47153 matches found
FlatPress 0.804-0.812.1 Local File Inclusion to Remote Command Execution
Security Advisory ----------------- FlatPress 0.804-0.812.1 Local File Inclusion to Remote Command Execution Researcher Information ---------------------- Discovered by: Giuseppe Zmax Fuggiano Website: http://www.giusef.net Contact: giuseppedotfuggianoatgmaildotcom Product Information...
ZDI-08-071: IBM Tivoli Storage Manager Express for Microsoft SQL Heap Overflow Vulnerability
ZDI-08-071: IBM Tivoli Storage Manager Express for Microsoft SQL Heap Overflow Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-08-071 October 30, 2008 -- Affected Vendors: IBM -- Affected Products: IBM Tivoli Storage Manager Express -- TippingPointTM IPS Customer Protection:...
Cisco CallManager 4.1 Input Validation Vulnerability
Cisco CallManager 4.1 Input Validation Vulnerability scip AG Vulnerability ID 2977 03/13/2007 http://www.scip.ch/cgi-bin/smss/showadvf.pl?id=2977 I. INTRODUCTION Cisco CallManager, short CCM, is a professional voice-over-IP solution that tracks active components, including among others phones,...
[MajorSecurity Advisory #47]Simple Machines Forum (SMF) - Session fixation Issue
MajorSecurity Advisory 47Simple Machines Forum SMF - Session fixation Issue Details ======= Product: Simple Machines Forum SMF Affected version: 1.1.2 and prior Remote-Exploit: yes Vendor-URL: http://www.simplemachines.org Vendor-Status: informed Advisory-Status: published Credits ============...
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
IIS HACKING
Hi Folks, i have just compiled the well-known IIS tricks. I hope it will be helpful for securing your server. any comment,suggestion or insult...? wellcome MAB- SECURING IIS by BREAKING ===================================================== by Mount Ararat Blossom 9/15/2000...
SiteCore XML Control Script Insertion
Hey All, Sitecores “special way” of displaying XML Controls directly allows for a Cross Site Scripting Attack – more can be achieved with these XML Controls and will be documented in another vulnerability report http://target/?xmlcontrol=body20onload=alert123...
Openregistrecil 1.02 (RFI/LFI) Multiple File Include Vulnerability
================================================================== Openregistrecil 1.02 RFI/LFI Multiple File Include Vulnerability ================================================================== + Openregistrecil 1.02 RFI/LFI Multiple File Include Vulnerability...
[ MDVSA-2010:003 ] sendmail
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2010:003 http://www.mandriva.com/security/ Package : sendmail Date : January 11, 2010 Affected: 2008.0, 2009.0, 2009.1, 2010.0, Corporate 4.0, Enterprise Server 5.0, Multi Network Firewall 2.0 Problem Description...
POC for CVE-2008-5619 (roundcubemail PHP arbitrary code injection)
Public Release Date of POC: 2008-12-22 Author: Jacobo Avariento Gimeno Sofistic CVE id: CVE-2008-5619 Bugtraq id: 32799 Severity: Critical Vulnerability reported by: RealMurphy Intro ---- Roundcube Webmail is a browser-based IMAP client that uses "chuggnutt.com HTML to Plain Text Conversion"...
Max's Guestbook (XSS) Remote Vulnerability
Discovered by: GTADarkDude Disconvered on: 10 December 2008 Name: Max's Guestbook Version: 1.0 URL: http://www.phpf1.com/product/php-guestbook-script.html URL2: http://www.hotscripts.com/Detailed/78571.html Google Search: intitle:"Max's Guestbook" powered-by-PHP-F1 File maxGuestbook.class...
zabbix privilege escalation
Super-user privileges are not droppen on user-supplied application execution...
iDefense Security Advisory 08.16.07: IBM DB2 Universal Database Directory Creation Vulnerability
IBM DB2 Universal Database Directory Creation Vulnerability iDefense Security Advisory 08.16.07 http://labs.idefense.com/intelligence/vulnerabilities/ Aug 16, 2007 I. BACKGROUND IBM Corp.'s DB2 Universal Database product is a large database server product commonly used for high end databases. For...
