47153 matches found
phpMyAdmin 4.4.6 Man-In-the-Middle API Github
phpMyAdmin 4.4.6 Man-In-the-Middle to API Github CVE-2015-3903 Author: Maksymilian Arciemowicz from https://cxsecurity.com Issue type: CWE-295 Source URL: http://cxsecurity.com/issue/WLB-2015050095 --- Description --- As we can read CURLOPTSSLVERIFYPEER option...
TEMENOS T24 R07.03 Authentication Bypass
TEMENOS T24 R07.03 authentication bypass Class: Access Validation Error Remote: Yes Local: No Published: 26/06/2012 Credit: Raymond Rizk of Dionach Limited [email protected] Vulnerable: TEMENOS T24 R07.03 TEMENOS T24 is prone to an authentication bypass vulnerability as it fails to properly enfor...
Linux kernel multiple security vulnerabilities
DoS, information leakage, privilege escalation...
ZDI-11-242: Apple Safari Rendering Object Body Detachment Remote Code Execution Vulnerability
ZDI-11-242: Apple Safari Rendering Object Body Detachment Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-242 July 27, 2011 -- CVE ID: CVE-2011-0255 -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P -- Affected Vendors: Apple -- Affected Products: Apple Safari --...
Foundry Networks ServerIron don't decode URIs
Date : 13/03/2002 . By : Frank DENIS [email protected] Vendor : Foundry Networks http://www.foundrynet.com . Product: ServerIron web switches. Summary: Vulnerability in URI parsing code allows to bypass rules. ------------------- DESCRIPTION ------------------- Foundry Networks' ServerIron Family...
Banner Rotation 01
-- Banner rotating 01 -- -- Description: "Banner rotating 01" is a cgi script distributed for free on several site builder sites, including Hot Area. The script is available on http://www.hotarea.net/web/scripts/banner01/ The cgi script offers numerous functions for those wishing to manage rotati...
Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities
Protection bypass, memory corruptions, ceritficate spoofing, privilege escalation, crossite scripting...
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
VMSA-20120005 VMware vCenter Server, Orchestrator, Update Manager, vShield, vSphere Client, ESXi and ESX address several security issues
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ----------------------------------------------------------------------- VMware Security Advisory Advisory ID: VMSA-2012-0005 Synopsis: VMware vCenter Server, Orchestrator, Update Manager, vShield, vSphere Client, ESXi and ESX address several security...
[security bulletin] HPSBHF03021 rev.1 - HP Thin Client with ThinPro OS or Smart Zero Core Services, Running OpenSSL, Remote Disclosure of Information
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04262670 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04262670 Version: 1 HPSBHF03021 rev....
Remote File Include In Script impex
By Hasadya Raed Contact : [email protected] Israel -------------------------- Script : impex Dork : "ipmex" -------------------------- B.Files : ImpExData.php impexdisplay.php -------------------------- Exploits : http://www.Victim.com/impex/ImpExData.php?systempath=Shell-Attack...
SQuery <= 4.5(libpath) Remote File Inclusion Exploit
================================================================= =SQuery = 4.5libpath Remote File Inclusion Exploit | | | ================================================================= =Worked On : ALL VERSIONS | | =Critical Level : Dangerous | | =Gug Found In : gore.php |...
directory traversal in ParaChat Server 5.5
Donato Ferrante Application: ParaChat Server http://www.parachat.com/ Version: 5.5 Bug: directory traversal Date: 28-Sep-2004 Author: Donato Ferrante e-mail: [email protected] web: www.autistici.org/fdonato xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx 1. Description...
Mathematica symbolic links vulnerability
Symbolic links vulnerability on temporary files creation...
Datriks Solutions (prodotto.php?id) (dettaglio_socio.php?id) Remote SQL injection Vulnerability
IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability Datriks Solutions prodotto.php?id dettagliosocio.php?id AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.datriks.net/ Persian Gulf 4 Ever! Dork : "Powered by Datriks...
