Lucene search
K

6827 matches found

Packet Storm
Packet Storm
added 2007/07/10 12:0 a.m.32 views

fgs17-sql.txt

FlashGameScript = 1.7 member.php$user SQL-Injection Exploit Vulnrability Discovered By: Xenduer77 ---July 7th, 2007 $user Is passed straight to the query without being filtered. SQL-INJECTION: For Version 1.7: -------...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2007/07/07 12:0 a.m.13 views

GameSiteScript 3.1 - profile id SQL Injection

GameSiteScript 3.1 - profile id SQL Injection GameSiteScript Profile$id SQL-Injection Exploit Vulnerability Discovered By: Xenduer77 ---July 7th, 2007 $id Is passed straight to the query without being filtered. SQL-INJECTION: For Version 3.1: -------...

0.4AI score
Exploits0
Symantec
Symantec
added 2007/06/06 12:0 a.m.27 views

Yahoo! Messenger Webcam Viewer ActiveX Control Buffer Overflow Vulnerability

Description Yahoo! Messenger Webcam Viewer ActiveX control is prone to a buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data. Successfully exploiting this issue allows remote attackers to execute arbitrary code in the context of applications th...

7.9AI score
Exploits0References4
Packet Storm
Packet Storm
added 2007/05/23 12:0 a.m.28 views

psychostats-xss.txt

PsychoStats v3.0.6b Multiple Cross-Site Scripting Vulnerabilities PsychoStats contains multiple cross-site scripting vulnerabilities that may be exploited through the URI. Vulnerable Files: awards.php, login.php, register.php, weapons.php - other files may also be susceptible to this vulnerabilit...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2007/05/22 12:0 a.m.21 views

hlstats-xss.txt

HLstats v1.35 Cross-Site Scripting Vulnerability HLstats contains a cross-site scripting vulnerability that may be exploited through the URI. Vulnerability: http://target.com/hlstats/hlstats.php/"alert1 Vulnerable: HLstats v1.35 other versions may also be vulnerable Google d0rk: "generated in...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2007/05/19 12:0 a.m.35 views

REWTERZ-20070518 - Authentication Bypass in Rational Soft's Hidden Administrator

REWTERZ-20070518 - Authentication Bypass in Rational Soft's Hidden Administrator Release Date: 18 May, 2007 Severity: High Remote Code Execution Vendor: Rational Soft Software Affected: Hidden Administrator v1.7 and below Overview: rewterz has discovered a critical vulnerability in Hidden...

1AI score
Exploits0
WPVulnDB
WPVulnDB
added 2007/04/29 12:0 a.m.35 views

myGallery <= 1.4b4 - Unauthenticated File Inclusion

The MySliderGallery WordPress plugin was affected by an Unauthenticated File Inclusion security vulnerability. PoC This vulnerability has been seen exploited in the wild with the following payload:...

7.5CVSS1.1AI score0.62871EPSS
Exploits2References2Affected Software1
securityvulns
securityvulns
added 2007/04/14 12:0 a.m.47 views

US-CERT Technical Cyber Security Alert TA07-103A -- Microsoft Windows DNS RPC Buffer Overflow

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Alert System Technical Cyber Security Alert TA07-103A Microsoft Windows DNS RPC Buffer Overflow Original release date: April 13, 2007 Last revised: -- Source: US-CERT Systems Affected Microsoft Windows 2003 Server Microsoft Windows 2000...

0.4AI score
Exploits0
securityvulns
securityvulns
added 2007/03/30 12:0 a.m.81 views

0-day ANI vulnerability in Microsoft Windows &#40;CVE-2007-0038&#41;

Today Microsoft released a security advisory about a vulnerability in the Animated Cursor processing code in Windows: http://www.microsoft.com/technet/security/advisory/935423.mspx It seems like the vulnerability is already exploited in the wild:...

9.3CVSS1.1AI score0.7288EPSS
Exploits12
Packet Storm
Packet Storm
added 2007/03/14 12:0 a.m.33 views

Echo Security Advisory 2007.72

\ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /\ / / / / / .OR.ID ECHOADV72$2007 ------------------------------------------------------------------------- ECHOADV72$2007 CARE2X rootpath Remote File Inclusion Vulnerability --------------------------...

