Lucene search
K

283 matches found

The Hacker News
The Hacker News
added 2012/04/18 9:3 p.m.14 views

Rootdabitch version 0.1 - Multithreaded Linux root password Bruteforcer

Rootdabitch version 0.1 - Multithreaded Linux root password Bruteforcer r00tw0rm hacker "th3breacher!" release Rootdabitch v0.1 ,which is a Multithreaded Linux/UNIX tool to brute-force cracking local root through su using sucrack. sucrack is a multithreaded Linux/UNIX tool for brute-force crackin...

6.9AI score
Exploits0
Packet Storm
Packet Storm
added 2012/03/11 12:0 a.m.17 views

A.M.Y. Cross Site Request Forgery

Exploit Title: A.M.Y CSRF change admin password Author: Jonturk75 Category:: webapps Demo site: http://calendarscripts.info/demos/amy/admin.php Email me when a new advertiser signs up...

0.8AI score
Exploits0
xssed
xssed
added 2011/12/22 12:0 a.m.12 views

Unfixed Redirect vulnerability at www.idverre.net

Security researcher p0pc0rn, has submitted on 22/12/2011 a Redirect vulnerability affecting www.idverre.net, which at the time of submission ranked 1508056 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 22/12/2011. It is currently unfixed. If...

Exploits0References1
xssed
xssed
added 2011/12/21 12:0 a.m.18 views

Unfixed XSS vulnerability at www.topboutique.com

Security researcher Atmon3r, has submitted on 21/12/2011 a cross-site-scripting XSS vulnerability affecting www.topboutique.com, which at the time of submission ranked 826564 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 22/12/2011. It is...

6.6AI score
Exploits0References1
xssed
xssed
added 2011/12/12 12:0 a.m.12 views

Unfixed XSS vulnerability at www.hit-reset.co.uk

Security researcher Genocide, has submitted on 12/12/2011 a cross-site-scripting XSS vulnerability affecting www.hit-reset.co.uk, which at the time of submission ranked 0 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 13/12/2011. It is current...

6.6AI score
Exploits0References1
Exploit DB
Exploit DB
added 2011/10/23 12:0 a.m.29 views

InverseFlow 2.4 - Cross-Site Request Forgery (Add Admin)

Exploit Title: InverseFlow v2.4 CSRF Vulnerabilities Add Admin User + Version : 2.4 + Author : EjRaM HaCkEr + Contact : m2z9.cn + Dork : inurl:"ticket.php?cmd=lost" + Software Link : http://asria.info/download/script/inverseflow.zip...

7.4AI score
Exploits0
Prion
Prion
added 2011/08/09 7:55 p.m.15 views

Design/Logic Flaw

Bugzilla 2.16rc1 through 2.22.7, 3.0.x through 3.3.x, 3.4.x before 3.4.12, 3.5.x, 3.6.x before 3.6.6, 3.7.x, 4.0.x before 4.0.2, and 4.1.x before 4.1.3 does not prevent changes to the confirmation e-mail address aka oldemail field for e-mail change notifications, which makes it easier for remote...

5CVSS7.1AI score0.01713EPSS
Exploits1References7Affected Software1
xssed
xssed
added 2011/03/29 12:0 a.m.19 views

Unfixed XSS vulnerability at meinekampagne.gruene.de

Security researcher zombielove, has submitted on 29/03/2011 a cross-site-scripting XSS vulnerability affecting meinekampagne.gruene.de, which at the time of submission ranked 209405 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 16/12/2011. It...

0.1AI score
Exploits0References1
xssed
xssed
added 2011/03/23 12:0 a.m.17 views

Unfixed XSS vulnerability at www.flashstreamworks.com

Security researcher nullbyt3, has submitted on 23/03/2011 a cross-site-scripting XSS vulnerability affecting www.flashstreamworks.com, which at the time of submission ranked 1009072 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 11/12/2011. It...

