Lucene search
K

49 matches found

GithubExploit
GithubExploit
added 2021/03/01 6:52 p.m.218 views

Exploit for OS Command Injection in Systeminformation

CVE-2021-21315-systeminformation This is Proof of Concept for...

7.8CVSS7.6AI score0.9024EPSS
Exploits4
Tenable Nessus
Tenable Nessus
added 2021/02/19 12:0 a.m.67 views

ISC BIND Buffer Overflow (CVE-2020-8625)

According to its self-reported version, the ISC Bind present on the remote host is affected by a buffer overflow vulnerability. BIND servers are vulnerable if they are running an affected version and are configured to use GSS-TSIG features. In a configuration which uses BIND's default settings th...

8.1CVSS7.5AI score0.64161EPSS
Exploits0References2
Prion
Prion
added 2020/09/15 2:15 p.m.15 views

Command injection

In Gallagher Command Centre versions 8.10 prior to 8.10.1134MR4, 8.00 prior to 8.00.1161MR5, 7.90 prior to 7.90.991MR5, 7.80 prior to 7.80.960MR2, 7.70 and earlier, any operator account has access to all data that would be replicated if the system were to be or is attached to a multi-server...

4CVSS7.4AI score0.008EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2020/09/15 1:24 p.m.24 views

CVE-2020-16096

In Gallagher Command Centre versions 8.10 prior to 8.10.1134MR4, 8.00 prior to 8.00.1161MR5, 7.90 prior to 7.90.991MR5, 7.80 prior to 7.80.960MR2, 7.70 and earlier, any operator account has access to all data that would be replicated if the system were to be or is attached to a multi-server...

9.9CVSS9.4AI score0.008EPSS
Exploits0References1
Hacker One
Hacker One
added 2020/02/25 6:52 p.m.23 views

U.S. Dept Of Defense: phpinfo() disclosure info

hi security team i found subdoamins avalibale file phpinfo PoC:- https://█████████/phpinfo.php Impact An attacker can obtain information such as: •Exact PHP version. •Exact OS and its version. •Details of the PHP configuration. •Internal IP addresses. •Server environment variables. •Loaded PHP...

0.5AI score
Exploits0
NVD
NVD
added 2018/07/31 2:29 p.m.26 views

CVE-2018-11338

Intuit Lacerte 2017 for Windows in a client/server environment transfers the entire customer list in cleartext over SMB, which allows attackers to 1 obtain sensitive information by sniffing the network or 2 conduct man-in-the-middle MITM attacks via unspecified vectors. The customer list contains...

7.5CVSS7.3AI score0.01207EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2018/06/27 12:0 a.m.26 views

PHPinfo Information Disclosure

Many PHP installation tutorials instruct the user to create a PHP file that calls the PHP function 'phpinfo' for debugging purposes, and various PHP applications may also include such a file by default. By accessing it, a remote attacker can discover a large amount of information about the remote...

7.2AI score
Exploits0References1
Microsoft KB
Microsoft KB
added 2018/06/19 7:0 a.m.17 views

Security update 2018-06-19

...

5.3AI score
Exploits0
Hacker One
Hacker One
added 2016/09/05 5:28 p.m.26 views

Boozt Fashion AB: PHP info page disclosure on http://www.day.dk/

Hi, Boozt team. Description: phpinfo is a debug functionality that prints out detailed information on both the system and the PHP configuration. Step to reproduce: 1. Go to http://www.day.dk/check.php An attacker can obtain information such as: •Exact PHP version. •Exact OS and its version...

7AI score
Exploits0
n0where
n0where
added 2014/06/25 5:13 p.m.15 views

How to: Version Control

How to: Version Control In Linux, /etc directory contains important system-related or application-specific configuration files. Especially in a server environment, it is wise to back up various server configurations in /etc directory regularly, to save trouble from any accidental changes in the...

0.8AI score
Exploits0References1
Hacker One
Hacker One
added 2014/06/25 1:43 p.m.75 views

Uzbey: Information Disclosure (phpinfo())

URL :- https://staging.uzbey.com/phpinfo.php Description :- phpinfo is a debug functionality that prints out detailed information on both the system and the PHP configuration. An attacker can obtain information such as: •Exact PHP version. •Exact OS and its version. •Details of the PHP...

