Lucene search
K

820 matches found

exploitpack
exploitpack
added 2010/09/22 12:0 a.m.22 views

BSI Hotel Booking System Admin 1.42.0 - Authentication Bypass

BSI Hotel Booking System Admin 1.42.0 - Authentication Bypass ----------------------------------------------------------------------------------------- ECHOADV113$2010 BSI Hotel Booking System Admin Login Bypass Vulnerability...

0.3AI score
Exploits0
Packet Storm
Packet Storm
added 2010/06/18 12:0 a.m.27 views

THQ.com SQL Injection

This is pretty much because I want to embarrass these assholes. See: http://gamepolitics.com/2010/06/14/exec-thq-anti-used-game-initiative-could-make-everyone-happy SQLi 1: http://www.thq.com/us/mythq/register?contentType=GAMEALERT&alertGame='4896 This one is pretty obvious. It's an injection via...

0.1AI score
Exploits0
ThreatPost
ThreatPost
added 2010/03/01 6:43 p.m.9 views

Wyndham Hotels Hit Again By Hackers

Hackers broke into computer systems at Wyndham Hotels & Resorts recently, stealing sensitive customer data. The break-in occurred between late October 2009 and January 2010, when it was finally discovered. This is the third data breach reported by Wyndham in the past year. Read the full article...

2.1AI score
Exploits0References2
NVD
NVD
added 2009/12/08 11:30 p.m.15 views

CVE-2009-4236

The process function in data/class/pages/admin/customer/LCPageAdminCustomerSearchCustomer.php in EC-CUBE Ver2 2.4.0 RC1 through 2.4.1, and Community Edition r18068 through r18428, allows remote attackers to obtain sensitive information customer data via unknown vectors related to sessions...

5CVSS6.1AI score0.01524EPSS
Exploits0References8
Prion
Prion
added 2009/12/08 11:30 p.m.15 views

Design/Logic Flaw

The process function in data/class/pages/admin/customer/LCPageAdminCustomerSearchCustomer.php in EC-CUBE Ver2 2.4.0 RC1 through 2.4.1, and Community Edition r18068 through r18428, allows remote attackers to obtain sensitive information customer data via unknown vectors related to sessions...

5CVSS6.7AI score0.01524EPSS
Exploits0References8Affected Software1
Cvelist
Cvelist
added 2009/12/08 11:0 p.m.23 views

CVE-2009-4236

The process function in data/class/pages/admin/customer/LCPageAdminCustomerSearchCustomer.php in EC-CUBE Ver2 2.4.0 RC1 through 2.4.1, and Community Edition r18068 through r18428, allows remote attackers to obtain sensitive information customer data via unknown vectors related to sessions...

6.1AI score0.01524EPSS
Exploits0References8
ThreatPost
ThreatPost
added 2009/12/07 3:25 p.m.11 views

HSBC Warns of Exposed Customer Info

HSBC Bank says a bug in its imaging software inadvertently exposed sensitive data about some of its customers going through bankruptcy proceedings. Read the full article. Computerworld...

1.4AI score
Exploits0References2
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2009/12/07 5:51 a.m.4 views

EC-CUBE information disclosure vulnerability

Overview EC-CUBE from LOCKON CO.,LTD. contains an information disclosure vulnerability. EC-CUBE from LOCKON CO.,LTD. is an open source system for creating shopping websites. EC-CUBE contains an information disclosure vulnerability. Impact A remote attacker may be able to obtain customer data that...

5CVSS6.4AI score0.01524EPSS
Exploits0References10
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2009/12/07 12:0 a.m.24 views

JVN#79762947 EC-CUBE information disclosure vulnerability

EC-CUBE from LOCKON CO.,LTD. is an open source system for creating shopping websites. EC-CUBE contains an information disclosure vulnerability. Impact A remote attacker may be able to obtain customer data that is saved by EC-CUBE. Solution Update the Software Apply the latest updates provided by...

5CVSS6.1AI score0.01524EPSS
Exploits0
ThreatPost
ThreatPost
added 2009/10/15 8:3 p.m.15 views

Real World Security – Andy Weeks Interview

Andy Weeks, manager of risk and compliance for enterprise information security, at Humana Inc., one of the larger companies in the world, knows a thing or two about large-scale security implementations. And in a company whose customer data is one of its main assets, security is a corporate...

