47153 matches found
iDefense Security Advisory 07.11.07: SquirrelMail G/PGP Plugin gpg_recv_key() Command Injection Vulnerability
SquirrelMail G/PGP Plugin gpgrecvkey Command Injection Vulnerability iDefense Security Advisory 07.11.07 http://labs.idefense.com/intelligence/vulnerabilities/ Jul 11, 2007 I. BACKGROUND The SquirrelMail G/PGP Encrpytion Plugin is a general purpose encryption, decryption, and digital signature...
Microsoft Security Bulletin MS05-009 Vulnerability in PNG Processing Could Allow Remote Code Execution (890261)
Microsoft Security Bulletin MS05-009 Vulnerability in PNG Processing Could Allow Remote Code Execution 890261 Issued: February 8, 2005 Version: 1.0 Summary Who should read this document: Customers who use Microsoft Windows Media Player, Windows Messenger and MSN Messenger Impact of Vulnerability:...
[oss-security] Unsafe Query Risk in Active Record
This advisory concerns a security risk in all supported versions of Active Record. There is no patch to apply for this issue. Due to the query API that Active Record supports, there is a risk of unsafe query generation in two scenarios. Databases with a table that contains a column with the same...
Coherendz (products.php?cat_id) Remote SQL injection Vulnerability
IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability Coherendz products.php?catid AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.coherendz.com/ Persian Gulf 4 Ever! Exploite: www.victim.com/products.php?catid=SQL SpeCial...
Vulnerabilities in Pigalle
Hello 3APA3A! I want to warn you about multiple security vulnerabilities in Pigalle. These are Information Leakage, Full path disclosure and Cross-Site Scripting vulnerabilities. Information Leakage: http://site/index.php Versions of PHP, MySQL and web server are shown in meta-tags in source of a...
[MajorSecurity Advisory #57]PHP <=5.3 - preg_match() full path disclosure
MajorSecurity Advisory 57PHP =5.3 - pregmatch full path disclosure Details ======= Product: PHP =5.3 Security-Risk: moderated Remote-Exploit: yes Vendor-URL: http://www.php.net/ Vendor-Status: informed Advisory-Status: published Credits ============ Discovered by: David Vieira-Kurz...
ttCMS <= v4 (ez_sql.php lib_path) Remote File Inclusion Vulnerability
DEVIL TEAM - HACKING POLISH TEAM Author: Kacper a.k.a Rahim Contact: [email protected] Homepage: http://www.rahim.webd.pl/ Irc: irc.milw0rm.com:6667 devilteam -------------------------------------------- Pozdro dla wszystkich z kanalu IRC oraz forum DEVIL TEAM. ttCMS = v4 ezsql.php libpath RFI...
Multiples Full Path Disclosure in php-nuke 7.6 (and below)
Multiples Full Path Disclosure in php-nuke 7.6 and below --------------------------------------------------------------------------- Author: project-restart Date: 27. April 2005 Location: Brazil Web: http://www.project-restart.org/ Target: PHP-nuke 7.6 and below...
Vulnerabilities in D-Link DAP 1150
Hello 3APA3A! I want to warn you about security vulnerabilities in D-Link DAP 1150 WiFi Access Point and Router. These are Predictable Resource Location, Brute Force and Cross-Site Request Forgery vulnerabilities. This is my second advisory from series of advisories about vulnerabilities in D-Lin...
Microsoft ClickOnce MITM Vulnerabilities
============================================================================== ======|ЇЇЇЇЇЇЇЇЇЇЇЇЇЇЇЇЇЇЇЇЇЇЇЇЇЇЇЇЇЇЇЇЇЇЇЇЇЇЇЇЇЇЇЇЇЇЇЇЇЇЇЇЇЇЇЇЇЇЇЇЇЇЇЇ|====== ======| ClickOnce Man-In-The-Middle [email protected] |====== ======||======...
Pixaria Gallery 1.0 (class.Smarty.php) Remote File Include Vulnerability
Pixaria Gallery 1.0 class.Smarty.php Remote File Include Vulnerability ----------------------------------------------------------------------------------------- scripts : Pixaria Gallery 1.0 Discovered By : irvian scripts site : http://pixaria.com/ Thanks To : hitamputih nyubicrew patihack specia...
