56796 matches found
BBpress 0.8.1 BB-Login.PHP Cross Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/24422/info BBpress is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. Exploiting this vulnerability may allow an attacker to perform cross-site scripting attacks on...
New5starRating 1.0 'admin/control_panel_sample.php' SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/34680/info New5starRating is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromis...
ClassSystem 2.0/2.3 - class/ApplyDB.php Unrestricted File Upload Arbitrary Code Execution
No description provided by source. source: http://www.securityfocus.com/bid/29372/info ClassSystem is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied data. These issues include multiple SQL-injection vulnerabilities and an...
ClassSystem 2.0/2.3 - HomepageMain.php teacher_id Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/29372/info ClassSystem is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied data. These issues include multiple SQL-injection vulnerabilities and an...
OSCommerce 3.0.2 - Persistent Cross Site Vulnerability
No description provided by source. Title: ====== OSCommerce v3.0.2 - Persistent Cross Site Vulnerability Date: ===== 2012-02-02 VL-ID: ===== 407 Introduction: ============= osCommerce is the leading Open Source online shop e-commerce solution that is available for free under the GNU General Publi...
MiniPort@l <= 0.1.5 beta (skiny) Remote File Include Vulnerability
No description provided by source. !/usr/bin/perl use LWP::UserAgent; / + + - - - DEVIL TEAM THE BEST POLISH TEAM - - + + + - MiniPort@l = 2.0 skiny Remote File Include Exploit + + + - Script name: MiniPort@l v. 0.1.5 - Script site: http://mlodylis.xcx.pl/ + + + - Find by: Kacper a.k.a Rahim + -...
Ricoh Aficio 450/455 PCL Printer Remote ICMP Denial of Service Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/11932/info It is reported that Ricoh 450/455 printers are susceptible to a remote denial of service vulnerability. This issue is due to a failure of the device to properly handle exceptional ICMP packets. Remote attackers...
ATutor 1.4.3 tile.php Multiple Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/13972/info ATutor is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of these issues to...
Joomla Almond Classifieds 5.6.2 - Blind SQL Injection Vuln
No description provided by source. || || | || o,7 || . o7 || 4||| ow, : / / . |-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=| | | | /' \ /'\ /\ \ /'\ /\ \ | | /, \ /\/\L\ \ \ \ ,/\ /\ \ \ \ / | | //\ \ /' \ /\ //\ /'\ \ /\ \ \ \ /'\ \ | | \ \ /\ /\ \ \ \ /...
IMEDIA - (index.php) SQL Injection Vulnerability
No description provided by source. !usr/bin/perl -w use HTTP::Request; use LWP::UserAgent; system "cls"; print "\n"; print " @@ @@ @@@@@@ @@ @@ @@@@ @@@@@@@ @@ @@ @@@@@@@ @@@@@\n"; print " @@ @@ @@ @@ @@ @@ @@ @@ @@ @@ @@ @@ @@ @@\n"; print " @@ @@ @@ @@@ @@@@@@@@ @@ @@ @@ @@@@ @@@@@@ @@ @@\n";...
Mozilla Firefox <= 3.6.12 Remote Denial of Service
No description provided by source. !-- 0day Mozilla Firefox = 3.6.12 Remote Denial Of Service Credits: Emanuele 'emgent' Gentili [email protected] Marco 'whitesheep' Rondini [email protected] Alessandro 'scox' Scoscia [email protected] --...
Microsoft Windows Media Player 7.0 .ASX Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/1980/info Windows Media Player is an application used for digital audio, and video content viewing. An unsafe buffer copy involving remotely-obtained data exists in the Active Stream Redirector ASX component in Windows...
Joomla Front-edit Address Book Component (com_addressbook) Blind SQL Injection
No description provided by source. 1 1 0 I'm Sid3^effects member from Inj3ct0r Team 1 1 0 0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1 Name : Joomla comaddressbook Blind Sqli Vulnerability Date : july 4,2010 Critical Level : HIGH vendor URL :http://b-elektro.no/ Author...
Alex DownloadEngine 1.4.1 Comments.PHP SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/18293/info DownloadEngine is prone to an SQL-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could...
427BB Fourtwosevenbb <= 2.3.2 - SQL Injection Exploit
No description provided by source. Discovered by cr4wl3r \ cr4wl3r4tlinuxmaildotorg Download Script : http://sourceforge.net/projects/fourtwosevenbb/files/ 3rr0r: ./fourtwosevenbb-2.3.2/showpost.php ?php line 118: $sql = SELECT ID, UserName, Post, UTime, IP, InReplyTo, ThreadID From . $tprefix...
vOlk Botnet Framework 4.0 - Multiple Vulnerabilities
No description provided by source. Title: ====== vOlk Botnet Framework v4.0 - Multiple Web Vulnerabilities Date: ===== 2012-10-09 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=721 VL-ID: ===== 721 Common Vulnerability Scoring System: ==================================...
