|
Windows file system, the clever use of loopholes | Hits:21 |
1.Windows useful file replacement in order to bypass file protection Used to replace the file replace, even the file is being used can be replaced. Is invincible. For example: in C: \ Next to build a directory, c: \ aaa Then copy a mp3... | 08/20/2010 |
STCMS V3.3 administrator password 0DAY storm vulnerability | Hits:8 |
Vulnerability causes: No filter _SERVER, lead users to fake _SERVER [X-FORWARDED-FOR], thereby injecting malicious statements written in the database. Using these steps: 1. To enter a comment on the page, the first comment on one and ge... | 08/19/2010 |
e107 0.7.21 remote file inclusion Vulnerabilities | Hits:32 |
Test method: Site provides program (method) may be offensive, only for safety research and teaching purposes, at your own risk! # Name: e107 0.7.21 full (RFI) Vulnerabilities # Vendor: http://e107.org/ # Author: indoushka #... | 08/18/2010 |
DoS vulnerabilities in Firefox, Internet Explorer | Hits:21 |
Test method: Site provides program (method) may be offensive, only for safety research and teaching purposes, at your own risk! Advisory: DoS vulnerabilities in Firefox, Internet Explorer, Chrome and Opera -----------------------------... | 08/17/2010 |
xoops tad_uploader modules Upload Vulnerability | Hits:18 |
xoops tad_uploader module upload vulnerability analysis: xoops tad_uploader module cat_sn parameter space can upload any file to uploads / tad_uploader / directory. Use Code: FORM Action='http://URL/modules/tad_uploader/index.php... | 08/16/2010 |
KingCMS ASP 5.0/5.1 Vulnerability Analysis | Hits:37 |
KingCMS ASP is based on ASP + ACCESS framework of a very good CMS system, front all the static treatment, a new generation of KingCMS provide a better interface, more room for the development of more robust expansion, have also... | 08/13/2010 |
WEB penetration path traversal vulnerability of technology | Hits:41 |
Many of the Web application files generally be read on the server view of the function, most of the parameters submitted will be used to specify the file name of the form: http://www.nuanyue.com/getfile=image.jgp When the... | 08/12/2010 |
dede5.5 through killing ODAY | Hits:32 |
Official for the time being not a patch, but I guess fast Executive Success in the data / cache the password the next generation t.php sentence pony t, The latest official GBK and utf-8 version of this vulnerability, This was characterized... | 08/11/2010 |
Slightly foreign currency Dailian system 0day games | Hits:14 |
Foreign currency trading slightly Dailian system 0day games Manufacturers: http://www.hh-e.cn/ hhadmin / up.php arbitrary Upload Vulnerability Default Background address: hhadmin Funnel file: index.php -------------------------------------... | 08/10/2010 |
Max CMS2.0beta (maxcms) SQL Injection Vulnerability Analysis | Hits:38 |
View code \ Inc \ ajax.asp dim action: action = getForm ( action , get ) response.Charset = gbk Select case action case newslist : viewNewsList case newscontent : viewNewsContent case digg , tread : scoreVideo (action) ... | 08/10/2010 |
CVE-2010-0806 vulnerability analysis of the use and | Hits:42 |
The vulnerability is similar to CVE-2009-1136, and the sample according to the now popular term, used almost exactly the same way. As follows: for (i = 0; i 10; i + +) ( x.setAttribute ('s', window); ) window.status + =''; Use a little... | 08/05/2010 |
Analysis of Remote Active Operating System Fingerprinting Tools | Hits:83 |
Remote active operating system fingerprinting is the process of determining the identity of a remote host's operating system. This is done by actively sending packets to the remote host and analyzing the responses. Tools like... | 08/06/2009 |
Spectrum Cash Receipting System Weak Password Encryption | Hits:25 |
Spectrum Cash Receipting System version 6.406.8 Having the password file locally allows an attacker to enumerate valid users on the system and potentially gain unauthorized access to the system through brute force attempts on those valid... | 08/06/2009 |
Polycom Video Conference System Management Server Authentication Bypass Vulnerability | Hits:225 |
The Polycom ViewStation FX set top video system provides TV-quality video for the most demanding video communications needs. Embedded streaming capabilities let you capture and send meetings, presentations or broadcasts to anyone... | 08/04/2009 |
Internet Explorer System Information Disclosure | Hits:12 |
Exploit: (note: all occurrences of 'i' were replaced with '!') Example 1: !frame src=about:blank id= ifrm height=1 width=1 /iframe scr!pt if(!document.all){alert('Ughh this is IE5+ specific')} head=' TABLE align=center... | 08/04/2009 |
|