47153 matches found
[ECHO_ADV_98$2008] Pre Ads Portal <= 2.0 Sql Injection Vulnerability
ECHOADV98$2008 ----------------------------------------------------------------------------------------- ECHOADV98$2008 Pre Ads Portal = 2.0 Sql Injection Vulnerability ----------------------------------------------------------------------------------------- Author : M.Hasran Addahroni Date : Jun...
[USN-612-1] OpenSSL vulnerability
=========================================================== Ubuntu Security Notice USN-612-1 May 13, 2008 openssl vulnerability CVE-2008-0166 =========================================================== A weakness has been discovered in the random number generator used by OpenSSL on Debian and...
[SECURITY] [DSA 1565-1] New Linux 2.6.18 packages fix several vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ---------------------------------------------------------------------- Debian Security Advisory DSA-1565-1 [email protected] http://www.debian.org/security/ dann frazier May 1, 2008 http://www.debian.org/security/faq -...
ZDI-08-021: Adobe Flash Player DeclareFunction2 Invalid Object Use Vulnerability
ZDI-08-021: Adobe Flash Player DeclareFunction2 Invalid Object Use Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-08-021 April 8, 2008 -- CVE ID: CVE-2007-6019 -- Affected Vendors: Adobe -- Affected Products: Adobe Flash Player -- Vulnerability Details: This vulnerability allows...
[email protected], [email protected], [email protected]
Digital Security Research Group DSecRG Advisory DSECRG-08-016 Application: Jinzora Media Jukebox Versions Affected: 2.7.5 Vendor URL: http://www.jinzora.com/ Bugs: Multiple XSS Injections Exploits: YES Reported: 04.02.2008 Second report: 12.02.2008 Vendor response: NONE Date of Public Advisory:...
SecurityReason - Apache2 CSRF, XSS, Memory Corruption and Denial of Service Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Apache2 CSRF, XSS, Memory Corruption and Denial of Service Vulnerability Author: sp3x Date: - - Written: 06.12.2007 - - Public: 09.01.2008 SecurityReason Research SecurityAlert Id: 48 CVE: CVE-2007-6420 CVE-2007-6421 CVE-2007-6422 CVE-2007-6423...
QK SMTP Server DoS
No description provided...
PostgreSQL dblink library multiple security vulnerabilities
Privilege escalation...
Boa (with Intersil Extensions) - HTTP Basic Authentication Bypass
Secure Network - Security Research Advisory Vuln name: HTTP Basic Authentication Bypass Systems affected: Boa/0.93.15 with Intersil Extensions based systems i.e. FreeLan 802.11g Wireless Access Point RO80211G-AP Severity: High Local/Remote: Remote Vendor URL: http://www.boa.org -...
[SECURITY] [DSA 1356-1] New Linux 2.6.18 packages fix several vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 1356-1 [email protected] http://www.debian.org/security/ Dann Frazier August 15th, 2007 http://www.debian.org/security/faq -...
Cross Site Request Forgery in 2wire routers
Cross Site Request Forgery in 2wire routers Vulnerable Routers: 1701HG, 2071 Gateway Software: v3.17.5, 5.29.51 Password Not Set default Greetz a la Comunidad Underground de Mйxico, y a los que me ayudaron a probarlo: Preth00nker, nitr0us, ... [email protected] I. Background ------------- This is the...
Multiple Encase vulnerabilities
Memory corruptions on processing of corrupted files and filesystems...
[security bulletin] HPSBMA02224 SSRT071334 rev.1 - HP System Management Homepage (SMH) for Linux, Remote Privileged Access
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c01072894 Version: 1 HPSBMA02224 SSRT071334 rev.1 - HP System Management Homepage SMH for Linux, Remote Privileged Access NOTICE: The information in this Security Bulletin should be acted upon as...
Pathos CMS 0.92-2 (warn.php file) Remote File Inclusion Vulnerability
Pathos Content Management System Found by kezzap66345 Script download:: http://sourceforge.net/projects/pathos/ Direct link : http://sourceforge.net/project/showfiles.php?groupid=103303&packageid=110862&releaseid=243512 ERROR1: File:warn.php includeonce$GET'file' . ".html"; rfi coded RFI1:...
Plantilla PHP Simple
Plantilla PHP Simple local file include vulnerability: /zadminxx/listmainpages.php?nfolder=/etc/ file upoad vulnerability: upload any-script with a double extension .. laurent gaffie...
