Lucene search
+L

1062 matches found

NVD
NVD
added 2010/07/22 6:30 p.m.17 views

CVE-2009-4949

SQL injection vulnerability in the Store Locator extension before 1.2.8 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

7.5CVSS8.4AI score0.01051EPSS
Exploits0References3
Prion
Prion
added 2010/07/22 6:30 p.m.12 views

Sql injection

SQL injection vulnerability in the Store Locator extension before 1.2.8 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

7.5CVSS9.1AI score0.01051EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2010/07/22 6:30 p.m.13 views

Cross site scripting

Cross-site scripting XSS vulnerability in the Store Locator extension before 1.2.8 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS6.2AI score0.01022EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2010/07/22 6:0 p.m.50 views

CVE-2009-4949

Summary (CVE-2009-4949): The TYPO3 Store Locator extension, prior to version 1.2.8, is affected by an SQL injection that enables remote attackers to execute arbitrary SQL commands via unspecified vectors. The vulnerability is confirmed across multiple sources (NVD, Red Hat, CVE records) and is li...

7.5CVSS8.7AI score0.01051EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2010/07/22 6:0 p.m.45 views

CVE-2009-4948

The vulnerability CVE-2009-4948 affects the TYPO3 Store Locator extension prior to version 1.2.8, where an XSS flaw allows remote attackers to inject arbitrary script or HTML via unspecified vectors. The root cause is an input/output handling flaw in the extension that fails to neutralize user-su...

4.3CVSS5.9AI score0.01022EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2010/07/22 6:0 p.m.21 views

CVE-2009-4949

SQL injection vulnerability in the Store Locator extension before 1.2.8 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

8.4AI score0.01051EPSS
Exploits0References3
Cvelist
Cvelist
added 2010/07/22 6:0 p.m.20 views

CVE-2009-4948

Cross-site scripting XSS vulnerability in the Store Locator extension before 1.2.8 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

5.7AI score0.01022EPSS
Exploits0References3
exploitpack
exploitpack
added 2010/06/10 12:0 a.m.19 views

Store Locator - Cross-Site Request Forgery (Add Admin)

Store Locator - Cross-Site Request Forgery Add Admin vendor: www.ghostscripter.com ::::::::::::::explo!t::::::: ::::::: Store Locator Remote Add Admin Exploit User: Pass: :::::::::::::::::::::::::::::::::::::::::: Greetz to : Alnjm33-virus-pal - Predator-bingo2 - xXx-jago-dz -inejcteur-4PY-SaYrOs...

0.4AI score
Exploits0
Exploit DB
Exploit DB
added 2010/06/10 12:0 a.m.36 views

Store Locator - Cross-Site Request Forgery (Add Admin)

vendor: www.ghostscripter.com ::::::::::::::explo!t::::::: ::::::: Store Locator Remote Add Admin Exploit User: Pass: :::::::::::::::::::::::::::::::::::::::::: Greetz to : Alnjm33-virus-pal - Predator-bingo2 - xXx-jago-dz -inejcteur-4PY-SaYrOs- XR57 -Tr0y-x Ahmadso -alsaek AnD all Tunisian hacke...

7AI score
Exploits0
0day.today
0day.today
added 2010/06/10 12:0 a.m.18 views

Store Locator Remote Add Admin Exploit CSRF Vulnerability

Exploit for php platform in category web applications ========================================================= Store Locator Remote Add Admin Exploit CSRF Vulnerability ========================================================= vendor: www.ghostscripter.com ::::::::::::::explo!t::::::: :::::::...

7.1AI score
Exploits0
Typo3
Typo3
added 2009/04/06 12:0 a.m.58 views

Multiple vulnerabilities in third party extensions

Several vulnerabilities have been found in the following third party TYPO3 extensions: "A21glossary Advanced Output" a21glossaryadvancedoutput, "ClickStream Analyzer output" alternetcsaout, "Directory Listing" dirlisting, "Store Locator" locator, "Userdata Create/Edit" sguserdata, "Versatile...

7.2AI score
Exploits0Affected Software8
securityvulns
securityvulns
added 2008/10/09 12:0 a.m.67 views

Motorola Timbuktu's Internet Locator Service real-time data exposed to public.

We just want to make a public warning to those users of Motorola/Netopia Timbuktu Remote Control Software who are using the Internet Locator service. This service allows to locate any Timbuktu's user just by knowing the email. More than five months ago we notified Netopia's customer support...

7AI score
Exploits0
Packet Storm
Packet Storm
added 2008/10/07 12:0 a.m.34 views

timbuktu-pwn.txt

We just want to make a public warning to those users of Motorola/Netopia Timbuktu Remote Control Software who are using the Internet Locator service. This service allows to locate any Timbuktu's user just by knowing the email. More than five months ago we notified Netopia's customer support...

7.4AI score
Exploits0
Prion
Prion
added 2008/09/11 1:11 a.m.22 views

Design/Logic Flaw

Argument injection vulnerability in a URI handler in Microsoft Office XP SP3, 2003 SP2 and SP3, 2007 Office System Gold and SP1, and Office OneNote 2007 Gold and SP1 allow remote attackers to execute arbitrary code via a crafted onenote:// URL, aka "Uniform Resource Locator Validation Error...

9.3CVSS8.1AI score0.31934EPSS
Exploits1References9Affected Software2
Check Point Advisories
Check Point Advisories
added 2008/09/09 12:0 a.m.26 views

Microsoft Office OneNote URL Validation Error (MS08-055; CVE-2008-3007)

Microsoft Office OneNote is a tool for note-taking, information gathering, and multi-user collaboration that visualizes notes as a two-dimensional page. A remote code execution vulnerability has been reported in the way that Microsoft Office handles specially crafted OneNote files. The...

9.3CVSS7.1AI score0.31934EPSS
Exploits1
xssed
xssed
added 2008/06/04 12:0 a.m.12 views

Unfixed XSS vulnerability at www.dairyqueen.com

Security researcher SnS, has submitted on 06/04/2008 a cross-site-scripting XSS vulnerability affecting www.dairyqueen.com, which at the time of submission ranked 52377 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 02/06/2008. It is currently...

6.6AI score
Exploits0References1
NVD
NVD
added 2008/02/19 8:44 p.m.9 views

CVE-2008-0819

Directory traversal vulnerability in index.php in PlutoStatus Locator 1.0 pre alpha allows remote attackers to include and execute arbitrary local files via a .. dot dot in the page parameter...

3.6CVSS7.1AI score0.02275EPSS
Exploits1References3
Prion
Prion
added 2008/02/19 8:44 p.m.8 views

Directory traversal

Directory traversal vulnerability in index.php in PlutoStatus Locator 1.0 pre alpha allows remote attackers to include and execute arbitrary local files via a .. dot dot in the page parameter...

3.6CVSS7.6AI score0.02275EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2008/02/19 8:0 p.m.31 views

CVE-2008-0819

CVE-2008-0819 concerns a directory traversal vulnerability in PlutoStatus Locator 1.0 pre alpha. The flaw resides in index.php and allows remote attackers to include and execute arbitrary local files by supplying a .. (dot dot) sequence in the page parameter. Documented impact indicates local fil...

3.6CVSS7.2AI score0.02275EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2008/02/19 8:0 p.m.16 views

CVE-2008-0819

Directory traversal vulnerability in index.php in PlutoStatus Locator 1.0 pre alpha allows remote attackers to include and execute arbitrary local files via a .. dot dot in the page parameter...

7.1AI score0.02275EPSS
Exploits1References3
Rows per page
Query Builder