Lucene search
K

1410 matches found

seebug.org
seebug.org
added 2007/01/14 12:0 a.m.24 views

bmforum漏洞exp

No description provided by source. ?php printr" +------------------------------------------------------------------+ Exploit For Blue Magic Forum All Version Fuck Register Global && Magic Quote BY 拖鞋王子 Mokfly 媒婆X Just For Fun : +------------------------------------------------------------------+...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2006/12/06 12:0 a.m.49 views

WEBInsta MM <= 1.3e (absolute_path) Remote File Include Exploit

No description provided by source. !-- vulnerable code: /maillist/inc/initdb.php ----------------------------------------------------------------------- ifisset$GET'absolutepath' echo "no access from here !!"; exit; include$absolutepath.'inc/adodbt/db.inc';...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2006/08/15 12:0 a.m.78 views

WEBInsta MM 1.3e - 'absolute_path' Remote File Inclusion

WEBInsta Mailing List Manager = 1.3e initdb.php Remote File Include Exploit function milw0rm if document.exploit.target.value=="" alert"Enter a Target"; return false; exploit.action= document.exploit.target.value; exploit.cmd.value=document.exploit.cmd.value;...

7.4AI score
Exploits0
Cvelist
Cvelist
added 2006/06/23 12:0 a.m.16 views

CVE-2006-3197

Cross-site scripting XSS vulnerability in Invision Power Board IPB 2.1.6 and earlier allows remote attackers to inject arbitrary web script or HTML via a POST that contains hexadecimal-encoded HTML...

5.7AI score0.01264EPSS
Exploits0References7
Prion
Prion
added 2006/01/13 11:3 p.m.12 views

Code injection

Dave Nielsen and Patrick Breitenbach PayPal Web Services aka PHP Toolkit 0.50, and possibly earlier versions, allows remote attackers to enter false payment entries into the log file via HTTP POST requests to ipnsuccess.php...

5CVSS7.4AI score0.01487EPSS
Exploits0References6Affected Software1
NVD
NVD
added 2006/01/13 11:3 p.m.20 views

CVE-2006-0201

Dave Nielsen and Patrick Breitenbach PayPal Web Services aka PHP Toolkit 0.50, and possibly earlier versions, allows remote attackers to enter false payment entries into the log file via HTTP POST requests to ipnsuccess.php...

5CVSS6.9AI score0.01487EPSS
Exploits0References6
Cvelist
Cvelist
added 2006/01/13 11:0 p.m.21 views

CVE-2006-0201

Dave Nielsen and Patrick Breitenbach PayPal Web Services aka PHP Toolkit 0.50, and possibly earlier versions, allows remote attackers to enter false payment entries into the log file via HTTP POST requests to ipnsuccess.php...

6.9AI score0.01487EPSS
Exploits0References6
Packet Storm
Packet Storm
added 2005/11/20 12:0 a.m.22 views

almondClassifieds.txt

A vulnerability discovered in Almond Classifeds http://www.almondsoft.com/alcl.html vulnerability is due omit check of password in "editform" user can edit any add in the classifieds if we post new add we can edit our add in the "editform" section there are 2 hidden fields: by changing the number...

7.4AI score
Exploits0
Cvelist
Cvelist
added 2005/10/25 4:0 a.m.16 views

CVE-2004-2505

Macromedia ColdFusion MX before 6.1 does not restrict the size of error messages, which allows remote attackers to cause a denial of service memory consumption and crash by sending repeated GET or POST requests that trigger error messages that use long strings of data...

6.7AI score0.03201EPSS
Exploits1References3
Cvelist
Cvelist
added 2005/10/25 4:0 a.m.15 views

CVE-2004-2496

The HTTP daemon in OpenText FirstClass 7.1 and 8.0 allows remote attackers to cause a denial of service service availability loss via a large number of POST requests to /Search...