MyCalendar multiple XSS
MyCalendar multiple XSS By : sn0oPy Risk : medium site : http://abledesign.com/programs/MyCalendar/ exploit : XSS on the search menu : http://www.target.ma/calendar/index.php?go=search XSS on the url : http://www.target.ma/calendar/index.php?go="scriptalertdocument.cookie/script XSS on the userna...
MysearchEngine XSS
MysearchEngine XSS By : sn0oPy Risk : low site : http://homeproduction.free.fr/ exploit : scriptalert'test'/script Dork : inurl:"MysearchEngine" contact : [email protected] greetz : subzero, http://forums.avenir-geopolitique.net. reference :...
[SA23908] Drupal Project Module Script Insertion Vulnerability
TITLE: Drupal Project Module Script Insertion Vulnerability SECUNIA ADVISORY ID: SA23908 VERIFY ADVISORY: http://secunia.com/advisories/23908/ CRITICAL: Less critical IMPACT: Cross Site Scripting WHERE: From remote SOFTWARE: Drupal Project Module 4.x http://secunia.com/product/12912/ DESCRIPTION:...
iDefense Security Advisory 01.09.07: Adobe Macromedia ColdFusion Source Code Disclosure Vulnerability
Adobe Macromedia ColdFusion Source Code Disclosure Vulnerability iDefense Security Advisory 01.09.07 http://labs.idefense.com/intelligence/vulnerabilities/ Jan 09, 2007 I. BACKGROUND Adobe Macromedia ColdFusion is an application server and development framework for websites. More information is...
Wordpress <= 2.x dictionnary & Bruteforce attack
Source code !usr/bin/python Flaw found on Wordpress that allow Dictionnary & Bruteforce attack Greetz goes to : NeoMorphS, Tiky Vendor : http://wordpress.org/ Found by : Kad [email protected] / [email protected] import urllib , urllib2, sys, string tab = "sss" string.asciiletters,...
CVE-2006-5815: remote code execution in ProFTPD
======= Summary ======= On 6 November 2006, Evgeny Legerov [email protected] posted to BUGTRAQ1, announcing his commercial VulnDisco Pack for Metasploit 2.72. One of the included exploits, vdproftpd.pm, takes advantage of an off-by-one string manipulation flaw in ProFTPD's sreplace function to allow...
enomphp => 4.0 Remote Traversal Directory
""""""""""""""""""""""""""""""""""""""""""""""" """ :: :: ::::: :::: """ """ :: :: :: : :: """ """ :::: :: :: ::::: ::::: :::: """ """ :: :: ::: ::: :: :: :: :: :: """ """ :: :: :: : : ::::: :: :: :::: """ """ """ """"""""""""""""""""""""""""""""""""""""""""""" Xmor$ DigitaL Hacking TeaM enomphp ...
Pearl Forums 2.4 Multiple Remote File Include Vulnerabilities
| | / | / | | | | | / | / / | | | | '| | |/| |/ / / / / | | '| | | / | | || | | | | | | | | / | | | | || |/|| || ||,// / ||| ,|/ ///////////////////////////////////////////////////////////////////////////////////////////////////////////// //Script:Pearl Forums //Author: Dr Max Virus...
UPublisher 1.0 (viewarticle.asp) Remote SQL Injection Vulnerability
Title : UPublisher 1.0 viewarticle.asp Remote SQL Injection Vulnerability Author : ajann Dork : UPublisher http://target/path//viewarticle.asp?ID=SQL Example: //viewarticle.asp?ID=-120union20select200,password,username,0,0,0,020from20tblusers OR ---...
[SA21432] Comet WebFileManager "Language" File Inclusion Vulnerability
---------------------------------------------------------------------- Hardcore Disassembler / Reverse Engineer Wanted! Want to work with IDA and BinDiff? Want to write PoC's and Exploits? Your nationality is not important. We will get you a work permit, find an apartment, and offer a relocation...
VBZooM <=V1.11 " reply.php" SQL Injection
=========================================== Discovered By: C.B.B.L CrAzY CrAcKeR ,Breeeeh ,BoNy-m ,LiNuXrOOt =========================================== Search:- POWERED BY: VBZooM V1.11 Example:- /reply.php?UserID=SQL njection...
Microsoft Security Bulletin MS06-035 Vulnerability in Server Service Could Allow Remote Code Execution (917159)
Microsoft Security Bulletin MS06-035 Vulnerability in Server Service Could Allow Remote Code Execution 917159 Published: July 11, 2006 Version: 1.0 Summary Who Should Read this Document: Customers who use Microsoft Windows Impact of Vulnerability: Remote Code Execution Maximum Severity Rating:...
