Categories

Applications (151)
Blogs (3)
Content Management (101)
Customer Relationship (2)
Discussion Boards (19)
E-Commerce (8)
General Purpose Directories (1)
Image Galleries (15)
Mailing Lists (1)
Tips (3)
Vulnerabilities (249)
Access Bypass (42)
Cross Site Scripting (94)
Denial Of Service (2)
File Inclusion (40)
Information Disclosure (13)
Privilege Escalation (2)
Remote Command Execution (12)
Session Hijacking (1)
SQL Injection (84)

Archive for the 'Privilege Escalation' Category

DotNetNuke Multiple Vulnerabilities

Published by TL Guan April 18th, 2008 in Access Bypass, Discussion Boards and Privilege Escalation.

Application: DotNetNuke
Affected Version: version prior to 4.8.2.
Vendor’s URL: http://www.dotnetnuke.com/
Bug Type: Privilege escalation, access bypass
Risk Level: Critical

Solution:
Update to version 4.8.2.
http://www.dotnetnuke.com/tabid/125/default.aspx

YaBB CRLF Injection Privilege Escalation

Published by TL Guan June 15th, 2007 in Discussion Boards and Privilege Escalation.

Application: YABB Forum
Affected Version: 2.1 or other versions may be affected
Vendor’s URL: http://www.yabbforum.com/
Bug Type: Privilege Escalation
Risk Level: Critical

Solution:
Apply patch.
http://www.yabbforum.com/community/?board=general;action=display;num=1181678785

About

You are currently browsing the Exabytes Security Portal weblog archives for the Privilege Escalation category.

Longer entries are truncated. Click the headline of an entry to read it in its entirety.

Subscribe

Latest

Archives



Valid XHTML 1.0 Transitional