#!/usr/bin/php -q -d short_open_tag=on
?
echo Pixelpost = 1-5rc1-2 privilege escalation exploit\r\n;
echo by rgod [EMAIL PROTECTED];
echo site: http://retrogod.altervista.org\r\n;;
echo dork: pixelpost \RSS 2.0\ \ATOM feed\ \Valid xHTML / Valid
CSS\\r\n\r\n;
/*
works with:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA 1087-1[EMAIL PROTECTED]
http://www.debian.org/security/ Martin Schulze
June 3rd, 2006
___ ___
\_ _/\_ ___ \ / | \\_ \
|__)_ /\ \//~\/ | \
|\\ \___\Y/|\
/___ / \__ /\___|_ /\___ /
\/ \/ \/ \/
Type: SQL Injection
Risk: Critical
Product: CoolForum = 0.8.3 beta
Vulnerability
*
// File: editpost.php
// Line 38
//
if(isset($_REQUEST['post'])) $post = intval($_REQUEST['post']);
else $post = 0;
--
// Line 77
//
$canedit =
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA 1088-1[EMAIL PROTECTED]
http://www.debian.org/security/ Martin Schulze
June 3rd, 2006
the Blackhat agenda for USA 2006 session had just been published : URL
http://www.blackhat.com/html/bh-usa-06/bh-usa-06-schedule.html
The first remark is that this year, Blackhat USA, will be an incredible
briefing !
There will be several Zero day announcements. For example: Brendan
This is not vulnerable,PHP-Nuke having a special in their files and when
includes mainfile.php it overwrites the global variables and it caused to make
an arbitrary file inclusion.
But in MyBloggie there is no common vulnerability like it.I checked all files
and all versions did not see any
# Title : LocazoList Classifieds = v1.05e(viewmsg.asp) Remote SQL Injection
Vulnerability
# Author : ajann
#Vulnerability;
$$$ http://[target]/[path]/viewmsg.asp?msgid= SQL TEXT
$$$ Example:
*Title:
*phpBB2 Remote File Include
*
*
*Credit:
*Canberx
*
*
*Thanx:
*Forewer-Partizan
*
*
*Mail:
[EMAIL PROTECTED]www.canberx.tk
*
*
*Google Dork:
*Powered by phpBB © 2001, 2002 phpBB Group
*
*
[MajorSecurity #7]dotWidget CMS = 1.0.6 - Remote File Include Vulnerability
-
Software: dotWidget CMS
Version: =1.0.6
Type: Remote File Include Vulnerability
Date: June, 2nd 2006
Vendor: dotWidget
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA 1089-1[EMAIL PROTECTED]
http://www.debian.org/security/ Martin Schulze
June 3rd, 2006
[Sorry to reply to my own post, but...]
M. Dodge Mumford said:
Sigint Consulting said:
perl -e 'print GET \x0d/index.php\x90\x90 HTTP/1.0\n\r\n'|nc
192.168.1.3 80
No alert is generated from the string above.
[...]
We are not sure how much this may buy an attacker as the CR
#!/usr/bin/php -q -d short_open_tag=on
?
echo DotClear = 1.2.4 prepend.php/'blog_dc_path' arbitrary remote
inclusion\r\n;
echo by rgod [EMAIL PROTECTED];
echo site: http://retrogod.altervista.org\r\n\r\n;;
echo dork: \propulsé par DotClear\ \fil atom\ \fil rss\
+commentaires\r\n\r\n;
/*
#!/usr/bin/php -q -d short_open_tag=on
?
echo LifeType = 1.0.4_r3270 SQL injection / admin credentials disclosure\r\n;
echo by rgod [EMAIL PROTECTED];
echo site: http://retrogod.altervista.org\r\n;;
echo dork: \Powered by LifeType\ \RSS 0.90\ \RSS 1.0\ \RSS 2.0\
\Valid XHTML 1.0 Strict and
Sorry but i didnt see any SQL injection with your example.
I tried all ways and did not get any result or error from SQL server.
