Lucene search
K

839 matches found

Packet Storm
Packet Storm
added 2010/12/17 12:0 a.m.22 views

Social Share Cross Site Scripting

=========================================== www.eVuln.com advisory: "title" and "ur"l - Non-persistent XSS in Social Share Summary: http://evuln.com/vulns/164/summary.html Details: http://evuln.com/vulns/164/description.html -----------Summary----------- eVuln ID: EV0164 Software: Social Share...

7.4AI score
Exploits0
Zero Day Initiative
Zero Day Initiative
added 2010/12/16 12:0 a.m.23 views

Hewlett-Packard Power Manager Administration Web Server Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard Power Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists in the handling of URL parameters when posting to the login form of the web bas...

10CVSS7.1AI score0.09722EPSS
Exploits4References1
Prion
Prion
added 2010/10/05 6:0 p.m.16 views

Remote file inclusion

Multiple PHP remote file inclusion vulnerabilities in themes/default/index.php in Free Simple CMS 1.0 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the 1 body, 2 footer, 3 header, 4 menuleft, or 5 menuright parameter...

7.5CVSS7.8AI score0.02344EPSS
Exploits4References4Affected Software1
Exploit DB
Exploit DB
added 2010/09/20 12:0 a.m.32 views

PeerCast 0.1216 (Linux) - URL Handling Buffer Overflow (Metasploit)

$Id: peercasturl.rb 10394 2010-09-20 08:06:27Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/...

7.5CVSS7AI score0.72496EPSS
Exploits9
xssed
xssed
added 2010/09/07 12:0 a.m.17 views

Unfixed XSS vulnerability at www.modernreformation.org

Security researcher jath, has submitted on 09/07/2010 a cross-site-scripting XSS vulnerability affecting www.modernreformation.org, which at the time of submission ranked 1477261 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 09/07/2010. It is...

Exploits0References1
NVD
NVD
added 2010/09/03 6:0 p.m.15 views

CVE-2010-3209

Multiple PHP remote file inclusion vulnerabilities in Seagull 0.6.7 allow remote attackers to execute arbitrary PHP code via a URL in the includeFile parameter to 1 Config/Container.php and 2 HTML/QuickForm.php in fog/lib/pear/, the 3 driverpath parameter to fog/lib/pear/DB/NestedSet.php, and the...

7.5CVSS7.7AI score0.02294EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2010/08/18 12:0 a.m.14 views

Serv-U < 10.2.0.0 Multiple Vulnerabilities

Binary data 5635.prm...

7.3AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2010/07/21 12:0 a.m.42 views

Mozilla Thunderbird 3.1.x < 3.1.1 Multiple Vulnerabilities

The installed version of Thunderbird is earlier than 3.1.1. Such versions are potentially affected by the following security issues : - Multiple memory safety bugs could result in memory corruption, potentially resulting in arbitrary code execution. MFSA 2010-34 - It may be possible to run...

9.8CVSS7.6AI score0.43382EPSS
Exploits20References21
Tenable Nessus
Tenable Nessus
added 2010/07/21 12:0 a.m.25 views

SeaMonkey 2.0.x < 2.0.6 Multiple Vulnerabilities

Binary data 800871.prm...

9.8CVSS7.3AI score0.43382EPSS
Exploits24References24
Tenable Nessus
Tenable Nessus
added 2010/07/21 12:0 a.m.19 views

Mozilla Thunderbird 3.1.x < 3.1.1 Multiple Vulnerabilities

Binary data 5609.prm...

9.8CVSS7.3AI score0.43382EPSS
Exploits19References20
Tenable Nessus
Tenable Nessus
added 2010/07/21 12:0 a.m.250 views

SeaMonkey < 2.0.6 Multiple Vulnerabilities

The installed version of SeaMonkey is earlier than 2.0.6. Such versions are potentially affected by the following security issues : - Multiple memory safety bugs could result in memory corruption, potentially resulting in arbitrary code execution. MFSA 2010-34 - An error in DOM attribute cloning...

9.8CVSS7.2AI score0.43382EPSS
Exploits23References22
Mozilla
Mozilla
added 2010/07/20 12:0 a.m.39 views

Cross-origin data leakage from script filename in error messages — Mozilla

Security researcher Soroush Dalili reported that potentially sensitive URL parameters could be leaked across domains upon script errors when the script filename and line number is included in the error message...

5CVSS1.4AI score0.01069EPSS
Exploits1References2Affected Software3
Exploit DB
Exploit DB
added 2010/07/12 12:0 a.m.31 views

NaviCOPA Web Server 2.0.1 - URL Handling Buffer Overflow (Metasploit)

$Id: navicopagetoverflow.rb 9797 2010-07-12 23:25:31Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

7.5CVSS7AI score0.66826EPSS
Exploits4
NVD
NVD
added 2010/06/17 4:30 p.m.16 views

CVE-2010-1373

Cross-site scripting XSS vulnerability in Help Viewer in Apple Mac OS X 10.6 before 10.6.4 allows remote attackers to inject arbitrary web script or HTML via a crafted help: URL, related to "URL parameters in HTML content."...

4.3CVSS5.2AI score0.01223EPSS
Exploits0References6
Prion
Prion
added 2010/06/17 4:30 p.m.27 views

Cross site scripting

Cross-site scripting XSS vulnerability in Help Viewer in Apple Mac OS X 10.6 before 10.6.4 allows remote attackers to inject arbitrary web script or HTML via a crafted help: URL, related to "URL parameters in HTML content."...

4.3CVSS5.6AI score0.01223EPSS
Exploits0References6Affected Software2
xssed
xssed
added 2010/05/16 12:0 a.m.8 views

Unfixed XSS vulnerability at zapisy.pwr.wroc.pl

Security researcher maligree, has submitted on 16/05/2010 a cross-site-scripting XSS vulnerability affecting zapisy.pwr.wroc.pl, which at the time of submission ranked 31110 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 06/07/2010. It is...

6.6AI score
Exploits0References1
NVD
NVD
added 2010/04/09 6:30 p.m.16 views

CVE-2010-1342

Multiple PHP remote file inclusion vulnerabilities in Direct News 4.10.2, when registerglobals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the rootpath parameter to 1 admin/menu.php and 2 library/lib.menu.php; and the adminroot parameter to 3...

6.8CVSS7.6AI score0.01801EPSS
Exploits1References3
0day.today
0day.today
added 2010/04/04 12:0 a.m.35 views

SAGU-PRO v1.0 Multiple Remote File Include Vulnerability

Exploit for php platform in category web applications ======================================================== SAGU-PRO v1.0 Multiple Remote File Include Vulnerability ======================================================== \|/// \ - - // @ @...

7.1AI score
Exploits0
Cvelist
Cvelist
added 2010/03/25 5:0 p.m.22 views

CVE-2010-1114

Multiple PHP remote file inclusion vulnerabilities in Web Server Creator - Web Portal 0.1 allow remote attackers to execute arbitrary PHP code via a URL in the 1 pg parameter to index.php and the 2 path parameter to news/form.php...

7.7AI score0.0299EPSS
Exploits1References3
Packet Storm
Packet Storm
added 2010/01/14 12:0 a.m.20 views

Zenoss 2.3.3 SQL Injection

nGenuity Information Services -- Security Advisory Advisory ID: NGENUITY-2010-001 - Zenoss getJSONEventsInfo SQL Injection Application: Zenoss 2.3.3 Vendor: Zenoss Vendor website: http://www.zenoss.com Author: Adam Baldwin [email protected] Authentication: Valid user or admin session...

7.4AI score
Exploits0
Rows per page
Query Builder