Bug@FlashFTPd
Application: Flash FTP Server Vendors: http://www.net2soft.com/downloads/flashftpserver.exe Version: 1.02.1? Platforms: Windows Bug: Directory Traversal Date: 2004-06-9 Author: CoolICE e-mail: CoolICEChina.com ================ TestCode: C:ftp localhost Connected to server. 220 Flash FTP Server v2...
Microsoft Windows Server 2003 "Shell Folders" Directory Traversal Vulnerability
Title: Microsoft Windows Server 2003 "Shell Folders" Directory Traversal Vulnerability http://www.geocities.co.jp/SiliconValley/1667/advisory08e.html Date: 8 October 2003 Author: Eiji James Yoshida [email protected] Vulnerable: Windows Server 2003 Internet Explorer 6.0 Overview: Windows...
Wordpress Twenty Fifteen Theme - DOM XSS Vulnerability - CVE-2015-3429
Information -------------------- Advisory by Netsparker. Name: DOM XSS Vulnerability in Twenty Fifteen WordPress Theme Affected Software : WordPress Affected Versions: 4.2.1 and probably below Vendor Homepage : https://wordpress.org/ and https://wordpress.org/themes/twentyfifteen/ Vulnerability...
Broadcast client crash in Battlefield 1942 1.6.19 and Vietnam 1.2
Luigi Auriemma Application: Battlefield 1942 and Vietnam http://www.battlefield1942.com Versions: Battlefield 1942 = 1.6.19 Battlefield Vietnam = 1.2 Platforms: Windows and Mac Bug: client crash Exploitation: remote, versus clients broadcast Date: 07 December 2004 Author: Luigi Auriemma e-mail:...
[Full-Disclosure] [RHSA-2004:182-01] Updated httpd packages fix mod_ssl security issue
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Updated httpd packages fix modssl security issue Advisory ID: RHSA-2004:182-01 Issue date: 2004-04-30 Updated on: 2004-04-30 Product: Red Hat...
[Full-disclosure] PHPMyChat Authentication Bypass
PHPMyChat Authentication Bypass ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ I won't have bothered to post this silly flaw but after seeing the google search result for inurl:phpMyChat.php3 , I thought it would be good idea to keep people informed. I. BACKGROUND phpMyChat is an easy-to-install, easy-to-use...
JCE Joomla Extension <=2.0.10 Multiple Vulnerabilities
www.BugReport.ir AmnPardaz Security Research Team Title: JCE Joomla Extension =2.0.10 Multiple Vulnerabilities Vendor: www.joomlacontenteditor.net Exploit: Available Vulnerable Version: 2.0.10 Image Manager 1.5.7.13, Media Manager 1.5.6.3, Template Manager 1.5.5, File Manager 1.5.4.1 & prior...
PhotoPost PHP 4.8c (showgallery.php) Cross Site Scripting
Exploit Title: PhotoPost PHP 4.8c showgallery.php Cross Site Scripting home : http://www.D99Y.com Author: NassRawI Date: 2/3/2011 Google Dork: "Powered by: PhotoPost PHP 4.8c" Software Link: http://www.photopost.com/ file : showgallery.php exploit : http://localhost/showgallery.php?si=" XSS "...
Lua buffer overflow
Buffer overflow on function call with large number of arguments...
Citrix Receiver, XenDesktop "Pass-the-hash" Attack
Tested against: Citrix XenDesktop, XenServer, Receiver 5.6 SP2 possibly other versions as well By default, the authentication between the Citrix Receiver client to the Web interface is not configured to use SSL. If a company elects not to use SSL for this, the XML transaction between the receiver...
Multiple vulnerabilities in several IP camera products
Multiple vulnerabilities in several IP camera products ====================================================== ADVISORY INFORMATION Title: Multiple vulnerabilities in several IP camera products Release date: 08/06/2011 Last update: 08/06/2011 Credits: Roberto Paleari, Emaze Networks S.p.A...
Cisco Security Advisory: Transport Layer Security Renegotiation Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Transport Layer Security Renegotiation Vulnerability Advisory ID: cisco-sa-20091109-tls http://www.cisco.com/warp/public/707/cisco-sa-20091109-tls.shtml Revision 1.0 For Public Release 2009 November 9 1600 UTC GMT Summary...
