17 matches found
ClanSphere 2011.3 Local File Inclusion
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ClanSphere 2011.3 Local File Inclusion Vulnerability', 'Description' = %q This module exploits a directory traversal flaw found in Clansphere...
RaspberryTortoise WebControl Injection Vulnerability
RaspberryTortoise is a software package for programming robotic vehicles.WebControl is one of the web-based controllers. An injection vulnerability exists in WebControl in RaspberryTortoise on 2012-10-28 and earlier, which stems from the program failing to properly validate strings and can be...
CVE-2018-12902
In Easy Magazine through 2012-10-26, there is XSS in the search bar of the web site...
Solaris 10 (x86) : 149107-01
SunOS 5.10x86: /usr/sfw/lib/gimp/2.0/plug. Date this patch was last updated by Sun : Oct/05/12 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc'; if...
IrfanView 4.33 Format PlugIn ECW Decompression Heap Overflow
No description provided by source. Application: IrfanView 4.33 Format PlugIn ECW Decompression Heap Overflow Plateform: Windows Exploitation: Remote code execution Secunia Number: SA49204 PRL: 2012-10 Author: Francis Provencher Protek Research Lab's Website: http://www.protekresearchlab.com/...
PG Dating Pro v1.0 CMS - Multiple Web Vulnerabilities
Title: ====== PG Dating Pro v1.0 CMS - Multiple Web Vulnerabilities Date: ===== 2012-10-29 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=736 VL-ID: ===== 736 Common Vulnerability Scoring System: ==================================== 8.5 Introduction: =============...
Microsoft Excel 2010 - Crash (PoC) (1)
Microsoft Excel 2010 - Crash PoC 1 Title : Microsoft Office Excel 2010 memory corruption Version : Microsoft Office professional Plus 2010 Date : 2012-10-27 Vendor : http://office.microsoft.com Impact : Med/High Contact : coolkaveh at rocketmail.com Twitter : @coolkaveh tested : XP SP3 ENG Bug :...
Juniper Junos BGP UPDATE DoS (PSN-2012-10-733)
According to its self-reported version number, the remote Junos device could crash when processing a BGP UPDATE message containing a specially crafted flow specification NLRI. A remote attacker could exploit this to cause a denial of service. C Tenable Network Security, Inc. include"compat.inc"; ...
CVE-2012-5193
creationtimestamp| type| source ---|---|--- 2012-10-24 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/22216...
Microsoft Word 2010 - Crash (PoC)
Title : Microsoft Office Word 2010 Stack Overflow Version : Microsoft Office professional Plus 2010 Date : 2012-10-23 Vendor : http://office.microsoft.com Impact : Med/High Contact : coolkaveh at rocketmail.com Twitter : @coolkaveh tested : XP SP3 ENG Bug : ---- StackOverflow during the handling ...
Apple QuickTime Player 7.7.2 - Crash (PoC)
!/usr/bin/perl Title : Apple QuickTime Player 7.7.2 Division By Zero Version : 7.7.21680.56 Date : 2012-10-23 Vendor : http://www.apple.com Impact : Med/High Contact : coolkaveh at rocketmail.com Twitter : @coolkaveh tested : XP SP3 ENG Bug : ---- Don't forget that exploitable bugs will be...
CVE-2012-4773
creationtimestamp| type| source ---|---|--- 2012-10-22 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/22159...
CVE-2012-4528
creationtimestamp| type| source ---|---|--- 2012-10-17 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/37949...
CVE-2012-4989
creationtimestamp| type| source ---|---|--- 2012-10-10 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/37938...
Hiro Player 1.6.0 (.mp3) Local Crash PoC
Exploit for windows platform in category dos / poc !/usr/bin/python 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS,...
Handshakes Professional 4.1 SQL Injection
HTTPCS Advisory : HTTPCS70 Product : Handshakes Professional Version : 4.1 Date : 2012-10-01 Criticality level : Highly Critical Description : A vulnerability has been discovered in Handshakes Professional, which can be exploited by malicious people to conduct SQL injection attacks. Input passed...
mozilla -- use-after-free in nsXBLDocumentInfo::ReadPrototypeBindings
The Mozilla Project reports: MFSA 2012-10 use after free in nsXBLDocumentInfo::ReadPrototypeBindings...