Lucene search
K

850 matches found

0day.today
0day.today
added 2010/07/28 12:0 a.m.26 views

Joomla Component PhotoMap Gallery 1.6.0 Multiple Blind SQL Injection

Exploit for php platform in category web applications ==================================================================== Joomla Component PhotoMap Gallery 1.6.0 Multiple Blind SQL Injection ==================================================================== PhotoMap Gallery 1.6.0 Joomla...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2010/07/28 12:0 a.m.31 views

Joomla! Component com_photomapgallery 1.6.0 - Multiple Blind SQL Injections

PhotoMap Gallery 1.6.0 Joomla Component Multiple Blind SQL Injection Name PhotoMap Gallery Vendor http://extensions.joomla.org/extensions/photos-a-images/photo-gallery/10658 Versions Affected 1.6.0 Author Salvatore Fresta aka Drosophila Website http://www.salvatorefresta.net Contact salvatorefres...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2010/06/09 12:0 a.m.25 views

Rayzz Photoz Shell Upload

========================================================== Rayzz Photoz Upload Vulnerability ========================================================== 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /'...

7.4AI score
Exploits0
0day.today
0day.today
added 2010/06/08 12:0 a.m.18 views

Rayzz Photoz Upload Vulnerability

Exploit for php platform in category web applications ================================= Rayzz Photoz Upload Vulnerability ================================= 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ ...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2010/06/08 12:0 a.m.21 views

Rayzz Photoz - Arbitrary File Upload

Rayzz Photoz - Arbitrary File Upload ========================================================== Rayzz Photoz Upload Vulnerability ========================================================== 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, ...

0.2AI score
Exploits0
NVD
NVD
added 2010/02/04 8:15 p.m.19 views

CVE-2010-0554

The HTTP Authentication implementation in Geo++ GNCASTER 1.4.0.7 and earlier uses the same nonce for all authentication, which allows remote attackers to hijack web sessions or bypass authentication via a replay attack...

7.5CVSS7AI score0.01537EPSS
Exploits0References5
NVD
NVD
added 2010/02/04 8:15 p.m.18 views

CVE-2010-0552

Geo++ GNCASTER 1.4.0.7 and earlier allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code via multiple requests for a non-existent file using a long URI...

7.5CVSS7.9AI score0.04219EPSS
Exploits1References5
NVD
NVD
added 2010/02/04 8:15 p.m.19 views

CVE-2010-0551

HTTP authentication implementation in Geo++ GNCASTER 1.4.0.7 and earlier allows remote attackers to read authentication headers of other users via a large request with an incorrect authentication attempt, which includes sensitive memory in the response. NOTE: this is referred to as a "memory leak...

5CVSS6.7AI score0.01464EPSS
Exploits1References5
NVD
NVD
added 2010/02/04 8:15 p.m.18 views

CVE-2010-0550

admin.htm in Geo++ GNCASTER 1.4.0.7 and earlier does not properly enforce HTTP Digest Authentication, which allows remote authenticated users to use HTTP Basic Authentication, bypassing intended server policy...

4CVSS6.3AI score0.0109EPSS
Exploits0References5
NVD
NVD
added 2010/02/04 8:15 p.m.20 views

CVE-2010-0553

Geo++ GNCASTER 1.4.0.7 and earlier allows remote authenticated users to cause a denial of service application crash and possibly execute arbitrary code via a long NMEA data sentence...

6.5CVSS7.4AI score0.03271EPSS
Exploits1References5
Prion
Prion
added 2010/02/04 8:15 p.m.18 views

Design/Logic Flaw

HTTP authentication implementation in Geo++ GNCASTER 1.4.0.7 and earlier allows remote attackers to read authentication headers of other users via a large request with an incorrect authentication attempt, which includes sensitive memory in the response. NOTE: this is referred to as a "memory leak...

5CVSS7.1AI score0.01464EPSS
Exploits1References5Affected Software1
Prion
Prion
added 2010/02/04 8:15 p.m.15 views

Authentication flaw

admin.htm in Geo++ GNCASTER 1.4.0.7 and earlier does not properly enforce HTTP Digest Authentication, which allows remote authenticated users to use HTTP Basic Authentication, bypassing intended server policy...

4CVSS6.8AI score0.0109EPSS
Exploits0References5Affected Software1
Prion
Prion
added 2010/02/04 8:15 p.m.14 views

Authentication flaw

The HTTP Authentication implementation in Geo++ GNCASTER 1.4.0.7 and earlier uses the same nonce for all authentication, which allows remote attackers to hijack web sessions or bypass authentication via a replay attack...

7.5CVSS7.5AI score0.01537EPSS
Exploits0References5Affected Software1
Prion
Prion
added 2010/02/04 8:15 p.m.19 views

Code injection

Geo++ GNCASTER 1.4.0.7 and earlier allows remote authenticated users to cause a denial of service application crash and possibly execute arbitrary code via a long NMEA data sentence...

6.5CVSS7.9AI score0.03271EPSS
Exploits1References5Affected Software1
Prion
Prion
added 2010/02/04 8:15 p.m.15 views

Code injection

Geo++ GNCASTER 1.4.0.7 and earlier allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code via multiple requests for a non-existent file using a long URI...

7.5CVSS8.4AI score0.04219EPSS
Exploits1References5Affected Software1
CVE
CVE
added 2010/02/04 7:0 p.m.46 views

CVE-2010-0554

The CVE-2010-0554 entry concerns Geo++ GNCASTER, affected in versions 1.4.0.7 and earlier. The HTTP Authentication implementation uses the same nonce for all authentication attempts, enabling replay attacks that can hijack web sessions or bypass authentication. This is the root cause: nonce reuse...

7.5CVSS7.2AI score0.01537EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2010/02/04 7:0 p.m.26 views

CVE-2010-0554

The HTTP Authentication implementation in Geo++ GNCASTER 1.4.0.7 and earlier uses the same nonce for all authentication, which allows remote attackers to hijack web sessions or bypass authentication via a replay attack...

7AI score0.01537EPSS
Exploits0References5
Cvelist
Cvelist
added 2010/02/04 7:0 p.m.27 views

CVE-2010-0550

admin.htm in Geo++ GNCASTER 1.4.0.7 and earlier does not properly enforce HTTP Digest Authentication, which allows remote authenticated users to use HTTP Basic Authentication, bypassing intended server policy...

6.3AI score0.0109EPSS
Exploits0References5
CVE
CVE
added 2010/02/04 7:0 p.m.51 views

CVE-2010-0551

CVE-2010-0551 affects Geo++ GNCASTER 1.4.0.7 and earlier. The HTTP authentication implementation allows remote attackers to read authentication headers from other users by sending a large request with an incorrect authentication attempt, resulting in memory disclosure (often called a memory leak)...

5CVSS6.8AI score0.01464EPSS
Exploits1References5Affected Software1
CVE
CVE
added 2010/02/04 7:0 p.m.47 views

CVE-2010-0553

CVE-2010-0553 affects Geo++ GNCASTER (versions up to and including 1.4.0.7). The issue allows remote authenticated users to trigger a denial of service (application crash) and possibly execute arbitrary code via a long NMEA data sentence. The NVD entry records a NETWORK attack vector with LOW com...

6.5CVSS7.7AI score0.03271EPSS
Exploits1References5Affected Software1
Rows per page
Query Builder