47153 matches found
phpCOIN 1.2.3 (_CCFG[_PKG_PATH_INCL]) Remote Include Vulnerability
phpCOIN 1.2.3 CCFGPKGPATHINCL Remote Include Vulnerability Discovered by: Timq http://www.securitydb.org Email: timqathackernetworkdotcom http://www.securitydb.org Vulnerable: requireonce include $CCFG'PKGPATHINCL'.'redirect.php'; Exploit PoC:...
Autodesk IDrop ActiveX Control Heap Corruption Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Who: Autodesk http://www.autodesk.com What: Autodesk IDrop ActiveX Control http://usa.autodesk.com/adsk/servlet/index?siteID=123112&id=2753219& linkID=9240618 IDrop.ocx version 17.1.51.160 21E0CB95-1198-4945-A3D2-4BF804295F78 How: The Src, Background,...
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
OTRS <= 2.0.x XSS/XSRF
--------------------------------------------------------------------------------- | . | | / /||/ | | | Y / | | / / | | / | || | /| | | | // | | / |||| || |/ // | | / / | | Security without illusions | | www.virtuax.be | | |...
Mambo Component zOOm Media Gallery <= 2.5 Beta 2 RFI Vulnerabilities
iskorpitx@metlak from TURKEY comzoom file include / // Create the Makernote Parser and Interpreter Function Array $GLOBALS'MakernoteFunctionArray' = array "ReadMakernoteTag" = array , "getMakernoteTextValue" = array , "InterpretMakernotetoHTML" = array ; // Include the Main TIFF and EXIF Tags arr...
JDownloader download manager code execution
TCP/9666 port HTTP interface used for application management is vulnerable to form redirection attacks...
Critical phpwiki c99shell exploit
Via the Phpwiki 1.3.x UpLoad feature some hackers from russia uploaded a php3 or php4 file, install a backdoor at port 8081 and have access to your whole disc and overtake the server. A url in the file is http://ccteam.ru/releases/c99shell The uploaded file has a php, php3 or php4 extension and...
PunBB 1.3.6 bug
Islamic Republic Of Iran Security Team Www.IrIsT.Ir PunBB == 1.3.6 Cross-Site Scripting Vulnerabilities Download......: http://punbb.informer.com/downloads.php1.3.6 Bug Found.....: IrIsT™...
unsafe fgets() in sendmail's mail.local
Topic: unsafe fgets in sendmail's mail.local Description: There are 4 problems: 1. Possibility to insert LMTP commands into e-mail message 2. Possibility of deadlock between sendmail and mail.local 3. Possibility to corrupt user's mailbox 4. Possibility to change e-mail headers of the message in...
Kodi / XBMC crossite scripting
Crossite scripting in web interface...
Microsoft Security Bulletin (MS00-026)
Microsoft Security Bulletin MS00-026 ====================================== Patch Available for "Mixed Object Access" Vulnerability Originally Posted: April 20, 2000 Summary - ------- Microsoft has released a patch that eliminates a security vulnerability in Microsoftr Windowsr 2000 that could,...
SQuery v.x (devi.php) (armygame.php) Remote File Inclusion
================================================================= SQuery = 4.5libpath Remote File Inclusion Exploit ================================================================= Worked On : ALL VERSIONS | | Critical Level : Dangerous | | Gug Found In : gore.php |...
[security bulletin] HPSBMU03024 rev.1 - HP Insight Control Server Deployment on Linux and Windows running OpenSSL with System Management Homepage and Systems Insight Manager, Remote Disclosure of Information
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04267749 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04267749 Version: 1 HPSBMU03024 rev....
Shoutbox 1.0 Remote Command Execution Vulnerability
Shoutbox 1.0 Remote Command Execution Vulnerability ----------------------------------------------------------------------- Script : Shoutbox 1.0 Version : 1.0 Site : http://www.mapos-scripts.de Founder : Rizgar Contact : [email protected] and irc.gigachat.net kurdhack Thanks : Kurdish Hackers...
WebCalendar v0.9.45 (13 Dec 2004) (login.php) Remote File include
|-------------------------------------------------------------------------------| | | | WebCalendar v0.9.45 13 Dec 2004 login.php Remote File include | | | | Script : WebCalendar | | Version : v0.9.45 13 Dec 2004 | | Authord : Drackanz | | Contact : Drackanz at gmail com | | Vendor :...
Conti FTP Server v1.0 DoS
Conti FTP Server v1.0 Denial of Service author: 35c666 contact: : Download: http://www.procesualitatea.ro/bestplay/ContiFtpServerSetup.exe Bug: Conti Ftp Server crashes when a large //A: string is sent, denying legitimate users access to their accounts. greetz to all RST members at...
