Lucene search
K

2496 matches found

seebug.org
seebug.org
added 2014/07/01 12:0 a.m.12 views

betaparticle blog 2.0/3.0 myFiles.asp Unauthenticated File Manipulation

No description provided by source. source: http://www.securityfocus.com/bid/12861/info betaparticle blog is reported prone to multiple vulnerabilities. The following individual issues are reported: It is reported that betaparticle blog fails to sufficiently secure the authentication credential...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.21 views

360 Web Manager 3.0 - Multiple Vulnerabilities

No description provided by source. Exploit Title: Multiple vulnerabilities in 360 Web Manager 3.0 Google Dork: Powered by 360 Web Manager 3.0 Date: 15/04/2011 Author: Ignacio Garrido Contact: [email protected] Software Link: www.360webmanager.com Version: v3.0 Tested on: Linux 2.6.18 Vulnerabilit...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.18 views

USB Sharp 1.3.4 iPad iPhone - Multiple Vulnerabilities

No description provided by source. Title: ====== USB Sharp v1.3.4 iPad iPhone - Multiple Web Vulnerabilities Date: ===== 2013-02-16 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=873 VL-ID: ===== 873 Common Vulnerability Scoring System:...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.33 views

mkportal <= 1.2.1 () Multiple Vulnerabilities

No description provided by source. waraxe-2009-SA070 - Multiple Vulnerabilities in MKPortal = 1.2.1 ============================================================================== Author: Janek Vind waraxe Date: 15. January 2009 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-70.html...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.18 views

Digital Amp MP3 3.1 (.Mp3) Local Crash PoC

No description provided by source. !/usr/bin/perl H0m3 : S3curity-art.com M4!l: [email protected] T3st3d on: Windows XP SP3 print Tic-Tac; my $boom=\x41 x 1500; my $filename = B000M.mp3; open FILE,$filename; print FILE $boom; print \nFile successfully created!\n;...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.17 views

Core Image Fun House <= 2.0 Arbitrary Code Execution PoC (OSX)

No description provided by source. !/usr/bin/ruby Copyright c Netragard, LLC. [email protected] /Developer/Applications/Graphics Tools/Core Image Fun House.app /Contents/MacOS/Core Image Fun House gdb x/10s 0xbfffddf7 0xbfffddf7: 'Z' repeats 101 times, DCBA center 2007-07-10 21:15:34.573 Core...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.16 views

CDRTools 2.0 RSCSI Debug File Arbitrary Local File Manipulation Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8328/info It has been reported that the rscsi utility may provide for the modification of ownership and the corruption of arbitrary attacker specified files. It has been reported that a local attacker may invoke the rscsi...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.21 views

Oracle Database 8i/9i Multiple Remote Directory Traversal Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/12749/info Oracle Database server is reported prone to multiple directory traversal vulnerabilities that may allow a remote attacker to read, write, or rename arbitrary files with the privileges of the Oracle Database...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.13 views

IRIX 5.2/6.0 permissions File Manipulation Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1751/info The IRIX's /usr/lib/desktop/permissions tool is a suid and sgid root applications normally used by users to modify permissions of their files and files they are privileged for. A vulnerability in the permissions...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/06/23 12:0 a.m.25 views

qibocms 新闻系统 Getshell (需结合解析漏洞)

简要描述: IIS || Apache。 详细说明: http://bbs.qibosoft.com/down2.php?v=news1.0down 下载地址。 在news/member/post.php中 requireonceMpath."inc/check.postarticle.php"; if$job=='postnew' if$step=='post' postnew; //生成静态 makearticlehtml"$Murl/member/post.php?job=endHTML&aid=$aid"; $mid && $mid继续发表新主题 续发本主题 返回主题列表 查看主...

7.1AI score
Exploits0
Prion
Prion
added 2014/05/20 2:55 p.m.14 views

Design/Logic Flaw

The File Abstraction Layer FAL in TYPO3 6.0.x before 6.0.9 and 6.1.x before 6.1.4 does not properly check permissions, which allows remote authenticated users to create or read arbitrary files via a crafted URL...