0.4AI score
Exploits0
seebug.org
seebug.org
added 2014/05/10 12:0 a.m.56 views

逐浪cms两处文件上传漏洞(有服务器环境限制)

简要描述: 也是要结合iis6的解析漏洞,不知道这两处跟之前提交的会不会重复 详细说明: 由于官网不是iis6的环境 我本地进行测试 第一处 http://127.0.0.1/Plugins/ckfinder/ckfinder.html 在左边文件夹Files下新建字幕了1.asp 然后点击1.asp目录然后上传图片木马3.gif 然后右键查看文件 就可以看到文件地址了 文件地址 http://127.0.0.1/UploadFiles/files/1.asp/3.GIF 第二处 http://127.0.0.1/plugins/imageupload.aspx protected vo...

7.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2014/03/05 12:0 a.m.30 views

Fedora 19 : perl-CGI-Application-4.50-7.fc19 (2014-2998)

CGI::Application suffers from a flaw where, in certain cases, it would unexpectedly dump a complete set of web query data and server environment information as an error page. This could allow unintended disclosure of sensitive information. This update patches CGI::Application to no longer do so...

5CVSS5.4AI score0.01884EPSS
Exploits0References3
securityvulns
securityvulns
added 2013/05/06 12:0 a.m.59 views

[SE-2012-01] Yet another Reflection API flaw affecting Oracle's Java SE

Hello All, Today, a vulnerability report with an accompanying Proof of Concept code was sent to Oracle notifying the company of a new security weakness affecting Java SE 7 software. The new flaw was verified to affect all versions of Java SE 7 including the recently released 1.7.021-b11. It can b...

0.3AI score
Exploits0
myhack58
myhack58
added 2012/10/14 12:0 a.m.15 views

shopex front Desk ordinary users getshell vulnerabilities-vulnerability warning-the black bar safety net

Use method: First: Think of a way to find the target site's absolute path http://www.test.com/install/svinfo.php?phpinfo=true http://www.test.com/core/api/shopapi.php http://www.test.com/core/api/site/2.0/apib2b20cat.php http://www.test.com/core/api/site/2.0/apib2b20goodstype.php...

7.3AI score
Exploits0
myhack58
myhack58
added 2011/11/03 12:0 a.m.24 views

Innovation factory security po information disclosure vulnerability A and solution-vulnerability warning-the black bar safety net

Brief description: CDN most afraid of leaking the user's original server address, once leaked, the so-called security services is non-existent. Safe treasure the presence of multiple information disclosure vulnerabilities, the first report of the series! Detailed description: Information disclosu...

0.2AI score
Exploits0
FreeBSD
FreeBSD
added 2011/08/20 12:0 a.m.35 views

codeigniter -- SQL injection vulnerability

The CodeIgniter changelog reports: An improvement was made to the MySQL and MySQLi drivers to prevent exposing a potential vector for SQL injection on sites using multi-byte character sets in the database client connection. An incompatibility in PHP versions 5.0.7 with mysqlsetcharset creates a...

5.9AI score
Exploits0References1
myhack58
myhack58
added 2011/08/01 12:0 a.m.12 views

PHPCMS V9 Cross-Station 2 and repair-vulnerability warning-the black bar safety net

Some place it with the filter, the Server environment registerglobals = On time directly toXSS and... Fishing fishing. Nothing. In order to rank before the issue. Well well to. Detail:/install/header. tpl. php? step=b&stepsb=cc/titlescriptalert1 1 1;/scriptyou fuck your own test to go. In order t...

0.5AI score
Exploits0
myhack58
myhack58
added 2011/07/31 12:0 a.m.10 views

PHPCMS V9 Cross-Station 2 and repair-vulnerability warning-the black bar safety net

Some place it with the filter, the Server environment registerglobals = On time directly toXSS and... Fishing fishing. Nothing. In order to rank before the issue. Well well to. Detail:/install/header. tpl. php? step=b&stepsb=cc/titlescriptalert1 1 1;/script You fuck your own test to go. In order ...

0.5AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2011/05/03 7:55 p.m.4 views

CVE-2011-1724

Unspecified vulnerability in HP Virtual Server Environment before 6.3 allows remote authenticated users to gain privileges via unknown vectors...

6CVSS5.6AI score0.0177EPSS
Exploits0References7
Rows per page
Query Builder