Lucene search
K

3750 matches found

OSV
OSV
added 2012/02/13 12:0 a.m.44 views

DSA-2408-1 php5 - several

Bulletin has no description...

7.5CVSS8.4AI score0.19139EPSS
Exploits31
seebug.org
seebug.org
added 2012/02/13 12:0 a.m.67 views

PHP 'magic_quotes_gpc'安全绕过漏洞(CVE-2012-0831)

Bugtraq ID: 51954 CVE ID:CVE-2012-0831 Php存在一个安全漏洞允许远程禁用magicquotesgpc,这允许远程攻击者绕过防止SQL注入的限制 0 PHP 5.3.8 PHP 5.3.7 PHP 5.3.6 PHP 5.3.2 PHP 5.2.4 PHP 5.3.5 PHP 5.3.4 PHP 5.3.3 厂商解决方案 用户可参考如下供应商提供的安全公告获得补丁信息: https://bugs.php.net/bug.php?id=61043...

6.8CVSS9.5AI score0.06709EPSS
Exploits2
The Hacker News
The Hacker News
added 2012/02/10 10:45 a.m.10 views

Trixd00r v0.0.1 - An Invisible TCP/IP based backdoor for UNIX systems

Trixd00r v0.0.1 - An Invisible TCP/IP based backdoor for UNIX systems NullSecurity Team Releases "Trixd00r v0.0.1" an advanced and invisible TCP/IP based userlandbackdoor for UNIX systems. It consists of a server and a client. The server sits and waits for magic packets using a sniffer. If a magi...

7AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2012/02/10 12:0 a.m.254 views

Ubuntu 8.04 LTS / 10.04 LTS / 10.10 / 11.04 / 11.10 : php5 vulnerabilities (USN-1358-1)

It was discovered that PHP computed hash values for form parameters without restricting the ability to trigger hash collisions predictably. This could allow a remote attacker to cause a denial of service by sending many crafted parameters. CVE-2011-4885 ATTENTION: this update changes previous PHP...

7.5CVSS8.5AI score0.83911EPSS
Exploits30References8
Tenable Nessus
Tenable Nessus
added 2012/01/03 12:0 a.m.35 views

Fedora 15 : phpMyAdmin-3.4.9-1.fc15 (2011-17370)

Changes 3.4.9.0 2011-12-21 : - edit Inline editing enum fields with null shows no dropdown - interface DB suggestion not correct for user with underscore - core Magic quotes removed in PHP 5.4 - session No feedback when result is empty signon authtype - display Problems regarding ShowTooltipAlias...

4.3CVSS8.5AI score0.01401EPSS
Exploits3References7
seebug.org
seebug.org
added 2011/12/21 12:0 a.m.23 views

Multiple vulnerabilities in OBM

No description provided by source. Reference: https://www.htbridge.ch/advisory/multiplevulnerabilitiesinobm.html Product: OBM Vendor: obm.org http://obm.org Vulnerable Version: 2.4.0-rc13 and probably prior Tested Version: 2.4.0-rc13 Vendor Notification: 30 November 2011 Vulnerability Type: XSS,...

7.1AI score
Exploits0
myhack58
myhack58
added 2011/12/20 12:0 a.m.26 views

BIWEB bugs and fixes-vulnerability warning-the black bar safety net

BIWEB PHP open source enterprise built Station system bug fixed version, 1. Pass to kill the contains /wap/detail.php, X, X... $objWebInit = new wap; if empty$GET'page' $intPage = 1 ; else $intPage = intval$GET'page'; if empty$GET'cpage' $intCPage = 1 ; else $intCPage = intval$GET'cpage'; if !...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2011/11/09 12:0 a.m.21 views

VtigerCRM 5.2.1 Local File Inclusion

Vulnerability ID: HTB23054 Reference: https://www.htbridge.ch/advisory/localfileinclusioninvtigercrm.html Product: VtigerCRM Vendor: vtiger.com http://www.vtiger.com Vulnerable Version: 5.2.1 and probably prior Tested Version: 5.2.1 Vendor Notification: 19 October 2011 Vulnerability Type: Local...

7AI score
Exploits0
myhack58
myhack58
added 2011/10/26 12:0 a.m.30 views

Upload vulnerability filepath variable\0 0 truncation-vulnerabilities and early warning-the black bar safety net

POST /coin/upload. asp? action=upfile HTTP/1.1 Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, application/vnd. ms-excel, application/vnd. ms-powerpoint, application/msword, / Referer: Recently phpwind contains a vulnerability that Diamondback always...

0.1AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2011/09/12 12:40 p.m.2 views

CVE-2009-5090

SQL injection vulnerability in editcomments.php in Bloggeruniverse Beta 2, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter and possibly other unspecified vectors...