6.6AI score0.09152EPSS
Exploits1References6
exploitpack
exploitpack
added 2005/09/30 12:0 a.m.10 views

EasyGuppy 4.5.44.5.5 - Printfaq.php Directory Traversal

EasyGuppy 4.5.44.5.5 - Printfaq.php Directory Traversal source: https://www.securityfocus.com/bid/14984/info EasyGuppy is prone to a directory traversal vulnerability. The application fails to properly sanitize input supplied through HTTP POST requests or cookies. Exploitation of this vulnerabili...

0.1AI score
Exploits0
Cvelist
Cvelist
added 2005/03/10 5:0 a.m.20 views

CVE-2004-1765

Off-by-one buffer overflow in ModSecurity modsecurity 1.7.4 for Apache 2.x, when SecFilterScanPost is enabled, allows remote attackers to execute arbitrary code via crafted POST requests...

8.1AI score0.0467EPSS
Exploits0References7
Exploit DB
Exploit DB
added 2005/02/03 12:0 a.m.25 views

Linksys PSUS4 PrintServer - POST Denial of Service

source: https://www.securityfocus.com/bid/12443/info Linksys PSUS4 PrintServer is reported prone to a remote denial of service vulnerability while handling certain HTTP POST requests received on TCP port 80. An attacker may exploit this condition to deny service to the affected PrintServer. $ wge...

7.4AI score
Exploits0
FreeBSD
FreeBSD
added 2005/02/03 12:0 a.m.32 views

squid -- DoS on failed PUT/POST requests vulnerability

The squid patches page notes: An inconsistent state is entered on a failed PUT/POST request making a high risk for segmentation faults or other strange errors...

5CVSS6.4AI score0.12534EPSS
Exploits0References2
NVD
NVD
added 2004/12/31 5:0 a.m.16 views

CVE-2004-1765

Off-by-one buffer overflow in ModSecurity modsecurity 1.7.4 for Apache 2.x, when SecFilterScanPost is enabled, allows remote attackers to execute arbitrary code via crafted POST requests...

7.5CVSS8.1AI score0.0467EPSS
Exploits0References7
NVD
NVD
added 2004/12/31 5:0 a.m.15 views

CVE-2004-2496

The HTTP daemon in OpenText FirstClass 7.1 and 8.0 allows remote attackers to cause a denial of service service availability loss via a large number of POST requests to /Search...

7.8CVSS6.6AI score0.09152EPSS
Exploits1References6
exploitpack
exploitpack
added 2004/09/14 12:0 a.m.21 views

SnipSnap 0.5.2 - HTTP Response Splitting

SnipSnap 0.5.2 - HTTP Response Splitting source: https://www.securityfocus.com/bid/11180/info SnipSnap is reported prone to an HTTP response splitting vulnerability. The issue exists in the 'referer' parameter. The issue presents itself due to a flaw in the application that allows an attacker to...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2004/08/23 12:0 a.m.23 views

Axis Network Camera 2.x And Video Server 1-3 - Directory Traversal

Axis Network Camera 2.x And Video Server 1-3 - Directory Traversal source: https://www.securityfocus.com/bid/11011/info A directory-traversal vulnerability in HTTP POST requests. This attack is demonstrated by an anonymous user calling protected administration scripts. This bypasses authenticatio...

0.3AI score
Exploits0
securityvulns
securityvulns
added 2004/08/19 12:0 a.m.25 views

Cross-Site Scripting (XSS) in Php-Nuke 7.1.0

Affected software description: Php-Nuke is popular freeware content management system, written in php by Francisco Burzi. This CMS COntent Management System is used on many thousands websites, because its free of charge, easy to install and has broad set of features. Homepage: http://phpnuke.org...

6.3AI score
Exploits0
NVD
NVD
added 2003/07/24 4:0 a.m.30 views

CVE-2003-0349

Buffer overflow in the streaming media component for logging multicast requests in the ISAPI for the logging capability of Microsoft Windows Media Services nsiislog.dll, as installed in IIS 5.0, allows remote attackers to execute arbitrary code via a large POST request to nsiislog.dll...

7.5CVSS7.7AI score0.82542EPSS
Exploits6References7
Rows per page
Query Builder