684 matches found
CVE-2015-8728
creationtimestamp| type| source ---|---|--- 2015-12-16 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/39000...
CVE-2015-3628
creationtimestamp| type| source ---|---|--- 2015-11-19 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/38764 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/f5icallcmd.rb 2025-02-06 03:13:42+00:00| seen|...
VuFind 1.0 Cross Site Scripting
VuFind 1.0 Web Application Reflected XSS Cross-site Scripting 0-Day Bug Security Issue Exploit Title: VuFind Results? &lookfor parameter Reflected XSS Web Security Vulnerability Product: VuFind Vendor: VuFind Vulnerable Versions: 1.0 Tested Version: 1.0 Advisory Publication: September 20, 2015...
Page2Flip 2.5 Cross Site Scripting
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2015-028 Product: Page2Flip Vendor: w!ssenswerft GmbH Affected Versions: Premium App 2.5, probably also in Business App and Basic App, and in lower versions Tested Versions: Premium App 2.5 Vulnerability Type: Cross-Site Scripting...
Concrete5 5.7.4 SQL Injection Vulnerability
Concrete5 versions 5.7.4 and below suffer from a remote SQL injection vulnerability. ----------------------------------------------------------- Concrete5 0 173. foreach $filterEntities as $ent 174. $filters = $ent-getAccessEntityID; 175. 176. $peIDs .= 'and peID in ' . implode$filters, ',' . '';...
phpwind 8.7 Open Redirect
phpwind v8.7 Unvalidated Redirects and Forwards Web Security Vulnerabilities Exploit Title: phpwind v8.7 goto.php? &url Parameter Open Redirect Security Vulnerabilities Product: phpwind Vendor: phpwind Vulnerable Versions: v8.7 Tested Version: v8.7 Advisory Publication: May 24, 2015 Latest Update...
Opoint Media Intelligence Open Redirect
Opoint Media Intelligence Unvalidated Redirects and Forwards URL Redirection Security Vulnerabilities Exploit Title: Opoint Media Intelligence click.php? &noblink parameter URL Redirection Security Vulnerabilities Vendor: Opoint Product: Opoint Media Intelligence Vulnerable Versions: Tested...
NetCat CMS 3.12 HTML Injection
NetCat CMS 3.12 HTML Injection Security Vulnerabilities Exploit Title: NetCat CMS 3.12 /catalog/search.php? q Parameter HTML Injection Security Vulnerabilities Product: NetCat CMS Content Management System Vendor: NetCat Vulnerable Versions: 3.12 3.0 2.4 2.3 2.2 2.1 2.0 1.1 Tested Version: 3.12...
6kbbs 8.0 Cross Site Scripting
6kbbs v8.0 XSS Cross-site Scripting Security Vulnerabilities Exploit Title: 6kbbs XSS Cross-site Scripting Security Vulnerabilities Vendor: 6kbbs Product: 6kbbs Vulnerable Versions: v7.1 v8.0 Tested Version: v7.1 v8.0 Advisory Publication: April 02, 2015 Latest Update: April 02, 2015 Vulnerabilit...
Palo Alto Traps Server 3.1.2.1546 - Persistent Cross-Site Scripting
!/usr/bin/ruby =begin ------------------------------------------------------------------------ Product: Palo Alto Traps Server formerly Cyvera Endpoint Protection Vendor: Palo Alto Networks Vulnerable Versions: 3.1.2.1546 Tested Version: 3.1.2.1546 Advisory Publication: 29 March 2015 Vendor...
CVE-2014-3619
CVE-2014-3619 affects GlusterFS, specifically the __socket_proto_state_machine in GlusterFS 3.5, where a crafted 00000000 fragment header can trigger a remote denial of service via an infinite loop. Multiple connected sources confirm the root cause in the network handling path and document that a...
724CMS 5.01 / 4.59 / 4.01 / 3.01 Directory Traversal
724CMS 5.01 Directory Path Traversal Security Vulnerabilities Exploit Title: 724CMS /section.php Module Parameter Directory Traversal Security Vulnerabilities Vendor: 724CMS Product: 724CMS Vulnerable Versions: 3.01 4.01 4.59 5.01 Tested Version: 5.01 Advisory Publication: March 14, 2015 Latest...
Innovative WebPAC Pro 2.0 Open Redirect
Innovative WebPAC Pro 2.0 Unvalidated Redirects and Forwards URL Redirection Security Vulnerabilities Exploit Title: Innovative WebPAC Pro 2.0 /showres url parameter URL Redirection Security Vulnerabilities Vendor: Innovative Interfaces Inc Product: WebPAC Pro Vulnerable Versions: 2.0 Tested...
NetCat CMS 5.01 / 3.12 Full Path Disclosure
NetCat CMS Full Path Disclosure Information Disclosure Security Vulnerabilities Exploit Title: NetCat CMS Full Path Disclosure Security Vulnerabilities Product: NetCat CMS Content Management System Vendor: NetCat Vulnerable Versions: 5.01 3.12 3.0 2.4 2.3 2.2 2.1 2.0 1.1 Tested Version: 5.01 3.12...
Tuleap 7.6-4 PHP Object Injection
----------------------------------------------------------------- Tuleap route$request; 35. exit; 36. 37. 38. $currentstep = $request-exist'currentstep' ? $request-get'currentstep' : 0; 39. $data = $request-exist'data' ? unserialize$request-get'data' : array; User input passed through the "data"...
HP OpenView Network Node Manager <= 7.50 Remote Exploit
No description provided by source. / Web Browser info: /OvCgi/connectedNodes.ovpl?node=a|command| /str0ke / / HP OpenView Network Node Manager 6.2, 6.4, 7.01, 7.50 Remote Command Execution Name: HP OV NNM Remote Command Execution Exploit File: HPOVNNMRCE.c Description: Exploit Author: Lympex...
SoX - (.wav) Local Buffer Overflow Exploiter
No description provided by source. //--------------------------------- Begin Code: sox-exploiter.c --------------------------------- / Copyright Rosiello Security 2004 http://www.rosiello.org CVE Reference: CAN-2004-0557 Bug Type: Stack Overflow Date: 01/08/2004 Ulf Harnhammar reported that there...
Barter Sites 1.3 Joomla Component Multiple Vulnerabilities
No description provided by source. Barter Sites 1.3 Component Joomla SQL Injection & Persistent XSS vulnerabilities Release Date Bug. 28-Oct-2011 Date Added. 01-Oct-2011 Vendor Notification Date. Never Product. Barter Sites Platform. Joomla Affected versions. 1.3 Type. Commercial Price. $99 Attac...
CVE-2013-7353
Integer overflow in the pngsetunknownchunks function in libpng/pngset.c in libpng before 1.5.14beta08 allows context-dependent attackers to cause a denial of service segmentation fault and crash via a crafted image, which triggers a heap-based buffer overflow...
Netgear D6300B Command Injection / Misconfiguration
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Advisory ID: SYSS-2013-001 Product: NETGEAR Router D6300B / Firmware: V1.0.0.141.0.14 latest Vendor: Netgear Affected Versions: until V1.0.0.141.0.14 latest Tested Versions: V1.0.0.141.0.14 latest Vulnerability Type: Root-Shell, OS Command Injection,...