BugTraq Mode:
(Page 1070 of 1748)  < Prev  1065 1066 1067 1068 1069 1070 1071 1072 1073 1074 1075  Next >
[ECHO_ADV_46$2006] ExBB v1.9.1 (exbb[home_path]) Multiple Remote File Inclusion 2006-08-31
erdc echo or id
ECHO.OR.ID

------------------------------------------------------------------------
------

[ECHO_ADV_46$2006] ExBB v1.9.1 (exbb[home_path]) Multiple Remote File Inclusion

------------------------------------------------------------------------
------

Author : Ahmad Maulana a.k.a Matdhule

Date

[ more ]  [ reply ]
[ MDKSA-2006:157 ] - Updated musicbrainz packages fix buffer overflow vulnerabilities 2006-08-30
security mandriva com

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDKSA-2006:157
http://www.mandriva.com/security/
____________________________________________________________________

[ more ]  [ reply ]
[ MDKSA-2006:156 ] - Updated sendmail packages fix DoS vulnerabilities 2006-08-30
security mandriva com

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDKSA-2006:156
http://www.mandriva.com/security/
____________________________________________________________________

[ more ]  [ reply ]
[KAPDA]MyBB 1.1.7~ htmlspeacialchar_uni(), fixjavascript(), functions_post.php ~[url]XSS attack 2006-08-30
addmimistrator gmail com
ORIGINAL ADVISORY:

http://myimei.com/security/2006-08-15/mybb-117-htmlspeacialchar_uni-fixj
avascript-functions_postphp-urlxss-attack.html

http://kapda.ir/page-advisory.html

**************

??????-Summary?????-

Software: MyBB

Sowtware?s Web Site: http://www.mybboard.com

Versions: 1.1.7

Class

[ more ]  [ reply ]
Hackers to Hackers Conference III - Call for Papers 2006-08-30
Rodrigo Rubira Branco (BSDaemon) (rodrigo kernelhacking com)
General Objectives

The H2HC have as mainly objective offer a national and internation
conference for Brazilians Hackers, strongly the ethical of hacking.

We have as mission change and desmistify the word hacker from the
pejoractive sense to show the hacker as who works in software research and
sec

[ more ]  [ reply ]
feedsplitter considered harmful 2006-08-30
jon jrock us
I was looking through the feedsplitter.php script avaiable from http://chxo.com/software/feedsplitter/, version 2006-01-21 (revision 1.7 according to the RCS $Id$, but that looks out of date) today, and noticed a few problems. (Background: feedsplitter turns RSS feeds into HTML or javascript so you

[ more ]  [ reply ]
[KAPDA]MyBB 1.1.7 ~ admin/global.php ~ XSS Attack 2006-08-30
addmimistrator gmail com
ORIGINAL ADVISORY:

http://myimei.com/security/2006-08-17/mybb-117-adminglobalphp-xss-attack
.html

http://kapda.ir/page-advisory.html

**************

??????-Summary?????-

Software: MyBB

Sowtware?s Web Site: http://www.mybboard.com

Versions: 1.1.7

Class: Remote

Status: Unpatched

Exploit: Ava

[ more ]  [ reply ]
osCommerce < 2.2 Milestone 2 060817 POC Exploit 2006-08-30
s10242006 yahoo com
#!/usr/bin/php -q -d short_open_tag=on

<?

error_reporting(0);

ini_set("max_execution_time",0);

ini_set("default_socket_timeout",5);

if ($argc<5) {

echo "\r\nExploit osCommerce < 2.2 Milestone 2 060817 by Perseus \r\n";

echo "\r\nUsage: \r\n\r\n php ".$argv[0]." host path product_id what

[ more ]  [ reply ]
ezContents Version 2.0.3 Remote/Local File Inclusion, SQL Injection, XSS 2006-08-30
gmdarkfig gmail com
#

# VulnScr: ezContents Version 2.0.3

# Web....: http://www.ezcontents.org/

#

# Date...: Web July 28 10:44 2006

# Credits: DarkFig (gmdarkfig (at) gmail (dot) com [email concealed])

# Vuln...: SQL Injection, Remote/Local File Inclusion, Cross Site Scripting

#

==[ Remote / Local File Inclusion

========================

[ more ]  [ reply ]
[SECURITY] [DSA 1163-1] New gtetrinet packages fix arbitrary code execution 2006-08-30
joey infodrom org (Martin Schulze)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
--
Debian Security Advisory DSA 1163-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Martin Schulze
August 30th, 2006

[ more ]  [ reply ]
[KAPDA::#56] - FREEKOT SQL Injection Vulnerability 2006-08-30
farhadkey yahoo com
KAPDA New advisory

Vendor: http://www.digiappz.com

Vulnerability: SQL_Injection

Date :

--------------------

Found : Aug 10, 2006

Vendor Contacted : N/A

Release Date : Aug 30, 2006

About Freekot :

--------------------

FREEKOT is a free tool which allows you to insert a random quotatio

[ more ]  [ reply ]
Nuked Klan 1.7 SP4.3 : Function Anti-XSS Bypassed 2006-08-30
Blwood (blwood skynet be)
// *- BEGIN -*

