Lucene search
K

1369 matches found

CNVD
CNVD
added 2015/02/11 12:0 a.m.3 views

xiaoCMS Arbitrary File Upload Vulnerability

xiaoCMS is a PHP+MYSQL open source web application for publishing news, building corporate, personal portals. xiaoCMS has an arbitrary file upload vulnerability due to lax program filtering. Allowing an attacker to exploit the vulnerability can upload php type webshell, and then control the serve...

7.2AI score
Exploits0
CNVD
CNVD
added 2014/12/04 12:0 a.m.2 views

YYMusicCMS File Upload Vulnerability

YYMusicCMS is a program that can provide online music, the program interface is beautiful and generous, using ASP + ACCESS development. YYMusicCMS has a file upload vulnerability, due to the lack of filtering of the Form form FilePath parameter, resulting in the ability to upload asp type files. ...

7.2AI score
Exploits0
myhack58
myhack58
added 2014/11/26 12:0 a.m.16 views

Free theme hidden back door, spread WordPress and other renowned CMS system-vulnerability warning-the black bar safety net

Recently the United States security researchers broke the news, for the CMS site of the thousands of plugins and themes are implanted called CryptoPHP Backdoor, which may lead to a lot ofWeb serveris an attacker for himself. Hidden in the CMS free plug-in the midst of the This new-found back door...

0.8AI score
Exploits0
0day.today
0day.today
added 2014/08/01 12:0 a.m.24 views

Sphider 1.3.6 - Multiple Vulnerabilities

Exploit for php platform in category web applications Description: The web application is vulnerable to SQLi. Once a website has been indexed with Sphider, an attacker can inject SQL under Sites - Browser pages- filter option. Proof of Concept: Response: POST: /admin/admin.php...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2014/07/28 12:0 a.m.22 views

Sphider Search Engine 1.3.6 - Multiple Vulnerabilities

Sphider Search Engine 1.3.6 - Multiple Vulnerabilities Exploit Title: Sphider 1.3.6 or later SQL Injection Google Dork: intitle:"Sphider Admin Login" Date: 1 July 2014 Exploit Author: Mike Manzotti Vendor Homepage: http://www.sphider.eu/ Software Link: http://www.sphider.eu/sphider-1.3.6.zip...

Exploits0
Tenable Nessus
Tenable Nessus
added 2014/07/22 12:0 a.m.33 views

FreeBSD : mcollective -- cert valication issue (ecea9e92-0be5-4931-88da-8772d044972a)

Melissa Stone reports : The MCollective aessecurity public key plugin does not correctly validate certs against the CA. By exploiting this vulnerability within a race/initialization window, an attacker with local access could initiate an unauthorized MCollective client connection with a server, a...

4.4CVSS5.5AI score0.00175EPSS
Exploits0References3
FreeBSD
FreeBSD
added 2014/07/09 12:0 a.m.28 views

mcollective -- cert valication issue

Melissa Stone reports: The MCollective aessecurity public key plugin does not correctly validate certs against the CA. By exploiting this vulnerability within a race/initialization window, an attacker with local access could initiate an unauthorized MCollective client connection with a server, an...

4.4CVSS7.1AI score0.00175EPSS
Exploits0References1
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.34 views

Hornbill Supportworks ITSM 1.0.0 - SQL Injection Vulnerability

No description provided by source. Summary SQL Injection Vulnerability in ITSM component of Hornbill Supportworks Application CVE number: CVE-2013-2594 Impact: High Vendor homepage: http://www.hornbill.com Vendor notified: 19/11/2012 Vendor response: This issue has reportedly been fixed but the...

7.5CVSS0.1AI score0.02638EPSS
Exploits6
Prion
Prion
added 2014/01/30 5:17 a.m.19 views

Design/Logic Flaw

The AutoUpdate package before 6.4 for IBM Security QRadar SIEM 7.2 MR1 and earlier allows remote attackers to execute arbitrary console commands by leveraging control of the server...

7.5CVSS8AI score0.01527EPSS
Exploits0References4Affected Software1
OpenVAS
OpenVAS
added 2013/09/11 12:0 a.m.16 views

GE Intelligent Platforms Proficy Cimplicity Multiple Vulnerabilities

GE Intelligent Platforms Proficy Cimplicity is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS7.5AI score0.17394EPSS
Exploits3References3
The Hacker News
The Hacker News
added 2013/09/09 6:45 a.m.208 views

Web Application Security : PHP SuperGlobal Variables are vulnerable to Hackers

Hackers are focusing on vulnerabilities in the PHP web application development platform threatening 80% websites in the world, including many big website i.e. Facebook and Wikipedia. PHP has several predefined variables that are called SuperGlobals i.e. POST, GET, COOKIES, FILES etc. Imperva...

6.4CVSS2.2AI score0.12879EPSS
Exploits16
ThreatPost
ThreatPost
added 2013/08/27 8:26 p.m.9 views

Syrian Electronic Army Hack Results in Compromise of Domain Data For NY Times, Twitter

The Syrian Electronic Army, a group known for attacking high-profile media sites in the last year or so, has in the last few hours compromised the domain information for a large number of sites, including the New York Times home page and some of Twitter’s domains. Security researchers say that th...

0.7AI score
Exploits0References6
OpenVAS
OpenVAS
added 2012/08/30 12:0 a.m.13 views

Fedora Update for globus-gridftp-server-control FEDORA-2012-8445

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

7.6CVSS6.5AI score0.03102EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2012/06/04 12:0 a.m.12 views

Fedora Update for globus-gridftp-server-control FEDORA-2012-8461

Check for the Version of globus-gridftp-server-control OpenVAS Vulnerability Test Fedora Update for globus-gridftp-server-control FEDORA-2012-8461 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can...

7.6CVSS6.4AI score0.03102EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2012/06/04 12:0 a.m.14 views

Fedora Update for globus-gridftp-server-control FEDORA-2012-8488

Check for the Version of globus-gridftp-server-control OpenVAS Vulnerability Test Fedora Update for globus-gridftp-server-control FEDORA-2012-8488 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can...

7.6CVSS6.4AI score0.03102EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2012/06/04 12:0 a.m.14 views

Fedora Update for globus-gridftp-server-control FEDORA-2012-8488

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

7.6CVSS6.5AI score0.03102EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2012/06/04 12:0 a.m.14 views

Fedora Update for globus-gridftp-server-control FEDORA-2012-8461

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

7.6CVSS6.5AI score0.03102EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2012/06/04 12:0 a.m.23 views

Fedora 16 : globus-gridftp-server-6.10-2.fc16 / globus-gridftp-server-control-2.5-2.fc16 (2012-8461)

Fix for http://jira.globus.org/browse/GT-195 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...

7.6CVSS5.3AI score0.03102EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2012/06/04 12:0 a.m.22 views

Fedora 17 : globus-gridftp-server-6.10-2.fc17 / globus-gridftp-server-control-2.5-2.fc17 (2012-8445)

Fix for http://jira.globus.org/browse/GT-195 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...

7.6CVSS5.3AI score0.03102EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2012/06/04 12:0 a.m.19 views

Fedora 15 : globus-gridftp-server-6.10-2.fc15 / globus-gridftp-server-control-2.5-2.fc15 (2012-8488)

Fix for http://jira.globus.org/browse/GT-195 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...

7.6CVSS5.3AI score0.03102EPSS
Exploits0References4
Rows per page
Query Builder