AIX 4.3 lsmcode local root command execution
It has been reported on http://www.securityfocus.com/bid/18114/ about this vulnerability in AIX 5.1 - 5.3, some exploits is published in milw0rm to exploits this issue http://milw0rm.com/exploits/701 I have an AIX 4.3 box and it seems vulnerable with this issue too bash-2.04$ mkdirhier /tmp/aap/b...
[Full-Disclosure] EarlyImpact ProductCart shopping cart software multiple security vulnerabilities
S-Quadra Advisory 2004-02-16 Topic: EarlyImpact ProductCart shopping cart software multiple security vulnerabilities Severity: High Vendor URL: http://www.earlyimpact.com Advisory URL: http://www.s-quadra.com/advisories/Adv-20040216.txt Release date: 16 Feb 2004 1. DESCRIPTION ProductCart is a...
Orange Web Server v2.1 DoS
Introduction: Orange Web Server v2.1 is a powerful yet light- weight web server that runs on all Windows platforms. Easy to setup and use, Orange Web Server can turn any PC into a web server. The httpd is based on GoAhead c Technology. The Vendors website is:...
SECURITY.NNOV advisory - The Bat! directory traversal (public release)
This advisory is being provided to you under the policy documented at http://www.wiretrip.net/rfp/policy.html. SECURITY.NNOV advisory - The Bat! directory traversal Topic: The Bat! attachments directory traversal Author: 3APA3A [email protected] Affected Software: The Bat! Version = 1.48f...
SilverStripe CMS Unvalidated Redirect & XSS vulnerabilities
Credits: hyp3rlinx + Domains: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/AS-SILVERSTRIPE0607.txt Vendor: ================================ http://www.silverstripe.org/software/download Product: ================================ SilverStripe CMS & Framework v3.1.13...
vBulletin 4.x.x 'visitormessage.php' Remote Code Injection Vulnerability
Exploit Title: vBulletin 4.x.x 'visitormessage.php' Remote Code Injection Vulnerability + Discovered By: Dariush Nasirpour Net.Edit0r + My Homepage: black-hg.org / nasirpour.info + Date: 2015 27 February + Vendor Homepage: vBulletin.com + Tested on: vBulletin 4.2.2 + Greeting : Ali Razmjoo -...
AVAVoIP v1.5.12 - Multiple Web Vulnerabilities
Title: ====== AVAVoIP v1.5.12 - Multiple Web Vulnerabilities Date: ===== 2012-06-28 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=437 VL-ID: ===== 611 Common Vulnerability Scoring System: ==================================== 6.5 Introduction: ============= Designed fr...
Multiple Cross-Site Scripting vulnerabilities in BLOG:CMS
Advisory: Multiple Cross-Site Scripting vulnerabilities in BLOG:CMS Advisory ID: SSCHADV2011-007 Author: Stefan Schurtz Affected Software: Successfully tested on: version 4.2.1.f Vendor URL: http://www.blogcms.com Vendor Status: resolved CVE-ID: - ========================== Vulnerability...
vsftpd 2.3.2 remote denial-of-service
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 vsftpd 2.3.2 remote denial-of-service Author: Maksymilian Arciemowicz http://securityreason.com/ http://cxib.net/ Date: - - Dis.: 23.12.2010 - - Pub.: 01.03.2011 CVE: CVE-2011-0762 CERT: VU590604 Fix: vsftpd 2.3.4 15.02.2011 Affected Software verified...
ZeusCart Ecommerce Shopping Cart Software Cross-Site scripting Vulnerability
ZeusCart Ecommerce Shopping Cart Software Cross-Site scripting Vulnerability SecPod Technologies www.secpod.com Author Sooraj K.S SecPod ID: 1003 07/28/2010 Issue Discovered 07/30/2010 Vendor Notified No Response from Vendor Class: Cross-Site Scripting Severity: Medium Overview: --------- ZeusCar...
