47153 matches found
ph5gruppo (prodotto.php?id) Remote SQL injection Vulnerability
IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability ph5gruppo prodotto.php?id AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.ph5gruppo.it/ Persian Gulf 4 Ever! Dork : "Sito realizzato da ph5 gruppo" Exploite:...
BUZLAB (prodotti.php?idCategoria) Remote SQL injection Vulnerability
IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability BUZLAB prodotti.php?idCategoria AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.buzlab.com/ Persian Gulf 4 Ever! Dork : "Produced by BUZLAB"...
Grupo Argentina Web Remote SQL injection Vulnerability
IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability Grupo Argentina Web AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://grupoargentinaweb.com/ Persian Gulf 4 Ever! Dork : "Designed & powered by GAW GrupoArgentinaWeb"...
[SECURITY] [DSA 2289-1] typo3-src security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2289-1 [email protected] http://www.debian.org/security/ Florian Weimer August 07, 2011 http://www.debian.org/security/faq -...
VUPEN Security Research - Microsoft Internet Explorer Layouts Use-after-free Vulnerability (CVE-2011-0094)
VUPEN Security Research - Microsoft Internet Explorer Layouts Use-after-free Vulnerability CVE-2011-0094 http://www.vupen.com/english/research.php I. BACKGROUND --------------------- "Microsoft Internet Explorer is a web browser developed by Microsoft and included as part of the Microsoft Windows...
[security bulletin] HPSBUX02642 SSRT100415 rev.1 - HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows running Java, Remote Denial of Service (DoS)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c02746026 Version: 1 HPSBUX02642 SSRT100415 rev.1 - HP Network Node Manager i NNMi for HP-UX, Linux, Solaris, and Windows running Java, Remote Denial of Service DoS NOTICE: The information in this...
HTB22919: Multiple XSS in Viscacha
Vulnerability ID: HTB22919 Reference: http://www.htbridge.ch/advisory/multiplexssinviscacha.html Product: Viscacha Vendor: MaMo Net http://www.viscacha.org Vulnerable Version: 0.8.1 Vendor Notification: 24 March 2011 Vulnerability Type: XSS Cross Site Scripting Risk level: Medium Credit: High-Tec...
Joomla! 1.6.0 | SQL Injection Vulnerability
================================= Joomla! 1.6.0 | SQL Injection Vulnerability ================================= 1. OVERVIEW Joomla! 1.6.0 was vulnerable to SQL Injection. 2. BACKGROUND Joomla is a free and open source content management system CMS for publishing content on the World Wide Web and...
Cisco Security Advisory: Multiple Vulnerabilities in Cisco TelePresence Multipoint Switch
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Cisco Security Advisory: Multiple Vulnerabilities in Cisco TelePresence Multipoint Switch Advisory ID: cisco-sa-20110223-telepresence-ctms Revision 1.0 For Public Release 2011 February 23...
[ MDVSA-2011:006 ] subversion
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2011:006 http://www.mandriva.com/security/ Package : subversion Date : January 14, 2011 Affected: 2009.0, 2010.0, 2010.1, Corporate 4.0, Enterprise Server 5.0 Problem Description: Multiple vulnerabilities has bee...
OsCSS 1.2.2a Authentication Bypass
Exploit Title: OsCSS 1.2.2a Authentication Bypass Date: 12-1-2010 Author: Shichemt Alen Software Link: None Version: 1.2.2a Platform / Tested on: Windows XP SP2 DE & Ubuntu 10.10 category: webapps/0day Dork : allinurl:"Anti-Script Kiddies" Contact : [email protected] -...
[security bulletin] HPSBMA02584 SSRT100230 rev.1 - HP System Management Homepage (SMH) for Linux and Windows, Remote URL Redirection
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c02514953 Version: 1 HPSBMA02584 SSRT100230 rev.1 - HP System Management Homepage SMH for Linux and Windows, Remote URL Redirection NOTICE: The information in this Security Bulletin should be acte...
[SECURITY] [DSA 2097-2] New phpmyadmin packages fix several vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-2097-2 [email protected] http://www.debian.org/security/ Thijs Kinkhorst September 11, 2010 http://www.debian.org/security/faq -...
