APC SmartSwitch and UPS products use an HTTP/SNMP management card that have backdoor passwords in them. Tested vulnerable: SmartUPS 3000RM with AP9606 AOS v3.2.1 and SmartUPS App v3.2.6, MasterSwitch AP9212 with AP9606 AOS v3.0.3 and MasterSwitch App v2.2.0.
0989efe070b1c7429abb7289c478d608124cb94c6c330d1264d2dceb29eed5c1Robot FTP server versions 1.0 and 2.0 beta 1 have a buffer overflow vulnerability when taking in a username.
9a44aad3f8e6c0db56451fda95fc12fc8be929e688de14d3ff9a4383aea86d72AllMyGuests suffers from a PHP code injection vulnerability that allows a remote attacker to execute arbitrary commands on the server.
942969a79939e95cfeb0e66489b2a7bb67da8d59077abece9d3530faf4dd8620AllMyLinks suffers from a PHP code injection vulnerability that allows a remote attacker to execute arbitrary commands on the server.
455fe13e78ca8b714120c34b21cfa370f26b8f7c2c0cfce088dba787c7fc699bAllMyVisitors suffers from a PHP code injection vulnerability that allows a remote attacker to execute arbitrary commands on the server.
df8aa30a5295614238725f5082a8277bb929aac6924ee98fb15d32f55b2aeb85ASP Portal suffers from multiple vulnerabilities that can lead to disclosure of authentication information, disclosure of user information, execution of arbitrary code remotely, modification of user information, and identity spoofing. Cookie hijacking exploit enclosed.
e8e1d8a121e11e0a9246f324ce6326b2f6d53ab92eace97fe8e0cd1214ba9a81Remote denial of service exploit that causes a windows machine to reboot by manipulating the ASN.1 vulnerabilities mentioned here.
4b1303246713d534c4f2ba06e4601987ac52ec41c2f9c015ca77017cf870ed60Crob FTP version 2.5.2 is vulnerable to a denial of service attack.
d203607240612684c7152609c705dc92cf03ee5e54cb90b79d49814973d234f4Local root exploit for the XFree86 font.alias vulnerability discussed in the advisory here. Tested on various versions of RedHat Linux.
ed1c569efa3e325a52a9440160ee982d9cf1d8e3c61594c37edad149d60c1e3aBosDates lacks sufficient sanitization of user-supplied data. Inadvertantly, it allows a remote attacker to influence SQL query logic to disclose sensitive information that can be used to gain unauthorized access.
99f16a5fc0fa02d0ef6ab68973a1477d5cc41f825bce692666aeaceb13a1ba27PHPNuke versions 6.x and greater remote php-based exploit that extracts the administrator hash using a SQL injection attack.
791d39105cfc044976d705a568eb8942b33b8ffcca0d90a5ec35d5163bb96b29The TrackMania game server that listens on TCP port 2350 can be crashed when garbage data is sent resulting in a denial of service.
679bdbc58dd5a64c64906445a5ca1bcb61f1c3b41fd72b74a16e4ead64037f83A bug exists in the PalmOS httpd that causes a crash with a "Fatal Error". Full exploit included.
5b285308b063e2d59eb136e0072c9ab4a49538d664eb748f4491f7dabcadc37aOpen Journal Blog versions 2.5 and below lack proper user authentication prior to attempting to add a new user to the system.
401cc728745468c6c5fefe43aac710a09eb1b0b3e23eec037542fd5593ae1b60Local exploit that breaks out of a vserver, even if it is secured with chmod 000 /vservers. Modified version of the chroot-again exploit. Tested with linux 2.4.24 and vserver 1.24. Fixed in release 1.25.
ecb32af70153e79f3accdcb8ad729fc7c190f6447576c9716239b96b27b6bad2A cross site scripting vulnerability exists in Discuz! Board versions 2.x and 3.x.
37321841d97c7b320b61a7e918a129093b97db3a73d154e774707b7d1f4519c5Multiple SQL Injection vulnerabilities live in ReviewPost PHP Pro due to insufficient sanitization of user-supplied data.
ebc67630c35361eae82fca9970ac250ef2e0cde6a6c9ca3b39f3c9f8e8441843There lies a way to inject a javascript url in the history list of Microsoft Internet Explorer causing a cross site/zone scripting attack when the user presses the backbutton. An attacker may use this to read arbitrary cookies/local files and execute programs leading to total system compromise if IE is run as administrator.
e01b9463a639085838e90199fac938b440e307d2558b62b00d81aa347385b6edTest exploit for the server of Chaser versions 1.50 and below.
5db8a2952d0d3502c0d77bedd136b57adbcd6b86f01c70c113c3ededd395d65bTest exploit for the client of Chaser versions 1.50 and below.
94f8a2af34c9faacbd305b4a981f59d043e979b2eac32d0782cae09ca7532000Web Crossing versions 4.x and 5.x have a denial of service vulnerability. When an HTTP POST request is made to the built-in server, if the 'Content-Length' header supplied with the request is an extremely large or negative number, the server will encounter a set of instructions which lead to an integer-divide-by-zero problem, immediately crashing the server and denying any further service.
a4cb26465dde1aa7db4e37e9bae87f085ad4ccdeb6c14a77fa125516a33bbbd6PHPscripts suffer from a file include vulnerability.
f7531beaf196d3efafda379976dbdb9162fcf36480cb7dff573a5603c34728e7phpMyAdmin versions 2.5.5-pl1 and below do not properly sanitize variables resulting in them being susceptible to a directory traversal attack.
81168b522d27c42876217622e1f8214fcf0c77dfd436e34b4b0aedbe9e03a637X-Cart version 3.4.3 fails to sanitize various input variables leaving itself open to directory traversal and remote command execution attacks.
310f9a8cac8979d8671622dad1d75561c158e182b0a88454b82adc760eb65407smbmount can cause a denial of service attack on Microsoft Windows. The attack induces a memory shortage on the Windows system by creating directories in a special way.
8ccb97f425f4922eeaaacb2ffe330c9f9fa5c7bdf43159239648210620c8916a
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed