cjultraSQL.txt

ADVISORY Sql Injection in CJ Ultra Plus v1.0.3-1.0.4? "My God, it's full of stars" - c MwNN Vulnerable code is in out.php ... if isset$perm $query = "select a1, a2 from trade where a1 = '$perm'"; So... Exploit:...

WPS Web-Portal-System v.0.7.0 (wps_shop.cgi) remote commands execution vulnerability

WPS Web-Portal-System v.0.7.0 wpsshop.cgi remote commands execution vulnerability Vendor URL : http://www.pcdoc24.de vendor website seem down Vulnerability : Remote Command Execution Risk : High ================================================================== An attacker may exploit this...

Sql Injection in CJ Ultra Plus v1.0.3-1.0.4

ADVISORY Sql Injection in CJ Ultra Plus v1.0.3-1.0.4? "My God, it's full of stars" - c MwNN Vulnerable code is in out.php ---code begin-- ... if isset$perm $query = "select a1, a2 from trade where a1 = '$perm'"; -muhahaha $result = mysqlquery$query; if!$result errormessagesqlerror; ... ---code...

badroot-mcNews13.txt

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- BadRoot Security Advisory 2005-0x01 -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Thu Mar 17 2005 - 00:46 am GMT +1 Product: mcNews admin/install.php ... 33 if $table==1 34 35 include$l; 36 echo ''.$lGoAdmin.''; 37 ... Impact:...

PHP mcNews <= 1.3 arbitrary file inclusion (VXSfx)

-- == -- == -- == -- == -- == -- == -- == -- == -- == -- Name: PHP mcNews Version: 1.3 Homepage: http://www.phpforums.net/index.php?dir=dld Author: Filip Groszynski VXSfx Date: 7 March 2005 -- == -- == -- == -- == -- == -- == -- == -- == -- == -- Vulnerable code in mcNews/admin/header.php: ? //...

formmail23.txt

-- == -- == -- == -- == -- == -- == -- == -- == -- == -- Name: Form Mail Script FS Version: Location: Poland Email: groszynskif gmail com HP: http://shell.homeunix.org -- == -- == -- == -- == -- == -- == -- == -- == -- == --...

PHP Form Mail Script (2.3) - Arbitrary File Inclusion (VXSfx)

-- == -- == -- == -- == -- == -- == -- == -- == -- == -- Name: Form Mail Script FS Version: = 2.3 free/commercial Homepage: http://www.stadtaus.com/ Author: Filip Groszynski VXSfx Date: 4 March 2005 -- == -- == -- == -- == -- == -- == -- == -- == -- == -- Vulnerable code in inc/formmail.inc.php:...

phpnews124.txt

-- == -- == -- == -- == -- == -- == -- == -- == -- == -- Name: PHP News Version: 1.2.4 and possibly 1.2.3 Homepage: http://newsphp.sourceforge.net/ Author: Filip Groszynski VXSfx Date: 23 February 2005 -- == -- == -- == -- == -- == -- == -- == -- == -- == -- Vulnerable code in auth.php: if...

2Bgal : 2.4 & 2.5.1 SQL injection Vulnerability

2Bgal 2.5.1 SQL injection Vulnerability http://www.ben3w.com/ 12/22/2004 ---------------------------------------------------------------------- Description: ---------------------------------------------------------------------- 2Bgal is fully customizable photo gallery. It's seems to be vulnerabl...

[Full-Disclosure] Bug in PaX Linux Kernel 2.6 Patches

http://www.cr-secure.net Found by: borg ChrisR- A small bug in PaX was found. What is PaX? ----------------------- PaX is a collection of intrusion prevention patches for the Linux Kernel 2.2, 2.4, and 2.6. This advisory only affects the PaX patches for the 2.6 linux kernel. PaX is located at...