Sun AnswerBook2 format string and other vulnerabilities
------------------------------------------------------------------------ DynaWeb httpd Format String and AnswerBook 2 Unauthenticated Admin Script Execution Vulnerabilities Release Date: August 1, 2002 Application: Solaris ab2 1.4.2 / dwhttpd 4.1a6 with patch 110011-02 and before Severity: Remote...
Security Bulletin (MS00-019)
The following is a Security Bulletin from the Microsoft Product Security Notification Service. Please do not reply to this message, as it was sent from an unattended mailbox. -----BEGIN PGP SIGNED MESSAGE----- Microsoft Security Bulletin MS00-019 - -------------------------------------- Patch...
OpenOffice multiple security vulnerabilities
Multiple memory corruptions...
Microsoft Security Bulletin MS10-087 - Critical Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (2423930)
Microsoft Security Bulletin MS10-087 - Critical Vulnerabilities in Microsoft Office Could Allow Remote Code Execution 2423930 Published: November 09, 2010 Version: 1.0 General Information Executive Summary This security update resolves one publicly disclosed vulnerability and four privately...
UseBB 1.0.x Cross Site Scripting (XSS)
Script...............: UseBB version: 1.0.7 Script Site..........: http://www.usebb.net Vulnerability........: Cross Site Scripting XSS Acces................: Remote level................: Dangerous Author...............: S4mi Contact..............: s4miatLinuxMail.org The affected Files :...
Solaris 5.8 snmpd Vulnerability
Description The /opt/SUNWssp/snmpd command SNMP proxy agent is suid root and contains a buffer overflow, the problem occurs when it copy his own name argv0 to an internal variable without checking out its lenght and this causes the overflow. Vulnerable Version Sun Solaris 5.8 Technical Descriptio...
Tiki Wiki CMS Groupware Stored Cross-Site-Scripting
Advisory: Tiki Wiki CMS Groupware Stored Cross-Site-Scripting Advisory ID: INFOSERVE-ADV2011-07 Author: Stefan Schurtz Contact: [email protected] Affected Software: Successfully tested on Tiki 8.1 & 6.4 LTS affects all current releases Vendor URL: http://info.tiki.org/ Vendor Status: fixed...
advisory
---=== UkR security team - Advisory no. 11 ===--- Anaconda Clipper - 'arbitrary file retreival' vulnerability Date: 27.03.2001 Problem: input validation error. Vulnerable products: Anaconda Clipper ver. 3.3 probably others, but not tested Product vendor: Anaconda / http://www.anaconda.net Comment...
DGUX lpsched buffer overflow
Hi there! There's a vulnerability in DG's UNIX implementation DGUX, version R4.20MU06 and MU02 ia32 arch. The problem is when a very long, non-existant, printer name is passed to the program lpsched. It tries to format an error message and then the buffer overflow occurs... Data General was told...
Multiple Vulnerabilities In Tiki CMS/Groupware [ TikiWiki ]
Vendor : TikiWiki Project URL : http://www.tikiwiki.org Version : TikiWiki 1.8.1 && Earlier Risk : Multiple Vulnerabilities Description: Tiki CMS/Groupware aka TikiWiki is a powerful open-source Content Management System CMS and Groupware that can be used to create all sorts of Web applications,...
OSQA CMS v3b - Multiple Persistent Vulnerabilities
Title: ====== OSQA CMS v3b - Multiple Persistent Vulnerabilities Date: ===== 2012-02-27 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=461 VL-ID: ===== 461 Introduction: ============= OSQA is the Open Source Q&A System. It is free software licensed under the GPL, and y...
www.eVuln.com : Non-persistent XSS in WWWThreads (perl version)
www.eVuln.com advisory: Non-persistent XSS in WWWThreads perl version Summary: http://evuln.com/vulns/157/summary.html Details: http://evuln.com/vulns/157/description.html -----------Summary----------- eVuln ID: EV0157 Software: n/a Vendor: WWWThreads Version: v5.0.8 Pro perl version Critical...
Ultimate PHP Board (UPB) Security Advisory
Ultimate PHP Board UPB Security Advisory By : Morinex e-mail : morinexatmarocmafia com date : 13-05-2k5 shoutz : w00pie.nl - Woopie Target : Ultimate PHP Board UPB Vulnerable Versions: v. 1.8 until v 1.9.6 URL : http://www.myupb.com - http://www.myupb.com/forum/ Tested Localhost , Myupb.com. UPB ...
Multiple SAP Internet Graphics Service security vulnerabilities
File removal, insecure undocumented features, buffer overflow, crossite scripting...
127 ipTIME router models vulnerable to an unauthenticated RCE by sending a crafted DHCP request
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory Information Title: 127 ipTIME router models vulnerable to an unauthenticated RCE by sending a crafted DHCP request Advisory URL: https://pierrekim.github.io/advisories/2015-iptime-0x02.txt Blog URL:...
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
joomla SQL Injection (cat)(com_downloads)
joomla SQL Injection catcomdownloads AUTHOR : S@BUN HOME : http://www.milw0rm.com/author/1334 MAL : [email protected] DORK 1 : allinurl:"selectcat"comdownloads EXPLOIT :...