6.8CVSS6.5AI score0.02015EPSS
Exploits1References4
seebug.org
seebug.org
added 2011/08/28 12:0 a.m.23 views

WordPress Super CAPTCHA plugin <= 2.2.4 SQL Injection Vulnerability

No description provided by source. Exploit Title: WordPress Super CAPTCHA plugin = 2.2.4 SQL Injection Vulnerability Date: 2011-08-26 Author: Miroslav Stampar miroslav.stamparatgmail.com @stamparm Software Link: http://downloads.wordpress.org/plugin/super-capcha.2.2.4.zip Version: 2.2.4 tested...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2011/08/27 12:0 a.m.24 views

WordPress Plugin Super CAPTCHA 2.2.4 - SQL Injection

Exploit Title: WordPress Super CAPTCHA plugin Accounts Flagged'; for$i=0;$iusers ." SET spam='1' WHERE ID='". $UIDs$i ."'"; mysqlquery"UPDATE ". $wpdb-users ." SET userstatus='1' WHERE ID='". $UIDs$i ."'"; echo'USER ID: '. $UIDs$i .' marked as spammer.';...

7AI score
Exploits0
myhack58
myhack58
added 2011/08/12 12:0 a.m.40 views

About Dedecms variable coverage exploits-vulnerability warning-the black bar safety net

Someone recently broke the dedecms variable coverage holes,it is also a quite interesting vulnerability, and in some cases dedecms this variable vulnerability to exist for so long in some people are many years,about six months ago I also independently discovered by 本文 [email protected] Write ...

0.7AI score
Exploits0
0day.today
0day.today
added 2011/07/04 12:0 a.m.29 views

WeBid <= 1.0.2 (converter.php) Remote Code Execution Exploit

Exploit for php platform in category web applications checkmysql$res, $query, LINE, FILE; 157. $itemtitle = mysqlresult$res, 0, 'title'; Input passed through $REQUEST'auctionid' isn't properly sanitised before being used in the SQL query at line 154. - Vulnerable code to SQL injection works with...

7.1AI score
Exploits0
OpenVAS
OpenVAS
added 2011/06/01 12:0 a.m.28 views

Nmap NSE net: http-php-version

Attempts to retrieve the PHP version from a web server. PHP has a number of magic queries that return images or text that can vary with the PHP version. This script uses the following queries: '/?=PHPE9568F36-D428-11d2-A769-00AA001ACF42': gets a GIF logo, which changes on April Fool's Day...

Exploits0
0day.today
0day.today
added 2011/04/27 12:0 a.m.21 views

dalYlak Cms SQLInjection Vulnerability

Exploit for php platform in category web applications + Exploit Title: dalYlak Cms SQLInjection Vulnerability + Author : Net.Edit0r + Data : 2011-04-26 + E-mail : email protected + Home : http://security-war.com and Black-hg.com + dork : "Powred by dalYlak.com" + Versian : All Ver + Category : We...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2011/04/22 12:0 a.m.13 views

php 5.3.2,5.3.3存在magic_quote sql注射绕过

No description provided by source...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2011/03/27 12:0 a.m.51 views

Eircom Netopia Router Backdoor

++++++++++++++++++++ FULL DISCLOSURE OF EIRCOM NETOPIA ROUTER BACKDOOR VULNERABILITY! Yes, failcom suck, and they did it again. DERP! They gave us a nice TELNET shell into their routers, and now we can mess about 'cos it spawns a root shell by magic! and magic is the actual command! They also lef...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2011/03/09 12:0 a.m.55 views

&#39;Quick Polls&#39; Local File Inclusion &amp; Deletion Vulnerabilities &#40;CVE-2011-1099&#41;

'Quick Polls' Local File Inclusion & Deletion Vulnerabilities CVE-2011-1099 Mark Stanislav - [email protected] I. DESCRIPTION --------------------------------------- Two vulnerabilities exist in 'Quick Polls' providing local file inclusion & local file deletion due to null-byte attacks...

5.8CVSS6.2AI score0.03172EPSS
Exploits6
Packet Storm
Packet Storm
added 2011/03/06 12:0 a.m.33 views

Quick Polls 1.0.1 Local File Inclusion / Deletion

'Quick Polls' Local File Inclusion & Deletion Vulnerabilities CVE-2011-1099 Mark Stanislav - [email protected] I. DESCRIPTION --------------------------------------- Two vulnerabilities exist in 'Quick Polls' providing local file inclusion & local file deletion due to null-byte attacks...

5.8CVSS6.5AI score0.03172EPSS
Exploits6
Rows per page
Query Builder