jetlib.sec » Tags » asp

Feeds

133340 items (0 unread) in 27 feeds

• 1337day (was: Inj3ct0r, 1337db)
• OSVDB Vulnerabilities
• Exploit-DB
• SecurityFocus Vulnerabilities
• Bugtraq
• Full Disclosure
• XSSed
• Packet Storm Security Headlines
• Packet Storm Security Advisories
• Packet Storm Security Exploits
• Packet Storm Security Recent Files
• Packet Storm Security Tools
• Packet Storm Security Misc. Files
• Sophos security news
• Sophos product advisories
• Penetration Testing
• SecuriTeam
• BackTrack Linux Forums
• Threatpost
• SecDocs
• carnal0wnage.attackresearch.com
• Carnal0wnage
• Kernel Fun
• Darknet
• The Exploitant
• Hack a Day
• Wirevolution

94 items tagged "asp"

Related tags: net [+], microsoft [+], cms [+], webtech [+], denial of service [+], asp script [+], vulnerability [+], uploadform [+], sourceone [+], service vulnerability [+], script [+], padding [+], emc [+], disclosure [+], day [+], asp cms [+], acidcat [+], vulnerabilities [+], txt [+], script version [+], script shell [+], rave [+], planeteria [+], page [+], nuke [+], microsoft asp [+], matthew [+], magnon [+], lastguru [+], injection [+], information disclosure [+], haber [+], guestbook [+], f shopping [+], exploits [+], email management [+], design [+], classifieds [+], blogx [+], basit [+], asp guestbook [+], xss [+], world writeable [+], webdav [+], survey [+], smart [+], shopping cart [+], shell [+], scanner [+], productlist [+], php [+], payload [+], page asp [+], oracle [+], mooreadvice [+], hash collision [+], cross [+], comersus [+], cjwsoft [+], attack [+], zero day [+], xplace [+], webshell [+], webrising [+], webapps [+], web applications [+], waisman [+], video script [+], video [+], version [+], uhm [+], thai duong [+], thai [+], stok [+], software backup [+], site [+], simple [+], shopping cart software [+], shop [+], sepcity [+], search [+], script asp [+], scanner update [+], rizzo [+], resources [+], real time [+], read [+], presentation [+], portalapp [+], php asp [+], photo gallery [+], photo [+], nicolas waisman [+], news asp [+], news [+], midweb [+], midicart [+], microsoft net framework [+], login [+], juliano [+], information disclosure vulnerability [+], improved [+], ideas factory [+], hmei [+], help [+], hash [+], gui objects [+], gokhun [+], gallery [+], framework [+], forum beta [+], forum [+], file upload [+], factory [+], ewebeditor [+], eprime [+], dotcom [+], dibiweb [+], dettaglio [+], default [+], david byrne rohini sulatycki [+], darknet [+], creations [+], company [+], classified ads [+], classified [+], cfm [+], causes [+], cart [+], calendar [+], basicimgmgr [+], banner [+], auto [+], authentication [+], auth [+], asp version [+], asp sql [+], asp resources forum [+], asp nuke [+], article [+], application variables [+], application [+], apache myfaces [+], announces [+], access [+], Software [+], ExploitsVulnerabilities [+], sql [+], sql injection [+]

• March 28, 2012
• 19:42

  Microsoft ASP.NET Forms Authentication Bypass

   » ‎ Packet Storm Security Exploits
  Microsoft ASP.NET Forms versions 4.0.30319.237 and below suffer from an authentication bypass vulnerability.

  Tags:  microsoft asp net microsoft-asp authentication vulnerability  

• March 27, 2012
• 19:37

  Matthew1471s ASP BlogX Cross Site Scripting

   » ‎ Packet Storm Security Exploits
  Matthew1471s ASP BlogX suffers from a cross site scripting vulnerability.

  Tags:  blogx cross asp matthew vulnerability  

• 19:37

  Matthew1471s ASP BlogX Cross Site Scripting

   » ‎ Packet Storm Security Misc. Files
  Matthew1471s ASP BlogX suffers from a cross site scripting vulnerability.