// By Blwood
// http://blwood.net <http://blwood.net/>

We can bypassed the function anti-xss called nk_CSS ( nuked.php) using
like this :

<b id="blwood" style="width:expression(alert(' http://www.blwood.net'))
<http://www.blwood.net%27%29%29/>"></b>

Here is the function :

fu

[ more ]  [ reply ]
IwebNegar v1.1 Multiple vulnerabilities 2006-08-30
Hessamx hessamx net
:: IwebNegar v1.1 Multiple vulnerabilities ::

------------------------------------------------

Software : IwebNegar v1.1

Website : ----

Bug Discover : Hessam-x / www.hessamx.net

I. Cross Site Scripting Vulnerability

-------------------------------------------------

Parameter "com

[ more ]  [ reply ]
Ezportal/Ztml v1.0 Multiple vulnerabilities 2006-08-30
Hessamx hessamx net
:: Ezportal/Ztml v1.0 Multiple vulnerabilities ::

------------------------------------------------

Software : Ezportal/Ztml

Website : http://www.ztml.org

Bug Discover : Hessam-x / www.hessamx.net

I. Multiple Cross Site Scripting Vulnerabilities

----------------------------------------------

[ more ]  [ reply ]
[SECURITY] [DSA 1162-1] New libmusicbrainz packages fix arbitrary code execution 2006-08-30
joey infodrom org (Martin Schulze)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
--
Debian Security Advisory DSA 1162-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Martin Schulze
August 30th, 2006

[ more ]  [ reply ]
SQL-Ledger serious security vulnerability and workaround 2006-08-30
chris metatrontech com
Hi;

This post is to inform everyone that there is a serious security hole that has been discovered in SQL-Ledger involving session handling. The flaw allows anyone with network access to the server to access the application as any logged in user using trivial mechanisms. I have previously broug

[ more ]  [ reply ]
Re: AW: JetBox cms (search_function.php) Remote File Include 2006-08-29
Steven M. Christey (coley mitre org) (2 replies)

Frank Reissner said:

> //comments
>
> function phpdigSearch(){
>
> Line: 423 <?php include $relative_script_path.'/libs/htmlheader.php'
> ?>
>
> ...
> }
>
>Please explain us how that should be exploited.

While this statement appears to be in a function declaration, there
would be nest

[ more ]  [ reply ]
AW: AW: JetBox cms (search_function.php) Remote File Include 2006-08-31
Frank Reißner (mail frank-reissner de)
Re: JetBox cms (search_function.php) Remote File Include 2006-08-30
Carsten Eilers (ceilers-lists gmx de) (1 replies)
Re: JetBox cms (search_function.php) Remote File Include 2006-08-30
Steven M. Christey (coley linus mitre org)
InfoSec Paper: Creating Business Through Virtual Trust 2006-08-29
Kenneth F. Belva (ken ftusecurity com)
Information Security Community,

Please consider our paper - "Creating Business Through Virtual Trust:
How to Gain and Sustain a Competitive Advantage Using Information
Security" - for your review.

Here is the abstract from our paper:

"Cash. Profit. Margins. Productivity. This is the language of

[ more ]  [ reply ]
XSS in HLstats 1.34 2006-08-30
MC Iglo (mc iglo googlemail com)
Hello, world ;)

Input passed to multiple parameters in index.php isn't properly
sanitised before being returned to the user. This can be exploited to
execute HTML and script code in a user's browser session in context of
an affected site with limitation of ' and ".
This may also affect prior versio

[ more ]  [ reply ]
Portail PHP mod_phpalbum 2.15 Modules Remote File Inclusion 2006-08-29
x0r0n hotmail com
############################################################

#Portail PHP mod_phpalbum 2.15 Modules Remote File Inclusion

Vulnerabilities

############################################################

#Author: XORON

############################################################

#Class:

[ more ]  [ reply ]
DUpoll 3.1 security alert 2006-08-29
bozkurtserdar bozkurtserdar com
########################################################################
#####

#DUpoll 3.1 application bug #

# #

#BoZKuRTSeRDaR Ülkücü Milliyetçi Türkçü İnternet korsan

[ more ]  [ reply ]
JS ASP Faq Manager v1.10 sql injection 2006-08-29
ali hackerz ir
JS ASP Faq Manager v1.10

vendor : http://jetstat.com/

Demo : http://jetstat.com/demo/jsfaq/admin/

By : s3rv3r_hack3r

Site : www.hackerz.ir & www.h4kerz.com

U can login to administrator control panel with >>

user : admin

pass : ' or '

[ more ]  [ reply ]
Submit ( ToendaCMS<= ( Remote File Include Vulnerabilities ) 2006-08-29
h4ck3riran yahoo com
************************************************************************
*******

*** ***

***

[ more ]  [ reply ]
[SECURITY] [DSA 1161-1] New Mozilla Firefox packages fix several vulnerabilities 2006-08-29
joey infodrom org (Martin Schulze)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
--
Debian Security Advisory DSA 1161-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Martin Schulze
August 29th, 2006

[ more ]  [ reply ]
(Page 1070 of 1748)  < Prev  1065 1066 1067 1068 1069 1070 1071 1072 1073 1074 1075  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus