CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

3634 matches found

Exploit DB•added 2013/05/30 12:0 a.m.•20 views

Logic Print 2013 - vTable Overwrite Stack Overflow

var rop = ""; var shellcode = ""; var junk1 = ''; var junk2 = ''; function theMagicalMysteryTour rop = unescape"%u2230%u2030" + ///////////////////////////////////////////// /// STACK PIVOT /// ///////////////////////////////////////////// "%u370d%u7d20" + // 0x7d20370d : XCHG EAX,ESP ADD DWORD P...

7.4AI score

Exploits0

0day.today•added 2013/05/30 12:0 a.m.•22 views

Logic Print 2013 - Stack Overflow (vTable Overwrite)

Exploit for windows platform in category remote exploits var rop = ""; var shellcode = ""; var junk1 = ''; var junk2 = ''; function theMagicalMysteryTour rop = unescape"%u2230%u2030" + ///////////////////////////////////////////// /// STACK PIVOT /// /////////////////////////////////////////////...

7.1AI score

Exploits0

myhack58•added 2013/05/20 12:0 a.m.•19 views

UCenter Home 2.0 the music box plug-in tasteless injection use-vulnerability warning-the black bar safety net

The problem occurs in the plug-in is musicbox, by the above keyword search will find some to enable this plugin site, in the URL after the“’”error, put in a SQLmap, run the next, almost always there is the injection. ! ! ! Repair solutions: Filter...

1.6AI score

Exploits0

exploitpack•added 2013/04/15 12:0 a.m.•9 views

Vanilla Forums Van2Shout Plugin 1.0.51 - Multiple Cross-Site Request Forgery Vulnerabilities

Vanilla Forums Van2Shout Plugin 1.0.51 - Multiple Cross-Site Request Forgery Vulnerabilities Exploit Title: Vanilla Forums where 1337 is the id. Bookmark CSRF: http://site.org/index.php=/vanilla/discussion/bookmark/1337 UnBookmark CSRF http://site.org/index.php=/vanilla/discussion/bookmark/1337?...

0.9AI score

Exploits0

RedHat Linux•added 2013/04/02 7:37 p.m.•0 views

Mozilla: Out-of-bounds write in Cairo library (MFSA 2013-31)

Integer signedness error in the pixmanfillsse2 function in pixman-sse2.c in Pixman, as distributed with Cairo and used in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, SeaMonkey before 2.17, and other products, allows...

6.8CVSS7.8AI score0.03941EPSS

Exploits0References5

ThreatPost•added 2013/03/29 2:5 p.m.•132 views

Has Anyone Seen a Missing Scroll Bar? Phony Flash Update Redirects to Malware

Microsoft said it has received 70,000 reports this week of a new Trojan disguised as an Adobe Flash Player update that will change your browser’s home page and redirect a Web session to an attacker’s page. There are several clues something is amiss, namely part of the GUI for the supposed Flash 1...

9.3CVSS8.3AI score0.99945EPSS

Exploits33References1

Exploit DB•added 2013/03/26 12:0 a.m.•30 views

Rosewill RSVA11001 - Remote Command Injection

I have been hacking on a Rosewill RSVA11001 for a while now, something to suck up my free time. I had pulled apart the firmware previously but did not succeed in finding a way to get a shell on the device. The box is Hi3515 based, I found an exploit for another similar box Ray Sharp but it did no...

7AI score

Exploits0

Packet Storm•added 2013/03/25 12:0 a.m.•21 views

Rosewill RSVA11001 Remote Code Execution

0.1AI score

Exploits0

0day.today•added 2013/02/14 12:0 a.m.•30 views

OpenPLI v3.0 beta (OpenPLi-beta-dm7000-20130127-272) - Multiple Vulnerabilities

Exploit for hardware platform in category web applications Exploit Title: Multiple Vulnerabilities in OpenPLI Date: 13.02.2013 Exploit Author: m-1-k-3 Vendor Homepage: http://openpli.org/ Software Link: http://openpli.org/ Version: v3.0 beta OpenPLi-beta-dm7000-20130127-272 and below Device Name:...