  Tags:  blogx cross asp matthew vulnerability  

• 9:00

  Bugtraq: Matthew1471s ASP BlogX - XSS Vulnerabilities

   » ‎ SecurityFocus Vulnerabilities
  Matthew1471s ASP BlogX - XSS Vulnerabilities

  Tags:  blogx matthew asp xss  

• March 18, 2012
• 5:11

  ASP Classifieds SQL Injection

   » ‎ Packet Storm Security Exploits
  ASP Classifieds suffers from a remote SQL injection vulnerability.

  Tags:  classifieds asp sql sql-injection vulnerability  

• 5:11

  ASP Classifieds SQL Injection

   » ‎ Packet Storm Security Recent Files
  ASP Classifieds suffers from a remote SQL injection vulnerability.

  Tags:  classifieds asp sql sql-injection vulnerability  

• 5:11

  ASP Classifieds SQL Injection

   » ‎ Packet Storm Security Misc. Files
  ASP Classifieds suffers from a remote SQL injection vulnerability.

  Tags:  classifieds asp sql sql-injection vulnerability  

• March 04, 2012
• 9:22

  Lastguru ASP Guestbook SQL Injection

   » ‎ Packet Storm Security Exploits
  Lastguru ASP Guestbook suffers from a remote SQL injection vulnerability.

  Tags:  lastguru guestbook asp asp-guestbook vulnerability  

• 9:22

  Lastguru ASP Guestbook SQL Injection

   » ‎ Packet Storm Security Recent Files
  Lastguru ASP Guestbook suffers from a remote SQL injection vulnerability.

  Tags:  lastguru guestbook asp asp-guestbook vulnerability  

• 9:22

  Lastguru ASP Guestbook SQL Injection

   » ‎ Packet Storm Security Misc. Files
  Lastguru ASP Guestbook suffers from a remote SQL injection vulnerability.

  Tags:  lastguru guestbook asp asp-guestbook vulnerability  

• February 01, 2012
• 0:00

  Vuln: Acidcat ASP CMS Multiple Cross Site Scripting Vulnerabilities

   » ‎ SecurityFocus Vulnerabilities
  Acidcat ASP CMS Multiple Cross Site Scripting Vulnerabilities

  Tags:  acidcat asp cms asp-cms vulnerabilities  

• January 20, 2012
• 20:37

  Acidcat ASP CMS 3.5.2 Cross Site Scripting

   » ‎ Packet Storm Security Exploits
  Acidcat ASP CMS versions 3.5.1 and 3.5.2 suffer from multiple cross site scripting vulnerabilities.

  Tags:  acidcat asp cms asp-cms  

• 20:37

  Acidcat ASP CMS 3.5.2 Cross Site Scripting

   » ‎ Packet Storm Security Recent Files
  Acidcat ASP CMS versions 3.5.1 and 3.5.2 suffer from multiple cross site scripting vulnerabilities.

  Tags:  acidcat asp cms asp-cms  

• 20:37

  Acidcat ASP CMS 3.5.2 Cross Site Scripting

   » ‎ Packet Storm Security Misc. Files
  Acidcat ASP CMS versions 3.5.1 and 3.5.2 suffer from multiple cross site scripting vulnerabilities.

  Tags:  acidcat asp cms asp-cms  

• January 10, 2012
• 0:00

  Vuln: Microsoft ASP.NET Hash Collision Denial Of Service Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Microsoft ASP.NET Hash Collision Denial Of Service Vulnerability

  Tags:  microsoft asp net hash-collision service-vulnerability denial-of-service  

• January 06, 2012
• 4:12

  ASP.NET Hash Denial Of Service Payload

   » ‎ Packet Storm Security Exploits
  ASP.NET hash denial of service exploit payload. Includes 1mb and 4mb files.

