Lucene search
K

6827 matches found

exploitpack
exploitpack
added 2009/08/10 12:0 a.m.20 views

CMS Made Simple 1.6.2 - Local File Disclosure

CMS Made Simple 1.6.2 - Local File Disclosure CMS Made Simple = 1.6.2 Class: LFI Reported: 29/07/2009 Public release: 10/08/2009 Remote: Yes DORK: "This site is powered by CMS Made Simple version 1." Site: http://www.cmsmadesimple.org/ Download:...

0.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2009/08/05 12:0 a.m.67 views

openSUSE Security Update : flash-player (flash-player-1148)

Specially crafted Flash SWF files can cause a buffer overflow in flash-player. Attackers could potentially exploit that to execute arbitrary code CVE-2009-1862, CVE-2009-0901, CVE-2009-2395, CVE-2009-2493, CVE-2009-1863, CVE-2009-1864, CVE-2009-1865, CVE-2009-1866, CVE-2009-1867, CVE-2009-1868,...

9.3CVSS9AI score0.43389EPSS
Exploits14References13
Prion
Prion
added 2009/07/29 5:30 p.m.31 views

Design/Logic Flaw

The dnsdbfindrdataset function in db.c in named in ISC BIND 9.4 before 9.4.3-P3, 9.5 before 9.5.1-P3, and 9.6 before 9.6.1-P1, when configured as a master server, allows remote attackers to cause a denial of service assertion failure and daemon exit via an ANY record in the prerequisite section o...

4.3CVSS7AI score0.12649EPSS
Exploits1References37Affected Software1
ThreatPost
ThreatPost
added 2009/07/14 7:2 p.m.90 views

Inside Microsoft's July Security Patch Batch

Microsoft released six security bulletins today — three rated Critical and three rated Important. Two of the issues are being actively exploited on the Internet and four of the issues are client-side vulnerabilities, which means the exploit can only occur if a user visits an evil website or opens...

9.3CVSS0.5AI score0.99945EPSS
Exploits33
Circl
Circl
added 2009/07/13 12:0 a.m.20 views

CVE-2009-2477

creationtimestamp| type| source ---|---|--- 2009-07-13 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/9137 2009-07-20 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/9214 2010-09-20 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/16299 2016-12-18...

9.3CVSS4.9AI score0.42689EPSS
Exploits9References6
seebug.org
seebug.org
added 2009/07/12 12:0 a.m.21 views

Joomla component 'com_category' SQL injection vulnerability

No description provided by source. Joomla component 'comcategory' SQL injection vulnerability dork:inurl:"comcategory" xploited by PrincePwn3r contact: [email protected] +++++++ greetz to all p0wnbox.com members !!! +++++++...

7.1AI score
Exploits0
Prion
Prion
added 2009/07/07 11:30 p.m.23 views

Stack overflow

Stack-based buffer overflow in the CComVariant::ReadFromStream function in the Active Template Library ATL, as used in the MPEG2TuneRequest ActiveX control in msvidctl.dll in DirectShow, in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold...

9.3CVSS8.1AI score0.76647EPSS
Exploits10References20Affected Software2
0day.today
0day.today
added 2009/07/01 12:0 a.m.28 views

Messages Library 2.0 Insecure Cookie Handling Vulnerability

Exploit for unknown platform in category web applications =========================================================== Messages Library 2.0 Insecure Cookie Handling Vulnerability =========================================================== Messages Library 2.0 = Arbitrary Database Download...

7.1AI score
Exploits0
0day.today
0day.today
added 2009/07/01 12:0 a.m.18 views

Messages Library 2.0 Arbitrary Delete Message Vulnerability

Exploit for unknown platform in category web applications =========================================================== Messages Library 2.0 Arbitrary Delete Message Vulnerability =========================================================== !/usr/bin/perl -w Messages Library 2.0 ; $b =...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2009/07/01 12:0 a.m.36 views

Messages Library 2.0 - Insecure Cookie Handling

Messages Library 2.0 = Arbitrary Database Download Vulnerability Founded & Exploited by : Stack Bypass with javascript:document.cookie = "SaphpLessonName=admin' or 1=1--; path=/"; javascript:document.cookie = "SaphpLessonPassword=' or 1=1--; path=/"; After Exec http://localhost/sms/admin/backup.p...

