326 matches found
Design/Logic Flaw
A certain configuration of Android 2.3.7 on the Motorola Defy XT phone for Republic Wireless uses init to create a /dev/socket/initrunit socket that listens for shell commands, which allows local users to gain privileges by interacting with a LocalSocket object...
CVE-2013-5933
Stack-based buffer overflow in the subE110 function in init in a certain configuration of Android 2.3.7 on the Motorola Defy XT phone for Republic Wireless allows local users to gain privileges or cause a denial of service memory corruption by writing a long string to the /dev/socket/initrunit...
CVE-2013-4777
A certain configuration of Android 2.3.7 on the Motorola Defy XT phone for Republic Wireless uses init to create a /dev/socket/initrunit socket that listens for shell commands, which allows local users to gain privileges by interacting with a LocalSocket object...
CVE-2013-5933
The CVE-2013-5933 entry describes a stack-based buffer overflow in the sub_E110 function of init on Android 2.3.7 running on the Motorola Defy XT (Republic Wireless configuration). The vulnerability arises when a long string is written to the /dev/socket/init_runit LocalSocket, in a way inconsist...
CVE-2013-4777
Summary of CVE-2013-4777 (Android 2.3.7, Motorola Defy XT, Republic Wireless) The advisory describes an exploit path where the device’s init process creates a /dev/socket/init_runit LocalSocket to accept shell commands. The underlying issue is a stack-based buffer overflow in the sub_E110 functio...
Defy republic init_runit
A certain configuration of Android 2.3.7 on the Motorola Defy XT phone for Republic Wireless uses init to create a /dev/socket/initrunit socket that listens for shell commands, which allows local users to gain privileges by interacting with a LocalSocket object. Stack-based buffer overflow in the...
CVE-2013-2601
The NDVM in Citrix XenClient XT before 2.1.3 and 3.x before 3.1.4 allows remote attackers to execute arbitrary commands by using the UIVM to create a network connection...
PT-2011-5166 · Xt:Commerce · Xt:Commerce
Name of the Vulnerable Software and Affected Versions: xt:Commerce versions 3.0.4 SP2.1 and earlier Description: The issue allows remote attackers to hijack the authentication of admins for specific requests. This can be achieved through cross-site request forgery CSRF vulnerabilities. The...
CVE-2010-4954
SQL injection vulnerability in productreviewsinfo.php in xt:Commerce Gambio 2008 allows remote attackers to execute arbitrary SQL commands via the productsid parameter...
XT-Commerce Version 3.0.4 SQL Injection Exploit
Exploit for php platform in category web applications =============================================== XT-Commerce Version 3.0.4 SQL Injection Exploit =============================================== ?php print"\n"; print" Exploit coded by 5ev3n \n"; print" \n"; print" Exploit for XT-Commerce Versi...
BigThink XT (index.php) SQL Injection Vulnerability
Exploit for php platform in category web applications =================================================== BigThink XT index.php SQL Injection Vulnerability =================================================== /\ \ /\ \ /\ \ /'\ /\ /\ /\ \ /\ \ /\ \ \ ,\L\//\ / \ \ \ /\L\ \ \ \ \ \ /\//\ /...
XT-Commerce 3.0.4 SQL Injection
?php print"\n"; print" Exploit coded by 5ev3n \n"; print" \n"; print" Exploit for XT-Commerce Version 3.0.4 \n"; print" \n"; print" usage: \n"; print" php -f exploit.php http://site.de/ \n"; print" \n"; print" greetz to NEAVORC & http://core.am \n"; print"\n\n"; $checkvuln =...
XT-Commerce v1 Beta 1 permission to bypass the Modify download backup vulnerability-vulnerability warning-the black bar safety net
Premiere: the Red section of the network security Author: Amxking Submitted to: indoushka Vulnerability program: XT-Commerce v1 Beta 1 Affected version: v1 Beta 1 Risk level: medium Vulnerability description: Amxking:the vulnerability is I and the foreign Avengers team communication time obtained...
XT-Commerce 1.0 Beta 1 - Pass Create and Download Backup
XT-Commerce 1.0 Beta 1 - Pass Create and Download Backup ======================================================================================== | Title : XT-Commerce v1 Beta 1 = by Pass / Creat and Download Backup Vulnerability | Author : indoushka | email : [email protected] | Dork : Power...
XT-Commerce v1 Beta 1 => by Pass / Creat + Download Backup Vuln
Exploit for php platform in category web applications ========================================================================== XT-Commerce v1 Beta 1 = by Pass / Creat and Download Backup Vulnerability ==========================================================================...
XT-Commerce 1.0 Beta 1 - Pass / Create and Download Backup
======================================================================================== | Title : XT-Commerce v1 Beta 1 = by Pass / Creat and Download Backup Vulnerability | Author : indoushka | email : [email protected] | Dork : Powered by XT-Commerce | Tested on: windows SP2 Français V.Pnx...
PT-2010-3056 · Xt:Commerce · Xt:Commerce
Name of the Vulnerable Software and Affected Versions: xt:Commerce affected versions not specified Description: The issue allows remote attackers to execute arbitrary SQL commands via the coID parameter in the Direct URL module, specifically in the bluegate seo.inc.php file, when magic quotes gpc...
XT-Commerce 1 Beta 1 Create / Download Backup
======================================================================================== | Title : XT-Commerce v1 Beta 1 = by Pass / Creat and Download Backup Vulnerability | Author : indoushka | email : [email protected] | Dork : Powered by XT-Commerce | Tested on: windows SP2 Français V.Pnx...
PT-2009-1778 · Xt · Xt:Commerce
Name of the Vulnerable Software and Affected Versions: xt:Commerce versions prior to 3.0.4 Sp2.1 Description: The issue allows remote attackers to execute arbitrary SQL commands via unspecified vectors when magic quotes gpc is enabled and the SEO URLs are activated. Recommendations: For versions...
PT-2009-1519 · Xt · Xt:Commerce
Name of the Vulnerable Software and Affected Versions: xt:Commerce versions 3.0.4 and earlier Description: The issue is related to a cross-site scripting XSS vulnerability. This vulnerability allows remote attackers to inject arbitrary web script or HTML via the keywords parameter in the advanced...