174 matches found
ORACLE Business Process Management (Process Administrator) 5.7-6.0-10.3 - Cross-Site Scripting
|------------------------------------------------------------------| | | | / / / / | | / / / / / / / \ / / / / \ | | / // // / / / / / // / / / / / // / // / / / / / / | | /// //,// // //,// // // | | | | http://www.corelan.be:8800 | | | |-------------------------------------------------...
ORACLE BPM Process Administrator (XSS)
Exploit for jsp platform in category web applications ==================================== ORACLE BPM Process Administrator XSS ==================================== |------------------------------------------------------------------| | | | / / / / | | / / / / / / / \ / / / / \ | | / // // / / /...
ORACLE Business Process Management (Process Administrator) 5.7-6.0-10.3 - Cross-Site Scripting
ORACLE Business Process Management Process Administrator 5.7-6.0-10.3 - Cross-Site Scripting |------------------------------------------------------------------| | | | / / / / | | / / / / / / / \ / / / / \ | | / // // / / / / / // / / / / / // / // / / / / / / | | /// //,// // //,// // //...
I-net Enquiry Management Script - SQL Injection
Name : I-net Enquiry management Script SQL Injection Vulnerability Date : july 13, 2010 Critical Level : HIGH Vendor Url : http://www.i-netsolution.com/ Author : D4rk357 D4rk357atyahoodotin special thanks to : b0nd, Fbih2s,rockey killer,The empty, punter,eberly,prashant greetz to...
Accomplease Leasing Software SQL Injection Vulnerability
Exploit for php platform in category web applications ======================================================== Accomplease Leasing Software SQL Injection Vulnerability ======================================================== 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0...
Atlassian JIRA < 4.1.2 Multiple Vulnerabilities
Binary data 5577.prm...
Science Fair In A Box SQL Injection / Cross Site Scripting
Author: L0rd CrusAd3r aka VSN [email protected] Exploit Title: Science Fair In A Box SQLi & XSS Vulnerability Version:2.0.6 Price:Free Vendor url:http://www.sfiab.ca/ Published: 2010-06-09 Greetz to:Sid3^effects, MaYur, M4n0j, Dark Blue®, S1ayer,d3c0d3r and to all ICW members Science Fair In...
HP Power Manager formExportDataLogs Directory Traversal (CVE-2009-4000)
HP Power Manager is a web-based application for managing a HP Uninterruptible Power System UPS. A directory traversal vulnerability has been reported in HP Power Manager. The vulnerability is due to an input validation error while processing parameters sent to a certain form of the web based...
Preemptive Protection against Adobe ColdFusion Multiple Cross-Site Scripting Vulnerabilities (APSB10-11)
Multiple cross-site scripting XSS vulnerabilities have been discovered in Adobe ColdFusion server. Adobe ColdFusion is an application server for developing dynamically generated Web sites. Cross-site scripting occurs when a Web-based application fails to validate user input before returning it to...
HP Power Manager formExportDataLogs buffer overflow
Added: 01/22/2010 CVE: CVE-2009-3999 BID: 37867 OSVDB: 61848 Background HP Power Manager is a web-based application that enables administrators to manage an HP UPS from a browser-based management console. Problem A buffer overflow vulnerability HP Power Manager allows remote attackers to execute...
HP Power Manager formExportDataLogs buffer overflow
Added: 01/22/2010 CVE: CVE-2009-3999 BID: 37867 OSVDB: 61848 Background HP Power Manager is a web-based application that enables administrators to manage an HP UPS from a browser-based management console. Problem A buffer overflow vulnerability HP Power Manager allows remote attackers to execute...
Update Protection against HP Power Manager Remote Code Execution
A remote code execution vulnerability exists within HP Power Manager, a web-based application for managing a HP Uninterruptible Power System UPS. The vulnerability is due to insufficient bounds checking in the HP Power Manager while processing URL parameters in the login form of the web based...
HP Power Manager Remote Code Execution
Added: 11/06/2009 CVE: CVE-2009-2685 BID: 36933 OSVDB: 59684 Background HP Power Manager is a web-based application that enables administrators to manage an HP UPS from a browser-based management console. Problem A stack-based buffer overflow in the HP Power Manager management web server allows...
TinyWebGallery lang Parameter Local File Inclusion
The remote host is running TinyWebGallery, a web-based photo gallery application written in PHP. The version of TinyWebGallery installed on the remote host fails to filter user-supplied input to the 'lang' parameter of the 'admin/include/init.php' script before using it to include PHP code...
Realty Web-Base 1.0 - Authentication Bypass
Realty Web-Base 1.0 - Authentication Bypass --------------------------------------------------------------- ------------------------------------------------------------ Realty Web-Base v1.0 Auth bypass SQL Injection Vulnerability ---------------------------------------------------------------...
PHPRecipeBook 2.24 (base_id) Remote SQL Injection Vulnerability
Exploit for unknown platform in category web applications =============================================================== PHPRecipeBook 2.24 baseid Remote SQL Injection Vulnerability =============================================================== + PHPRecipeBook 2.24 idRemort SQL Injection...
Oracle Application Server Portal 10g Cross Site Scripting Vulnerability
OracleAS Portal is a Web-based application for building and deploying portals. It provides a secure, manageable environment for accessing and interacting with enterprise software services and information resources. A vulnerability has been identified in Oracle Application Server 10g, This could b...
Oracle AS Portal Cross Site Scripting
Oracle AS Portal is a Web-based application for building and deploying portals. It provides a secure, manageable environment for accessing and interacting with enterprise software services and information resources. A vulnerability has been identified in Oracle Application Server 10g, This could ...
xrms-sqlxss.txt
Multiple Cross Site Scripting XSS and SQL injection Vulnerabilities in XRMS, CVE-2008-3664 References http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3664 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3664 http://xrms.sourceforge.net Description XRMS is a web-based application for managing...
Oracle Application Server 10G ORA_DAV Basic Authentication Bypass Vulnerability
Affected Software/Device: Oracle Application Server Portal Vulnerability: Authentication Bypass Tested Version: 10G Risk: Medium Description: Oracle Application Server Portal OracleAS Portal is a Web-based application for building and deploying portals. It provides a secure, manageable environmen...