Lucene search
K

2293 matches found

CERT
CERT
added 2007/05/18 12:0 a.m.16 views

OPeNDAP arbitrary command execution vulnerability

Overview The BES daemon in OPeNDAP server version 4 contains a vulnerability. This vulnerability may allow an attacker to execute arbitrary commands, or upload files to a remote server. Description OPeNDAP is a software package designed to help researchers exchange data sets that are stored in...

7.7AI score
Exploits0References4
securityvulns
securityvulns
added 2007/05/02 12:0 a.m.53 views

Flaw in about.r OS and Progress version disclosure

about.r OS and Progress version disclosure. Because of poor security in webutil/about.r it is possible to view the OS and the Progress version of a remote webspeed server. First you have to find the messenger execution url. For example: http://yourmachine.com/scripts/cgiip.exe/WService=wsbroker1...

0.9AI score
Exploits0
exploitpack
exploitpack
added 2007/05/02 12:0 a.m.13 views

ObieWebsite Mini Web Shop 2 - Sendmail.php?PATH_INFO Cross-Site Scripting

ObieWebsite Mini Web Shop 2 - Sendmail.php?PATHINFO Cross-Site Scripting source: https://www.securityfocus.com/bid/23847/info Mini Web Shop is prone to multiple cross-site scripting vulnerabilities because the application fails to sufficiently sanitize user-supplied input. An attacker can exploit...

6.8AI score
Exploits0
exploitpack
exploitpack
added 2007/05/02 12:0 a.m.11 views

ObieWebsite Mini Web Shop 2 - order_form.php?PATH_INFO Cross-Site Scripting

ObieWebsite Mini Web Shop 2 - orderform.php?PATHINFO Cross-Site Scripting source: https://www.securityfocus.com/bid/23847/info Mini Web Shop is prone to multiple cross-site scripting vulnerabilities because the application fails to sufficiently sanitize user-supplied input. An attacker can exploi...

6.8AI score
Exploits0
Exploit DB
Exploit DB
added 2007/05/02 12:0 a.m.23 views

ObieWebsite Mini Web Shop 2 - 'order_form.php?PATH_INFO' Cross-Site Scripting

source: https://www.securityfocus.com/bid/23847/info Mini Web Shop is prone to multiple cross-site scripting vulnerabilities because the application fails to sufficiently sanitize user-supplied input. An attacker can exploit these issues to steal cookie-based authentication credentials and launch...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2007/05/02 12:0 a.m.24 views

ObieWebsite Mini Web Shop 2 - 'Sendmail.php?PATH_INFO' Cross-Site Scripting

source: https://www.securityfocus.com/bid/23847/info Mini Web Shop is prone to multiple cross-site scripting vulnerabilities because the application fails to sufficiently sanitize user-supplied input. An attacker can exploit these issues to steal cookie-based authentication credentials and launch...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2007/04/19 12:0 a.m.25 views

ProFTPD Auth API Multiple Auth Module Authentication Bypass

The remote host is running ProFTPd. Due to a bug in the way the remote server is configured and the way it processes the USER and PASS commands, it is possible to log into the remote system by supplying invalid credentials. C Tenable Network Security, Inc. include"compat.inc"; if description...

5.1CVSS5.5AI score0.12516EPSS
Exploits0References2
Packet Storm
Packet Storm
added 2007/03/27 12:0 a.m.19 views

libero-xss.txt

Libero.it, one of the most important italian ISP www.libero.it is affected from a XSS vulnerability. The vulnerability can be found in the "Community" section of Libero portal, and the affected functionality is "add nick" http://digiland.libero.it/profilo.phtml?nick=. The implementation of this...

7.4AI score
Exploits0
Fedora
Fedora
added 2007/02/05 5:8 p.m.35 views

[SECURITY] Fedora Core 6 Update: postgresql-8.1.7-1.fc6

PostgreSQL is an advanced Object-Relational database management system DBMS that supports almost all SQL constructs including transactions, subselects and user-defined types and functions. The postgresql package includes the client programs and libraries that you'll need to access a PostgreSQL DB...