Interspire Shopping Cart v6 - Multiple Web Vulnerabilities
Title: ====== Interspire Shopping Cart v6 - Multiple Web Vulnerabilities Date: ===== 2012-06-03 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=593 VL-ID: ===== 593 Common Vulnerability Scoring System: ==================================== 3.5 Introduction: =============...
About the security content of iTunes 10.2
About the security content of iTunes 10.2 Last Modified: March 02, 2011 Article: HT4554 Email this article Print this page Summary This document describes the security content of iTunes 10.2. For the protection of our customers, Apple does not disclose, discuss, or confirm security issues until a...
DotNetNuke Remote Code Execution vulnerability
======================================= Vulnerability discovered: November 23, 2010 Discovered by: Danil Niggebrugge, Fox-IT BV https://www.fox-it.com/ Reported to vendor: November 30, 2010 Fix available: Yes ======================================= PRODUCT ------------- DotNetNuke is an open sour...
Cedric Email Reader (PHP)
Version : 0.2;0.3;0.4 Website : http://www.isoca.com/ Problems :Include file local, remote Version: 0.2;0.3 File: --------------------------------- email.php3 version 0.2 ; email.php version 0.3 --------------------------------- PHP Code: ---------------------------------...
[security bulletin] HPSBMU03409 rev.1 - HP Matrix Operating Environment, Multiple Vulnerabilities
Note: the current version of the following document is available here: https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04774019 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04774019 Version: 1 HPSBMU03409 rev.1 - HP Matrix Operating Environment, Multiple...
[security bulletin] HPSBMU03013 rev.1 - WMI Mapper for HP Systems Insight Manager running OpenSSL, Remote Disclosure of Information
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04260385 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04260385 Version: 1 HPSBMU03013 rev....
HotWeb Rentals "PageId" SQL Injection Vulnerability
HotWeb Rentals "PageId" SQL Injection Vulnerability PRODUCT http://www.hotwebscripts.co.uk/ Input passed to the "PageId" parameter in default.asp is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. POC...
[SECURITY] [DSA 1761-1] New moodle packages fix file disclosure
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA-1761-1 [email protected] http://www.debian.org/security/ Nico Golde April 3rd, 2009 http://www.debian.org/security/faq -...
MS Office 2007: Target of Hyperlinks not covered by Digital Signatures
Affects: Microsoft Office 2007 12.0.6015.5000 MSO 12.0.6017.5000 possibly older versions I. Background Microsoft Office is a suite containing several programs to handle Office documents like text documents or spreadsheets. The latest version uses an XML based document format. Microsoft Office...
JBlog 1.0 Creat Admin exploit, xss, Cookie Manipulation
!-- Script...............: JBlog version: 1.0 Script Site..........: http://www.jmuller.net/jblog Vulnerability........: Creat Admin exploit, xss, Cookie Manipulation Access...............: Remote level................: Dangerous Author...............: S4mi Contact..............:...
PHP parse_str() arbitrary variable overwrite
Title: PHP parsestr arbitrary variable overwrite Vendor: http://www.php.net/ Advisory: http://www.acid-root.new.fr/advisories/14070612.txt Author: DarkFig gmdarkfig at gmail dot com Written on: 2007/06/12 Released on: 2007/06/12 Risk level: Medium / High I.BACKGROUND Quote from php.net PHP is a...
[SA14564] MySQL MS-DOS Device Names Denial of Service Vulnerability
---------------------------------------------------------------------- Monitor, Filter, and Manage Security Information - Filtering and Management of Secunia advisories - Overview, documentation, and detailed reports - Alerting via email and SMS Request Trial: https://ca.secunia.com/?f=l...
another format string bug
There is a format string bug in 'pwc' ftp://ftp.media-com.com.pl/pub/other/pwc.tar.gz. This CGI script is used to change users password via www blah!. writelog call syslog function, which 'eats' ; characters and log it to system logs. But you can paste shellcode into buffers512 and syslog will ru...
