Waraxe IT Security Portal
Login or Register
December 18, 2024
Menu
Home
Logout
Discussions
Forums
Members List
IRC chat
Tools
Base64 coder
MD5 hash
CRC32 checksum
ROT13 coder
SHA-1 hash
URL-decoder
Sql Char Encoder
Affiliates
y3dips ITsec
Md5 Cracker
User Manuals
AlbumNow
Content
Content
Sections
FAQ
Top
Info
Feedback
Recommend Us
Search
Journal
Your Account
User Info
Welcome, Anonymous
Nickname
Password
(Register)

Membership:
Latest: MichaelSnaRe
New Today: 0
New Yesterday: 0
Overall: 9144

People Online:
Visitors: 129
Members: 0
Total: 129
Full disclosure
[KIS-2024-07] GFI Kerio Control <= 9.4.5 Multiple HTTP Response Splitting Vulnerabilities
RansomLordNG - anti-ransomware exploit tool
APPLE-SA-12-11-2024-9 Safari 18.2
APPLE-SA-12-11-2024-8 visionOS 2.2
APPLE-SA-12-11-2024-7 tvOS 18.2
APPLE-SA-12-11-2024-6 watchOS 11.2
APPLE-SA-12-11-2024-5 macOS Ventura 13.7.2
APPLE-SA-12-11-2024-4 macOS Sonoma 14.7.2
APPLE-SA-12-11-2024-3 macOS Sequoia 15.2
APPLE-SA-12-11-2024-2 iPadOS 17.7.3
APPLE-SA-12-11-2024-1 iOS 18.2 and iPadOS 18.2
SEC Consult SA-20241211-0 :: Reflected Cross-Site Scripting in Numerix License Server Administration System Login
St. Poelten UAS | Multiple Vulnerabilities in ORing IAP
SEC Consult SA-20241204-0 :: Multiple Critical Vulnerabilities in Image Access Scan2Net (14 CVE)
Microsoft Warbird and PMP security research - technical doc
Log in Register Forum FAQ Memberlist Search
IT Security and Insecurity Portal

www.waraxe.us Forum Index
Search found 9 matches
Good static analysis for php projects?
PostForum:Php Posted: Fri Sep 05, 2008 4:30 pm Subject: Good static analysis for php projects?
gulftech
Replies: 1
Views: 6851




I personally do not know of any program like this. Whenever I try to follow a function I just grep for the function names and manually read the code. Sometimes I even come across other issues while do ...
Another Invision Power Board SQL Injection exploit <2.0.4
PostForum:Sql injection Posted: Wed Jul 06, 2005 2:41 pm Subject: Another Invision Power Board SQL Injection exploit <2.0.4
gulftech
Replies: 21
Views: 38235




The headers sent by this exploit script are not RFC compliant and confuse virtualhosts. That is why the LWP versions work (LWP Builds the headers for you) and this one does not.
xp_cmdshell
PostForum:Sql injection Posted: Sat Apr 30, 2005 4:42 pm Subject: xp_cmdshell
gulftech
Replies: 4
Views: 11876




Also, this is a great read for anyone wanting to lock down thier newly installed MSSQL Server Wink

http://www.securitymap.net/sdm/docs/windows/mssql-checklist.html
xp_cmdshell
PostForum:Sql injection Posted: Sat Apr 30, 2005 3:40 pm Subject: xp_cmdshell
gulftech
Replies: 4
Views: 11876




Well, if you really want help you should give us more details. Also, some servers will disable the type of functionality you are trying to use Smile
PHP Web Application Security: A Zero-Day Exploit Case Study
PostForum:Remote file inclusion Posted: Sat Apr 30, 2005 3:27 pm Subject: PHP Web Application Security: A Zero-Day Exploit Case Study
gulftech
Replies: 2
Views: 10634




Too bad some kiddie defaced his server, but he did get 10 CPE credits towards his CISSP for writing that paper Wink
OMG HACKER
PostForum:Fun corner Posted: Fri Apr 29, 2005 4:56 pm Subject: OMG HACKER
gulftech
Replies: 4
Views: 17462




lol. That is hilarious. Thanks for the link! Laughing
Sql Injection in Invision Power Board
PostForum:Sql injection Posted: Fri Apr 29, 2005 12:41 am Subject: Sql Injection in Invision Power Board
gulftech
Replies: 25
Views: 33841




Well, I did like that one advisory that was the result of "auditing" an application coded in .asp and the suggested fix was to use htmlspecialchars() and addlsashes() Very Happy
-==phpBB 2.0.14 Multiple Vulnerabilities==- by HaCkZaTaN
PostForum:PhpBB Posted: Thu Apr 28, 2005 7:49 pm Subject: -==phpBB 2.0.14 Multiple Vulnerabilities==- by HaCkZaTaN
gulftech
Replies: 4
Views: 14288




1) Putting any non integer based value that doesn't return a record will result in the blank profile.

2) The regex issue in highlight is more of a bug than a security issue. I could be wrong, but I ...
Sql Injection in Invision Power Board
PostForum:Sql injection Posted: Tue Apr 26, 2005 11:19 pm Subject: Sql Injection in Invision Power Board
gulftech
Replies: 25
Views: 33841




This issue was reported to the developers a long time ago. Go here to see the details and the response sent from the lead developer.

Edit: Forgot to post the link. Been a long day setting up blaste ...
Page 1 of 1
All times are GMT


Powered by phpBB © 2001-2008 phpBB Group



Space Raider game for Android, free download - Space Raider gameplay video - Zone Raider mobile games
All logos and trademarks in this site are property of their respective owner. The comments and posts are property of their posters, all the rest (c) 2004-2024 Janek Vind "waraxe"
Page Generation: 0.049 Seconds