Lucene search
K

128 matches found

Packet Storm
Packet Storm
added 2012/11/25 12:0 a.m.27 views

BuyClassifiedScript PHP Code Injection

Exploit Title: buyclassifiedscript PHP code injection vulnerability Date: 25.11.201 Exploit Author: d3b4g Vendor Homepage: http://buyclassifiedscript.com/ Tested on:Windows 7 Blog: d3b4g.me ---------------------------------------------------------------------------------- This vulnerability allow...

0.6AI score
Exploits0
Packet Storm
Packet Storm
added 2008/11/18 12:0 a.m.23 views

cnn-xss.txt

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Dear CNN, I recently discovered a security vulnerability on the www.cnn.com website. I believe the vulnerability can be used by a remote user to alter content on www.cnn.com. On 10 Nov 2008, I wrote to...

7.4AI score
Exploits0
Positive Technologies
Positive Technologies
added 2008/04/12 12:0 a.m.5 views

PT-2008-3301 · Blogator · Blogator-Script

Name of the Vulnerable Software and Affected Versions: Blogator-script version 1.0 Description: The issue allows remote attackers to execute arbitrary PHP code via a URL in the incl page parameter in several PHP files, including struct admin.php, struct admin blog.php, and struct main.php in the...

6.8CVSS7.7AI score0.01967EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2007/10/14 12:0 a.m.8 views

PT-2007-6476 · Unknown · Crs Manager

Name of the Vulnerable Software and Affected Versions: CRS Manager affected versions not specified Description: The issue concerns multiple PHP remote file inclusion vulnerabilities. These vulnerabilities allow remote attackers to execute arbitrary PHP code via a URL in the DOCUMENT ROOT paramete...

7.5CVSS8AI score0.0322EPSS
Exploits1References9
myhack58
myhack58
added 2007/03/02 12:0 a.m.17 views

The script pictures the back door without echo solutions-vulnerability warning-the black bar safety net

First of all, let us think about why the picture of the back door is not back obvious reason: as you know, we use the include contains picture, the interpreter will put the picture as a text document for searching and automatic parsing% %or??& gt;of the script. So what other html characters such...

0.1AI score
Exploits0
OSV
OSV
added 2004/12/31 5:0 a.m.2 views

DEBIAN-CVE-2004-1736

Cacti 0.8.5a allows remote attackers to gain sensitive information via an HTTP request to 1 auth.php, 2 authlogin.php, 3 authchangepassword.php, and possibly other php files, which reveal the installation path in a PHP error message...

5CVSS7.1AI score0.01541EPSS
Exploits1References1
exploitpack
exploitpack
added 2004/07/17 12:0 a.m.15 views

Gallery 1.4.4 - Remote Server-Side Script Execution

Gallery 1.4.4 - Remote Server-Side Script Execution source: https://www.securityfocus.com/bid/10968/info A vulnerability is reported to exist in Gallery that may allow a remote attacker to execute malicious scripts on a vulnerable system. This issue is a design error that occurs due to the...

0.1AI score
Exploits0
NVD
NVD
added 2002/12/31 5:0 a.m.14 views

CVE-2002-2331

W3Mail 1.0.2 through 1.0.5 with server side scripting SSI enabled in the attachments directory does not properly restrict the types of files that can be uploaded as attachments, which allows remote attackers to execute arbitrary code by sending code in MIME attachments, then requesting the...

5.8CVSS7.2AI score0.02075EPSS
Exploits0References3
Rows per page
Query Builder