compteur 2.0 - param_editor.php Remote File Inclusion

compteur 2.0 - parameditor.php Remote File Inclusion Title..: 7 php scripts File Inclusion Vuln / Source disclosure Credits: DarkFig Og.link: http://acid-root.new.fr/poc/13061007.txt Using http://www.google.com/codesearch Few examples about what we can do with a code search engine For educational...

TribunaLibre 3.12 Beta - ftag.php Remote File Inclusion

TribunaLibre 3.12 Beta - ftag.php Remote File Inclusion Title..: 7 php scripts File Inclusion Vuln / Source disclosure Credits: DarkFig Og.link: http://acid-root.new.fr/poc/13061007.txt Using http://www.google.com/codesearch Few examples about what we can do with a code search engine For...

CVE-2006-3413

The privoxy configuration file in Tor before 0.1.1.20, when run on Apple OS X, logs all data via the "logfile", which allows attackers to obtain potentially sensitive information...

Power Daemon 2.0.2 - WHATIDO Remote Format String

Power Daemon 2.0.2 - WHATIDO Remote Format String / gexp-powerd.c Power Daemon v2.0.2 Remote Format String Exploit Copyright C 2005 Gotfault Security Bug found and developed by: barros and xgc Original Reference: http://gotfault.net/research/exploit/gexp-powerd.c / include include include include...

CVE-2005-4667

Buffer overflow in UnZip 5.50 and earlier allows user-assisted attackers to execute arbitrary code via a long filename command line argument. NOTE: since the overflow occurs in a non-setuid program, there are not many scenarios under which it poses a vulnerability, unless unzip is passed long...

CVE-2005-1965

CVE-2005-1965 is a PHP remote file inclusion in Siteframe’s siteframe.php (Broadpool Siteframe). The LOCAL_PATH parameter can be manipulated to cause the server to include arbitrary files and execute PHP code on the remote host. Affected component is siteframe.php; impact is remote code execution...

CVE-2005-0523

Format string vulnerability in ProZilla 1.3.7.3 and earlier allows remote attackers to execute arbitrary code via format string specifiers in the Location header...

CVE-2005-1187

Heap-based buffer overflow in WinHex 12.05 SR-14, and possibly other versions, may allow attackers to execute arbitrary code via a long file name argument. NOTE: since this overflow is in the command line of an unprivileged program, it is highly likely that this is not a vulnerability...

AWStats 5.7 - 6.2 Multiple Remote Exploit

No description provided by source. / AWStats v5.7 - v6.2 sileAWSxpl This exploit utilize three methods for exploiter the vulnerability found on AWStats software. an user can execute remote code on vulnerable machine, with httpd privileges. References: www.securityfocus.org/bid/12543 coded by:...

[SECURITY] [DSA 684-1] New typespeed packages fix arbitrary group games code execution

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 684-1 [email protected] http://www.debian.org/security/ Martin Schulze February 16th, 2005 http://www.debian.org/security/faq -...

HP-UX PHCO_29010 : HP-UX Running shar(1), Local Execution of Arbitrary Code (HPSBUX00304 SSRT3639 rev.2)

s700800 11.11 shar1 patch : shar1 creates tmp files insecurely. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and patch checks in this plugin were extracted from HP patch PHCO29010. The text itself is copyright C Hewlett-Packard Development Company, L.P...

vBulletin 3.0.4 - 'forumdisplay.php' Code Execution (2)

fetcharray$forumusers == True , when you visit the forums, it must has at least one user show the forum. Fourth condition: magicquotesgpc must be OFF Vulnerable Systems: vBulletin version 3.0 up to and including version 3.0.4 Immune systems: vBulletin version 3.0.5 vBulletin version 3.0.6 / if...

[SECURITY] [DSA 663-1] New prozilla packages fix arbitrary code execution

-------------------------------------------------------------------------- Debian Security Advisory DSA 663-1 [email protected] http://www.debian.org/security/ Martin Schulze February 1st, 2005 http://www.debian.org/security/faq -...

CVE-2005-0075

prefs.php in SquirrelMail before 1.4.4, with registerglobals enabled, allows remote attackers to inject local code into the SquirrelMail code via custom preference handlers...

Evolution: Integer overflow in camel-lock-helper

Background Evolution is a GNOME groupware application similar to Microsoft Outlook. Description Max Vozeler discovered an integer overflow in the camel-lock-helper application, which is installed as setgid mail by default. Impact A local attacker could exploit this vulnerability to execute...

CVE-2004-1315

viewtopic.php in phpBB 2.x before 2.0.11 improperly URL decodes the highlight parameter when extracting words and phrases to highlight, which allows remote attackers to execute arbitrary PHP code by double-encoding the highlight value so that special characters are inserted into the result, which...

CVE-2004-0998

Format string vulnerability in telnetd-ssl 0.17 and earlier allows remote attackers to execute arbitrary code...

CVE-2004-1491

Opera 7.54 and earlier uses kfmclient exec to handle unknown MIME types, which allows remote attackers to execute arbitrary code via a shortcut or launcher that contains an Exec entry...

Debian DSA-164-1 : cacti - arbitrary code execution

A problem in cacti, a PHP based frontend to rrdtool for monitoring systems and services, has been discovered. This could lead into cacti executing arbitrary program code under the user id of the web server. This problem, however, is only persistent to users who already have administrator privileg...

[Full-Disclosure] Code Injection Vulnerability in pLog

I believe I have discovered a vulnerability in the open source blog software known as pLog. Register.php doesn't seem to check for script tags in the username or blog name fields in the account sign up form. This allows injection of potentially malicious code into the page. Since the names of blo...