5.5CVSS6.7AI score0.00983EPSS
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2014/05/19 12:0 a.m.38 views

GLSA-201405-17 : Munin: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201405-17 Munin: Multiple vulnerabilities Multiple vulnerabilities have been discovered in Munin. Please review the CVE identifiers referenced below for details. Impact : A local attacker could perform symlink attacks to overwrite...

9.3CVSS5.5AI score0.02368EPSS
Exploits2References4
exploitpack
exploitpack
added 2014/05/15 12:0 a.m.110 views

ElasticSearch - Remote Code Execution

ElasticSearch - Remote Code Execution body padding-top: 50px; .starter-template padding: 40px 15px; text-align: center; function esinject var readfile; var writefile; readfile = functionfilename return "import java.util.;\nimport java.io.;\nnew Scannernew File"" + filename +...

6.8CVSS7AI score0.88559EPSS
Exploits17
Zero Day Initiative
Zero Day Initiative
added 2014/04/17 12:0 a.m.30 views

Hewlett-Packard Virtual User Generator EmulationAdmin Service Information Disclosure Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Virtual User Generator. Authentication is not required to exploit this vulnerability. The specific flaw exists within the exposed EmulationAdminSoapBinding web service. The issue lies in the...

10CVSS1.6AI score0.10436EPSS
Exploits1References1
CVE
CVE
added 2014/04/11 12:0 a.m.20 views

CVE-2013-5374: IBM PureData System for Analytics file manipulation

IBM’s advisory confirms CVE-2013-5374 affects all Netezza Performance Server versions before 7.1.0.1 in the IBM PureData System for Analytics. The issue allows reading and modifying local files via unknown vectors, with exploitation requiring authentication and specific permissions. Impact includ...

5.5CVSS6.2AI score
Exploits0References2
0day.today
0day.today
added 2014/02/20 12:0 a.m.42 views

Wordpress BP Group Documents Plugin 1.2.1 - Multiple Vulnerabilities

Stored XSS vulnerability in BP Group Documents 1.2.1 Description ================ Stored XSS vulnerability in BP Group Documents 1.2.1 Vulnerability ================ “Display name” and “Description” fields are not escaped, meaning any tags including script tags can be stored in them. Proof of...

6.3AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2014/02/12 12:0 a.m.48 views

CentOS 6 : wget (CESA-2014:0151)

An updated wget package that fixes one security issue and one bug is now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Low security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating,...

6.8CVSS7.1AI score0.04214EPSS
Exploits0References2
NVD
NVD
added 2014/02/04 11:55 p.m.18 views

CVE-2011-2725

Directory traversal vulnerability in Ark 4.7.x and earlier allows remote attackers to delete and force the display of arbitrary files via .. dot dot sequences in a zip file...

6.8CVSS6.5AI score0.02952EPSS
Exploits2References6
OSV
OSV
added 2014/01/28 12:55 a.m.9 views

CVE-2014-1604

The parser cache functionality in parsergenerator.py in RPLY aka python-rply before 0.7.1 allows local users to spoof cache data by pre-creating a temporary rply-.json file with a predictable name...

6AI score
Exploits0References7
seebug.org
seebug.org
added 2014/01/06 12:0 a.m.43 views

libreswan多个漏洞

CVE ID:CVE-2013-4564 Libreswan是一款类似OpenSwan的IPsec实现。 1处理"processpacket方法pluto/demux.c中IKE数据包时的错误,导致通过特制的IKE数据包造成libreswan重新启动。 2处理"ikev2parentinI1outR1"函数(pluto/ikev2parent.c中IKE通告报文时的错误,导致利用特制的IKE引起libreswan重新启动。 3为RHEL处理libreswan.spec文件时应用程序不安全创建/var/tmp/libreswan-nss-pwd文件,可被利用来操纵某些数据。 0...

5CVSS6.5AI score0.02644EPSS
Exploits2
Rows per page
Query Builder