541 matches found
IT-Grundschutz M4.049: Absicherung des Boot-Vorgangs fr ein Windows-System
IT-Grundschutz M4.049: Absicherung des Boot-Vorgangs fr ein Windows-System. Stand: 15. Ergnzungslieferung 15. EL. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
Vulnerability tracking: Flash critical Vulnerability(CVE-2 0 1 5-0 3 1 1 detailed technical analysis-vulnerability warning-the black bar safety net
Last week's Flash 0day vulnerability you play cool. Known for their natural also want to know its so natural, playing tired, sit down and take a look at this vulnerability causes. Trend Micro recently to the vulnerability detailed analysis, the author translated, the readers. Vulnerability contex...
Sysmon v2.0 - System Activity Monitor for Windows
System Monitor Sysmon is a Windows system service and device driver that, once installed on a system, remains resident across system reboots to monitor and log system activity to the Windows event log. It provides detailed information about process creations, network connections, and changes to...
Common SQL Server 2 0 0 0 vulnerability and its associated use-vulnerability warning-the black bar safety net
A, empty or weak password Beginners in the SQL Server installation in order to save, the SQL Server Administrator sa is empty or weak password, so the danger is very great, and these dangerous often beginners are not aware of, the little King feel that their library is test data, nothing with, ev...
Job Fails to Start Due to Timeout Caused by Desktop Heap Allocation Failure
Article Applicability The timeout error displayed in Veeam Backup & Replication can be caused by various factors. This article explicitly addresses a scenario where the Windows OS experiences a 'heap allocation' failure. Please note that the solution provided in this article is only applicable if...
SQL Injection Vulnerability in ArticleFR
High-Tech Bridge Security Research Lab discovered SQL injection vulnerability in ArticleFR, which can be exploited to perform SQL Injection attacks and gain complete control over vulnerable website. 1 SQL Injection in ArticleFR: CVE-2014-5097 The vulnerability exists due to insufficient...
BSD/OS <= 2.1,Caldera UnixWare 7/7.1 .0,FreeBSD FreeBSD 1.1.5 .1/2.0 ,HP HP-UX <= 10.34,IBM AIX <= 4.2,SGI IRIX <= 6.3,SunOS <= 4.1.4 libXt library Vulnerability (3)
No description provided by source. source: http://www.securityfocus.com/bid/237/info The libXt library is part of the X Windows system. There are several buffer overflow conditions that may allow an unauthorized user to gain root privileges through setuid and setgid programs that are linked to...
Altiris Deployment Solution 5.6 Client Service Local Privilege Escalation Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/11709/info Altiris Deployment Solution Client allows a user to activate the client interface by easily launching the software from an icon in the Windows system tray. It is reported that a local user may exploit the clien...
Apache <= 2.0.52 HTTP GET request Denial of Service Exploit
No description provided by source. !/usr/bin/perl Based on - apache-squ1rt.c exploit. Original credit goes to Chintan Trivedi on the FullDisclosure mailing list: http://seclists.org/lists/fulldisclosure/2004/Nov/0022.html More info - http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0942...
ecshop设计缺陷导致存在脱裤风险
简要描述: ecshop cms设计缺陷导致存在脱裤风险 详细说明: 后台备份数据库的地方,如果在windows系统下可以通过短文件名直接访问。 这是我找的一个证明此问题可以脱裤的站 漏洞证明: 后台备份数据库的地方,如果在windows系统下可以通过短文件名直接访问。 这是我找的一个证明此问题可以脱裤的站...
SQL Injection in Dolphin | HTB23216
High-Tech Bridge Security Research Lab discovered SQL injection vulnerability in Dolphin, which can be exploited to perform SQL injection attacks and obtain sensitive information from the application database. 1 SQL Injection in Dolphin: CVE-2014-3810 The vulnerability exists due to insufficient...
SQL Injection in Orbit Open Ad Server
Advisory ID: HTB23208 Product: Orbit Open Ad Server Vendor: OrbitScripts, LLC Vulnerable Versions: 1.1.0 and probably prior Tested Version: 1.1.0 Advisory Publication: March 19, 2014 without technical details Vendor Notification: March 19, 2014 Vendor Patch: March 21, 2014 Public Disclosure: Apri...
Hidden File Finder v3.0 - Free Tool to Find and Unhide/Remove all the Hidden Files
Hidden File Finder is the free software to quickly scan and discover all the Hidden files on your Windows system. It performs swift multi threaded scan of all the folders parallely and quickly uncovers all the hidden files. It automatically detects the Hidden Executable Files EXE, DLL, COM etc an...
doorGets CMS SQL injection vulnerability-vulnerability warning-the black bar safety net
Vulnerability version: doorGets CMS 5.2 Vulnerability description: CVE ID:CVE-2 0 1 4-1 4 5 9 doorGets CMS is a content management system. Since the transfer to"/dg-admin/index.php"script"positiondownid" HTTP POST parameters failed to adequately filtered, the attacker can access the management...
SQL Injection in doorGets CMS
Advisory ID: HTB23197 Product: doorGets CMS Vendor: doorGets Vulnerable Versions: 5.2 and probably prior Tested Version: 5.2 Advisory Publication: January 15, 2014 without technical details Vendor Notification: January 15, 2014 Vendor Patch: January 15, 2014 Public Disclosure: February 5, 2014...
doorGets CMS SQL注入漏洞
CVE ID:CVE-2014-1459 doorGets CMS是一款内容管理系统。 由于传递到"/dg-admin/index.php"脚本的"positiondownid" HTTP POST参数未能充分过滤,攻击者可以通过访问管理界面在应用程序的数据库中执行任意SQL命令。 0 doorGets CMS 5.2 厂商补丁: doorGets CMS ----- 更新至2014年1月15日之后发布的5.2版本: http://www.doorgets.com The following exploitation example is based on DNS Exfiltratio...
doorGets CMS 5.2 - SQL Injection
doorGets CMS 5.2 - SQL Injection Advisory ID: HTB23197 Product: doorGets CMS Vendor: doorGets Vulnerable Versions: 5.2 and probably prior Tested Version: 5.2 Advisory Publication: January 15, 2014 without technical details Vendor Notification: January 15, 2014 Vendor Patch: January 15, 2014 Publi...
doorGets CMS 5.2 SQL Injection
Advisory ID: HTB23197 Product: doorGets CMS Vendor: doorGets Vulnerable Versions: 5.2 and probably prior Tested Version: 5.2 Advisory Publication: January 15, 2014 without technical details Vendor Notification: January 15, 2014 Vendor Patch: January 15, 2014 Public Disclosure: February 5, 2014...
Sexy Polling Joomla Extension SQL注入漏洞
CVE ID:CVE-2013-7219 Joomla是一款内容管理系统。 该漏洞由于传递到"/components/comsexypolling/vote.php"脚本的"answerid" HTTP POST参数未能充分验证,远程攻击者可以在应用数据库中执行任意SQL操作。 0 Sexy Polling Joomla Extension =1.0.8 Sexy Polling 1.0.9版本以修复此漏洞,建议用户下载使用:...
SQL Injection in Sexy Polling Joomla Extension
High-Tech Bridge Security Research Lab discovered vulnerability in Sexy Polling Joomla Extension, which can be exploited to perform SQL Injection attacks. 1 SQL Injection in Sexy Polling Joomla Extension: CVE-2013-7219 The vulnerability exists due to insufficient validation of "answerid" HTTP POS...