Microsoft Security Bulletin MS10-057 - Important Vulnerability in Microsoft Office Excel Could Allow Remote Code Execution (2269707)
Microsoft Security Bulletin MS10-057 - Important Vulnerability in Microsoft Office Excel Could Allow Remote Code Execution 2269707 Published: August 10, 2010 Version: 1.0 General Information Executive Summary This security update resolves a privately reported vulnerability in Microsoft Office. Th...
Cisco Security Advisory: SQL Injection Vulnerability in Cisco Wireless Control System
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: SQL Injection Vulnerability in Cisco Wireless Control System Advisory ID: cisco-sa-20100811-wcs Revision 1.0 For Public Release 2010 August 11 1600 UTC GMT +---------------------------------------------------------------------...
Cisco Security Advisory: Vulnerabilities in Cisco Unified Contact Center Express
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Vulnerabilities in Cisco Unified Contact Center Express Advisory ID: cisco-sa-20100609-uccx Revision 1.0 For Public Release 2010 June 09 1600 UTC GMT +--------------------------------------------------------------------- Summa...
Secunia Research: Adobe Shockwave Player Asset Entry Parsing Vulnerability
====================================================================== Secunia Research 12/05/2010 - Adobe Shockwave Player Asset Entry Parsing Vulnerability - ====================================================================== Table of Contents Affected...
ZDI-10-086: HP OpenView NNM getnnmdata.exe CGI Invalid Hostname Remote Code Execution Vulnerability
ZDI-10-086: HP OpenView NNM getnnmdata.exe CGI Invalid Hostname Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-10-086 May 11, 2010 -- CVE ID: CVE-2010-1555 -- Affected Vendors: Hewlett-Packard -- Affected Products: Hewlett-Packard OpenView Network Node Manager...
Microsoft Security Bulletin MS10-021 - Important Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (979683)
Microsoft Security Bulletin MS10-021 - Important Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege 979683 Published: April 13, 2010 Version: 1.0 General Information Executive Summary This security update resolves several privately reported vulnerabilities in Microsoft Windows...
MKPortal Contact module XSS Vulnerability
========================================= MKPortal Contact module XSS Vulnerability ========================================= The largest Exploit Database in the world ! 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' /' / /' 0 0 /, // ,/ / 1 1 // /' / // /' / /'...
Mozilla Foundation Security Advisory 2010-04
Mozilla Foundation Security Advisory 2010-04 Title: XSS due to window.dialogArguments being readable cross-domain Impact: Moderate Announced: February 17, 2010 Reporter: Hidetake Jo, TippingPoint ZDI Products: Firefox, SeaMonkey Fixed in: Firefox 3.6 Firefox 3.5.8 Firefox 3.0.18 SeaMonkey 2.0.3...
eWebeditor ASP Version Multiple Vulnerabilities
Securitylab.ir Application Info: Name: eWebeditor Version: ASP Vulnerability: ======================= Arbitrary File Upload ======================= form action = "http://site.com/manage/ewebeditor/upload.asp?action=save&type=IMAGE&style=luoye 'union select SID, SName, SDir, SCSS, SUploadDir 2b' /...
[USN-858-1] OpenLDAP vulnerability
=========================================================== Ubuntu Security Notice USN-858-1 November 12, 2009 openldap2.2 vulnerability CVE-2009-3767 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS This advisory...
VUPEN Security - Adobe Shockwave Player Multiple Code Execution Vulnerabilities
VUPEN Vulnerability Research - Adobe Shockwave Player Multiple Code Execution Vulnerabilities I. BACKGROUND --------------------- "Over 450 million Internet-enabled desktops have installed Adobe Shockwave Player. These people now have access to some of the best the Web has to offer including...
Microsoft Security Bulletin MS09-054 - Critical Cumulative Security Update for Internet Explorer (974455)
Microsoft Security Bulletin MS09-054 - Critical Cumulative Security Update for Internet Explorer 974455 Published: October 13, 2009 Version: 1.0 General Information Executive Summary This security update resolves three privately reported vulnerabilities and one publicly disclosed vulnerability in...
