MarmaraWeb E-commerce Remote Command Exucetion
MarmaraWeb E-commerce Remote Command Exucetion Hi all B3g0k[at]hackermail.com Kurdish Hacker Special Thanx All Kurdish Hackers Freedom For Ocalan!!! ----------------------------------- MarmaraWeb E-commerce Remote Command Exucetion ----------------------------------- Site:...
0.8AI Score
Currently on the market of SQL Injection tools a lot, the most respected is the NBSI2. SQL Injection method on the Internet is everywhere, everyone serious to learn it will soon become the script of the invasion“master”it. But whether it is tools, or numerous methods, to guess the SQL data when...
-0.5AI Score
Sun Java Runtime Environment "reflection" API privilege elevation vulnerabilities
Overview Multiple vulnerabilities in the Sun Java Reflection API may allow an untrusted Java applet to bypass security restrictions and execute arbitrary code. Description The Sun Java Reflection API allows Java classes to determine information about other Java classes, such as public methods....
0.2AI Score
0.04EPSS
PHP remote file inclusion vulnerability in content.php in phpGreetz 0.99 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the content...
8AI Score
0.045EPSS
PHP remote file inclusion vulnerability in content.php in phpGreetz 0.99 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the content...
7.6AI Score
0.045EPSS
PHP remote file inclusion vulnerability in content.php in phpGreetz 0.99 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the content...
7.6AI Score
0.045EPSS
0.1AI Score
7.4AI Score
EPSS
Horde MIME Viewer vulnerability
Title : Cross-Site-Scripting Vulnerability in Horde IMP. Date : November 17, 2005 Product : Horde MIME Viewer <3.0.7 vulnerability Discovered by : Daniel Schreckling Overview The Horde [http://www.horde.org] Project comprises a set of Web-based productivity, messaging, and...
0.1AI Score
Sylpheed, Sylpheed-Claws: Buffer overflow in LDIF importer
Background Sylpheed is a lightweight email client and newsreader. Sylpheed-Claws is a 'bleeding edge' version of Sylpheed. They both support the import of address books in LDIF (Lightweight Directory Interchange Format). Description Colin Leroy reported buffer overflow vulnerabilities in Sylpheed.....
7.4AI Score
0.002EPSS
Today there are many people ask me:“I read your article, but I'm new, Is there any learning method?” My answer is:“of course there Ah, but people and people are different, the method is their summary out, and my previous articles the noun are the same as me in learning based on their own...
-0.6AI Score
<p> today, there are many people ask me:“I read your article, but I'm new, Is there any learning method?” My answer is;“of course there Ah, but people and people are different, the method is their summary out, and my previous articles the noun are the same as me in learning based on their own...
-0.5AI Score
-0.2AI Score
7.1AI Score
7.4AI Score
EPSS
nbSMTP 0.99 - util.c Client-Side Command Execution
nbSMTP 0.99 - util.c Client-Side Command...
-0.2AI Score
nbSMTP <= 0.99 (util.c) Client-Side Command Execution Exploit
Exploit for linux platform in category remote...
7.1AI Score
Format string vulnerability in util.c in nbsmtp 0.99 and earlier, while running in debug mode, allows remote attackers to execute arbitrary code via format string specifiers that are not properly handled in a syslog...
7.6AI Score
0.133EPSS
Format string vulnerability in util.c in nbsmtp 0.99 and earlier, while running in debug mode, allows remote attackers to execute arbitrary code via format string specifiers that are not properly handled in a syslog...
7.6AI Score
0.133EPSS
Format string vulnerability in util.c in nbsmtp 0.99 and earlier, while running in debug mode, allows remote attackers to execute arbitrary code via format string specifiers that are not properly handled in a syslog...
7.7AI Score
0.133EPSS
Webmin 0.21 through 1.0 uses the same built-in SSL key for all installations, which allows remote attackers to eavesdrop or highjack the SSL...
6.8AI Score
0.005EPSS
Unknown vulnerability in (1) Webmin and (2) Usermin before 1.200 causes Webmin to change permissions and ownership of configuration files, with unknown...
6.5AI Score
0.005EPSS
grip, GnomeVFS, libcdaudio CDDB client buffer overflow
Buffer overflow on CDDB server response...
4.4AI Score
phpMyDirectory 10.1.3-rel cross site scripting
Talte Security Advisory #3 Product: phpMyDirectory 10.1.3-rel Homepage: http://www.phpmydirectory.com/ Risk: low Type: Cross Site Scripting Bug Found by: "Talte Security - mircia" phpMyDirectory is a multi-purpose script, this script can be successfully implemented for Proffesional Yellow pages,...
AI Score
-0.5AI Score
Links allows remote attackers to cause a denial of service (memory consumption) via a web page or HTML email that contains a table with a td element and a large rowspan value,as demonstrated by...
6.8AI Score
0.019EPSS
Multiple stack-based buffer overflows in xine-lib 1-rc2 through 1-rc5 allow attackers to execute arbitrary code via (1) long VideoCD vcd:// MRLs or (2) long subtitle...