1.2AI score
Exploits0References1
ThreatPost
ThreatPost
added 2009/09/16 3:14 p.m.11 views

Radisson Hotels Report Significant Data Breach

Add the Radisson Hotels & Resorts chain to the growing list of businesses datalossdb.org reporting significant data breaches that exposed sensitive customer data. In an open letter radisson.com to guests, Radisson chief operating officer Fredrik Korallus said the hotel chain’s computer system was...

1.7AI score
Exploits0References5
ThreatPost
ThreatPost
added 2009/06/09 1:48 p.m.10 views

T-Mobile data on Full Disclosure is real

T-Mobile is now saying that the information that was posted to the Full Disclosure security mailing list this weekend is in fact the company’s data. But the company stopped short of confirming that the anonymous hackers have access to customer data and other sensitive information, as they have...

0.9AI score
Exploits0References2
ThreatPost
ThreatPost
added 2009/03/12 4:5 p.m.8 views

Employee stole data from Sprint

Sprint has sent letters to thousands of its customers informing them that a former employee compromised their personal account data over the course of two months in 2008 and 2009. Brian Krebs Security Fix says that the company mailed warnings to several thousand customers and that the breach coul...

0.4AI score
Exploits0References1
securityvulns
securityvulns
added 2006/09/19 12:0 a.m.54 views

Charon Cart v3(Review.asp) Remote SQL Injection Vulnerability

Vulnerability Report Title : Charon Cart v3Review.asp Remote SQL Injection Vulnerability Author : ajann Script Page : http://www.charon.co.uk Exploit; http://target/path/Review.asp?ProductID=SQL HERE Example:...

0.7AI score
Exploits0
myhack58
myhack58
added 2006/02/18 12:0 a.m.11 views

Gentle-killer-cross-site Script attacks-vulnerability warning-the black bar safety net

Gentle-killer-cross-site Script attack · Translation:Billi·transfer from CPCW The first part: cross-site SCRIPT attacks in several ways: Whenever we think of hackers, a hacker is often such a portrait: a lonely man, snuck into someone else's server, destroying or stealing someone else's secret...

6.4AI score
Exploits0
Packet Storm
Packet Storm
added 2005/11/30 12:0 a.m.47 views

Hardened-PHP Project Security Advisory 2005-23.105

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hardened PHP Project www.hardened-php.net -= Security Advisory =- Advisory: Multiple vulnerabilities in vTiger CRM Release Date: 2005/11/24 Last Modified: 2005/11/24 Author: Christopher Kunz Application: vTiger 4.2 and prior Severity: Cross-Site...

10CVSS0.6AI score0.04155EPSS
Exploits2
exploitpack
exploitpack
added 2002/08/10 12:0 a.m.22 views

Midicart ASP - Remote Customer Information Retrieval

Midicart ASP - Remote Customer Information Retrieval source: https://www.securityfocus.com/bid/5438/info Midicart ASP is a commercially available e-commerce solution distributed by Coxco Support. It is available for the Microsoft Windows operating system. The default installation of Midicart ASP...

0.1AI score
Exploits0
Cvelist
Cvelist
added 2001/09/12 4:0 a.m.26 views

CVE-1999-1374

perlshop.cgi shopping cart program stores sensitive customer information in directories and files that are under the web root, which allows remote attackers to obtain that information via an HTTP request...

6.3AI score0.01936EPSS
Exploits1References1
Exploit DB
Exploit DB
added 2001/06/18 12:0 a.m.173 views

DC Scripts DCShop Beta 1.0 02 - File Disclosure (2)

source: https://www.securityfocus.com/bid/2889/info DCShop is a GCI-based ecommerce system from DCScripts. Under certain configurations, a beta version of this product can allow a remote user to request and obtain files containing confidential order data, including credit card and other private...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 1999/08/17 12:0 a.m.783 views

shopping.cart.cc.data.txt

Date: Mon, 19 Apr 1999 20:05:18 -0700 From: Joe To: [email protected] Subject: Shopping Carts exposing CC data Tomorrow April 20 1999 CNet's news.com should be running a story regarding various commercial and freeware shopping carts that, when installed incorrectly or when installed by amateur...

Exploits0
Rows per page
Query Builder