Lucene search
K

2188 matches found

Packet Storm
Packet Storm
added 2006/03/08 12:0 a.m.35 views

EV0086.txt

New eVuln Advisory: Simple Machines Forum - SMF 'X-Forwarded-For' XSS Vulnerability http://evuln.com/vulns/86/summary.html --------------------Summary---------------- eVuln ID: EV0086 CVE: CVE-2006-0896 Software: Simple Machines Forum - SMF Sowtware's Web Site: http://www.simplemachines.org/...

4.3CVSS6.7AI score0.01721EPSS
Exploits1
securityvulns
securityvulns
added 2006/03/06 12:0 a.m.55 views

[eVuln] Simple Machines Forum - SMF 'X-Forwarded-For' XSS Vulnerability

New eVuln Advisory: Simple Machines Forum - SMF 'X-Forwarded-For' XSS Vulnerability http://evuln.com/vulns/86/summary.html --------------------Summary---------------- eVuln ID: EV0086 CVE: CVE-2006-0896 Software: Simple Machines Forum - SMF Sowtware's Web Site: http://www.simplemachines.org/...

4.3CVSS0.2AI score0.01721EPSS
Exploits1
Cvelist
Cvelist
added 2006/02/25 11:0 a.m.27 views

CVE-2006-0896

Cross-site scripting XSS vulnerability in Sources/Register.php in Simple Machine Forum SMF 1.0.6 allows remote attackers to inject arbitrary web script or HTML via the X-Forwarded-For HTTP header field...

5.7AI score0.01721EPSS
Exploits1References10
NVD
NVD
added 2006/02/23 2:6 a.m.23 views

CVE-2006-0852

Direct static code injection vulnerability in write.php in Admbook 1.2.2 and earlier allows remote attackers to execute arbitrary PHP code via the X-Forwarded-For HTTP header field, which is inserted into content-data.php...

7.5CVSS7.8AI score0.02729EPSS
Exploits0References5
Prion
Prion
added 2006/02/23 2:6 a.m.17 views

Code injection

Direct static code injection vulnerability in write.php in Admbook 1.2.2 and earlier allows remote attackers to execute arbitrary PHP code via the X-Forwarded-For HTTP header field, which is inserted into content-data.php...

7.5CVSS8AI score0.02729EPSS
Exploits0References5Affected Software1
securityvulns
securityvulns
added 2006/02/20 12:0 a.m.37 views

[SA18930] Admbook "X-Forwarded-For" PHP Code Injection

TITLE: Admbook "X-Forwarded-For" PHP Code Injection SECUNIA ADVISORY ID: SA18930 VERIFY ADVISORY: http://secunia.com/advisories/18930/ CRITICAL: Highly critical IMPACT: System access WHERE: From remote SOFTWARE: Admbook 1.x http://secunia.com/product/8159/ DESCRIPTION: rgod has reported a...

0.4AI score
Exploits0
0day.today
0day.today
added 2006/02/19 12:0 a.m.92 views

Admbook <= 1.2.2 (X-Forwarded-For) Remote Command Execution Exploit

Exploit for unknown platform in category web applications =================================================================== Admbook autisticiorg |\r\n"; print "| |\r\n"; print "| Sun-Tzu: "Rouse him, and learn the principle of his activity or |\r\n"; print "| inactivity. Force him to reveal...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2006/02/19 12:0 a.m.10 views

Admbook 1.2.2 - x-forwarded-for Remote Command Execution

Admbook 1.2.2 - x-forwarded-for Remote Command Execution !/usr/bin/perl -w use IO::Socket; print "\r\n"; print "| Admbook autisticiorg |\r\n"; print "| site: http://retrogod.altervista.org |\r\n"; print "| |\r\n"; print "| Sun-Tzu: "Rouse him, and learn the principle of his activity or |\r\n";...

0.2AI score
Exploits0
seebug.org
seebug.org
added 2006/02/19 12:0 a.m.21 views

Admbook &lt;= 1.2.2 (X-Forwarded-For) Remote Command Execution Exploit

No description provided by source. !/usr/bin/perl -w use IO::Socket; print "\r\n"; print "| Admbook =1.2.2 X-Forwarded-For cmmnds xctn xploit |\r\n"; print "| By rgod rgodATautisticiDOTorg |\r\n"; print "| site: http://retrogod.altervista.org |\r\n"; print "| |\r\n"; print "| Sun-Tzu: "Rouse him,...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2006/02/19 12:0 a.m.39 views

Admbook 1.2.2 - &#039;x-forwarded-for&#039; Remote Command Execution

!/usr/bin/perl -w use IO::Socket; print "\r\n"; print "| Admbook autisticiorg |\r\n"; print "| site: http://retrogod.altervista.org |\r\n"; print "| |\r\n"; print "| Sun-Tzu: "Rouse him, and learn the principle of his activity or |\r\n"; print "| inactivity. Force him to reveal himself, so as to...

