Remote denial of service exploit for 2WIRE routers versions 5.29.52 and below.
e3b006e2a7c7c7b3426aacaabe03e0445247cd62c49a9c6a978b74f4b3ae1ffd
The remote management interface on tcp/50001 of various 2WIRE devices suffers from a remote denial of service vulnerability.
a570b0dd205bdccb99ddb73341fe1654b9625e26ea61d1a590c32f42dec42430
TikiWiki contains a flaw that may allow a malicious user to execute arbitrary PHP code. The issue is triggered due to the jhot.php script not correctly verifying uploaded files. It is possible that the flaw may allow arbitrary PHP code execution by uploading a malicious PHP script resulting in a loss of integrity. The vulnerability has been reported in Tikiwiki version 1.9.4.
f7850ab13f084ee0399ccaa4266f25beedbf677492fc535ebf17997b1756a1ce
TikiWiki versions 1.9.8 and below contain a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to 'tiki-graph_formula.php' script not properly sanitizing user input supplied to the f variable, which may allow a remote attacker to execute arbitrary PHP commands resulting in a loss of integrity.
2c4a8a6e81f67352e72024e2f545f7d1ae145048bf376afb7ae97d09bf473fe9
This Metasploit module exploits a command execution vulnerability in the PGP plugin of SquirrelMail.
e9f76a373cf2b76303d467d4d1a6fc540c5d667126b63377a38fb49df378c89c
This Metasploit module combines three separate issues within The Simple PHP Blog (versions 0.4.0 and below) application to upload arbitrary data and thus execute a shell. The first vulnerability exposes the hash file (password.txt) to unauthenticated users. The second vulnerability lies within the image upload system provided to logged-in users; there is no image validation function in the blogger to prevent an authenticated user from uploading any file type. The third vulnerability occurs within the blog comment functionality, allowing arbitrary files to be deleted.
50264a6496c4736a34367e584387b0458ab475eb594ae22a834552e36308bb11
This Metasploit module exploits two arbitrary PHP code execution flaws in the phpBB forum system. The problem is that the 'highlight' parameter in the 'viewtopic.php' script is not verified properly and will allow an attacker to inject arbitrary code via preg_replace().
1bd480a3c38c3cf0cbb3b509893353c357ec5b1bf7fc0df522daa1890d05161f
This Metasploit module exploits an arbitrary code execution flaw discovered in many implementations of the PHP XML-RPC module. This flaw is exploitable through a number of PHP web applications, including but not limited to Drupal, Wordpress, Postnuke, and TikiWiki.
74661987981d6b9dcef06ec55c6a9cc16d40945f635c122f6a84bdf7a7d57158
This Metasploit module exploits an arbitrary PHP code execution flaw in the WordPress blogging software. This vulnerability is only present when the PHP 'register_globals' option is enabled (common for hosting providers). All versions of WordPress prior to 1.5.1.3 are affected.
48bc9a7f494787739544970c6c99713c4b117e44e8d9158a5aec89776fe41a8c
This Metasploit module exploits an arbitrary PHP code execution flaw in the vBulletin web forum software. This vulnerability is only present when the "Add Template Name in HTML Comments" option is enabled. All versions of vBulletin prior to 3.0.7 are affected.
fa3b7c956cd40ecf976491e6947389c4105b5b3887700ed3c774711a1b161525
RedTeam has identified two security flaws in PAJAX versions 0.5.1 and below. It is possible to execute arbitrary PHP code from unchecked user input. Additionally, it is possible to include arbitrary files on the server ending in ".class.php".
