47153 matches found
Nafis Group (review.php?ID) Remote SQL injection Vulnerability
IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability Nafis Group review.php?ID AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Persian Gulf 4 Ever! Dork : "Powered by : Nafis Group" Exploite: www.victim.com/review.php?ID=SQL SpeCial TanX To :...
LAB GRAPHIC DESIGN (index.php?categoria_id) Remote SQL injection Vulnerability
IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability LAB GRAPHIC DESIGN index.php?categoriaid AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Persian Gulf 4 Ever! Dork : "Powered by LAB GRAPHIC DESIGN " Exploite:...
Jcow CMS 4.x:4.2 <= , 5.x:5.2 <= | Arbitrary Code Execution
Jcow CMS 4.x:4.2 = , 5.x:5.2 = | Arbitrary Code Execution 1. OVERVIEW Jcow CMS versions 4.x: 4.2 and lower, 5.x: 5.2 and lower are vulnerable to Arbitrary Code Execution. 2. BACKGROUND Jcow is a flexible Social Networking software written in PHP. It can help you to build a social network for your...
TconZERO (prodotto.php?idprodotto) Remote SQL injection Vulnerability
IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability TconZERO prodotto.php?idprodotto AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.tconzero.net/ Persian Gulf 4 Ever! Dork : "Design By TconZERO"...
Adobe Flash Player multiple security vulnerabilities
Memory corruptions, buffer overflows, integer overflows, crossite scripting...
Security advisory: SQL Injection in LedgerSMB 1.2.24 and lower
Hi all; The LedgerSMB development team has found an SQL injection issue in LedgerSMB 1.2.24. Because this issue stems from our common SQL-Ledger heritage, it affects all versions of LedgerSMB and has been confirmed in SQL-Ledger 2.8.33. We contacted Dieter when we initially discovered this and no...
B-Keen communication (dettaglio_news.php&id) Remote SQL injection Vulnerability
IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability B-Keen communication dettaglionews.php&id AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.b-keen.it/ Persian Gulf 4 Ever! Dork : "Powered by B-Keen communication"...
[PT-2011-23] Database information disclosure in GLPI
---------------------------------------------------------------------- PT-2011-23 Positive Technologies Security Advisory Database information disclosure in GLPI ---------------------------------------------------------------------- --- Vulnerable software GLPI Version 0.80.1 and earlier...
ZDI-11-273: EMC Autostart Domain Name Logging Remote Code Execution Vulnerability
ZDI-11-273: EMC Autostart Domain Name Logging Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-273 August 23, 2011 -- CVE ID: CVE-2011-2735 -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C -- Affected Vendors: EMC -- Affected Products: EMC AutoStart -- TippingPointTM...
HTTPKiller - (Global HTTP DoS)
Connection Keep-Alive + Pipelining + Close the connection before the response + Something... = DoS Apache, IIS, Squid, NetCache, What else?...
Lumension Device Control memory corruption
Memory corruption on TCP/65129 traffic parsing...
PHP 5.3.6 multiple null pointer dereference
PHP 5.3.6 multiple null pointer dereference Author: Maksymilian Arciemowicz http://securityreason.com/ http://securityreason.net/ http://cxib.net/ Date: - Dis.: 20.07.2011 - Pub.: 19.08.2011 Affected Software verified: PHP 5.3.6 and prior Fixed: PHP 5.3.7 Original URL:...
################################ IRANIAN THE BEST HACKERS IN THE WORLD ################## #################### #################### ## ## Remote SQL injection Vulnerability ## ## Dataminas (noticias.php?categoria_id) (galeria.php?galeria
IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability Simply Media Web archivio.asp?categoriaid AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.simplymediaweb.it/ Persian Gulf 4 Ever! Dork : "Powered by Simply Media Web"...
OMNITEC (prodotto.php?id_prodotto) Remote SQL injection Vulnerability
IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability OMNITEC prodotto.php?idprodotto AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Persian Gulf 4 Ever! Dork : "design e realizzazione by OMNITEC" Exploite:...
ZDI-11-276: Adobe Flash Player MP4 sequenceParameterSetNALUnit Remote Code Execution Vulnerability
ZDI-11-276: Adobe Flash Player MP4 sequenceParameterSetNALUnit Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-276 August 23, 2011 -- CVE ID: CVE-2011-2140 -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P -- Affected Vendors: Adobe -- Affected Products: Adobe Flash...