Binary Board System 0.2.5 toc.pl board Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/15913/info binary board system is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issue...
e107 website system 0.7.5 news.php Query String (PATH_INFO) Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/19997/info e107 CMS is prone to multiple cross-site scripting vulnerabilities because the application fails to sanitize user-supplied input. An attacker may levearge this issue to have arbitrary script code execute in the...
douran portal <= 3.9.7.55 - Multiple Vulnerabilities
No description provided by source. =========================================================== + Douran Portal = V3.9.7.55 Multiple Remote Vulnerabilities =========================================================== + Author : ItSecTeam + Contact : [email protected] + Site : www.itsecteam.com +...
PHPCommunityCalendar 4.0 - Multiple Remote Cross-Site Scripting Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/14767/info phpCommunityCalendar is prone to multiple remote cross-site scripting vulnerabilities. These issues are due to a lack of proper sanitization of user-supplied input. An attacker may leverage any of these issues ...
Core News 2.0.1 Index.PHP Remote Code Execution Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/17067/info Core News is prone to a code-execution vulnerability. An attacker can exploit this issue to execute arbitrary malicious PHP code and execute it in the context of the webserver process. This may facilitate a...
Microsoft Internet Explorer 6.0 Frame Src Denial of Service Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/21447/info Microsoft Internet Explorer is prone to a denial-of-service vulnerability because the application fails to handle exceptional conditions. This issue is triggered when an attacker entices a victim user to visit ...
OpenDocMan 1.2.5 rejects.php XSS
No description provided by source. source: http://www.securityfocus.com/bid/36777/info OpenDocMan is prone to an SQL-injection vulnerability and multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an...
Microsoft Excel 95/97/2000/2002/2003/2004 Malformed Range Memory Corruption Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/15780/info Microsoft Excel is susceptible to a remote code-execution vulnerability. This issue was originally disclosed through an eBay auction that has since been terminated. This issue is due to the application's failur...
phpPgAdmin 3.x Login Form Directory Traversal Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/14142/info phpPgAdmin is prone to a directory traversal vulnerability. The application fails to filter directory traversal sequences from requests to the login form. All versions of phpPgAdmin are considered to be...
Socketwiz Bookmarks <= 2.0 (root_dir) Remote File Include Exploit
No description provided by source. !/usr/bin/perl use LWP::UserAgent; / + + - - - DEVIL TEAM THE BEST POLISH TEAM - - + + + - Socketwiz Bookmarks = 2.0 rootdir Remote File Include Exploit + + + - Script name: Socketwiz Bookmarks v. 2.0 - Script site: http://www.hotscripts.pl/pobierz-2232.html + +...
COMS 'dynamic.php' Cross Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/32459/info COMS is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an...
Firefox <= 3.6.8 DLL Hijacking Exploit (dwmapi.dll)
No description provided by source. / Exploit Title: Firefox = 3.6.8 DLL Hijacking Exploit dwmapi.dll Date: August 24, 2010 Author: Glafkos Charalambous glafkos@astalavistadotcom Version: Latest Firefox v3.6.8 Tested on: Windows XP SP3 En Vulnerable extensions: .htm .html .jtx .mfp Greetz:...
PostNuke 0.723 Multiple Cross-Site Scripting Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/7898/info The PostNuke 'modules.php' script does not sufficiently sanitize data supplied via URI parameters, making it prone to cross-site scripting attacks. This could allow for execution of hostile HTML and script code ...
redaxo cms 4.2.1 - Remote File Inclusion Vulnerability
No description provided by source...
LEADTOOLS 11.5.0.9 - (ltisi11n.ocx) DriverName() Access Violation DoS
No description provided by source. html Test Exploit Page object classid='clsid:00110050-B1BA-11CE-ABC6-F5B2E79D9E3F' id='target' //object script language='vbscript' targetFile = C:\Program Files\Rational\common\ltisi11n.ocx prototype = Property Let DriverName As String memberName = DriverName...
Lan Messenger sending PM Buffer Overflow(UNICODE) - Overwrite SEH
No description provided by source. Exploit Title: Lan Messenger Version 1.2 Buffer Overflow vulnerability - UNICODEPOC Date: 09-05-2013 Exploit Author: ariarat Vendor Homepage: http://lmadhavan.com Software Link: http://lmadhavan.com/software/archive/lanmsg12.zip Version: 1.2 & may be old version...