Could you please show me injection that you found.
and vulnerable codes in misc.php
Regards,
Mustafa Can Bjorn IPEKCI
http://evuln.com/vulns/3/exploit.html look :]
--
___
Check out the latest SMS services @ http://www.linuxmail.org
This allows you to send and receive SMS through your mailbox.
Powered by Outblaze
As a systems administrator, I must say that your methods are
unacceptable. You are violating your customers' trust by doing this
without their knowledge. You even made an effort to hide the code that
sends the information! This is outright deceit and should not be
tolerated by anyone.
Successfully tested on Firefox 1.5.0.3.
I had to kill my firefox.exe process after half a minute of freezing :-)
On 30 May 2006 12:03:36 -, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote:
I have found a problem which causes denial of service on fire fox browser
Creadit:to n00b for finding
Crashed my FF 1.5.0.3 straight away on a fully patched XP Pro Service Pack 2
Andy
-Original Message-
From: Josh Zlatin-Amishav [mailto:[EMAIL PROTECTED]
Sent: 31 May 2006 16:50
To: [EMAIL PROTECTED]
Cc: bugtraq@securityfocus.com
Subject: Re: Fire fox dos exploit
On Tue, 30 May 2006,
I told this guy all ready that it looks like WinXP is the problem.
Mac OS X and Debian (Linux) does not hang!
With regards,
Ronald van den Blink
Securityview.org
On 31 May, 2006, at 16:50, Josh Zlatin-Amishav wrote:
On Tue, 30 May 2006, [EMAIL PROTECTED] wrote:
I have found a problem
Under Apple Mac OS X 10.4.6 (PPC) with Firefox 1.5.0.3 it's
reproducible!
Cheers, Yannick von Arx
Am 31.05.2006 um 16:50 schrieb Josh Zlatin-Amishav:
On Tue, 30 May 2006, [EMAIL PROTECTED] wrote:
I have found a problem which causes denial of service on fire fox
browser
Can you give us
Yep.
I can confirm this for firefox 1.5.0.3 on ubuntu dapper amd64.
Filling a bug report
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I was able to use this proof of concept code with the following results:
With Firefox 1.0.8 (Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.13)
Gecko/20060418 Fedora/1.0.8-1.1.fc4 Firefox/1.0.8)
I was able to cause a resource exhaustion with firefox
I see this work in explorer and my ie 7 beta, both of them crashes. But
this does not seem to be easily exploitable. It is a simple stack buffer
overun issue. The problem seems to be in
inetcomm!CActiveUrlRequest::ParseUrl. now inetcomm seemed to have been
gs flagged complied,hence the
Hello.
This issue has been solved already and should not work since the whole log in
system has been improved.
Thank you for sharing
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- ---
VMware Security Advisory
Advisory ID: VMSA-2006-0001
Synopsis: VMware ESX Server Cross Site Scripting issue
VMware ESX
On Wed, 31 May 2006, Josh Zlatin-Amishav wrote:
Can you give us some more details, like versions and platforms affected? I
was unable to recreate this flaw using firefox 1.5.dfsg+1.5.0 on Debian
unstable.
The word-wrapping of his mail client broke the exploit. If you clean that
up by only
There's a vulnerability in Timberland's search engine.
The variable 'keywords' in searchHandler/index.jsp is not correctly sanitized.
URL:
hxxp://www.timberland.com/searchHandler/index.jsp?keywords=[XSS Code]
Example:
Muts I like to announce a new and stable release of BackTrack.
This project i a merger out of two well known security penetration
testing focused linux live distributions (Whax and Auditor). After
hundreds of combined man hours, we can provide you with the finest
linux and windows tools on one
===
Discovery By: CrAzY CrAcKeR
Site: www.alshmokh.com
I want to thank my friend:-
nono225-mHOn-rageh-LoverHacker-BoNy_m
Brh-Rootshil-LiNuX_rOOt-SauDiVirUS
===
Example:-
/messages.php?id=[SQL]
Hello,
there's a XSS Bug in www.ICQ.com
http://www.icq.com/boards/atoz.php?letter=oOOoOooOOOoO%3Cscript%3Ealert%28%27www.SR-Crew.de.tt%27%29%3C/script%3E
31 matches
Mail list logo