7.1AI score

Exploits0

RedHat Linux•added 2013/01/21 10:31 p.m.•34 views

Moderate: Red Hat Security Advisory: vino security update

An updated vino package that fixes several security issues is now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

5.1CVSS5.9AI score0.02383EPSS

Exploits1References6

NVD•added 2012/12/23 9:55 p.m.•26 views

CVE-2012-6427

The Carlo Gavazzi EOS-Box does not check the validity of the data before executing queries. By accessing the SQL table of certain pages that do not require authentication, attackers can leak information from the device. This could allow the attacker to compromise confidentiality...

7.8CVSS8.6AI score0.01209EPSS

Exploits0References2

NVD•added 2012/12/23 9:55 p.m.•21 views

CVE-2012-6428

The Carlo Gavazzi EOS-Box stores hard-coded passwords in the PHP file of the device. By using the hard-coded passwords, attackers can log into the device with administrative privileges. This could allow the attacker to have unauthorized access...

10CVSS6.9AI score0.0139EPSS

Exploits0References2

Prion•added 2012/12/23 9:55 p.m.•16 views

Sql injection

Multiple SQL injection vulnerabilities in Carlo Gavazzi EOS-Box with firmware before 1.0.0.10802.1.10 allow remote attackers to execute arbitrary SQL commands via unspecified vectors, a similar issue to CVE-2012-5861...

7.5CVSS9AI score0.04078EPSS

Exploits1References1Affected Software1

Prion•added 2012/12/23 9:55 p.m.•16 views

Hardcoded credentials

Carlo Gavazzi EOS-Box with firmware before 1.0.0.10802.1.10 establishes multiple hardcoded accounts, which makes it easier for remote attackers to obtain administrative access by reading a password in a PHP script, a similar issue to CVE-2012-5862...

10CVSS7.2AI score0.11946EPSS

Exploits1References1Affected Software1

CVE•added 2012/12/23 9:0 p.m.•60 views

CVE-2012-6427

The CVE-2012-6427 issue affects Carlo Gavazzi EOS-Box devices and is caused by SQL injection where user-supplied data is not validated before being used in queries. This vulnerability exists in firmware prior to 1.0.0.1080_2.1.10, allowing remote attackers to access the device’s SQL table and pot...

7.8CVSS6.4AI score0.01209EPSS

Exploits0References2Affected Software2

CVE•added 2012/12/23 9:0 p.m.•51 views

CVE-2012-6428

CVE-2012-6428 affects the Carlo Gavazzi EOS-Box embedded system. The vulnerability stems from hard-coded credentials stored in a PHP file, enabling attackers to log in with administrative privileges and potentially gain full control of the device. Affected products are EOS-Box Firmware versions p...

10CVSS6.3AI score0.0139EPSS

Exploits0References2Affected Software2

Cvelist•added 2012/12/23 9:0 p.m.•28 views

CVE-2012-6427 Carlo Gavazzi EOS Box SQL Injection

7.8CVSS8.6AI score0.01209EPSS

Exploits0References1

Cvelist•added 2012/12/23 9:0 p.m.•27 views

CVE-2012-6428 Carlo Gavazzi EOS Box Hard-Coded Credentials

10CVSS6.9AI score0.0139EPSS

Exploits0References1

Positive Technologies•added 2012/12/23 12:0 a.m.•5 views

PT-2012-6275 · Carlo Gavazzi · Eos-Box

Name of the Vulnerable Software and Affected Versions: Carlo Gavazzi EOS-Box versions prior to 1.0.0.1080 2.1.10 Description: The issue allows remote attackers to obtain administrative access by reading a password in a PHP script. This is due to the establishment of multiple hardcoded accounts...

10CVSS6.8AI score0.0139EPSS

Exploits0References4

Positive Technologies•added 2012/12/23 12:0 a.m.•4 views

PT-2012-6274 · Carlo Gavazzi · Eos-Box

Name of the Vulnerable Software and Affected Versions: Carlo Gavazzi EOS-Box versions prior to 1.0.0.1080 2.1.10 Description: The issue allows remote attackers to execute arbitrary SQL commands, potentially leading to unauthorized data access or modification. This is achieved through SQL injectio...

7.8CVSS8.3AI score0.01209EPSS

Exploits0References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by