7.4AI score
Exploits0
CVE
CVE
added 2006/02/18 9:0 p.m.34 views

CVE-2005-4724

PhpTagCool 1.0.3 contains an SQL injection in post.php, exploitable via the X-Forwarded-For HTTP header, allowing remote SQL command execution. The vulnerability’s impact is described as partial confidentiality, integrity, and availability loss. No explicit exploit code or in-the-wild details are...

7.5CVSS8.8AI score0.01123EPSS
Exploits1References3
Prion
Prion
added 2006/02/09 7:6 p.m.16 views

Cross site scripting

Cross-site scripting XSS vulnerability in Clever Copy 2.0, 2.0a, and 3.0 allows remote attackers to inject arbitrary web script or HTML via the 1 Referer or 2 X-Forwarded-For headers in an HTTP request, which are not properly handled when the administrator accesses Site Stats...

4.3CVSS6.1AI score0.01352EPSS
Exploits2References6Affected Software1
NVD
NVD
added 2006/02/09 7:6 p.m.19 views

CVE-2006-0627

Cross-site scripting XSS vulnerability in Clever Copy 2.0, 2.0a, and 3.0 allows remote attackers to inject arbitrary web script or HTML via the 1 Referer or 2 X-Forwarded-For headers in an HTTP request, which are not properly handled when the administrator accesses Site Stats...

4.3CVSS5.6AI score0.01352EPSS
Exploits2References6
OSV
OSV
added 2006/02/08 1:2 a.m.2 views

DEBIAN-CVE-2006-0582

Unspecified vulnerability in rshd in Heimdal 0.6.x before 0.6.6 and 0.7.x before 0.7.2, when storing forwarded credentials, allows attackers to overwrite arbitrary files and change file ownership via unknown vectors...

2.1CVSS7AI score0.00442EPSS
Exploits0References1
CVE
CVE
added 2006/02/01 2:0 a.m.63 views

CVE-2005-4687

PunBB 1.2.9 (used standalone or with F-ART BLOG:CMS) trusts the client IP from the X-Forwarded-For header instead of the TCP/IP stack, enabling IP address spoofing by remote attackers. Red Hat and CVE records corroborate this vulnerability in PunBB 1.2.9. The underlying issue is header-based IP e...

5CVSS7AI score0.01392EPSS
Exploits0References4Affected Software2
NVD
NVD
added 2005/12/31 5:0 a.m.14 views

CVE-2005-4687

PunBB 1.2.9, used alone or with F-ART BLOG:CMS, may trust a client's IP address as specified in the X-Forwarded-For HTTP header rather than the TCP/IP stack, which allows remote attackers to misrepresent their IP address by sending a modified header...

5CVSS6.6AI score0.01392EPSS
Exploits0References4
Exploit DB
Exploit DB
added 2005/09/11 12:0 a.m.44 views

PhpTagCool 1.0.3 - SQL Injection

!/usr/bin/perl PhpTagCool Zatueritor 1.0 Copyright: Megabyte www.mbytesecurity.org Greetz: Rootbox for discovering the forwarded-for issue Te amo Pandora Crashcool,fuiste defaceado por un bug de tu propia programacion,ahora que inventaras? use IO::Socket; $x = 0; print q PhpTagCool Zatueritor 1.0...

7.4AI score
Exploits0
CVE
CVE
added 2005/05/10 4:0 a.m.51 views

CVE-2004-1950

The CVE documents a vulnerability in phpBB 2.0.8a and earlier where the application trusts the IP address provided in the X-Forwarded-For HTTP header. This mis-trust lets remote attackers spoof the user’s apparent IP address. Affected software: phpBB 2.0.8a and older. Root cause: server-side code...

5CVSS6.6AI score0.01457EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2005/05/10 4:0 a.m.22 views

CVE-2004-1950

phpBB 2.0.8a and earlier trusts the IP address that is in the X-Forwarded-For in the HTTP header, which allows remote attackers to spoof IP addresses...

6.6AI score0.01457EPSS
Exploits1References5
NVD
NVD
added 2005/05/02 4:0 a.m.22 views

CVE-2005-1172

Cross-site scripting XSS vulnerability in init.inc.php in Coppermine Photo Gallery 1.3.x allows remote attackers to inject arbitrary web script or HTML via the X-Forwarded-For parameter...

4.3CVSS5.6AI score0.01177EPSS
Exploits0References4
Rows per page
Query Builder