what you don't know can hurt you
Showing 1 - 25 of 100 RSS Feed

Files

Echo Security Advisory 2006.58
Posted Nov 7, 2006
Authored by Echo Security, the_day | Site advisories.echo.or.id

Cyberfolio versions 2.0 RC1 and below suffer from remote file inclusion vulnerabilities.

tags | exploit, remote, vulnerability, file inclusion
MD5 | 7cad0bbcbc54438042b08faaece708fa

Related Files

cyberfolio-lfi.txt
Posted Nov 9, 2008
Authored by dun

Cyberfolio versions 7.12.2 and below suffer from a local file inclusion vulnerability in css.php.

tags | exploit, local, php, file inclusion
MD5 | 48c44667d167c679da4f89bf240bcb9f
cyberfolio-rfi.txt
Posted May 9, 2008
Authored by RoMaNcYxHaCkEr

Cyberfolio version 7.2 suffers from a remote file inclusion vulnerability.

tags | exploit, remote, code execution, file inclusion
MD5 | b1f29ba626cf616a3523dd8a19714c8f
Secunia Security Advisory 30154
Posted May 9, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - RoMaNcYxHaCkEr has reported a vulnerability in Cyberfolio, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
MD5 | bd5097202d97208e3cf04c1f52c8173c
Secunia Security Advisory 22721
Posted Nov 6, 2006
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Dedi Dwianto has reported some vulnerabilities in Cyberfolio, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory, vulnerability
MD5 | 106dfd69cd5491b5ed2345da5a416ab3
KDE Security Advisory 2005-07-18.1
Posted Jul 19, 2005
Authored by KDE Desktop | Site kde.org

KDE Security Advisory: Kate / Kwrite create a file backup before saving a modified file. These backup files are created with default permissions, even if the original file had more strict permissions set. Depending on the system security settings, backup files might be readable by other users. All maintained versions of Kate and Kwrite as shipped with KDE 3.2.x up to including 3.4.0. KDE 3.1.x and older and KDE 3.4.1 and newer are not affected.

tags | advisory
advisories | CVE-2005-1920
MD5 | f7346e280ce9a768445fd5983b052faf
adv4.pdf
Posted Jul 12, 2005
Authored by Ilja van Sprundel | Site suresec.org

A race condition vulnerability has been found in the ia32 compatibility execve() systemcall of the Linux kernel. The race condition may lead to heap corruption. Versions up to 2.4.31 and 2.6.6 are affected.

tags | advisory, kernel
systems | linux
advisories | CVE-2005-1768
MD5 | d3d8659f1b53b656ded2430e67270208
Echo Security Advisory 2005.13
Posted Jul 8, 2005
Authored by Echo Security, Dedi Dwianto | Site echo.or.id

MetaCart e-Shop is susceptible to SQL injection and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, sql injection
MD5 | 9591b07503fc02e7a6d7f22e2ce16735
advisory-022005.txt
Posted Jul 1, 2005
Authored by Christopher Kunz

Serendipity version 0.8.2 and below suffer from a remote command execution flaw.

tags | advisory, remote
advisories | CVE-2005-1921
MD5 | 57f6aa66cdfb12fcdeca32491121301a
Echo Security Advisory 2005.21
Posted Jun 25, 2005
Authored by Echo Security, the_day | Site theday.echo.or.id

SQL injection and cross site scripting vulnerabilities exist in ActiveBuyAndSell version 6.2.

tags | exploit, vulnerability, xss, sql injection
MD5 | ee5551b4a5153e5d71c800e2d028bb19
advisory-05-013.txt
Posted Jun 23, 2005
Authored by Wade Alcorn | Site portcullis-security.com

A programming error exists in the function that parses commands in the Asterisk 1.0.7 system. This is used by the manager interface if the user is allowed to submit CLI commands. The coding error can result in the overflow of one of the parameters of the calling function.

tags | advisory, overflow
MD5 | df2b41912f37ecf3899c9cd540b57d35
Echo Security Advisory 2005.19
Posted Jun 23, 2005
Authored by Echo Security, the_day | Site theday.echo.or.id

A huge slew of SQL injection flaws exist in the DUWARE product inline, including but not limited to DUportal Pro, DUamazon Pro, and more.

tags | exploit, sql injection
MD5 | c5fe79c7777b3ae8f5b10525761c8ff8
Echo Security Advisory 2005.18
Posted Jun 21, 2005
Authored by Echo Security, Dedi Dwianto | Site echo.or.id

Multiple SQL injection vulnerabilities exist in Ublog Reload version 1.0.5.

tags | exploit, vulnerability, sql injection
MD5 | 2653ef9ff31d1fb8373b63f08748f37d
advisory-012005.txt
Posted Jun 21, 2005
Authored by Stefan Esser | Site hardened-php.net

During an evaluation of Trac, an input validation vulnerability was discovered which can lead to arbitrary uploading and downloading of files with the permission of the web server.

tags | advisory, web, arbitrary
MD5 | 00dba04475bd475b6868aa919975df73
Echo Security Advisory 2005.14
Posted Jun 18, 2005
Authored by Echo Security, Dedi Dwianto | Site theday.echo.or.id

Liberum Help Desk versions greater than 0.97.3 suffer from various cross site scripting and SQL injection flaws.

tags | exploit, xss, sql injection
MD5 | b92dee53f638603d3cf3072d7956e72f
KDE Security Advisory 2005-04-21.1
Posted Jun 1, 2005
Authored by KDE Desktop | Site kde.org