VMSA-2006-0002 - VMware Server sensitive information lifetime issue
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------- VMware Security Advisory Advisory ID: VMSA-2006-0002 Synopsis: VMware Server sensitive information lifetime issue Advisory URL:...
ishopcart cgi 0day and multiple vulnerabilities
Vendor: ishopcart inc Vendor Site: ishopcart.com Vendor Status: notified via telephone While spending a night auditing I have found 2 buffer overflows and 1 directory traversal in the ishopcart cgi, which is written in C. The directory traversal is caused by how the cgi chooses to show pages. If,...
Newswriter v1.0 Remote XSS Exploit
------------------------------------------------------------------ - Newswriter v1.0 Remote XSS Exploit - -= http://colander.altervista.org/advisory/Newswriter.txt =- ------------------------------------------------------------------ -= Newswriter v1.0 =- Omnipresent May 20, 2006 Vunerabilitys:...
Invision Gallery 2.0.6 ( SQL Injection )
left Invision Gallery 2.0.6 SQL Injection File :- modules/gallery/post.php Line :- 943 Bug By :- Devil-00 Welcome Back Security4arab Arabian Security WebSites www.s4a.cc www.securitygurus.net php $this-ipsclass-DB-simpleconstruct array 'select' = 'COUNT AS total', 'from' = 'galleryimages', 'where...
[security bulletin] HPSBUX02105 SSRT061134 rev.1 - HP-UX Running swagentd Remote Denial of Service (DoS)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c00622788 Version: 1 HPSBUX02105 SSRT061134 rev.1 - HP-UX Running swagentd Remote Denial of Service DoS NOTICE: The information in this Security Bulletin should be acted upon as soon as possible...
[Full-disclosure] Advisory: Jiros Banner Experience Pro Remote Privilege Escalation.
--Security Report-- Advisory: Jiros Banner Experience Pro Remote Privilege Escalation. --- Author: Mustafa Can Bjorn "nukedx a.k.a nuker" IPEKCI --- Date: 07/03/06 04:52 AM --- Contacts: ICQ: 10072 MSN/Email: [email protected] Web: http://www.nukedx.com --- Vendor: Jiros http://www.jiros.net...
[Full-disclosure] iDefense Security Advisory 02.07.06: QNX Neutrino RTOS fontsleuth Command Format String Vulnerability
QNX Neutrino RTOS fontsleuth Command Format String Vulnerability iDefense Security Advisory 02.07.06 http://www.idefense.com/intelligence/vulnerabilities/display.php?id=380 February 7, 2006 I. BACKGROUND QNX Software Systems Ltd.'s Neutrino RTOS QNX is a real-time operating system designed for us...
Bug for libs in php link directory 2.0
Program: PHPLD Php link directory Homepage: http://www.phplinkdirectory.com/ Language: PHP Version: 2.0 Php link directory use lib's how adodb, smarthy, phpmailer, etc., etc. but this lib's have bug's. Bugs: ADOdb PostgreSQL SQL Injection Vulnerability http://www.securityfocus.com/bid/16364...
eXtreme Styles mod <= 2.2.1 Multiple Vulnerabilities
Site: http://www.phpbbstyles.com/ 1. Remote File Content Disclosure http://forum/admin/xsedit.php?edit=../../../../etc/passwd 2. Full Path Disclosure http://forum/admin/xsedit.php?edit=&viewbackup=1 http://wtf.bz/...
FunkBoard V0.66CF (possibly prior versions) cross site scripting, possible database username/password disclosure & board takeover,possible remote code execution
FunkBoard V0.66CF possibly prior versions cross site scripting, possible database username/password disclosure & board takeover, possible remote code execution software: author site: http://www.pathtofunkboard.co.uk/ xss:...
Microsoft Security Bulletin MS05-038 Cumulative Security Update for Internet Explorer (896727)
Microsoft Security Bulletin MS05-038 Cumulative Security Update for Internet Explorer 896727 Issued: August 9, 2005 Version: 1.0 Summary Who should read this document: Customers who use Microsoft Windows Impact of Vulnerability: Remote Code Execution Maximum Severity Rating: Critical...
