Lucene search
K

128 matches found

Positive Technologies
Positive Technologies
added 2024/08/31 12:0 a.m.8 views

PT-2024-38807 · WordPress · Share This Image

Name of the Vulnerable Software and Affected Versions: Share This Image plugin for WordPress versions up to, and including, 2.01 Description: The issue is related to Stored Cross-Site Scripting via the alignment parameter due to insufficient input sanitization and output escaping. This allows...

6.4CVSS5.9AI score0.0036EPSS
Exploits0References13
Positive Technologies
Positive Technologies
added 2024/03/27 12:0 a.m.5 views

PT-2024-23035 · Mad Fish Digital · Mad Fish Digital Bulk Noindex & Nofollow Toolkit

Name of the Vulnerable Software and Affected Versions: Mad Fish Digital Bulk NoIndex & NoFollow Toolkit versions through 2.01 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, allowing Reflected XSS...

7.1CVSS9.3AI score0.00418EPSS
Exploits0References4
OSV
OSV
added 2024/01/06 12:0 a.m.11 views

CVE-2023-39853

SQL Injection vulnerability in Dzzoffice version 2.01, allows remote attackers to obtain sensitive information via the doobj and doevent parameters in the Network Disk backend module...

6.5CVSS7.7AI score0.00744EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2024/01/05 12:0 a.m.4 views

PT-2024-12821 · Dzzoffice · Dzzoffice

Name of the Vulnerable Software and Affected Versions: Dzzoffice version 2.01 Description: The issue allows remote attackers to obtain sensitive information via the doobj and doevent parameters in the Network Disk backend module. This is a SQL Injection vulnerability. Recommendations: For Dzzoffi...

6.5CVSS6.6AI score0.00744EPSS
Exploits1References8
CNNVD
CNNVD
added 2023/05/10 12:0 a.m.16 views

WordPress plugin BBSpoiler 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

6.5CVSS6.6AI score0.00361EPSS
Exploits0References2
CNVD
CNVD
added 2020/03/19 12:0 a.m.2 views

PerlSpeak Command Execution Vulnerability

PerlSpeak is a module that supports converting text to speech. A security vulnerability exists in PerlSpeak 2.01 and earlier versions. An attacker can exploit this vulnerability to execute arbitrary operating system commands...

9.8CVSS7.4AI score0.01281EPSS
Exploits0
NVD
NVD
added 2020/03/18 10:15 p.m.16 views

CVE-2020-10674

PerlSpeak through 2.01 allows attackers to execute arbitrary OS commands, as demonstrated by use of system and 2-argument open...

9.8CVSS9.8AI score0.01281EPSS
Exploits0References2
Prion
Prion
added 2020/03/18 10:15 p.m.8 views

Design/Logic Flaw

PerlSpeak through 2.01 allows attackers to execute arbitrary OS commands, as demonstrated by use of system and 2-argument open...

7.5CVSS9.7AI score0.01281EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2020/03/18 9:30 p.m.16 views

CVE-2020-10674

PerlSpeak through 2.01 allows attackers to execute arbitrary OS commands, as demonstrated by use of system and 2-argument open...

9.8AI score0.01281EPSS
Exploits0References2
ICS
ICS
added 2019/01/10 12:0 a.m.56 views

Omron CX-One CX-Protocol

1. EXECUTIVE SUMMARY CVSS v3 6.6 ATTENTION: Low skill level to exploit Vendor: Omron Equipment: CX-Protocol within CX-One Vulnerabilities: Type Confusion 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to execute code under the privileges of the...

7.8CVSS8.3AI score0.01424EPSS
Exploits0References5
0day.today
0day.today
added 2017/08/30 12:0 a.m.41 views

D-Link DIR-600 - Authentication Bypass Vulnerability

Exploit for hardware platform in category web applications Exploit Title: D-Link DIR-600 - Authentication Bypass Absolute Path Traversal Attack CVE - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12943 Date: 29-08-2017 Exploit Author: Jithin D Kurup Contact :...

5CVSS9.2AI score0.39224EPSS
Exploits4
exploitpack
exploitpack
added 2017/08/29 12:0 a.m.22 views

D-Link DIR-600 - Authentication Bypass

D-Link DIR-600 - Authentication Bypass Exploit Title: D-Link DIR-600 - Authentication Bypass Absolute Path Traversal Attack CVE - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12943 Date: 29-08-2017 Exploit Author: Jithin D Kurup Contact :...

5CVSS0.4AI score0.39224EPSS
Exploits4
Exploit DB
Exploit DB
added 2017/08/29 12:0 a.m.96 views

D-Link DIR-600 - Authentication Bypass

Exploit Title: D-Link DIR-600 - Authentication Bypass Absolute Path Traversal Attack CVE - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12943 Date: 29-08-2017 Exploit Author: Jithin D Kurup Contact : https://in.linkedin.com/in/jithin-d-kurup-77b616142 Vendor : www.dlink.com Version:...

9.8CVSS9.7AI score0.39224EPSS
Exploits4
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.15 views

SIX-webboard 2.01 File Retrieval Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/3175/info SIX-webboard 2.01 does not filter .. and / from user input, allowing users to enter arbitrary values in order to view or retrieve files not normally accessible to them from the remote host...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.22 views

Microsoft Windows NT 3.5.1 SP2/3.5.1 SP3/3.5.1 SP4/3.5.1 SP5/4.0/4.0 SP1/4.0 SP2/4.0 SP3/4.0 SP4/4.0 SP5 Telnetd Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/140/info A vulnerability exists within Microsoft's Telnetd daemon which allows a denial of service condition. The popular scanning tool, Nmap 2.01 or later can crash telnetd services when using the SYN scanning flag -sS...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.25 views

GetSimple CMS 2.01 and 2.02 Administrative Credentials Disclosure

No description provided by source. Researcher: Michael Brooks Affecting: GetSimple CMS 2.01 and 2.02 Fixed:2.03 Vulnerability: Administrative Credentials Disclosure Vendor's Homepage: http://code.google.com/p/get-simple-cms download url for 2.01: http://www.box.net/get-simple/1/30435008/399754548...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.7 views

GetSimple 2.01 LFI

No description provided by source. Exploit Title: GetSimple 2.01 LFI Date: 4/5/2010 Author: Batch Software Link: http://www.box.net/get-simple Version: 2.01 Special Conditions: Must be admin. Code : ... get file if fileexists$GET'file' readfile$GET'file', 'r'; exit;...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.19 views

GetSimple CMS 2.01 - Multiple Vulnerabilities (XSS/CSRF)

No description provided by source. !--- Title: GetSimple CMS 2.01 Multiple Vulnerabilities XSS/CSRF Author: 10n1z3d 10n1z3datwdotcn Date: Mon 12 Jul 2010 12:11:45 PM EEST Vendor: http://get-simple.info/ Download: http://www.box.net/get-simple --- -= CSRF PoC 1 - Change Admin Password =- html head...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.13 views

DB[CMS] 2.0.1 - SQL Injection Vulnerability

No description provided by source. Exploit Title: DBCMS Sql Injection Vulnerability Author: Pokeng Software Link: http://www.debliteck.com/how.php Version: Ver2.01 Platform / Tested on: Win/Linux category: webapps/0day Code : http://site/article.php?id=SQL Dork : Designed and Developed by Deblite...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.14 views

Arcadem 2.01 Index.PHP Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/25432/info Arcadem is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue may allow an attacker to compromise the application and the underlying...

7.1AI score
Exploits0
Rows per page
Query Builder