6.6AI score
Exploits0References1
NVD
NVD
added 2011/03/18 4:55 p.m.21 views

CVE-2010-4760

Open Ticket Request System OTRS before 3.0.0-beta6 adds email-notification-ext articles to tickets during processing of event-based notifications, which allows remote authenticated users to obtain potentially sensitive information by reading a ticket...

3.5CVSS5.8AI score0.01172EPSS
Exploits0References2
OSV
OSV
added 2011/03/18 4:55 p.m.9 views

CVE-2010-4760

Open Ticket Request System OTRS before 3.0.0-beta6 adds email-notification-ext articles to tickets during processing of event-based notifications, which allows remote authenticated users to obtain potentially sensitive information by reading a ticket...

6AI score
Exploits0References2
UbuntuCve
UbuntuCve
added 2011/03/18 4:55 p.m.35 views

CVE-2010-4760

Open Ticket Request System OTRS before 3.0.0-beta6 adds email-notification-ext articles to tickets during processing of event-based notifications, which allows remote authenticated users to obtain potentially sensitive information by reading a ticket...

3.5CVSS5.9AI score0.01172EPSS
Exploits0References1
Prion
Prion
added 2011/03/18 4:55 p.m.18 views

Open redirect

Open Ticket Request System OTRS before 3.0.0-beta6 adds email-notification-ext articles to tickets during processing of event-based notifications, which allows remote authenticated users to obtain potentially sensitive information by reading a ticket...

3.5CVSS6.3AI score0.01172EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2011/03/18 4:0 p.m.27 views

CVE-2010-4760

Open Ticket Request System OTRS before 3.0.0-beta6 adds email-notification-ext articles to tickets during processing of event-based notifications, which allows remote authenticated users to obtain potentially sensitive information by reading a ticket...

5.7AI score0.01172EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2011/03/18 4:0 p.m.22 views

CVE-2010-4760

Open Ticket Request System OTRS before 3.0.0-beta6 adds email-notification-ext articles to tickets during processing of event-based notifications, which allows remote authenticated users to obtain potentially sensitive information by reading a ticket...

3.5CVSS5.8AI score0.01172EPSS
Exploits0
Nmap
Nmap
added 2010/12/13 6:0 p.m.165 views

netbus-info NSE Script

Opens a connection to a NetBus server and extracts information about the host and the NetBus service itself. The extracted host information includes a list of running applications, and the hosts sound volume settings. The extracted service information includes its access control list acl, server...

10CVSS9.3AI score0.99448EPSS
Exploits33
The Hacker News
The Hacker News
added 2010/12/13 9:7 a.m.7 views

Hackers Steal Customer Data from McDonald's Partner Database

McDonald's is collaborating with law enforcement after malicious hackers infiltrated another company's database and stole information about an unknown number of the fast-food chain's customers. McDonald's has alerted potentially affected customers via email and through a message on its website. "...

6.9AI score
Exploits0
xssed
xssed
added 2010/06/15 12:0 a.m.11 views

Unfixed XSS vulnerability at www.zebulon.fr

Security researcher warvector, has submitted on 15/06/2010 a cross-site-scripting XSS vulnerability affecting www.zebulon.fr, which at the time of submission ranked 30064 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 21/06/2010. It is current...

Exploits0References1
Drupal
Drupal
added 2010/04/28 12:0 a.m.12 views

SA-CONTRIB-2010-038 - Privatemsg - Access bypass

The Privatemsg module allows to send private messages between users. Additionally, the sub module Privatemsg Email Notification sends e-mail notification when such a message is sent. The page to configure the template for these e-mails does not use the correct access permission which allows all...

6.9AI score
Exploits0References5
Atlassian
Atlassian
added 2009/12/23 2:27 a.m.17 views

Randomised password not sent in email

When creating a user with password normally, the notification email to that new user will contain the password. However creating a new user and leave the password blank, JIRA randomly generates a password for that user, but the randomised password "is not sent" in the notification email to that...

Exploits0
Rows per page
Query Builder