QuickTalk 1.2 - Multiple Vulnerabilities (Source Code Disclosure)
No description provided by source...
Cisco BBSM Captive Portal 5.3 - 'AccesCodeStart.asp' Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/29191/info Cisco BBSM Building Broadband Service Manager is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to...
UGroup 2.6.2 forum.php FORUM_ID Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/15591/info UGroup is prone to SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation could...
Plixer Scrutinizer NetFlow and sFlow Analyzer 9 Default MySQL Credential
No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core'...
pyrocms 2.1.1 - Multiple Vulnerabilities
No description provided by source. PyroCMS 2.1.1 CRLF Injection And Stored XSS Vulnerability Vendor: HappyNinjas Ltd Product web page: http://www.pyrocms.com Affected version: 2.1.1 Community Summary: PyroCMS is a CMS built using the CodeIgniter PHP framework. Using an MVC architecture it was bui...
Ifenslave 0.0.7 Argument Local Buffer Overflow Vulnerability (2)
No description provided by source. source: http://www.securityfocus.com/bid/7682/info ifenslave for Linux has been reported prone to a buffer overflow vulnerability. The issue is reportedly due to a lack of sufficient bounds checking performed on user-supplied data before it is copied into an...
Havalite CMS 1.0.4 - Multiple Vulnerabilities
No description provided by source...
Memberkit 1.0 - Remote PHP File Upload Vulnerability
No description provided by source. ================================================================= =================Memberkit 1.0 Remote File Upload================ ================================================================= Vendor: http://www.memberkit.com/ Discovered: 12-30-08 Discovere...
ToCA Race Driver Multiple Remote Denial of Service Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/10492/info ToCA Race Driver is reportedly affected by multiple remote denial of service vulnerabilities. These issues are due to a failure of the application to handle exceptional network traffic. These issues may allow a...
Solaris 2.x/7.0/8 Xsun HOME Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/2561/info The X11 server that ships with Sun Microsystems' Solaris, Xsun, contains a locally exploitable buffer overflow vulnerability. The condition is present when the value of the HOME environment variable is of...
MyWeight 1.0 - Remote Shell Upload Vulnerability
No description provided by source. ======================================================= +++++++++++++++++++ information +++++++++++++++++++++++ ======================================================= + Script :MyWeight 1.0 Shell Upload Vulnerability + D0rk : Powered By phplemon.com + Script si...
E-Manage MySchool 7.02 SQL Injection Vulnerability
No description provided by source. Exploit Title: SQL Injection MySchool Version 7.02 Google Dork: MySchool Version 7.02 Date: 05-21-2011 Software Link: http://em.com.eg/ Version: Version 7.02 Author: az7rb Tested on : winxp sp3 Ar end bt5 Homepage : www.p0c.cc Greetz : p0c Team & Dr.NaNo & All M...
Opera Web Browser 7.5x IFrame OnLoad Address Bar URL Obfuscation Weakness
No description provided by source. source: http://www.securityfocus.com/bid/10679/info Opera Web Browser is prone to a security weakness that may permit malicious web pages to spoof address bar information. It is currently not known if this issue is related to the Opera Web Browser Address Bar...
Lussumo Vanilla <= 1.1.10 'definitions.php' Multiple Remote File Include Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/38889/info Vanilla is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to compromise the application and the...
Novell GroupWise 5.57e/6.5.7/7.0 WebAccess Multiple Cross Site Scripting Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/27582/info Novell GroupWise WebAccess is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. Exploiting these issues may allow an attacker to perform cross-sit...
Campsite 2.6.1 Publication.php g_documentRoot Parameter Remote File Inclusion
No description provided by source. source: http://www.securityfocus.com/bid/23874/info Campsite is prone to multiple remote file-include vulnerabilities. Exploiting this issue allows remote attackers to execute code in the context of the webserver. This issue affects Campsite 2.6.1. Earlier...
Xvt 2.1 - Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/2955/info Xvt is a terminal emulator for systems using X11R6. It is often installed setuid/setgid so that it runs with the enhanced privileges required to log user sessions. Xvt contains a buffer overflow in it's handling...
Mozilla Firefox 2.0.0.12 IFrame Recursion Remote Denial of Service Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/27812/info Mozilla Firefox is prone to a remote denial-of-service vulnerability because of the way the browser handles IFrames. Attackers can exploit this issue to make the browser unresponsive and cause denial-of-service...