223f89066530be65e8100cf31774da9860ea9f254965c65c5bc52ade6f7acfac
This Metasploit module exploits an arbitrary command execution vulnerability in the HP OpenView connectedNodes.ovpl CGI application. The results of the command will be displayed to the screen.
edf86a90142890566eea494a67852ed122fda23f3c32b7d5e76fdc1d1f639334
This Metasploit module abuses a metacharacter injection vulnerability in the Nagios3 statuswml.cgi script. This flaw is triggered when shell metacharacters are present in the parameters to the ping and traceroute commands.
c2d2c8751ff58fad537e0c6238ae35be30735fc182787d224c39c6889d509e97
This Metasploit module exploits a remote file inclusion vulnerability in includes/Cache/Lite/Output.php in the Cache_Lite package in Mambo 4.6.4 and earlier.
b2ba8fb8a2e256bd118a58d9cf32de671d3e009067fc8203880b59330d179b63
The Matt Wright guestbook.pl versions 2.3.1 and below CGI script contains a flaw that may allow arbitrary command execution. The vulnerability requires that HTML posting is enabled in the guestbook.pl script, and that the web server must have the Server-Side Include (SSI) script handler enabled for the '.html' file type. By combining the script weakness with non-default server configuration, it is possible to exploit this vulnerability successfully.
26b2a5cfa6b66f8d6bb54e4789d46d124f024ac705b068c7f1634ce064aeee9b
This Metasploit module exploits a vulnerability in the TinyMCE/tinybrowser plugin. This plugin is not secured in version 1.5.12 of joomla and allows the upload of files on the remote server. By renaming the uploaded file this vulnerability can be used to upload/execute code on the affected system.
8b2bb800fcad3a5dc196fc3ef9696ddfc8c55e5a5366e716722345f95e11ca4c
This Metasploit module exploits a feature in the Saxon XSLT parser used by the Google Search Appliance. This feature allows for arbitrary java methods to be called. Google released a patch and advisory to their client base in August of 2005 (GA-2005-08-m). The target appliance must be able to connect back to your machine for this exploit to work.
bf415a1e9059ceeb4db8cc79d59e0eb830bd3d5f48ed7a59110d0560f2a5540e
This Metasploit module exploits a previously unpublished vulnerability in the Dogfood CRM mail function which is vulnerable to command injection in the spell check feature. Because of character restrictions, this exploit works best with the double-reverse telnet payload. This vulnerability was discovered by LSO and affects version 2.0.10.
d47d25f175832f723f8a69b2a5df882d82ea6fc211e6829459cf8e694f589f04
This Metasploit module exploits an arbitrary command execution vulnerability in the Raxnet Cacti 'graph_view.php' script. All versions of Raxnet Cacti prior to 0.8.6-d are vulnerable.
77015dcc4a4e48442940b4772f4885d88b39b635512bbe063d6f2de6d3022e2b
This Metasploit module exploits a remote file inclusion vulnerability in the base_qry_common.php file in BASE 1.2.4 and earlier.
ed0250dba3a6363cf3e74b60c826255cedc3e480149debb17e614fbcd637a170
This Metasploit module exploits an arbitrary command execution vulnerability in the Barracuda Spam Firewall appliance. Versions prior to 3.1.18 are vulnerable.
98f68f02962b87f0c2a1221f7accf276203796571faa6c22c97dc9329849ad36
This Metasploit module exploits an arbitrary command execution vulnerability in the AWStats CGI script. AWStats v6.4 and v6.5 are vulnerable. Perl based payloads are recommended with this module. The vulnerability is only present when AllowToUpdateStatsFromBrowser is enabled in the AWstats configuration file (non-default).
eacfafaff42c9aa135b638a8e9838be33a68a7ed46514068c7b106f69fe2ac10
This Metasploit module exploits an arbitrary command execution vulnerability in the AWStats CGI script. iDEFENSE has confirmed that AWStats versions 6.1 and 6.2 are vulnerable.
c7fdffbbd0281a931ef1b75a62465cf757ccbfbbe17fe89aeaf55cb24d294f22
Mura CMS versions 5.1 and below suffer from a remote root folder disclosure vulnerability.
604eccccdf3b7188e6c37723e53f07f57cfe45457073452b8070ac5125575678
Mandriva Linux Security Advisory 2009-291 - Directory traversal vulnerability in the HTTP server in Mort Bay Jetty before 6.1.17, and 7.0.0.M2 and earlier 7.x versions, allows remote attackers to access arbitrary files via directory traversal sequences in the URI. This update fixes this vulnerability.
975a510663d16fdb79677c0b5051b26e3730f207599ece44475fe1e96e018fda