Lucene search
K

1326 matches found

seebug.org
seebug.org
added 2009/07/31 12:0 a.m.27 views

Millenium MP3 Studio 1.0 .mpf File Local Stack Overflow Exploit (update)

No description provided by source. + Vulnerability : .m3u File Local Stack Overflow Exploit SEH Full Rewrite + Product : Millenium MP3 Studio + Versions affected : v1.0 + Download : http://www.software112.com/products/mp3-millennium+download.html + Method : seh + Tested on : Windows XP SP3 En +...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2009/07/30 12:0 a.m.25 views

Millenium MP3 Studio 1.0 - .mpf Local Stack Overflow (2)

Millenium MP3 Studio 1.0 - .mpf Local Stack Overflow 2 + Vulnerability : .m3u File Local Stack Overflow Exploit SEH Full Rewrite + Product : Millenium MP3 Studio + Versions affected : v1.0 + Download : http://www.software112.com/products/mp3-millennium+download.html + Method : seh + Tested on :...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2009/05/11 12:0 a.m.41 views

Claroline v.1.8.11 Cross-Site Scripting

Author: Gerendi Sandor Attila Original Advisory: http://gsasec.blogspot.com/2009/05/claroline-v1811-cross-site-scripting.html Date: May 05, 2009 Package: Claroline 1.8.11 Product Homepage: http://www.claroline.net/ Versions Affected: v.1.8.11 Other versions may also be affected Severity: Medium...

0.3AI score
Exploits0
Packet Storm
Packet Storm
added 2009/05/08 12:0 a.m.19 views

Claroline 1.8.11 Cross Site Scripting

Author: Gerendi Sandor Attila Original Advisory: http://gsasec.blogspot.com/2009/05/claroline-v1811-cross-site-scripting.html Date: May 05, 2009 Package: Claroline 1.8.11 Product Homepage: http://www.claroline.net/ Versions Affected: v.1.8.11 Other versions may also be affected Severity: Medium...

7.4AI score
Exploits0
Prion
Prion
added 2009/02/26 4:17 p.m.11 views

Heap overflow

Unspecified vulnerability in sISAPILocation before 1.0.2.2 allows remote attackers to bypass intended access restrictions for character encoding and the cookie secure flag via unknown vectors related to the "HTTP header rewrite function."...

5CVSS7.2AI score0.01477EPSS
Exploits0References7Affected Software1
CVE
CVE
added 2009/02/26 4:0 p.m.48 views

CVE-2008-6298

CVE-2008-6298 concerns sISAPILocation (ISAPI filter for IIS) prior to 1.0.2.2. The vulnerability enables bypass of the HTTP header rewrite function, potentially bypassing configuration controls for character encoding and the cookie secure flag. Root cause is described as an issue in the sISAPILoc...

5CVSS6.9AI score0.01477EPSS
Exploits0References7Affected Software1
Cvelist
Cvelist
added 2009/02/26 4:0 p.m.29 views

CVE-2008-6298

Unspecified vulnerability in sISAPILocation before 1.0.2.2 allows remote attackers to bypass intended access restrictions for character encoding and the cookie secure flag via unknown vectors related to the "HTTP header rewrite function."...

6.7AI score0.01477EPSS
Exploits0References7
0day.today
0day.today
added 2009/02/09 12:0 a.m.49 views

w3bcms <= v3.5.0 Multiple Remote Vulnerabilities Exploit

Exploit for unknown platform in category web applications ======================================================== w3bcms = v3.5.0 Multiple Remote Vulnerabilities Exploit ======================================================== !/usr/bin/perl use LWP::UserAgent; use HTTP::Request::Common qwPOST;...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2009/02/09 12:0 a.m.39 views

w3bcms 3.5.0 SQL Injection

!/usr/bin/perl use LWP::UserAgent; use HTTP::Request::Common qwPOST; use Getopt::Long; '/ -.- -------------------oOO------OOo------------------ | | | / / / / | | / / / / / / / / / / / | | // // / / / // / // / // | | ///,// /./,/, // | | Security Research Division // 2oo9 |...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2009/01/16 12:0 a.m.80 views

iDefense Security Advisory 01.13.09: Oracle Database 10g R2 Summary Advisor Arbitrary File Rewrite Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 iDefense Security Advisory 01.12.09 http://labs.idefense.com/intelligence/vulnerabilities/ Jan 12, 2009 I. BACKGROUND Oracle Database Server is a family of database products that range from personal databases to enterprise solutions. Further informati...