Barracuda Networks Spam&Virus Firewall v5.1.3 - Client Side Cross Site Vulnerability
Document Title: =============== Barracuda Networks Spam&Virus Firewall v5.1.3 - Client Side Cross Site Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1118 Barracuda Networks Security ID BNSEC: BNSEC-1052...
[security bulletin] HPSBGN02929 rev.1 - HP Intelligent Management Center (iMC), HP IMC Branch Intelligent Management System Software Module (BIMS), and Comware Based Switches and Routers, Remote Code Execution, Disclosure of Informati
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c03943425 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03943425 Version: 1 HPSBGN02929 rev....
TP-LINK TL-WR740N wireless router vulnerabilities
Crossite scripting, DoS...
Firefox wyciwyg:// cache zone bypass
There is an interesting vulnerability in how Mozilla Firefox handles internal wyciwyg:// pseudo-URIs. These cache-related resource identifiers are meant to be inaccessible by the user - but there are at least three routes to bypass these restrictionss, one of which - HTTP 302 redirect - also...
LMS <= 1.8.9 Vala Remote File Inclusion Vulnerabilities
DEVIL TEAM - HACKING POLISH TEAM Author: Kacper Contact: [email protected] Homepage: http://www.rahim.webd.pl/ Irc: irc.milw0rm.com:6667 devilteam -------------------------------------------- Pozdro dla wszystkich z kanalu IRC oraz forum DEVIL TEAM. LMS = 1.8.9 Vala Remote File Inclusion...
OneOrZero Helpdesk V1.6.4.1 susceptible to SQL injection and XSS
vendor: http://www.oneorzero.com/ vuln : http://host/supporter/index.php?t=tupd&id=SQL http://host/supporter/index.php?t=tupd&id=XSS Author : Vampire [email protected] Homepage : Www.HackerZ.iR Www.H4ckerZ.Com Iran HackerZ Security Team...
MercuryBoard 1.1.4 SQL Injection
RST/GHC Advisory 28 Product : MercuryBoard Version : 1.1.4 FILE : index.php VULN : SQL injection CODE : global.php ---------- 71 : $this-agent = isset$SERVER'HTTPUSERAGENT' ? $SERVER'HTTPUSERAGENT' : null; index.php --------- 154 : $mercury-db-query"REPLACE INTO $mercury-preactive activeid,...
BAZARR THUG LIFE , DONT READ OR VIRUS INFECT YOU
/ typespeed server =v0.4.1 remote root vulnerability! / / by: bazarr / / [email protected] / / bazarr episode 5 / ---------------------- PREFACE caddis i just be messing wid you man relax --- caddis :No such nick/channel after reading tutorial on html programmering , i have redesigned website it...
[KIS-2015-03] Concrete5 <= 5.7.4 (Access.php) SQL Injection Vulnerability
----------------------------------------------------------- Concrete5 = 5.7.4 Access.php SQL Injection Vulnerability ----------------------------------------------------------- - Software Link: https://www.concrete5.org/ - Affected Versions: Version 5.7.3.1, 5.7.4, and probably other versions. -...
Tiki Wiki CMS Groupware Multiple XSS vulnerabilities
Advisory: Tiki Wiki CMS Groupware Multiple XSS vulnerabilities Advisory ID: INFOSERVE-ADV2011-01 Author: Stefan Schurtz Contact: [email protected] Affected Software: Successfully tested on Tiki 7.2 & 8.0 RC1 Vendor URL: http://info.tiki.org/ Vendor Status: fixed for Tiki 7 New Tiki 6 LTS...
Vulnerabilities in DataLife Engine
Здравствуйте 3APA3A! Сообщаю вам о найденных мною Abuse of Functionality и Insufficient Anti-automation уязвимостях в DataLife Engine DLE. Abuse of Functionality: http://site/index.php?do=register На странице регистрации функция "Проверить имя" позволяет выявить логины пользователей в системе...
