Lucene search
K

121 matches found

seebug.org
seebug.org
added 2014/07/01 12:0 a.m.17 views

OpenSIS 'modname' - PHP Code Execution

No description provided by source. This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 Msf::Exploit::Remote Rank = ExcellentRanking include Msf::Exploit::Remote::HttpClient def...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.17 views

LBL traceroute 1.4 a5 Heap Corruption Vulnerability (3)

No description provided by source. source: http://www.securityfocus.com/bid/1739/info Traceroute is a well-known network diagnostic tool used for analyzing the path on a network between two hosts. On unix systems, traceroute is typically installed setuid root because of its use of raw sockets...

7.1AI score
Exploits0
Metasploit
Metasploit
added 2014/06/04 3:29 p.m.31 views

Cogent DataHub Command Injection

This module exploits an injection vulnerability in Cogent DataHub prior to 7.3.5. The vulnerability exists in the GetPermissions.asp page, which makes insecure use of the datahubcommand function with user controlled data, allowing execution of arbitrary datahub commands and scripts. This module h...

7.5CVSS7.8AI score0.64191EPSS
Exploits4
Check Point Advisories
Check Point Advisories
added 2013/12/31 12:0 a.m.2 views

ABB MicroSCADA Wserver Multiple Buffer Overflows

Multiple Buffer Overflow vulnerabilities have been reported in the Wserver component of ABB MicroSCADA. The vulnerabilities are due to the copying of user controlled data to stack-based buffers without size verification. A remote attacker can exploit this issue by sending a specially crafted...

7.2AI score
Exploits0
RubySec
RubySec
added 2013/12/03 12:0 a.m.23 views

XSS Vulnerability in simple_format helper

There is a vulnerability in the simpleformat helper in Ruby on Rails. The simpleformat helper converts user supplied text into html text which is intended to be safe for display. A change made to the implementation of this helper means that any user provided HTML attributes will not be escaped...

4.3CVSS1AI score0.01963EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2013/10/09 12:0 a.m.63 views

Apache OpenJPA code execution

User-controlled data it stored in local executable file...

7.5CVSS1.9AI score0.09511EPSS
Exploits0References1Affected Software1
Exploit DB
Exploit DB
added 2013/01/24 12:0 a.m.27 views

ZoneMinder Video Server - packageControl Command Execution (Metasploit)

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'ZoneMinder Video...

7.4AI score
Exploits0
Metasploit
Metasploit
added 2012/10/24 5:54 a.m.25 views

SugarCRM unserialize() PHP Code Execution

This module exploits a php unserialize vulnerability in SugarCRM 'SugarCRM unserialize PHP Code Execution', 'Description' = %q This module exploits a php unserialize vulnerability in SugarCRM = 6.3.1 which could be abused to allow authenticated SugarCRM users to execute arbitrary code with the...

9.8CVSS0.3AI score0.67256EPSS
Exploits13
0day.today
0day.today
added 2012/10/11 12:0 a.m.104 views

KeyHelp ActiveX LaunchTriPane Remote Code Execution

Exploit for windows platform in category remote exploits This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core'...

7.1AI score0.39711EPSS
Exploits9
0day.today
0day.today
added 2012/09/22 12:0 a.m.15 views

ZEN Load Balancer Filelog Command Execution

Exploit for linux platform in category remote exploits This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/...

7.1AI score
Exploits0
Metasploit
Metasploit
added 2012/09/10 2:46 p.m.61 views

Winamp MAKI Buffer Overflow

This module exploits a stack based buffer overflow in Winamp 5.55. The flaw exists in the genff.dll and occurs while parsing a specially crafted MAKI file, where memmove is used in an insecure way with user controlled data. To exploit the vulnerability the attacker must convince the victim to...

9.3CVSS7.2AI score0.36337EPSS
Exploits5
Packet Storm
Packet Storm
added 2012/06/27 12:0 a.m.51 views

SugarCRM 6.3.1 unserialize() PHP Code Execution

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 'SugarCRM %q This module exploits a ph...

0.5AI score0.67256EPSS
Exploits13
Zero Day Initiative
Zero Day Initiative
added 2011/10/26 12:0 a.m.40 views

Oracle Java MixerSequencer.nAddControllerEventCallback Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Java. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists because Java does not...

9CVSS6.1AI score0.05445EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2008/05/01 12:0 a.m.18 views

GLSA-200804-30 : KDE start_kdeinit: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200804-30 KDE startkdeinit: Multiple vulnerabilities Vulnerabilities have been reported in the processing of user-controlled data by startkdeinit, which is setuid root by default. Impact : A local attacker could possibly execute...

4.6CVSS6.1AI score0.00626EPSS
Exploits2References2
Gentoo Linux
Gentoo Linux
added 2008/04/29 12:0 a.m.31 views

KDE start_kdeinit: Multiple vulnerabilities

Background KDE is a feature-rich graphical desktop environment for Linux and Unix-like operating systems. startkdeinit is a wrapper for kdeinit. Description Vulnerabilities have been reported in the processing of user-controlled data by startkdeinit, which is setuid root by default. Impact A loca...

4.6CVSS7.2AI score0.00626EPSS
Exploits2
FreeBSD
FreeBSD
added 2007/01/05 12:0 a.m.40 views

opera -- multiple vulnerabilities

iDefense reports: The vulnerability specifically exists due to Opera improperly processing a JPEG DHT marker. The DHT marker is used to define a Huffman Table which is used for decoding the image data. An invalid number of index bytes in the DHT marker will trigger a heap overflow with partially...

7.2AI score
Exploits0References4
exploitpack
exploitpack
added 2004/06/08 12:0 a.m.21 views

Squid 2.5.x3.x - NTLM Buffer Overflow (Metasploit)

Squid 2.5.x3.x - NTLM Buffer Overflow Metasploit $Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/...

0.7107EPSS
Exploits6
OSV
OSV
added 2003/08/11 12:0 a.m.39 views

DSA-371 perl - cross-site scripting

Bulletin has no description...

4.3CVSS6AI score0.04442EPSS
Exploits0
exploitpack
exploitpack
added 2000/09/28 12:0 a.m.14 views

LBL Traceroute 1.4 a5 - Heap Corruption (2)

LBL Traceroute 1.4 a5 - Heap Corruption 2 // source: https://www.securityfocus.com/bid/1739/info Traceroute is a well-known network diagnostic tool used for analyzing the path on a network between two hosts. On unix systems, traceroute is typically installed setuid root because of its use of raw...

0.4AI score
Exploits0
exploitpack
exploitpack
added 2000/09/28 12:0 a.m.35 views

LBL Traceroute 1.4 a5 - Heap Corruption (1)

LBL Traceroute 1.4 a5 - Heap Corruption 1 // source: https://www.securityfocus.com/bid/1739/info Traceroute is a well-known network diagnostic tool used for analyzing the path on a network between two hosts. On unix systems, traceroute is typically installed setuid root because of its use of raw...

0.3AI score
Exploits0
Rows per page
Query Builder