7.4AI Score
0.007EPSS
Stack-based buffer overflow in the VideoCD (VCD) code in xine-lib 1-rc2 through 1-rc5, as derived from libcdio, allows attackers to execute arbitrary code via a VideoCD with an unterminated disk...
7.6AI Score
0.004EPSS
SquirrelMail may allow execution of arbitrary code
Overview SquirrelMail 1.2.6 may allow remote execution of arbitrary code via URL manipulation. Description From the SquirrelMail webpage: SquirrelMail is a standards-based webmail package written in PHP4. It includes built-in pure PHP support for the IMAP and SMTP protocols, and all pages render...
0.5AI Score
0.029EPSS
SquirrelMail vulnerable to command injection because of flawed input checking in S/MIME plug-in
Overview SquirrelMail contains a flaw in its S/MIME plug-in certificate handling routines which may allow arbitrary code to be remotely executed. Description From the SquirrelMail web page: SquirrelMail is a standards-based webmail package written in PHP4. It includes built-in pure PHP support for....
0.6AI Score
0.007EPSS
[SIG^2 G-TEC] DeskNow Mail and Collaboration Server Directory Traversal Vulnerabilities
SIG^2 Vulnerability Research Advisory DeskNow Mail and Collaboration Server Directory Traversal Vulnerabilities by Tan Chew Keong Release Date: 02 Feb 2005 ADVISORY URL http://www.security.org.sg/vuln/desknow2512.html SUMMARY DeskNow Mail and Collaboration Server...
-0.3AI Score
Lotus Domino Address Book Information Disclosure
The remote host is running Lotus Domino's names.nsf application. This application allows web clients to browse address books via the web. An attacker can use this information to mount more sophisticated...
2AI Score
[Full-Disclosure] DMA[2005-0125a] - 'berlios gpsd format string vulnerability'
DMA[2005-0125a] - 'berlios gpsd (remake of pygps) format string vulnerability' Author: Kevin Finisterre Vendor: http://gpsd.berlios.de, http://www.pygps.org Product: 'gpsd' References: http://www.digitalmunition.com/DMA[2005-0125a].txt Description: gpsd is a service daemon that monitors a GPS...
0.1AI Score
Heap-based buffer overflow in the pnm_get_chunk function for xine 0.99.2, and other packages such as MPlayer that use the same code, allows remote attackers to execute arbitrary code via long PNA_TAG values, a different vulnerability than...
7.8AI Score
0.041EPSS
The pnm_get_chunk function in xine 0.99.2 and earlier, and other packages such as MPlayer that use the same code, does not properly verify that the chunk size is less than the PREAMBLE_SIZE, which causes a read operation with a negative length that leads to a buffer overflow via (1) RMF_TAG, (2)...
6.6AI Score
0.041EPSS
2.8AI Score
Buffer overflow in smallftpd 0.99 allows local users to cause a denial of service (crash) via an FTP request with a large number of "/" (slash)...
6.4AI Score
0.0004EPSS
Buffer overflow in smallftpd 0.99 allows local users to cause a denial of service (crash) via an FTP request with a large number of "/" (slash)...
6.5AI Score
0.0004EPSS
Sun Java Plug-in fails to restrict access to private Java packages
Overview There is a vulnerability in the Sun Java Plug-in that could allow a malicious Java applet to bypass restrictions for untrusted applets. Description The Java Plug-in is part of the Java 2 Runtime Environment (JRE) and establishes a framework for displaying Java applets within a web...
0.2AI Score
0.192EPSS
RiSearch 0.99 RiSearch Pro 3.2.6 - show.pl Open Proxy Relay
RiSearch 0.99 RiSearch Pro 3.2.6 - show.pl Open Proxy...
-0.3AI Score
RiSearch 0.99 RiSearch Pro 3.2.6 - show.pl Arbitrary File Access
RiSearch 0.99 RiSearch Pro 3.2.6 - show.pl Arbitrary File...
-0.2AI Score
7.4AI Score
EPSS
7.4AI Score
EPSS
7.4AI Score
0.8AI Score
SquirrelMail "Content-Type" XSS vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 =============================== - RS-Labs Security Advisory - =============================== Tittle: SquirrelMail "Content-Type" XSS vulnerability ID: RS-2004-1 Severity: Medium / High - Arbitrary tags injection in...
-0.3AI Score
Buffer overflow in smallftpd 0.99 allows local users to cause a denial of service (crash) via an FTP request with a large number of "/" (slash)...
6.4AI Score
0.0004EPSS
0.6AI Score
CesarFTP 0.99 : 100% employment of computer resources
Application: CesarFTP http://www.aclogic.com/ Version: 0.99e Bug: 100% employment of computer resources Author: intuit e-mail: [email protected] web: http://rootshells.tk/ Description The bug The fix ^^^^^^^^^^^^^^^^ 1....
-0.1AI Score
7.4AI Score
EPSS