Web Wiz Forums ver. 7.01
Informations : °°°°°°°°°°°° Language : ASP Bugged Version : Web Wiz Forums ver. 7.01 and less ? Website : http://www.webwizforums.com Problems : Permanent XSS Objects : °°°°°°° - registernewuser.asp - register.asp The values variable are not filtered: strLocation = Request.Form"location" strMessa...
Microsoft Security Bulletin MS03-017: Flaw in Windows Media Player Skins Downloading could allow Code Execution (817787)
-----BEGIN PGP SIGNED MESSAGE----- - -------------------------------------------------------------------- Title: Flaw in Windows Media Player Skins Downloading could allow Code Execution 817787 Date: 07 May 2003 Software: Microsoft Windows Media Player 7.1 Microsoft Windows Media Player for Windo...
Microsoft Security Bulletin MS02-065: Buffer Overrun in Microsoft Data Access Components Could Lead to Code Execution (Q329414)
-----BEGIN PGP SIGNED MESSAGE----- - ---------------------------------------------------------------------- Title: Buffer Overrun in Microsoft Data Access Components Could Lead to Code Execution Q329414 Date: 20 November, 2002 Software: Microsoft Data Access Components MDAC 2.1 Microsoft Data...
Multiple Web Security Holes
I sent this three times to webappsec but without resultats. I try so on bugtraq, although that is less appropriate. ----------------------------------------------------- Five products in PHP are vulnerable to various holes. 1 TightAuction Website : http://www.tightprices.com Tested Version : 3.0...
[Mantis Advisory/2002-04] Arbitrary code execution vulnerability in Mantis
Mantis Advisory/2002-04 Arbitrary code execution vulnerability in Mantis 0. Table of Contents 1. Introduction 2. Summary / Impact analysis 3. Affected versions 4. Workaround / Solution 5. Detailed explanation 6. Credit 7. Contact details 1. Introduction Mantis is an Open Source web-based...
Security Advisory: Cisco VPN 5000 Series Concentrator RADIUS PAP Authentication Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Cisco VPN 5000 Series Concentrator RADIUS PAP Authentication Vulnerability Revision 1.0 For Public Release 2002 August 07 UTC 1500 Contents Summary Affected Products Details Impact Software Versions and Fixes Obtaining Fixed...
[ WWWThreads, UBBThreads ] Security Hole in upload system
WWWThreads, UBBThreads Security Hole in upload system Author: RootExtractor, CompuMe [email protected], [email protected] I. Details II. Vulnerable ver's III. Example, Xploit IV. Solution Details : ..: config.inc.php :.. ------------------------- snip ------------------------------ //...
3COM OfficeConnect DSL router vulneratibilities
Yesterday night I discovered a vulnerabilty. The router is a 3COM OfficeConnect 812 and the vulnerability is on the HTTP server, on port 80. When you enter with a browser on one of this router, you are asked for user/password, if you fail, you can see a web page telling you that is a protected...
NSFOCUS SA2001-02 : Microsoft IIS CGI Filename Decode Error Vulnerability
NSFBUGTRAQOCUS Security AdvisorySA2001-02 Topic: Microsoft IIS CGI Filename Decode Error Vulnerability Release DateЈє 2001-5-15 CVE Candidate Numbers: CAN-2001-0333 BUGTRAQ ID : 2708 Affected system: ================ - Microsoft IIS 4.0 - Microsoft IIS 5.0 Not affected system: ===================...
[SX-20010320-2b] - Followup re. Microsoft ISA Server Denial of Service
FSC Internet Corp. / SecureXpert Labs Advisory SX-20010320-2b This is a follow-up to: SX-20010320-2 Denial of Service in Microsoft ISA server v1.0 Several individuals have pointed out an easier exploit scenario for this vulnerability, which additionally does NOT require the Web Publishing feature...
Win2k Telnet.exe malicious server vulnerability
Microsoft was informed of this problem with exploit over a month ago. I received some token responses right after emailing them, but have heard nothing since. If they have released an advisory of their own yet, I have not seen it. I informed them up-front that I would release a full-disclosure...
Multiple Path/Directory Traversal and/or Local File Inclusion in Easy2Map version 1.2.9 WordPress plugin
Vulnerability title: Multiple Path/Directory Traversal and/or Local File Inclusion in Easy2Map version 1.2.9 WordPress plugin CVE: CVE-2015-7669 Vendor: Steven Ellis Product: Easy2Map Affected version: 1.2.9 Fixed version: 1.3.0 Reported by: Iberia Medeiros Vulnerability Details:...