Lucene search
+L

140 matches found

0day.today
0day.today
added 2018/01/08 12:0 a.m.70 views

Vanilla < 2.1.5 - Cross-Site Request Forgery Vulnerability

Exploit for php platform in category web applications Exploit Title: CSRF vulnerabilities in Vanilla Forums below 2.1.5-CVE-2017-1000432 Google Dork: NA Date: 7/1/2018 Contact: https://twitter.com/anandm47 website: https://anandtechzone.blogspot.in Exploit Author: Anand Meyyappan Vendor Homepage:...

7.2CVSS0.2AI score0.01647EPSS
Exploits12
exploitpack
exploitpack
added 2018/01/08 12:0 a.m.53 views

Vanilla 2.1.5 - Cross-Site Request Forgery

Vanilla 2.1.5 - Cross-Site Request Forgery Exploit Title: CSRF vulnerabilities in Vanilla Forums below 2.1.5-CVE-2017-1000432 Google Dork: NA Date: 7/1/2018 Contact: https://twitter.com/anandm47 website: https://anandtechzone.blogspot.in Exploit Author: Anand Meyyappan Vendor Homepage:...

6CVSS1AI score0.01647EPSS
Exploits5
Exploit DB
Exploit DB
added 2018/01/08 12:0 a.m.40 views

Vanilla &lt; 2.1.5 - Cross-Site Request Forgery

Exploit Title: CSRF vulnerabilities in Vanilla Forums below 2.1.5-CVE-2017-1000432 Google Dork: NA Date: 7/1/2018 Contact: https://twitter.com/anandm47 website: https://anandtechzone.blogspot.in Exploit Author: Anand Meyyappan Vendor Homepage: https://open.vanillaforums.com Software Link:...

8CVSS7.9AI score0.01647EPSS
Exploits5
exploitpack
exploitpack
added 2016/11/17 12:0 a.m.15 views

WordPress Plugin Sirv 1.3.1 - SQL Injection

WordPress Plugin Sirv 1.3.1 - SQL Injection Exploit Title: Sirv 1.3.1 Plugin For WordPress Sql Injection Date: 10/11/2016 Exploit Author: Lenon Leite Vendor Homepage: https://wordpress.org/plugins/sirv/ Software Link: https://wordpress.org/plugins/sirv/ Contact: http://twitter.com/lenonleite...

0.1AI score
Exploits0
Exploit DB
Exploit DB
added 2015/01/08 12:0 a.m.39 views

WordPress Plugin Shopping Cart 3.0.4 - Unrestricted Arbitrary File Upload

...

6.5CVSS7AI score0.51617EPSS
Exploits7
Patchstack
Patchstack
added 2014/12/03 12:0 a.m.17 views

WordPress Ecommerce Cart66 Lite Plugin - Blind SQL Injection

Because of this vulnerability in WordPress Ecommerce Cart66 Lite plugin , shortcodeProductsTable is accessible for every registered user. Solution Update to version 1.5.2...

6.5CVSS4.1AI score0.03721EPSS
Exploits2References1Affected Software1
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.37 views

Apple Mac OS X Server 10.5 - Wiki Server Directory Traversal Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/28278/info Apple Mac OS X Server Wiki Server is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input data. Exploiting this issue allows an attacker to access arbitrary...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.18 views

MyDMS 1.4 - SQL Injection Vulnerability And Directory Traversal Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/10996/info MyDMS is reportedly susceptible to both a directory traversal vulnerability and an SQL injection vulnerability. The SQL injection vulnerability is present because a script improperly sanitizes user-supplied dat...

7.1AI score
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2014/04/18 4:35 a.m.5 views

Cybozu Remote Service Manager vulnerable to session fixation

Overview Remote Service Manager provided by Cybozu,Inc. is a software to access on-premise systems such as Cybozu products via "Cybozu Remote Service". Remote Service Manager contains a session fixation vulnerability. Impact A remote, unauthenticated attacker may impersonate a registered user. As...

6.8CVSS6.8AI score0.01734EPSS
Exploits0References5
Check Point Advisories
Check Point Advisories
added 2014/04/16 12:0 a.m.38 views

Zavio IP Camera Firmware 1.6.03 User Code Execution - Ver2 (CVE-2013-2568)

A code execution vulnerability has been reported in Zavio IP Camera Firmware. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system and gain the credentials of registered users...