Myguestbook (PHP)
Informations : °°°°°°°°°°°°°° Version : 3.0 Website : http://www.tefonline.net/ Problems : - XSS - admin infos recovery - Access to admin pages PHP Code/Location : °°°°°°°°°°°°°°°°°°° If pseudo = SCRIPT, e-mail = SCRIPT or message = /textareaSCRIPT SCRIPT will be executed on index.php,...
Security Bulletin (MS00-061)
Microsoft Security Bulletin MS00-061 - -------------------------------------- Patch Available for "Money Password" Vulnerability Originally posted: August 25, 2000 Summary ======= Microsoft has released a patch that eliminates a security vulnerability in Microsoftr Money. The vulnerability could...
Critical security flaws in Nagios NRPE client/server crypto
in CC to: grok full disclosure, bugtraq TL;DR - DO NOT USE NRPE'S SSL IMPLEMENTATION! -- Dear Nagios developers, It's been a couple of years since I've had a look at NRPE, the remote monitoring agent distributed with Nagios. Back then we've exclusively used NRPE on unrouted dedicated monitoring...
[ANN][SECURITY] ClassLoader manipulation issue confirmed for Struts 1 - CVE-2014-0114
The Apache Struts project team confirms that Struts 1 in all versions is affected by a ClassLoader manipulation vulnerability similar to a recently fixed vulnerability in Struts 2 CVE-2014-0112, CVE-2014-0094 1. This is a different underlying flaw. For future reference, please use CVE-2014-0114 i...
Adobe Distiller buffer overflow
Buffer overflow on .joboptions file parsing...
[security bulletin] HPSBMA02159 SSRT061238 rev.1 - HP System Management Homepage (SMH), Remote Bypassing of Security Features or Cross Site Scripting or Denial of Service (DoS)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c00786522 Version: 1 HPSBMA02159 SSRT061238 rev.1 - HP System Management Homepage SMH, Remote Bypassing of Security Features or Cross Site Scripting or Denial of Service DoS NOTICE: The informatio...
SolpotCrew Advisory #13 - phpMyChat 0.1 (ChatPath) Remote File Inclusion
SolpotCrew Community phpMyChat 0.1 ChatPath Remote File Inclusion vendor : http://www.phpheaven.net/phpmychat:home Bug Found By :Solpot a.k.a k. Hasibuan 26-09-2006 contact: [email protected] Website : http://www.nyubicrew.org/adv/solpot-adv-09.txt Greetz: choi , h4ntu , Ibnusina , r4dja ,...
[security bulletin] HPSBST03122 rev.1 - HP StoreAll Operating System Software running Bash Shell, Remote Code Execution
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04471532 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04471532 Version: 1 HPSBST03122 rev....
Security update for Gnome-Lokkit
A bug has been found in the Gnome lokkit firewall package that could leave a few ports exposed when the user answered no to making any services visible to the outside world. Gnome-Lokkit 0.41 fixes this problem. Users should upgrade and regenerate their firewall rules...
[CVE-2015-4107] Wing FTP Server Remote Code Execution vulnerability
Exploit Title: Wing FTP Server Remote Code Execution vulnerability Product: Wing FTP Server Vulnerable Versions: 4.4.6 and all previous versions Tested Version: 4.4.6 Advisory Publication: 05/06/2015 Latest Update: 05/06/2015 Vulnerability Type: Improper Control of Generation of Code CWE-94 CVE...
[SYSS-2014-007] FrontRange DSM - Multiple Vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2014-007 Product: FrontRange DSM Vendor: FrontRange Solutions USA Inc. and/or its affiliates Affected Versions: v7.2.1.2020, v7.2.2.2331 Tested Versions: v7.2.1.2020, v7.2.2.2331 Vulnerability Type: Use of Hard-coded Cryptographic...