ZDI-11-275: EMC Autostart ftAgent Opcode 0x11 Parsing Remote Code Execution Vulnerability
ZDI-11-275: EMC Autostart ftAgent Opcode 0x11 Parsing Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-275 August 23, 2011 -- CVE ID: CVE-2011-2735 -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C -- Affected Vendors: EMC -- Affected Products: EMC AutoStart --...
NGS00054 Technical Advisory: : Lumension Device Control (formerly Sanctuary) remote memory corruption
======= Summary ======= Name: Lumension Device Control formerly Sanctuary remote memory corruption Release Date: 24 August 2011 Reference: NGS00054 Discoverer: Andy Davis [email protected] Vendor: Lumension Vendor Reference: Systems Affected: Lumension Device Control v4.4 SR6 Risk: High...
Advisory: Range header DoS vulnerability Apache HTTPD 1.3/2.x (CVE-2011-3192)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Apache HTTPD Security ADVISORY ============================== UPDATE 2 Title: Range header DoS vulnerability Apache HTTPD 1.3/2.x CVE: CVE-2011-3192 Last Change: 20110826 1030Z Date: 20110824 1600Z Product: Apache HTTPD Web Server Versions: Apache 1.3...
FLV Player flash application multiple security vulnerabilities
Content spoofing, crossite scripting...
Уязвимости в FLV Player
Здравствуйте 3APA3A! Сообщаю вам о найденных мною Content Spoofing и Cross-Site Scripting уязвимостях в флеш видео плеере FLV Player. Content Spoofing WASC-12: Флешки плеера FLV Player принимают произвольные адреса в параметре configxml, что позволяет подделать содержимое флешки - например, указа...
[USN-1196-1] eCryptfs vulnerability
========================================================================== Ubuntu Security Notice USN-1196-1 August 23, 2011 ecryptfs-utils vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivative...
eCryptfs multiple security vulnerabilities
Privilege escalation, information leakage...
ALTOGRADO (catalogo.php?id_categoria) Remote SQL injection Vulnerability
IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability ALTOGRADO catalogo.php?idcategoria AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.altogrado.com.ar/ Persian Gulf 4 Ever! Dork : "Powered by ALTOGRADO"...
ASPR #2011-08-18-1: Remote Binary Planting in Mozilla Firefox
=====BEGIN-ACROS-REPORT===== PUBLIC ========================================================================= ACROS Security Problem Report 2011-08-18-1 ------------------------------------------------------------------------- ASPR 2011-08-18-1: Remote Binary Planting in Mozilla Firefox...
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
Grupo Argentina Web Remote SQL injection Vulnerability
IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability Grupo Argentina Web AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://grupoargentinaweb.com/ Persian Gulf 4 Ever! Dork : "Designed & powered by GAW GrupoArgentinaWeb"...
ESA-2011-025: Multiple buffer overflow vulnerabilities in EMC AutoStart
ESA-2011-025.txt -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2011-025: Multiple buffer overflow vulnerabilities in EMC AutoStart EMC Identifier: ESA-2011-025 CVE Identifier: CVE-2011-2735 Severity Rating: CVSS v2 Base Score: 7.9 AV:A/AC:M/Au:N/C:C/I:C/A:C Affected products: EMC AutoStart...
Mozilla Fireox / Seamonkey / Thunderbird multiple security vulnerabilities
Multiple memory corruptions, crossite access, information leak, restriction bypass...
ASPR #2011-08-18-2: Remote Binary Planting in Mozilla Thunderbird
=====BEGIN-ACROS-REPORT===== PUBLIC ========================================================================= ACROS Security Problem Report 2011-08-18-2 ------------------------------------------------------------------------- ASPR 2011-08-18-2: Remote Binary Planting in Mozilla Thunderbird...
Elgg 1.7.10 <= | Multiple Vulnerabilities
OVERVIEW The Elgg 1.7.10 and lower versions are vulnerable to Cross Site Scripting and SQL Injection. 2. BACKGROUND Elgg is an award-winning social networking engine, delivering the building blocks that enable businesses, schools, universities and associations to create their own fully-featured...