Linux GFS / GFS2 file system DoS
gfs2lock/gfslock doesn't check file permissions...
[ECHO_ADV_111$2009] Joomla Hotel Booking System Component XSS/SQL Injection Multiple Vulnerability
/ / | | / // / | | Y / | / / /| / / / / / / .OR.ID ECHOADV111$2009 ----------------------------------------------------------------------------------------- ECHOADV111$2009 Joomla Hotel Booking System Component XSS/SQL Injection Multiple Vulnerability...
Mozilla Foundation Security Advisory 2009-23
Mozilla Foundation Security Advisory 2009-23 Title: Crash in nsTextFrame::ClearTextRun Impact: Critical Announced: April 27, 2009 Reporter: Marc Gueury, Daniel Veditz Products: Firefox Fixed in: Firefox 3.0.10 Description One of the security fixes in Firefox 3.0.9 introduced a regression that...
Microsoft SQL Server memory corruption
spreplwritetovarbin stored procedure memory overwrite...
Oracle Critical Patch Update Advisory - July 2008
Oracle Critical Patch Update Advisory - July 2008 Description A Critical Patch Update is a collection of patches for multiple security vulnerabilities. It also includes non-security fixes that are required because of interdependencies by those security patches. Critical Patch Updates are...
PHP-Nuke genaral print SQL Injection(id)
PHP-Nuke genaral print SQL Injectionid AUTHOR : S@BUN HOME : http://www.milw0rm.com/author/1334 MAL : [email protected] DORK 1 : allinurl:"modules.php?name"print DORK 2 : allinurl:"modules.php?name=Hikaye" DORK : allinurl:"modules.php?name=Fikralar" DORK :...
[Aria-Security.Net] Gallery In A Box Username & Password Parameters SQL Injection
A R I A - S E C U R I T Y Gallery In A Box Username & Password Parameters SQL Injection Vendor: http://www.kerberosdev.net/ http://target.com/adminconsole/index.asp Username: anything' OR 'x'='x Password: anything' OR 'x'='x Credits: Aria-Security Team http://aria-security.net...
PhpOpenChat <= 3.0.1 (poc.php) Multiple Remote File Include Vulnerabilities
-------------------------------------------------- PhpOpenChat = 3.0.1 poc.php Multiple Remote File Include Vulnerabilities -------------------------------------------------- Author : SekoMirza Date Found : Nisan 11 2007 Location : Fransa // ... Critical Lvl : Highly critical Impact : System acce...
phpAdsNew 2.0.7 Remote File Include
----------------------------------------------- phpAdsNew 2.0.7 Remote File Include ----------------------------------------------- Author: Alkmandz ----------------------------------------------- Vuln Code: includeonce $phpAdsgeoPlugin; ....................... function...
Comersus Cart Improper Request Handling
Comersus Cart Improper Request Handling Release Date: July 6, 2004 Severity: Medium Vendor: Comersus Open Technologies Software: Tested on Comersus Cart 5.09 Previous versions may also be affected. Remote: Remotely executed from any web browser Technical Details: The unethical user is able to...
Details and exploitation of buffer overflow in mshtml.dll (and few sidenotes on Unicode overflows in general)
Dear, Advisory was originally posted in 1-3 2 weeks ago, so I think it's enough time passed to publish some details, because 4,5 have enough information to re-discover vulnerability. ERRor erroratpochtamt.ru discovered IE 5.5 and 6.0 in some cases crash on embed src="filename.AAAAAAAAAAlot of 'A'...
SCO 5.0.6 MMDF issues (deliver)
====================================================================== Strategic Reconnisiance Team Security AdvisorySRT2001-03 Topic: SCO 5.0.6 MMDF issues deliver Vendor: SCO Release Date: 03/27/01 ====================================================================== .: Description SCO...
Security Bulletin (MS00-055)
Microsoft Security Bulletin MS00-055 - -------------------------------------- Patch Available for "Scriptlet Rendering" Vulnerability Originally Posted: August 09, 2000 Summary ======= Microsoft has released a patch that eliminates two security vulnerabilities in Microsoftr Internet Explorer. The...
