CVE-2024-39165

QR/demoapp/qrimage.php in Asial JpGraph Professional through 4.2.6-pro allows remote attackers to execute arbitrary code via a PHP payload in the data parameter in conjunction with a .php file name in the filename parameter. This occurs because an unnecessary QR/demoapp folder.is shipped with the...

CVE-2024-8401

CWE-79: Improper Neutralization of Input During Web Page Generation ‘Cross-site Scripting’ vulnerability exists when an authenticated attacker modifies folder names within the context of the product...

Microsoft IIS 6.0 WebDAV Remote Authentication Bypass Exploit (patch)

No description provided by source. Blog with a detailed description: http://www.skullsecurity.org/blog/?p=285 And the patch itself: http://www.skullsecurity.org/blogdata/cadaver-0.23.2-h4x.patch mkdir cadaver-h4x cd cadaver-h4x wget http://www.skullsecurity.org/blogdata/cadaver-0.23.2-h4x.patch...

Microsoft IIS 6.0 - WebDAV Remote Authentication Bypass (Patch)

Blog with a detailed description: http://www.skullsecurity.org/blog/?p=285 And the patch itself: http://www.skullsecurity.org/blogdata/cadaver-0.23.2-h4x.patch mkdir cadaver-h4x cd cadaver-h4x wget http://www.skullsecurity.org/blogdata/cadaver-0.23.2-h4x.patch --snip-- wget...

Microsoft IIS 6.0 WebDAV Remote Authentication Bypass Exploit (patch)

Exploit for windows platform in category remote exploits ===================================================================== Microsoft IIS 6.0 WebDAV Remote Authentication Bypass Exploit patch ===================================================================== And the patch itself:...

osCommerce 2.2 - 'extras' Source Code Disclosure

---- osCommerce \n"; print nl2brhtmlentitiesimplode$readme, ' '; print "Continue\n"; print "\n"; exit; ... google search: inurl:"extras/update.php" intext:mysql.php -display -------------------------------------------------------------------------------- rgod site: http://retrogod.altervista.org...