Multiple vendors FTP denial of service
Proftpd built-in 'ls' command has a globbing bug that allows remote denial-of-service. Here's a simple exploit, tested on the Proftpd site : $ ftp ftp.proftpd.org ... Name ftp.proftpd.org:j: ftp ... 230 Anonymous access granted, restrictions apply. Remote system type is UNIX. Using binary mode to...
YabbSE Remote Code Execution Vulnerability
YabbSE Remote Code Execution Vulnerability By Mindwarper :: [email protected] :: ------- ------- ---------------------- Vendor Information: ---------------------- Homepage : http://www.yabbse.org Vendor : informed Mailed advisory: 21/01/02 Vender Response : None ---------------------- Affected...
Java environment limitations bypass
There are few ways to bypass limitations and execute privileged code from the applet...
Abyss WebServer Brute Force Vulnerability
Abyss WebServer Brute Force Vulnerability Package: Abyss WebServer Vendor Web Site: http://www.aprelium.com Versions: All versions = v1.1.2 Platforms: Linux, Windows Local: No Remote: Yes Fix Available: Nofix in progress Vendor Contacted: Sunday, February 09, 2003 6:12 PM Advisory Author: thomas...
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
[security bulletin] HPSBMU03019 rev.1 - HP Software UCMDB Browser and Configuration Manager running OpenSSL, Remote Disclosure of Information
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04260353 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04260353 Version: 1 HPSBMU03019 rev....
FTP Drive + HTTP 1.0.4 iOS - Code Execution Vulnerability
Document Title: =============== FTP Drive + HTTP 1.0.4 iOS - Code Execution Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1231 Release Date: ============= 2014-03-20 Vulnerability Laboratory ID VL-ID: ====================================...
HP Autonomy WorkSite Server v9.0
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04239374 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04239374 Version: 1 HPSBMU02999 rev....
[Full-disclosure] [CVE-2007-2449] Apache Tomcat XSS vulnerabilities in the JSP examples
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2007-2449: Apache Tomcat XSS vulnerabilities in the JSP examples Severity: low cross-site scripting Vendor: The Apache Software Foundation Versions Affected: Tomcat 4.0.0 to 4.0.6 Tomcat 4.1.0 to 4.1.36 Tomcat 5.0.0 to 5.0.30 Tomcat 5.5.0 to 5.5.2...
PHPHeaven PHPMyChat Cross-site Scripting Vulnerablitiy
www.phpheaven.net/ Vulnerable versions: PHPMyChat 0.14.5 Proof of concept: http://www.example.com/chat/config/start-page.css.php3?Charset=iso-8859-1&medium=10&FontName=scriptvar20test=1;alerttest;/script...
Elasticsearch CVE-2015-5377
Summary: Elasticsearch versions prior to 1.6.1 are vulnerable to an engineered attack on its transport protocol that enables remote code execution. This issue is related to the Groovy announcement in CVE-2015-3253. Deployments are vulnerable even when Groovy dynamic scripting is disabled. We have...
IIS5.1 Directory Authentication Bypass by using “:$I30:$Index_Allocation”
Description: Although IIS5 is very old, finding one is not impossible! Therefore, I want to introduce a technique to bypass the IIS authentication methods on a directory. This vulnerability is because of using Alternate Data Stream to open a protected folder. All of IIS authentication methods can...
EEYE: Microsoft Publisher 2007 Arbitrary Pointer Dereference
Microsoft Publisher 2007 Arbitrary Pointer Dereference Release Date: July 10, 2007 Date Reported: February 16, 2007 Severity: High Remote Code Execution Vendor: Microsoft Vendor Software Affected: Microsoft Office 2007 Small Business Microsoft Office 2007 Professional Microsoft Office 2007 Ultima...
[SA21578] phpCodeGenie "BEAUT_PATH" File Inclusion Vulnerability
TITLE: phpCodeGenie "BEAUTPATH" File Inclusion Vulnerability SECUNIA ADVISORY ID: SA21578 VERIFY ADVISORY: http://secunia.com/advisories/21578/ CRITICAL: Less critical IMPACT: System access WHERE: From remote SOFTWARE: phpCodeGenie 3.x http://secunia.com/product/4141/ DESCRIPTION: Kacper has...
Dahua DVR authentication bypass
Some commands may be executed without authentication via TCP/37777 protocol...
perForms <= 1.0 ([mosConfig_absolute_path]) Remote File Inclusion
--------------------------------------------------------------------------- perForms = 1.0 mosConfigabsolutepath Remote File Inclusion --------------------------------------------------------------------------- Remote : Yes Critical Level : High Vuln founded in a log file: lazy 0day!!! :D...
apport security vulnerabilities
Symbolic links and hadlinks vulnerability in log files, privilege escalation...