  Tags:  asp net hash denial-of-service  

• January 03, 2012
• 0:00

  Vuln: Microsoft ASP.NET Hash Collision Denial Of Service Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Microsoft ASP.NET Hash Collision Denial Of Service Vulnerability

  Tags:  microsoft asp net hash-collision service-vulnerability denial-of-service  

• December 29, 2011
• 6:52

  Microsoft Announces ASP.NET Zero-Day Vuln

   » ‎ Packet Storm Security Headlines
  Microsoft Announces ASP.NET Zero-Day Vuln

  Tags:  microsoft announces asp zero-day  

• 0:00

  Vuln: Microsoft ASP.NET Hashe Collision Denial Of Service Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Microsoft ASP.NET Hashe Collision Denial Of Service Vulnerability

  Tags:  microsoft asp net service-vulnerability denial-of-service microsoft-asp  

• 0:00

  Vuln: Microsoft .NET Framework ASP.NET Forms Security Bypass Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Microsoft .NET Framework ASP.NET Forms Security Bypass Vulnerability

  Tags:  framework microsoft asp microsoft-net-framework vulnerability  

• December 28, 2011
• 0:00

  Vuln: Microsoft ASP.NET Hashes Denial Of Service Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Microsoft ASP.NET Hashes Denial Of Service Vulnerability

  Tags:  microsoft asp net service-vulnerability denial-of-service microsoft-asp  

• December 05, 2011
• 0:00

  Vuln: SepCity Classified Ads 'classdis.asp' SQL Injection Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  SepCity Classified Ads 'classdis.asp' SQL Injection Vulnerability

  Tags:  asp sepcity classified sql-injection vulnerability classified-ads  

• November 04, 2011
• 0:00

  Vuln: Smart ASP Survey SQL Injection and Cross Site Scripting Vulnerabilities

   » ‎ SecurityFocus Vulnerabilities
  Smart ASP Survey SQL Injection and Cross Site Scripting Vulnerabilities

  Tags:  asp smart survey  

• October 14, 2011
• 19:27

  Mass ASP.NET Attack Causes Websites To Turn On Visitors

   » ‎ Packet Storm Security Headlines
  Mass ASP.NET Attack Causes Websites To Turn On Visitors

  Tags:  asp attack causes  

• September 18, 2011
• 23:13

  Asp Basit Haber Script 1.0 SQL Injection

   » ‎ Packet Storm Security Exploits
  Asp Basit Haber Script version 1.0 suffers from a remote SQL injection vulnerability.

  Tags:  haber asp basit script-version vulnerability  

• 23:13

  Asp Basit Haber Script 1.0 SQL Injection

   » ‎ Packet Storm Security Recent Files
  Asp Basit Haber Script version 1.0 suffers from a remote SQL injection vulnerability.

  Tags:  haber asp basit script-version vulnerability  

• 23:13

  Asp Basit Haber Script 1.0 SQL Injection

   » ‎ Packet Storm Security Misc. Files
  Asp Basit Haber Script version 1.0 suffers from a remote SQL injection vulnerability.

  Tags:  haber asp basit script-version vulnerability  

• August 24, 2011
• 17:06

  Planeteria Design ASP SQL Injection

   » ‎ Packet Storm Security Exploits
  Planeteria Design ASP suffers from a remote SQL injection vulnerability.

  Tags:  design asp planeteria vulnerability  

• 17:06

  Planeteria Design ASP SQL Injection

   » ‎ Packet Storm Security Recent Files
  Planeteria Design ASP suffers from a remote SQL injection vulnerability.

  Tags:  design asp planeteria vulnerability  

• 17:06

  Planeteria Design ASP SQL Injection

   » ‎ Packet Storm Security Misc. Files
  Planeteria Design ASP suffers from a remote SQL injection vulnerability.

  Tags:  design asp planeteria vulnerability  

• August 22, 2011
• 18:54

  Magnon Solutions ASP SQL Injection

   » ‎ Packet Storm Security Exploits
  Magnon Solutions ASP suffers from a remote SQL injection vulnerability.

  Tags:  asp magnon sql vulnerability  

• 18:54

  Magnon Solutions ASP SQL Injection

   » ‎ Packet Storm Security Recent Files
  Magnon Solutions ASP suffers from a remote SQL injection vulnerability.

  Tags:  asp magnon sql vulnerability  

• 18:54

  Magnon Solutions ASP SQL Injection

   » ‎ Packet Storm Security Misc. Files
  Magnon Solutions ASP suffers from a remote SQL injection vulnerability.

