= DeltaSecurityTEAM WwW.DeltaSecurity.iR Portal Name =...
EUVD-2006-5605
PHP remote file inclusion vulnerability in include/menubuilder.php in MiniBILL 2006-10-10 1.2.3 and earlier, when registerglobals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the configpagedir parameter, a different vector than CVE-2006-4489...