MiniUPnP library buffer overflow
Buffer overflow on network request processing...
Microsoft Windows multiple security vulnerabilities
Internet Explorer / Edge multiple security vulnerabilities, VBScript / Jscript code execution, Windows Shell code execution, kernel privilege escsalation...
[ MDVSA-2014:197 ] python
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2014:197 http://www.mandriva.com/en/support/security/ Package : python Date : October 21, 2014 Affected: Business Server 1.0 Problem Description: Updated python packages fix security vulnerability: Python before...
DNN (DotNetNuke®) CodeEditor Module Arbitrary File Download Vulnerability
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Title : DNN DotNetNuke® CodeEditor Module Arbitrary File Download Vulnerability Author : alieye vendor : http://www.mediaant.com/ , http://store.dnnsoftware.com/ Contact : [email protected] Risk : High Class: Remote Google Dork:...
[CVE-2013-2751, CVE-2013-2752] NETGEAR ReadyNAS Remote Root
NETGEAR ReadyNAS with firmware 4.2.x before 4.2.24 and 4.1.x before 4.1.12 is prone to command injection from an unauthenticated HTTP GET request. This vulnerability can lead to complete root access as outlined on the Tripwire blog:...
FortiGate FortiDB 2kB 1kC & 400B - Cross Site Vulnerability
Title: ====== FortiGate FortiDB 2kB 1kC & 400B - Cross Site Vulnerability Date: ===== 2012-11-29 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=558 VL-ID: ===== 558 Common Vulnerability Scoring System: ==================================== 2.5 Introduction: ============...
Squiz CMS Multiple Vulnerabilities - Security Advisory - SOS-12-007
Sense of Security - Security Advisory - SOS-12-007 Release Date. 14-Jun-2012 Last Update. - Vendor Notification Date. 02-Apr-2012 Product. Squiz CMS Platform. Independent Affected versions. Squiz 4.6.3 verified and possibly others Severity Rating. Medium Impact. Exposure of session information...
[PT-2011-43] Database information disclosure in Kayako Fusion
---------------------------------------------------------------------- PT-2011-43 Positive Technologies Security Advisory Database information disclosure in Kayako Fusion ---------------------------------------------------------------------- --- Vulnerable software Kayako Fusion Link:...
HP Network Node Manager i information leakage
No description provided...
Zones Web Solution (status.asp?print) (search_result.php?loc_id) Remote SQL injection Vulnerabilities
IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerabilities Zones Web Solution status.asp?print searchresult.php?locid AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.zones.in/ Persian Gulf 4 Ever! Dork : "Powered by Zones Web...
Microsoft IIS 0Day Vulnerability in Parsing Files (semi-colon bug)
Microsoft IIS 0Day Vulnerability in Parsing Files semi-colon bug Application: Microsoft Internet Information Services - IIS All versions Impact: Highly Critical for Web Applications Finding Date: April 2007 Report Date: Dec. 2009 Found by: Soroush Dalili Irsdl 4t yahoo d0t com Website:...
CUPS / poppler / xpdf / Adobe Reader multipls security vulnerabilities
Integer overflows, race condiotions...
[security bulletin] HPSBMA02426 SSRT090053 rev.1 - HP System Management Homepage (SMH) for Linux and Windows Running PHP and OpenSSL, Remote Cross Site Scripting (XSS), Unauthorized Access
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c01743291 Version: 1 HPSBMA02426 SSRT090053 rev.1 - HP System Management Homepage SMH for Linux and Windows Running PHP and OpenSSL, Remote Cross Site Scripting XSS, Unauthorized Access NOTICE: Th...
Asbru Web Content Management Vulnerabilities
aushack.com - Vulnerability Advisory ----------------------------------------------- Release Date: 02-Apr-2009 Software: Asbru Software - Asbru Web Content Management http://www.asbrusoft.com/ "Ready to use, full-featured, database-driven web content management system CMS with integrated communit...