10CVSS9.5AI score0.48539EPSS
Exploits6
exploitpack
exploitpack
added 2012/07/14 12:0 a.m.11 views

Shopware 3.5 - SQL Injection

Shopware 3.5 - SQL Injection !/usr/bin/php ?php Exploit Title: Shopware 3.5 - SQL Injection Date: 13.07.2012 Exploit Author: Kataklysmos Software Link: http://www.shopware.de/ Version: 3.5 function httpreq$host, $q if!$fs = fsockopen$host, 80 exit"Could not open HTTP- Connection to...

0.4AI score
Exploits0
Packet Storm
Packet Storm
added 2012/05/02 12:0 a.m.29 views

vBulletin 4.1.12 Cross Site Scripting

TITLE ....... vBulletin 4.1.12 Reflected XSS try csrf for registered users DATE ........ 24.04.2012 AUTOHR ...... http://hauntit.blogspot.com SOFT LINK ... http://www.vbulletin.com VERSION ..... 4.1.12 TESTED ON ... LAMP ----------------------------------------------------------------------- 1...

Exploits0
seebug.org
seebug.org
added 2011/12/21 12:0 a.m.24 views

Multiple vulnerabilities in OBM

No description provided by source. Reference: https://www.htbridge.ch/advisory/multiplevulnerabilitiesinobm.html Product: OBM Vendor: obm.org http://obm.org Vulnerable Version: 2.4.0-rc13 and probably prior Tested Version: 2.4.0-rc13 Vendor Notification: 30 November 2011 Vulnerability Type: XSS,...

7.1AI score
Exploits0
Atlassian
Atlassian
added 2011/11/28 10:5 a.m.29 views

Do not show registered users in quick search to anonymous users

Registered users appears in quick search, even when it's a search made by anonymous...

3.4AI score
Exploits0Affected Software1
exploitpack
exploitpack
added 2011/08/15 12:0 a.m.17 views

phpList 2.10.x - Security Bypass Information Disclosure

phpList 2.10.x - Security Bypass Information Disclosure source: https://www.securityfocus.com/bid/49188/info PHPList is prone to a security-bypass vulnerability and an information-disclosure vulnerability. An attacker can exploit these issues to gain access to sensitive information and send...

7.2AI score
Exploits0
Exploit DB
Exploit DB
added 2011/08/15 12:0 a.m.20 views

phpList 2.10.x - Security Bypass / Information Disclosure

source: https://www.securityfocus.com/bid/49188/info PHPList is prone to a security-bypass vulnerability and an information-disclosure vulnerability. An attacker can exploit these issues to gain access to sensitive information and send arbitrary messages to registered users. Other attacks are als...

7.4AI score
Exploits0
myhack58
myhack58
added 2011/08/06 12:0 a.m.20 views

Jackie novel CMS serialized system arbitrary file upload 0day-vulnerability warning-the black bar safety net

Registered users Into space-the album-upload With oprea live firefox modifying the source code There is a. jpg . gif of the place changedto. You can upload any file Keywords: inurl:modules/space...

3.4AI score
Exploits0
myhack58
myhack58
added 2011/05/10 12:0 a.m.15 views

South data enterprise 0day vulnerability affects versions: v10. 0 v11. 0-vulnerability warning-the black bar safety net

A direct proof of the user password. Take the shell method looks like there are 3 kinds of 1, registered users to upload get a shell, this comparison directly, can not into the background and don't know the username and password case. 2, into the background of the BACKUP DATABASE 3, in the site...

0.4AI score
Exploits0
myhack58
myhack58
added 2010/12/13 12:0 a.m.18 views

JE Messenger 1.0 Arbitrary file upload vulnerability-vulnerability warning-the black bar safety net

Publishing author: Salvatore Fresta aka Drosophila Official website: joomlaextensions. co. in Vulnerability type: file upload Vulnerability Description: The program save the function in an error, the compose.php allows to registered users to upload with any file extension. For a valid file...

Exploits0
Packet Storm
Packet Storm
added 2010/04/24 12:0 a.m.25 views

Memorial Web Site Script Arbitrary Deletion

----------------------------------------------------------------------------------------- Memorial Web Site Script Multiple Arbitrary Delete Vuln ----------------------------------------------------------------------------------------- Author : Chip D3 Bi0s Email : chipdebiosalt+64gmail.com Where...

0.3AI score
Exploits0
Rows per page
Query Builder