  Tags:  asp magnon sql vulnerability  

• August 17, 2011
• 15:00

  Bugtraq: Xplace Company (dettaglio.asp?id) (alloggi-dett.asp?id) (eventi.asp?id) Remote SQL injection Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Xplace Company (dettaglio.asp?id) (alloggi-dett.asp?id) (eventi.asp?id) Remote SQL injection Vulnerability

  Tags:  xplace company asp sql-injection vulnerability  

• 14:00

  Bugtraq: WebRising (dettaglio.asp?id) Remote SQL injection Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  WebRising (dettaglio.asp?id) Remote SQL injection Vulnerability

  Tags:  asp dettaglio webrising sql-injection vulnerability  

• May 16, 2011
• 19:16

  EMC SourceOne ASP.NET Application Tracing Information Disclosure

   » ‎ Packet Storm Security Advisories
  EMC SourceOne Email Management may allow the disclosure of application-sensitive information using ASP.NET Application Tracing. The ASP.NET application trace is enabled in affected versions of EMC SourceOne Email Management. This trace file may contain application-sensitive information that can be accessed by a remote user. Authentication is required to access the trace file.

  Tags:  emc asp sourceone email-management information-disclosure  

• 19:16

  EMC SourceOne ASP.NET Application Tracing Information Disclosure

   » ‎ Packet Storm Security Recent Files
  EMC SourceOne Email Management may allow the disclosure of application-sensitive information using ASP.NET Application Tracing. The ASP.NET application trace is enabled in affected versions of EMC SourceOne Email Management. This trace file may contain application-sensitive information that can be accessed by a remote user. Authentication is required to access the trace file.

  Tags:  emc asp sourceone email-management information-disclosure  

• 19:16

  EMC SourceOne ASP.NET Application Tracing Information Disclosure

   » ‎ Packet Storm Security Misc. Files
  EMC SourceOne Email Management may allow the disclosure of application-sensitive information using ASP.NET Application Tracing. The ASP.NET application trace is enabled in affected versions of EMC SourceOne Email Management. This trace file may contain application-sensitive information that can be accessed by a remote user. Authentication is required to access the trace file.

  Tags:  emc asp sourceone email-management information-disclosure  

• 9:01

  Bugtraq: ESA-2011-016: EMC SourceOne ASP.NET application tracing information disclosure vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ESA-2011-016: EMC SourceOne ASP.NET application tracing information disclosure vulnerability

  Tags:  emc asp sourceone information-disclosure-vulnerability  

• May 12, 2011
• 21:00

  [webapps / 0day] - Q8portals [asp] SQL Injection Vulnerability

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  [webapps / 0day] - Q8portals [asp] SQL Injection Vulnerability

  Tags:  asp day sql vulnerability  

• April 14, 2011
• 14:00

  [webapps / 0day] - Uploadform [Asp] Script Remote File Upload Vulnerability

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  [webapps / 0day] - Uploadform [Asp] Script Remote File Upload Vulnerability

  Tags:  asp day uploadform file-upload vulnerability  

• 9:25

  Uploadform ASP Script Shell Upload

   » ‎ Packet Storm Security Exploits
  The Uploadform ASP script suffers from a shell upload vulnerability.

  Tags:  uploadform asp script script-shell asp-script vulnerability  

• 9:25

  Uploadform ASP Script Shell Upload

   » ‎ Packet Storm Security Recent Files
  The Uploadform ASP script suffers from a shell upload vulnerability.

  Tags:  uploadform asp script script-shell asp-script vulnerability  

• 9:25

  Uploadform ASP Script Shell Upload

   » ‎ Packet Storm Security Misc. Files
  The Uploadform ASP script suffers from a shell upload vulnerability.

  Tags:  uploadform asp script script-shell asp-script vulnerability  

• April 03, 2011
• 6:11

  Ideas Factory PHP / ASP SQL Injection

   » ‎ Packet Storm Security Exploits
  Ideas Factory PHP and ASP suffers from a remote SQL injection vulnerability.

  Tags:  factory asp php sql-injection ideas-factory vulnerability  

• December 23, 2010
• 21:25

  [Slides] Padding Oracle for the Masses

   » ‎ SecDocs
  Authors: Nicolas Waisman
  Tags: vulnerability ASP.NET
  Event: Ruxcon 2010
  Abstract: In September Juliano Rizzo and Thai Duong unveiled their latest masterpiece: A padding oracle attack on the crypto implementation of the ASP.net framework allowed them to download any file. Their original presentation did not fully unveil how to practically implement the attack. This hands-on presentation is the result of our notes and experience in developing a reliable exploit for the padding oracle attack against ASP.net. It takes you from a simple CAPTCHA crack to a fully optimized padding oracle attack against ASP.net that bypasses all typical workarounds.