ZDI-11-270: Mozilla Firefox SVGTextElement.getCharNumAtPosition Remote Code Execution Vulnerability
ZDI-11-270: Mozilla Firefox SVGTextElement.getCharNumAtPosition Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-270 August 17, 2011 -- CVE ID: CVE-2011-0084 -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P -- Affected Vendors: Mozilla -- Affected Products: Mozilla...
ZDI-11-271: Mozilla Firefox appendChild DOM Tree Inconsistency Remote Code Execution Vulnerability
ZDI-11-271: Mozilla Firefox appendChild DOM Tree Inconsistency Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-271 August 17, 2011 -- CVE ID: CVE-2011-2378 -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P -- Affected Vendors: Mozilla -- Affected Products: Mozilla...
CheckPoint Security Management products symbolic links vulnerability
Symbolic links vulnerability during installation...
StudioLine Photo Basic ActiveX code execution
Unsafe EnableLog method...
Symantec Veritas Storage Foundation multiple security vulnerabilities
Multiple vulnerabilities on TCP/2148 request parsing...
Adobe Shockwave Player multiple security vulnerabilities
Multiple memory corruptions...
Nortel / Avaya Media Application Server buffer overflow
Buffer overflow on TCP/52005 request parsing...
The LAD Melbourne Cms Sql Injection Vulnerability
. . || | | | | | | | | / | | | / | |/ // | | || Y Y | / Y / | /| | / ||/|| //|| / | | / / / / / / .org Archieve an Resource About Hacking Exploit Title: The LAD Melbourne Cms Sql Injection Vulnerability Author: Netrondoank Aka netron home Page: http://www.ilmuhacker.org Forum :...
ECHO Creative Company (dettaglio.php?id) Remote SQL injection Vulnerability
IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability ECHO Creative Company dettaglio.php?id AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.echocreative.it/index.htm Persian Gulf 4 Ever! Dork : "Powered by ECHO Creative...
Muzedon (dettaglio.php?id) Remote SQL injection Vulnerability
IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability Muzedon dettaglio.php?id AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Persian Gulf 4 Ever! Dork : "Powered By Muzedon.com" "inurl:dettaglio.php?id=" Exploite:...
lab382 (dettaglio.php?id) Remote SQL injection Vulnerability
IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability lab382 dettaglio.php?id AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.lab382.com/ Persian Gulf 4 Ever! Dork : "Web site by: lab382.com" "inurl:dettaglio.php?id="...
ZDI-11-264: Symantec Veritas Storage Foundation vxsvc.exe Value Unpacking Integer Overflow Remote Code Execution Vulnerability
ZDI-11-264: Symantec Veritas Storage Foundation vxsvc.exe Value Unpacking Integer Overflow Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-264 August 16, 2011 -- CVE ID: CVE-2011-0547 -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C -- Affected Vendors: Symantec --...
InYourLife (dettaglio.php?id) (dettaglio_immobile.php?id) (notizia.php?id) Remote SQL injection Vulnerability
IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability InYourLife dettaglio.php?id dettaglioimmobile.php?id notizia.php?id AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.inyourlife.info/ Persian Gulf 4 Ever! Dork : "Powered ...
VMware vFabric tc Server weak encryption
Server accepts cleartext password even if it's not allowed for user...
dpconsulenze (dettaglio.php?id) Remote SQL injection Vulnerability
IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability dpconsulenze dettaglio.php?id AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.dpconsulenze.eu/ Persian Gulf 4 Ever! Dork : "powered by dpconsulenze"...
PCVmedia (free_gallery.php?cat_id) Remote SQL injection Vulnerability
IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability PCVmedia freegallery.php?catid AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.pcvmedia.com/ Persian Gulf 4 Ever! Dork : "Website designed & developed by PCVmedia.com"...
VUPEN Security Research - Adobe Shockwave rcsL Record Array Indexing Vulnerability (APSB11-19)
VUPEN Security Research - Adobe Shockwave rcsL Record Array Indexing Vulnerability APSB11-19 Website : http://www.vupen.com/english/research.php Twitter : http://twitter.com/vupen I. BACKGROUND --------------------- "Over 450 million Internet-enabled desktops have installed Adobe Shockwave Player...
Oracle Sun Java multiple security vulnerabilities
No description provided...
NetSaro Enterprise Messenger Server weak encryption
Passwords are stored in cleartext or in reverible form...
ISC DHCPD DoS
Crash on BOOTP packet parsing...