[InterN0T] AMember 3.1.7 - Multiple Vulnerabilities
AMember - Multiple Vulnerabilities Version Affected: 3.1.7 Apr-10-2009 newest Info: aMember is a flexible membership and subscription management PHP script. It has support for PayPal, BeanStream, 2Checkout, NoChex, VeriSign PayFlow, Authorize.Net, PaySystems, Probilling, Multicards, E-Gold and...
[Aria-Security] Image Racer SearchResults.asp SQL INJECTION vuln.
Aria-Security Team Image Racer SearchResults.asp SQL Injection Vendor: http://www.junctionquest.com/Software.asp Example: http://www.TARGET.com/SearchResults.asp?SearchWord=SQL COMMAND&WordSearchCrit=Yes&image.x=0&image.y=0 Example : -1 'union select username,password from admin where FIND IT YOU...
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
Aspee Ziyareti Defteri (tr) Sql injection Vuln.
LiderHack.Org Script name : Aspee Ziyaretзi Defteri tr Script Download : http://aspindir.com/goster/4575 Risk : High Found By : ShaFuck31 Thanks : Dekolax , DesquneR , ST@ReXT , SaboTaqe Vulnerable file : giris.asp Manual connect : Go to Admin Panel Login ----- http://victim.com/path to...
Yappa-NG Multiple Vulnerabilities
GulfTech Security Research May 11th, 2005 Vendor : Fritz Berger URL : http://sourceforge.net/projects/yappa-ng/ Version : yappa-ng 2.3.1 && Earlier Risk : Multiple Vulnerabilities Description: Yappa-NG is the second generation new and improved version of Yappa yet another php photo album. There a...
Allaire JRUN 2.3 Arbitrary File Retrieval
Foundstone, Inc. http://www.foundstone.com "Securing the Dot Com World" Security Advisory Allaire JRUN 2.3 ---------------------------------------------------------------------- FS Advisory ID: FS-102300-13-JRUN Release Date: October 23, 2000 Product: Allaire JRUN 2.3 Vendor: Allaire Inc...
[SECURITY] [DSA 3358-1] php5 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3358-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso September 13, 2015 https://www.debian.org/security/faq...
SEC Consult SA-20150513-0 :: Multiple critical vulnerabilities in WSO2 Identity Server
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SEC Consult Vulnerability Lab Security Advisory 20150513-0 ======================================================================= title: Multiple critical vulnerabilities product: WSO2 Identity Server other WSO2 Carbon based products may be affected...
[security bulletin] HPSBMU03126 rev.1 - HP Operations Manager (formerly OpenView Communications Broker), Remote Cross-site Scripting (XSS)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04472444 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04472444 Version: 1 HPSBMU03126 rev....
Glype proxy local address filter bypass
------------------------------------------------------------------------ Glype proxy local address filter bypass ------------------------------------------------------------------------ Securify, September 2014 ------------------------------------------------------------------------ Abstract...
QOLQA (categoria.php?id) Remote SQL injection Vulnerability
IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability QOLQA categoria.php?id AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.qolqa.com/ Persian Gulf 4 Ever! Dork : "QOLQA" "inurl:categoria.php?id=" Exploite:...
PR08-20: Bypassing ASP .NET "ValidateRequest" for Script Injection Attacks
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The Microsoft .NET framework comes with a request validation feature, configurable by the ValidateRequest setting. ValidateRequest has been a feature of ASP.NET since version 1.1. This feature consists of a series of filters, designed to prevent class...
[hacksware] gbook.cgi remote command execution vulnerability
Bug Report 1. Name: gbook.cgi remote command execution vulnerability 2. Release Date: 2000.11.10 3. Affected Application: GBook - A web site guestbook By Bill Kendrick [email protected] http://zippy.sonoma.edu/kendrick/ 4. Author: [email protected] 5. Type: Input validation Error 6...
Security Advisory: FreeBSD-SA-00:19.semconfig
============================================================================= FreeBSD-SA-00:19 Security Advisory FreeBSD, Inc. Topic: local users can prevent all processes from exiting Category: core Module: kernel Announced: 2000-05-26 Credits: Peter Wemm [email protected] Affects: 386BSD-derive...