  Tags:  padding asp oracle nicolas-waisman thai rizzo thai-duong waisman juliano  

• October 20, 2010
• 14:00

  [remote exploits] - MS10-070 ASP.NET Auto-Decryptor File Download Exploit

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  [remote exploits] - MS10-070 ASP.NET Auto-Decryptor File Download Exploit

  Tags:  auto asp net exploits  

• October 17, 2010
• 14:00

  [remote exploits] - MS10-070 ASP.NET Padding Oracle File Download

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  [remote exploits] - MS10-070 ASP.NET Padding Oracle File Download

  Tags:  padding asp exploits oracle  

• October 06, 2010
• 14:00

  [remote exploits] - ASP.NET Padding Oracle Vulnerability (MS10-070)

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  [remote exploits] - ASP.NET Padding Oracle Vulnerability (MS10-070)

  Tags:  padding asp net exploits vulnerability  

• September 27, 2010
• 21:01

  gokhunaspstok-sqlxssdisclose.txt

   » ‎ Packet Storm Security Exploits
  Gokhun ASP Stok version 1.0 suffers from cross site scripting, database disclosure and remote SQL injection vulnerabilities.

  Tags:  txt asp gokhun sql-injection disclosure  

• September 26, 2010
• 14:00

  [webapps / 0day] - Gokhun ASP Stok v1.0 Multiple Remote Vulnerabilities

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  [webapps / 0day] - Gokhun ASP Stok v1.0 Multiple Remote Vulnerabilities

  Tags:  day asp webapps stok vulnerabilities  

• September 24, 2010
• 3:50

  Microsoft Warns Of ASP.Net Vulnerability In The Wild – Cryptographic Padding Attack

   » ‎ Darknet
  There seems to be a fairly serious attack being exploited in the wild that targets vulnerable ASP.Net web applications, so far there is a temporary fix but no official announcement on when a patch will be issued. The next scheduled patches should be pushed out on October 12th. If you had set up your server [...]
  
  Read the full post at darknet.org.uk

  
  

  

  Tags:  microsoft asp attack read darknet padding web-applications ExploitsVulnerabilities  

• September 11, 2010
• 12:50

  ASP Nuke SQL Injection Vulnerability

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  ASP Nuke SQL Injection Vulnerability

  Tags:  nuke asp sql sql-injection vulnerability  

• 0:00

  Vuln: ASP Nuke 'article.asp' SQL Injection Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ASP Nuke 'article.asp' SQL Injection Vulnerability

  Tags:  nuke asp article vulnerability  

• September 10, 2010
• 14:00

  [webapps / 0day] - ASP Nuke SQL Injection Vulnerability

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  [webapps / 0day] - ASP Nuke SQL Injection Vulnerability

  Tags:  day nuke asp asp-nuke vulnerability  

• August 22, 2010
• 7:30

  Video Script ASP Database Disclosure Exploit

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  Video Script ASP Database Disclosure Exploit

  Tags:  video asp script video-script script-asp disclosure  

• August 20, 2010
• 23:57

  dotcom systems cms (default.asp) SQL Injection Vulnerability

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  dotcom systems cms (default.asp) SQL Injection Vulnerability

  Tags:  asp dotcom default vulnerability cms  

• August 12, 2010
• 4:36

  CjwSoft Asp Photo Gallery Multiple Vulnerability

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  CjwSoft Asp Photo Gallery Multiple Vulnerability

  Tags:  asp photo cjwsoft vulnerability photo-gallery  

• 4:36

  CjwSoft Asp Banner Multiple Vulnerability

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  CjwSoft Asp Banner Multiple Vulnerability

  Tags:  asp banner cjwsoft vulnerability  

• July 20, 2010
• 1:00

  ASP Resources Forum.(beta) Download D-B Vulnerability

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  ASP Resources Forum.(beta) Download D-B Vulnerability