KDE Security Advisory: kimgio contains a PCX image file format reader that does not properly perform input validation. A source code audit performed by the KDE security team discovered several vulnerabilities in the PCX and other image file format readers, some of them exploitable to execute arbitrary code.

tags | advisory, arbitrary, vulnerability
advisories | CVE-2005-1046
MD5 | 7bb96ff48b232106a11fc4577e281669
KDE Security Advisory 2005-04-20.1
Posted Jun 1, 2005
Authored by KDE Desktop | Site kde.org

KDE Security Advisory: Kommander executes without user confirmation data files from possibly untrusted locations. As they contain scripts, the user might accidentally run arbitrary code.

tags | advisory, arbitrary
advisories | CVE-2005-0754
MD5 | abf1b939e8330ae965e85355160a55e7
adv1.pdf
Posted Mar 29, 2005
Authored by Ilja van Sprundel | Site suresec.org

The Bluetooth code in the Linux kernel has a flaw that allows for local privilege escalation. Versions affected are greater than or equal to 2.4.6, less than or equal to 2.4.30-rc1, and 2.6.x up to 2.6.11.5.

tags | advisory, kernel, local
systems | linux
MD5 | e468254b361406324ed6b350c9a97919
advRX250305.txt
Posted Mar 25, 2005
Authored by Psirac | Site rexotec.com

OpenMosixView versions 1.5 and below are susceptible to multiple race conditions that allow for local filesystem compromise. Exploit provided.

tags | exploit, local
MD5 | eba76616efb2ea4e09947708e43bc2e6
KDE Security Advisory 2005-03-16.1
Posted Mar 22, 2005
Authored by KDE Desktop | Site kde.org

KDE Security Advisory: Sebastian Krahmer of the SUSE LINUX Security Team reported a local denial of service vulnerability in KDE's Desktop Communication Protocol (DCOP) daemon better known as dcopserver. Systems affected: All KDE version prior to KDE 3.4 on systems where multiple users have access.

tags | advisory, denial of service, local, protocol
systems | linux, suse
advisories | CVE-2005-0396
MD5 | 306be3b111f82a63bcc81f34ca6e27d9
Advisory-06.txt
Posted Feb 28, 2005
Authored by HaCkZaTaN | Site neossecurity.net

phpBB version 2.0.12 is susceptible a full path disclosure flaw.

tags | advisory
MD5 | 7ff927eed0720c6ca65b73d4124b6eae
advisory003.txt
Posted Feb 28, 2005
Authored by John Gumbel

Improper handling of several arguments in the moderate.php code in punbb version 1.2.1 allows a malicious moderator to inject arbitrary SQL statements.

tags | exploit, arbitrary, php
MD5 | 0fa245da1da2ee450650915c291a331a
advisory002.txt
Posted Feb 28, 2005
Authored by John Gumbel

Due to a flaw in punbb version 1.2.1, a remote attacker without an account can set the password of any user on the system to NULL, effectively shutting them out of the system.

tags | exploit, remote
MD5 | 2fca37c706129ea7a3acd4dc2f838553
advisory001.txt
Posted Feb 28, 2005
Authored by John Gumbel

A remote attacker can cause register.php punbb version 1.2.1 to execute arbitrary SQL statements by supplying malicious values to the language or email parameters.

tags | exploit, remote, arbitrary, php
MD5 | 49e3dec810dbe71cfb281699c1269f7d
KDE Security Advisory 2005-02-15.1
Posted Feb 25, 2005
Authored by KDE Desktop | Site cve.mitre.org

KDE Security Advisory: The fliccd binary, when installed suid root, is susceptible to various stack overflows that allow for privilege escalation.

tags | advisory, overflow, root
MD5 | a87caaad34957e1b96ca131acf1569e1
Advanced_XSS_Control.txt
Posted Feb 18, 2005
Authored by Anton Rager

Advanced Cross-Site-Scripting with Real-time Remote Attacker Control - Some people think XSS attacks are no big deal, but I plan to change that perception with the release of this paper and an accompanying tool called XSS-Proxy which allows XSS attacks to be fully controlled by a remote attacker. This paper describes current XSS attacks and introduces new methods/tool for making XSS attacks interactive, bi-directional, persistent and much more evil. This is not a detailed XSS HowTo, but an explanation of methods for taking XSS attacks much further. Attackers can access sites as the victim or forward specific blind requests to other servers.

tags | paper, remote, web
MD5 | e8745770f3e096cf690dba797b39c2c4
Page 1 of 4
Back1234Next

File Archive:

October 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    25 Files
  • 2
    Oct 2nd
    13 Files
  • 3
    Oct 3rd
    1 Files
  • 4
    Oct 4th
    1 Files
  • 5
    Oct 5th
    15 Files
  • 6
    Oct 6th
    15 Files
  • 7
    Oct 7th
    15 Files
  • 8
    Oct 8th
    11 Files
  • 9
    Oct 9th
    3 Files
  • 10
    Oct 10th
    1 Files
  • 11
    Oct 11th
    1 Files
  • 12
    Oct 12th
    8 Files
  • 13
    Oct 13th
    12 Files
  • 14
    Oct 14th
    23 Files
  • 15
    Oct 15th
    4 Files
  • 16
    Oct 16th
    13 Files
  • 17
    Oct 17th
    1 Files
  • 18
    Oct 18th
    1 Files
  • 19
    Oct 19th
    27 Files
  • 20
    Oct 20th
    41 Files
  • 21
    Oct 21st
    15 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close