8.5CVSS0.9AI score0.04693EPSS
Exploits0
exploitpack
exploitpack
added 2006/12/15 12:0 a.m.26 views

OpenLDAP 2.4.3 - KBIND Remote Buffer Overflow

OpenLDAP 2.4.3 - KBIND Remote Buffer Overflow / openldap-kbind-p00f.c - OpenLDAP kbind remote exploit Only works on servers compiled with --enable-kbind enable LDAPv2+ Kerberos IV bind deprecated no by Solar Eclipse Shoutouts to LSD for their l33t asm code and to all 0dd people Private 0dd code. ...

1.1AI score
Exploits0
securityvulns
securityvulns
added 2006/11/16 12:0 a.m.41 views

[NT] Selenium FTP Server Directory Traversal

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion The SecuriTeam alerts list - Free, Accurate, Independent. Get your security news from a reliable source...

7.2AI score
Exploits0
Packet Storm
Packet Storm
added 2006/11/14 12:0 a.m.26 views

r3mote_unix_wrapper.sh.txt

!/bin/sh Variables Ultra short URL where is located our additional code Max length : 8 chars SRC="zz.1.vg" Filename of the downloaded file Max length : 6 chars because of "-O" in wget FILE="./..." Target SAP server IP No restriction ;- TARGET="192.168.201.11" Set to /bin/echo to debug DEBUG="" So...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2006/11/09 12:0 a.m.23 views

freewebshop222.txt

FreeWebshop '"alertdocument.cookie laurent gaffié & benjamin mossé http://s-a-p.ca/ contact: [email protected]...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2006/11/07 12:0 a.m.18 views

WarFTP Daemon < 1.82.00-RC13 Multiple Command Remote Format Strings

Binary data 3808.prm...

4CVSS7.3AI score0.02922EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2006/10/03 12:0 a.m.127 views

Sun Secure Global Desktop / Tarantella < 4.20.983 Multiple XSS

Sun Secure Global Desktop or Tarantella, a Java-based program for web-enabling applications running on a variety of platforms, is installed on the remote web server. According to the version reported in one of its scripts, the installation of the software on the remote host fails to sanitize...

6.8CVSS6AI score0.0285EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2006/10/02 12:0 a.m.14 views

Sun Secure Global Desktop / Tarantella < 4.20.983 Multiple XSS

Binary data 3760.prm...

6.8CVSS7.3AI score0.0285EPSS
Exploits0References5
exploitpack
exploitpack
added 2006/09/27 12:0 a.m.8 views

OpenSSH 4.3 p1 - Duplicated Block Remote Denial of Service

OpenSSH 4.3 p1 - Duplicated Block Remote Denial of Service !/bin/bash OpenSSH CRC compensation attack detection DoS PoC. Tavis Ormandy Yes, I really did implement crc-32 in bash. usage: script victim hostname hostname=$1:-localhost port=$2:-22 where the fifo is created to communicate with netcat...

0.1AI score
Exploits0
Debian
Debian
added 2006/09/05 6:8 a.m.27 views

[SECURITY] [DSA 1169-1] New MySQL 4.1 packages fix several vulnerabilities

-------------------------------------------------------------------------- Debian Security Advisory DSA 1169-1 [email protected] http://www.debian.org/security/ Martin Schulze September 5th, 2006 http://www.debian.org/security/faq -...

3.6CVSS6.3AI score0.02729EPSS
Exploits2
FreeBSD
FreeBSD
added 2006/08/30 12:0 a.m.29 views

gtetrinet -- remote code execution

The Debian Security Team reports: Michael Gehring discovered several potential out-of-bounds index accesses in gtetrinet, a multiplayer Tetris-like game, which may allow a remote server to execute arbitrary code...

7.5CVSS6.7AI score0.04015EPSS
Exploits0References1
OSV
OSV
added 2006/08/30 12:0 a.m.13 views

DSA-1163 gtetrinet - programming error

Bulletin has no description...

7.5CVSS6.3AI score0.04015EPSS
Exploits0
Rows per page
Query Builder