  Tags:  resources forum asp asp-resources-forum forum-beta vulnerability  

• July 07, 2010
• 1:00

  Simple Gallery ASP Script SQL Injection Vulnerability

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  Simple Gallery ASP Script SQL Injection Vulnerability

  Tags:  gallery asp simple sql-injection vulnerability  

• July 02, 2010
• 1:00

  MooreAdvice (productlist.asp) SQL injection Vulnerable

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  MooreAdvice (productlist.asp) SQL injection Vulnerable

  Tags:  asp mooreadvice productlist  

• July 01, 2010
• 1:00

  MooreAdvice (productlist.asp) SQL Injection Vulnerability

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  MooreAdvice (productlist.asp) SQL Injection Vulnerability

  Tags:  asp mooreadvice productlist vulnerability  

• June 29, 2010
• 1:00

  Rave Creations (artists.asp) XSS Multiple Vulnerabilities

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  Rave Creations (artists.asp) XSS Multiple Vulnerabilities

  Tags:  xss asp rave creations  

• 1:00

  Rave Creations (artists.asp) SQL Injection Vulnerability

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  Rave Creations (artists.asp) SQL Injection Vulnerability

  Tags:  asp rave sql vulnerability  

• 0:00

  Vuln: PortalApp Login.ASP Cross-Site Scripting Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  PortalApp Login.ASP Cross-Site Scripting Vulnerability

  Tags:  portalapp asp login vulnerability  

• June 15, 2010
• 1:00

  Smart ASP Survey SQL & XSS Vulnerability

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  Smart ASP Survey SQL & XSS Vulnerability

  Tags:  asp smart survey vulnerability  

• June 14, 2010
• 1:00

  Real-time ASP Calendar SQL Vulnerability

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  Real-time ASP Calendar SQL Vulnerability

  Tags:  calendar real-time asp vulnerability  

• June 03, 2010
• 1:00

  DibiWeb (News.asp) SQL Injection Vulnerability

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  DibiWeb (News.asp) SQL Injection Vulnerability

  Tags:  dibiweb news asp news-asp vulnerability  

• May 22, 2010
• 1:00

  Rave Creations/UHM (artists.asp) SQL Injection Vulnerability

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  Rave Creations/UHM (artists.asp) SQL Injection Vulnerability

  Tags:  uhm asp rave vulnerability  

• May 17, 2010
• 1:00

  MidiCart PHP,ASP Shell Upload Vulnerability

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  MidiCart PHP,ASP Shell Upload Vulnerability

  Tags:  midicart asp php php-asp vulnerability shell  

• May 14, 2010
• 9:31

  [Slides] Beware of Serialized GUI Objects Bearing Data

   » ‎ SecDocs
  Authors: David Byrne Rohini Sulatycki
  Tags: web application ASP.NET
  Event: Black Hat DC 2010
  Abstract: This presentation will highlight 0-days in Apache MyFaces and Sun Mojarra that allow an attacker to access all server-side session data, as well as some globally-scoped application variables. This presentation will provide a live demonstration of the flaws. The tool used to exploit the vulnerability will also be released. A similar vulnerability is present in Microsoft's ASP.Net view state. This may not technically be an 0-day, but it is a poorly known flaw that has been present since the beginning days of .Net. A live demonstration of this will also be performed.

  Tags:  asp presentation application david-byrne-rohini-sulatycki apache-myfaces application-variables gui-objects  

• May 12, 2010
• 1:00

  Asp Basicimgmgr Shell Upload Vulnerability

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  Asp Basicimgmgr Shell Upload Vulnerability

  Tags:  asp shell basicimgmgr vulnerability  

• 1:00

  e-webtech (fixed_page.asp) SQL Injection Vulnerability

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  e-webtech (fixed_page.asp) SQL Injection Vulnerability

  Tags:  asp page sql page-asp webtech vulnerability  

• May 11, 2010
• 1:00

  e-webtech (page.asp) SQL Injection Vulnerability

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  e-webtech (page.asp) SQL Injection Vulnerability

  Tags:  asp page sql page-asp webtech vulnerability  

• 1:00

  e-webtech (page.asp) IMPROVED SQL Injection Vulnerability

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  e-webtech (page.asp) IMPROVED SQL Injection Vulnerability