7.4AI score
Exploits0
seebug.org
seebug.org
added 2009/06/30 12:0 a.m.14 views

Bopup Communications Server (3.2.26.5460) Remote BOF Exploit (SEH)

No description provided by source. !/usr/bin/python Usage : python bopup.py targetip | || | / \ | | | | | | | | | - | | | / / | | |||| || // / |\ || Bug : Bopup Communications Server 3.2.26.5460 Remote BOF Exploit SEH Tested on : Xp sp3 ENVB Refer : mu-b Exploited by : His0k4 Greetings : All...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2009/06/15 12:0 a.m.13 views

Evernew Free Joke Script 1.2 - Remote Change Password

Evernew Free Joke Script 1.2 - Remote Change Password Remote Change Password = Bug detail bug in change.php file in line 10 : $result=mysqlquery"update admin set password='$pass'"; ----------------------- = Fix $result=mysqlescapestring"update admin set password='$pass'"; change mysqlquery to...

0.4AI score
Exploits0
exploitpack
exploitpack
added 2009/06/08 12:0 a.m.8 views

httpdx 0.8 - FTP Server DeleteGetCreate DirectoriesFiles

httpdx 0.8 - FTP Server DeleteGetCreate DirectoriesFiles / Httpdx Server FTP v0.8 Remote Arbitrary Directories & files Vulnerability ------------------------------------------------------------------------- Arbitrary: ---------- The vulnerability is caused due to an input validation error when...

0.5AI score
Exploits0
Prion
Prion
added 2009/05/29 6:30 p.m.18 views

Design/Logic Flaw

Unspecified vulnerability in the QuickTime Movie Parser Filter in quartz.dll in DirectShow in Microsoft DirectX 7.0 through 9.0c on Windows 2000 SP4, Windows XP SP2 and SP3, and Windows Server 2003 SP2 allows remote attackers to execute arbitrary code via a crafted QuickTime media file, as...

9.3CVSS7.9AI score0.50926EPSS
Exploits7References13Affected Software1
FreeBSD
FreeBSD
added 2009/05/29 12:0 a.m.35 views

nagios -- Command Injection Vulnerability

Secunia reports: A vulnerability has been reported in Nagios, which can be exploited by malicious users to potentially compromise a vulnerable system. Input passed to the "ping" parameter in statuswml.cgi is not properly sanitised before being used to invoke the ping command. This can be exploite...

7.5CVSS6.9AI score0.83453EPSS
Exploits14References2
Cvelist
Cvelist
added 2009/05/28 8:14 p.m.45 views

CVE-2009-1807

Unspecified vulnerability in Config.dll in Baofeng products 3.09.04.17 and earlier allows remote attackers to execute arbitrary code by calling the SetAttributeValue method, as exploited in the wild in April and May 2009...

7.7AI score0.07531EPSS
Exploits1References2
Cvelist
Cvelist
added 2009/05/28 2:0 p.m.17 views

CVE-2009-1800

Stack-based buffer overflow in the Chinagames CGAgent ActiveX control 1.x in CGAgent.dll, as distributed in Chinagames iGame 2009, allows remote attackers to execute arbitrary code via a long argument to the CreateChinagames method, as exploited in the wild in April and May 2009. NOTE: some of...

8.1AI score0.10899EPSS
Exploits1References6
seebug.org
seebug.org
added 2009/05/27 12:0 a.m.12 views

Kensei Board <= 2.0.0b Multiple SQL Injection Vulnerabilities

No description provided by source. Kensei Board = 2.0.0b Multiple Remote SQL Injection Vulnerabilities Bug found && Exploited by cOndemned Greetz: SELECT FROM friends Download Script : http://www.kenseiboard.com/counter/click.php?id=2 --- source of index.php : ... 87. if $incfunction == "showforu...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2009/05/27 12:0 a.m.24 views

Kensei Board 2.0.0b SQL Injection

Kensei Board = 2.0.0b Multiple Remote SQL Injection Vulnerabilities Bug found && Exploited by cOndemned Greetz: SELECT FROM friends Download Script : http://www.kenseiboard.com/counter/click.php?id=2 --- source of index.php : ... 87. if $incfunction == "showforum" 88. if $GETt == "" 89...

0.2AI score
Exploits0
0day.today
0day.today
added 2009/05/26 12:0 a.m.19 views

Kensei Board <= 2.0.0b Multiple SQL Injection Vulnerabilities

Exploit for unknown platform in category web applications ============================================================= Kensei Board = 2.0.0b Multiple SQL Injection Vulnerabilities ============================================================= Kensei Board = 2.0.0b Multiple Remote SQL Injection...

7.1AI score
Exploits0
Rows per page
Query Builder