[oCERT-2009-013] yTNEF/Evolution TNEF attachment decoder input sanitization errors
2009-013 yTNEF/Evolution TNEF attachment decoder input sanitization errors Description: yTNEF, an open source filter program that decodes Transport Neutral Encapsulation Format TNEF e-mail attachments, and the Evolution TNEF attachment decoder plugin suffer from directory traversal and buffer...
wordpress plugins wp-Table v1.52 Remote File Inclusion Vulnerability
=========================================================================================== o wordpress plugins wp-Table v1.52 Remote File Inclusion Vulnerability Software : wp-Table v1.52 Vendor : http://wordpress.org/ Download : http://wordpress.org/extend/plugins/wp-table/wp-table.zip Author :...
CodeIgniter Global XSS Filtering Bypass Vulnerability
======================================== CodeIgniter Global XSS Filtering Bypass Vulnerability ======================================== Discovered by: Aung Khant, YGN Ethical Hacker Group, Myanmar http://yehg.net/ believe in full disclosure Product : CodeIgniter http://www.codeigniter.com Product...
Microsoft Security Bulletin MS09-029 - Critical Vulnerabilities in the Embedded OpenType Font Engine Could Allow Remote Code Execution (961371)
Microsoft Security Bulletin MS09-029 - Critical Vulnerabilities in the Embedded OpenType Font Engine Could Allow Remote Code Execution 961371 Published: July 14, 2009 Version: 1.0 General Information Executive Summary This security update resolves two privately reported vulnerabilities in a...
(Post Form var 'username') BLIND SQLi exploit --S-CMS <= v-2.0 Beta3-->
!/usr/bin/perl ------------------------------------------------------------------------ Post Form var 'username' BLIND SQLi exploit --S-CMS = v-2.0 Beta3-- ------------------------------------------------------------------------ CMS INFORMATION: --WEB: http://www.matteoiammarrone.com/public/s-cms...
Microsoft Security Bulletin MS09-010 - Critical Vulnerabilities in WordPad and Office Text Converters Could Allow Remote Code Execution (960477)
Microsoft Security Bulletin MS09-010 - Critical Vulnerabilities in WordPad and Office Text Converters Could Allow Remote Code Execution 960477 Published: April 14, 2009 Version: 1.0 General Information Executive Summary This security update resolves two publicly disclosed vulnerabilities and two...
[BMSA-2009-02] XML injection in PyBlosxom
BLUE MOON SECURITY ADVISORY 2009-02 =================================== :Title: XML Injection in PyBlosxom :Severity: Low :Reporter: Blue Moon Consulting :Products: PyBlosxom v1.4.3 :Fixed in: -- Description ----------- PyBlosxom is a lightweight file-based weblog system. The project started as a...
Microsoft Visual Basic multiple ActiveX security vulnerabilities
Memory corruptions in DataGrid, FlexGrid, Hierarchical FlexGrid, Windows Common AVI, Charts, Masked Edit controls...
[security bulletin] HPSBMA02390 SSRT071481 rev.1 - HP OpenView Performance Agent, HP Performance Agent, Remote Denial of Service (DoS)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c01621724 Version: 1 HPSBMA02390 SSRT071481 rev.1 - HP OpenView Performance Agent, HP Performance Agent, Remote Denial of Service DoS NOTICE: The information in this Security Bulletin should be...
Joomla Component GameQ
Joomla Component GameQ AUTHOR : Sina Yazdanmehr R3d.W0rm Discovered by : Sina Yazdanmehr R3d.W0rm Our Site : Http://IRCRASH.COM IRCRASH Team Members : Dr.Crash - R3d.w0rm Sina Yazdanmehr - Hadi Kiamarsi Download : http://joomlacode.org/gf/project/gameq DORK : inurl:option=comgameq Bug...
[security bulletin] HPSBMA02388 SSRT080059 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Cross Site Scripting (XSS)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c01607570 Version: 1 HPSBMA02388 SSRT080059 rev.1 - HP OpenView Network Node Manager OV NNM, Remote Cross Site Scripting XSS NOTICE: The information in this Security Bulletin should be acted upon ...
rPSA-2008-0286-1 mono
rPath Security Advisory: 2008-0286-1 Published: 2008-09-29 Products: rPath Linux 2 Rating: Major Exposure Level Classification: Remote User Deterministic Vulnerability Updated Versions: mono=conary.rpath.com@rpl:2/1.2.6-5-0.1 References: https://vulners.com/cve/CVE-2008-3906 Description: Previous...