  Tags:  improved asp page webtech vulnerability  

• May 10, 2010
• 1:00

  e-webtech (new.asp?id=) SQL Injection Vulnerability

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  e-webtech (new.asp?id=) SQL Injection Vulnerability

  Tags:  injection asp sql webtech vulnerability  

• 1:00

  e-webtech (new.asp) SQL Injection Vulnerability

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  e-webtech (new.asp) SQL Injection Vulnerability

  Tags:  injection asp sql asp-sql sql-injection webtech  

• May 06, 2010
• 1:00

  EPRIME CMS (default-ricerca.asp) XSS Vulnerability

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  EPRIME CMS (default-ricerca.asp) XSS Vulnerability

  Tags:  asp eprime cms vulnerability  

• April 29, 2010
• 1:00

  MidWeb CMS (top.asp) XSS Vulnerability

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  MidWeb CMS (top.asp) XSS Vulnerability

  Tags:  asp cms midweb vulnerability  

• April 05, 2010
• 1:00

  ASP Search 1.0 (Auth Bypass) Remote SQL Injection Vulnerability

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  ASP Search 1.0 (Auth Bypass) Remote SQL Injection Vulnerability

  Tags:  auth asp search sql-injection vulnerability  

• March 29, 2010
• 21:36

  comersus7f-disclose.txt

   » ‎ Packet Storm Security Recent Files
  ASP Comersus7F Shopping Cart suffers from a database disclosure vulnerability.

  Tags:  comersus txt asp f-shopping vulnerability shopping-cart disclosure  

• 21:36

  comersus7f-disclose.txt

   » ‎ Packet Storm Security Exploits
  ASP Comersus7F Shopping Cart suffers from a database disclosure vulnerability.

  Tags:  comersus txt asp f-shopping vulnerability shopping-cart disclosure  

• 1:00

  Asp - comersus7F Shopping Cart Software Backup Dump Vulnerability

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  Asp - comersus7F Shopping Cart Software Backup Dump Vulnerability

  Tags:  asp cart Software f-shopping shopping-cart-software software-backup vulnerability  

• February 28, 2010
• 0:00

  asp help

   » ‎ darkc0de
  asp help

  Tags:  asp help  

• February 16, 2010
• 4:00

  ASP site

   » ‎ darkc0de
  ASP site

  Tags:  asp site  

• February 15, 2010
• 23:00

  .asp & .cfm shop error dorks

   » ‎ darkc0de
  .asp & .cfm shop error dorks

  Tags:  asp cfm shop  

• February 09, 2010
• 19:00

  iis_webdav_upload_asp.rb.txt

   » ‎ Packet Storm Security Recent Files
  This Metasploit module can be used to execute a payload on IIS servers that have world-writeable directories. The payload is uploaded as an ASP script using a WebDAV PUT request.

  Tags:  webdav asp payload world-writeable asp-script  

• 19:00

  iis_webdav_upload_asp.rb.txt

   » ‎ Packet Storm Security Exploits
  This Metasploit module can be used to execute a payload on IIS servers that have world-writeable directories. The payload is uploaded as an ASP script using a WebDAV PUT request.

  Tags:  webdav asp payload world-writeable asp-script  

• February 08, 2010
• 20:00

  asp webshell

   » ‎ darkc0de
  asp webshell

  Tags:  webshell asp  

• February 04, 2010
• 23:01

  asp sql injection Scanner, GUI vercion

   » ‎ darkc0de
  asp sql injection Scanner, GUI vercion

  Tags:  asp injection sql sql-injection scanner  

• February 01, 2010
• 9:00

  Bugtraq: eWebeditor ASP Version Multiple Vulnerabilities

   » ‎ SecurityFocus Vulnerabilities
  eWebeditor ASP Version Multiple Vulnerabilities

  Tags:  version ewebeditor asp asp-version vulnerabilities  

• January 25, 2010
• 8:00

  Hmei7 asp scanner, update version 3

   » ‎ darkc0de
  Hmei7 asp scanner, update version 3

  Tags:  scanner asp hmei scanner-update  

• January 21, 2010
• 7:00

  ASP - Access + blind

   » ‎ darkc0de
  ASP - Access + blind

  Tags:  access asp