0.4AI score
Exploits0
seebug.org
seebug.org
added 2007/02/07 12:0 a.m.28 views

solaris/sparc connect-back (with XNOR encoded session) 600 bytes

No description provided by source. / black-RXenc-con-back-SOLARIS.c MIPS This is a relitivly small 600 byte shellcode that encodes all network trafic between the exploited process and the attacker. All clear-text shell i/o is encoded using a simple NOT algo before being transmitted on the wire...

7.1AI score
Exploits0
PostrgeSql
PostrgeSql
added 2007/02/06 1:0 a.m.78 views

Vulnerability in core server (CVE-2007-0556)

A vulnerability involving changing the data type of a table column can easily be exploited to cause a backend crash, and in principle might be used to read database content that the user should not be able to access...

6.6CVSS5.6AI score0.02937EPSS
Exploits0Affected Software1
securityvulns
securityvulns
added 2007/01/21 12:0 a.m.49 views

Apple QuickTime HREFTrack crossite scripting

Script can refer to local resources. Vulnerability is used in-the-wild for malware code installation...

6.8CVSS1.1AI score0.05638EPSS
Exploits1References1Affected Software1
seebug.org
seebug.org
added 2006/12/30 12:0 a.m.29 views

Tencent QQ SuperVideo Remote Denial of Service Vulnerability

QQ is a very popular IM in China developed by Tencent.There exists a remote denial of service vulnerability in QQ when using the SuperVideo chat.Current study showed that the attacker who successfully exploited the vulnerability would cause the remote client crash. There is an attack packet as...

6.8AI score
Exploits0
securityvulns
securityvulns
added 2006/12/20 12:0 a.m.58 views

Mozilla Foundation Security Advisory 2006-71

Mozilla Foundation Security Advisory 2006-71 Title: LiveConnect crash finalizing JS objects Impact: Critical Announced: December 19, 2006 Reporter: Steven Michaud Products: Firefox, Thunderbird, SeaMonkey Fixed in: Firefox 2.0.0.1 Firefox 1.5.0.9 Thunderbird 1.5.0.9 SeaMonkey 1.0.7 Description...

7.1CVSS0.4AI score0.02279EPSS
Exploits0
CERT
CERT
added 2006/12/06 12:0 a.m.34 views

Microsoft Word malformed string vulnerability

Overview A vulnerability in Microsoft Word could allow an attacker to execute arbitrary code on a vulnerable system. Description Microsoft Word contains a vulnerability that could be exploited when Word opens a specially crafted document. It is possible that the vulnerability can be exploited by...

9.3CVSS6.6AI score0.31102EPSS
Exploits0References8
securityvulns
securityvulns
added 2006/11/14 12:0 a.m.34 views

Microsoft Security Bulletin MS06-070 Vulnerability in Workstation Service Could Allow Remote Code Execution &#40;924270&#41;

Microsoft Security Bulletin MS06-070 Vulnerability in Workstation Service Could Allow Remote Code Execution 924270 Published: November 14, 2006 Version: 1.0 Summary Who Should Read this Document: Customers who use Microsoft Windows Impact of Vulnerability: Remote Code Execution Maximum Severity...

10CVSS0.5AI score0.80214EPSS
Exploits8
Packet Storm
Packet Storm
added 2006/11/07 12:0 a.m.31 views

Echo Security Advisory 2006.57

\ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /\ / / / / / .OR.ID ECHOADV57$2006 ----------------------------------------------------------------------------------------------- ECHOADV57$2006Soholaunch Pro =4.9 r36 Multiple Remote File Inclusion Vulnerability...

0.5AI score
Exploits0
Mozilla
Mozilla
added 2006/11/07 12:0 a.m.39 views

Crashes with evidence of memory corruption (rv:1.8.0.8) — Mozilla

As part of the Firefox 1.5.0.8 release we fixed several bugs to improve the stability of the product. Some of these were crashes that showed evidence of memory corruption and we presume that at least some of these could be exploited to run arbitrary code with enough effort...

7.5CVSS1.9AI score0.05531EPSS
Exploits0References18Affected Software3
securityvulns
securityvulns
added 2006/09/20 12:0 a.m.21 views

New PowerPoint 0-day Trojan in the wild

New zero-day vulnerability in Microsoft PowerPoint has been disclosed. This vulnerability is being exploited by Trojan horse Trojan.PPDropper.E. This dropper type file reportedly works in all Windows systems, but the vulnerability itself has been confirmed in PowerPoint 2000 Chinese version...

1.3AI score
Exploits0
Rows per page
Query Builder