CS and XSS vulnerabilities in SWFUpload
Hello 3APA3A! These are Content Spoofing and Cross-Site Scripting vulnerabilities in SWFUpload. This is very popular flash-file, which is used at tens millions of web sites and in hundreds of web applications such as WordPress, only this web application is used at more then 62 millions of web sit...
Alcatel-Lucent OmniPCX Remote Command Execution
Advisory: Alcatel-Lucent OmniPCX Remote Command Execution RedTeam Pentesting discovered a remote command execution in the Alcatel-Lucent OmniPCX during a penetration test. The masterCGI script of the OmniPXC integrated communication solution web interface is vulnerable to a remote command...
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
Qualys Security Advisory CVE-2015-0235 - GHOST: glibc gethostbyname buffer overflow
Qualys Security Advisory CVE-2015-0235 GHOST: glibc gethostbyname buffer overflow -- Contents ---------------------------------------------------------------- 1 - Summary 2 - Analysis 3 - Mitigating factors 4 - Case studies 5 - Exploitation 6 - Acknowledgments -- 1 - Summary...
Multiple vulnerabilities in RUNCMS 1.6 by DSecRG
Digital Security Research Group Advisory Application: RunCMS Versions Affected: RunCMS 1.6 Vendor URL: http://www.runcms.org Bugs: SQL Injections, XSS, PHP Include, Predictable session id, etc. Exploits: Aviable Reported: 14.12.2007 Vendor response: 15.12.2007 Date of Public Advisory: 25.12.2007...
Re: [oss-security] CVE-2014-6271: remote code execution through bash
Florian Weimer: Chet Ramey, the GNU bash upstream maintainer, will soon release official upstream patches. http://ftp.gnu.org/pub/gnu/bash/bash-3.0-patches/bash30-017 http://ftp.gnu.org/pub/gnu/bash/bash-3.1-patches/bash31-018 http://ftp.gnu.org/pub/gnu/bash/bash-3.2-patches/bash32-052...
Power Phlogger 2.0.9 Remote|Local File Include Vulnerability
Power Phlogger 2.0.9 - Class: Remote|Local File Include Vulnerability Remote: Yes Local: No Type: High Site: http://www.comscripts.com/scripts/php.power-phlogger.211.html Author: xw0x Contact: [email protected] Vuln Code config.inc.php3: ?php include $relpath."functions.php3";//nothing here ?...
[ERPSCAN-15-028] Oracle E-Business Suite - XXE injection Vulnerability
ADVISORY INFORMATION Title: Oracle E-Business Suite XXE injection Advisory ID: ERPSCAN-15-028 Advisory URL: http://erpscan.com/advisories/erpscan-15-028-oracle-e-business-suite-xxe-injection-vulnerability/ Date published: 20.10.2015 Vendors contacted: Oracle 2. VULNERABILITY INFORMATION Class:...
The BodgeIt Store - another vulnerable web app
Hi folks, I've recently open sourced a vulnerable web app, called The BodgeIt Store: http://code.google.com/p/bodgeit/ Why? Well, you can never have too many vulnerable apps to test against, but also because I've found that many of the existing apps are non trivial to install - they either have a...
Linux kernel multiple security vulnerabilities
Kernel memory content leak in cpuset and setsockopt. Weak PRNG generator. GEODE-AES weak encryption key generation...
ArtForms 2.1b7.2 RC2 Joomla Component Multiple Remote Vulnerabilities
ArtForms 2.1b7.2 RC2 Joomla Component Multiple Remote Vulnerabilities Name ArtForms Vendor http://joomlacode.org/gf/project/jartforms/ Versions Affected 2.1b7.2 RC2 Author Salvatore Fresta aka Drosophila Website http://www.salvatorefresta.net Contact salvatorefresta at gmail dot com Date 2010-07-...
Remote File Include In Script copyright (c) James Coyle; JCcorp
By Hasadya Raed Contact : [email protected] ------------------------------------ Script : copyright c James Coyle; JCcorp Expl : Remote Include File Dork : "copyright © James Coyle; JCcorp" ------------------------------------ B.File : createurl.php ------------------------------------ Exploit :...