[USN-612-1] OpenSSL vulnerability
=========================================================== Ubuntu Security Notice USN-612-1 May 13, 2008 openssl vulnerability CVE-2008-0166 =========================================================== A weakness has been discovered in the random number generator used by OpenSSL on Debian and...
blur6ex-0.3.462 LOCAL FILE INCLUSION Vulnerbility
..:::::blur6ex-0.3.462 LOCAL FILE INCLUSION Vulnerbility ::::... Virangar Security Team www.virangar.net -------- Discoverd By :Virangar Security Team hadihadi special tnx to:MR.nosrati,black.shadowes,MR.hesy,Zahra & all virangar members & all iranian hackerz greetz:to my best friend in the world...
ZDI-08-021: Adobe Flash Player DeclareFunction2 Invalid Object Use Vulnerability
ZDI-08-021: Adobe Flash Player DeclareFunction2 Invalid Object Use Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-08-021 April 8, 2008 -- CVE ID: CVE-2007-6019 -- Affected Vendors: Adobe -- Affected Products: Adobe Flash Player -- Vulnerability Details: This vulnerability allows...
rPSA-2008-0132-1 lighttpd
rPath Security Advisory: 2008-0132-1 Published: 2008-03-31 Products: rPath Linux 1 Rating: Major Exposure Level Classification: Remote Deterministic Denial of Service Updated Versions: lighttpd=conary.rpath.com@rpl:1/1.4.18-0.5-1 rPath Issue Tracking System: https://issues.rpath.com/browse/RPL-24...
[email protected], [email protected], [email protected]
Digital Security Research Group DSecRG Advisory DSECRG-08-016 Application: Jinzora Media Jukebox Versions Affected: 2.7.5 Vendor URL: http://www.jinzora.com/ Bugs: Multiple XSS Injections Exploits: YES Reported: 04.02.2008 Second report: 12.02.2008 Vendor response: NONE Date of Public Advisory:...
QK SMTP Server DoS
No description provided...
Directory Traversal in SafeNet Sentinel Protection Server and Keys Server
SUMMARY ======= SafeNet Inc.'s Sentinel Protection Server and Sentinel Keys Server products include web servers which are vulnerable to directory traversal attacks. A remote attacker could exploit these vulnerabilities to read arbitrary files with the permissions of the web server, typically...
[SECURITY] [DSA 1356-1] New Linux 2.6.18 packages fix several vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 1356-1 [email protected] http://www.debian.org/security/ Dann Frazier August 15th, 2007 http://www.debian.org/security/faq -...
Cross Site Request Forgery in 2wire routers
Cross Site Request Forgery in 2wire routers Vulnerable Routers: 1701HG, 2071 Gateway Software: v3.17.5, 5.29.51 Password Not Set default Greetz a la Comunidad Underground de Mйxico, y a los que me ayudaron a probarlo: Preth00nker, nitr0us, ... [email protected] I. Background ------------- This is the...
Pathos CMS 0.92-2 (warn.php file) Remote File Inclusion Vulnerability
Pathos Content Management System Found by kezzap66345 Script download:: http://sourceforge.net/projects/pathos/ Direct link : http://sourceforge.net/project/showfiles.php?groupid=103303&packageid=110862&releaseid=243512 ERROR1: File:warn.php includeonce$GET'file' . ".html"; rfi coded RFI1:...
Crea-Book <= 1.0 Admin Access Bypass / DB Disclosure / Code Execution
/======================================= | Advisory :: Crea-Book = 1.0 | +=======================================+--------------------------------------------------------------- | | | Download link : http://www.comscripts.com/scripts/php.creabook.1359.html | | Type : Guestbook | | Vuln. found :...
Microsoft Internet Explorer page content spoofing
Crossite scripting in res://ieframe.dll/navcancl.htmhttp://www.site.com page allows to inject HTML code into page...
Plantilla PHP Simple
Plantilla PHP Simple local file include vulnerability: /zadminxx/listmainpages.php?nfolder=/etc/ file upoad vulnerability: upload any-script with a double extension .. laurent gaffie...