4CVSS0.5AI score0.01176EPSS
Exploits0
Packet Storm
Packet Storm
added 2008/12/01 12:0 a.m.22 views

cpcommerce-bypass.txt

Author: girex Homepage: girex.altervista.org CMS: cpCommerce 1.2.6 Site: http://cpcommerce.cpradio.org/ Bug: URL Rewrite - Input variables overwrite PoC: Auth bypass - Shell upload Note: Works regardless php.ini settings Vendor informed: 23/11/08 cpCommerce 1.2.7 released: 30/11/08 Public advisor...

7.4AI score
Exploits0
seebug.org
seebug.org
added 2008/11/30 12:0 a.m.21 views

cpCommerce 1.2.6 (URL Rewrite) Input variable overwrite / Auth bypass

No description provided by source. Author: girex Homepage: girex.altervista.org CMS: cpCommerce 1.2.6 Site: http://cpcommerce.cpradio.org/ Bug: URL Rewrite - Input variables overwrite PoC: Auth bypass - Shell upload Note: Works regardless php.ini settings Vendor informed: 23/11/08 cpCommerce 1.2....

7.1AI score
Exploits0
0day.today
0day.today
added 2008/11/30 12:0 a.m.17 views

cpCommerce 1.2.6 (URL Rewrite) Input variable overwrite / Auth bypass

Exploit for unknown platform in category web applications ===================================================================== cpCommerce 1.2.6 URL Rewrite Input variable overwrite / Auth bypass ===================================================================== Author: girex CMS: cpCommerce...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2008/11/30 12:0 a.m.38 views

CPCommerce 1.2.6 - URL Rewrite Input Variable Overwrite / Authentication Bypass

Author: girex Homepage: girex.altervista.org CMS: cpCommerce 1.2.6 Site: http://cpcommerce.cpradio.org/ Bug: URL Rewrite - Input variables overwrite PoC: Auth bypass - Shell upload Note: Works regardless php.ini settings Vendor informed: 23/11/08 cpCommerce 1.2.7 released: 30/11/08 Public advisor...

7.4AI score
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2008/11/10 4:29 a.m.5 views

sISAPILocation vulnerability bypasses HTTP header rewrite function

Overview sISAPILocation, an ISAPI Internet Server Application Program Interface filter, contains a vulnerability that allows the HTTP header rewrite function to be bypassed. sISAPILocation, developed by an individual developer, is an ISAPI filter for IIS Internet Information Services...

5CVSS6.6AI score0.01477EPSS
Exploits0References9
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2008/11/06 12:0 a.m.21 views

JVN#67060882 sISAPILocation vulnerability bypasses HTTP header rewrite function

sISAPILocation, developed by an individual developer, is an ISAPI filter for IIS Internet Information Services. sISAPILocation contains a vulnerability that allows the HTTP header rewrite function to be bypassed. Impact When sISAPILocation is used to configure settings, such as to specify charact...

6.8AI score
Exploits0
seebug.org
seebug.org
added 2008/10/30 12:0 a.m.34 views

Wordpress Plugin e-Commerce &lt;= 3.4 Arbitrary File Upload Exploit

No description provided by source. !/usr/bin/perl use warnings; use strict; use LWP::UserAgent; use HTTP::Request::Common; my $fname = rand99999 . ".php"; no int print INTRO; messy print i know.. - Wordpress Plugin e-Commerce = 3.4 Arbitrary File Upload - Discovered && Coded by: t0pP8uZz Discover...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2008/10/29 12:0 a.m.22 views

wpecomm-upload.txt

!/usr/bin/perl use warnings; use strict; use LWP::UserAgent; use HTTP::Request::Common; my $fname = rand99999 . ".php"; no int print ; print "\nEnter File Pathpath to local file to upload: "; chompmy $file=; my $ua = LWP::UserAgent-new; my $re = $ua-requestPOST $url...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2008/10/29 12:0 a.m.30 views

WordPress Plugin E-Commerce 3.4 - Arbitrary File Upload

WordPress Plugin E-Commerce 3.4 - Arbitrary File Upload !/usr/bin/perl use warnings; use strict; use LWP::UserAgent; use HTTP::Request::Common; my $fname = rand99999 . ".php"; no int print ; print "\nEnter File Pathpath to local file to upload: "; chompmy $file=; my $ua = LWP::UserAgent-new; my $...

0.4AI score
Exploits0
OSV
OSV
added 2008/10/03 5:41 p.m.3 views

DEBIAN-CVE-2008-4359

lighttpd before 1.4.20 compares URIs to patterns in the 1 url.redirect and 2 url.rewrite configuration settings before performing URL decoding, which might allow remote attackers to bypass intended access restrictions, and obtain sensitive information or possibly modify data...

7.5CVSS7AI score0.04345EPSS
Exploits1References1
Rows per page
Query Builder