Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
πŸ”₯ Daily Hot!
πŸ’ͺ🏽 CPE Enhanced Advisories
πŸ•Ά Shadow Exploits
πŸ•΅πŸΌ Vulners CPE
πŸ” Security news
πŸ’» Exploit updates
πŸ“‘ Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
πŸ€– AI High Score
πŸ“° CVE Feed
show all

567 matches found

Metasploit
Metasploitβ€’added 2015/10/27 10:36 p.m.β€’24 views

Idera Up.Time Monitoring Station 7.0 post2file.php Arbitrary File Upload

This module exploits an arbitrary file upload vulnerability found within the Up.Time monitoring server 7.2 and below. A malicious entity can upload a PHP file into the webroot without authentication, leading to arbitrary code execution. Although the vendor fixed Up.Time to prevent this...

0.3AI score
Exploits0
CNVD
CNVDβ€’added 2015/10/08 12:0 a.m.β€’1 views

Webroot SecureAnywhere Business Mobile Protection SSL Certificate Validation Security Bypass Vulnerability

Webroot SecureAnywhere Business Mobile Protection is a suite of enterprise-grade antivirus software from Webroot USA. A security bypass vulnerability exists in Webroot SecureAnywhere Business Mobile Protection version 1.10.316 and earlier versions, which can be exploited by an attacker to conduct...

6.7AI score
Exploits0References1
securityvulns
securityvulnsβ€’added 2015/09/14 12:0 a.m.β€’53 views

Webroot SecureAnywhere Mobile Protection - MITM SSL Certificate Vulnerability

Webroot SecureAnywhere Mobile Protection - MITM SSL Certificate Vulnerability -- http://www.info-sec.ca/advisories/Webroot-SecureAnywhere.html Overview "Webroot SecureAnywhere Business – Mobile Protection provides essential security for iPhones and iPads and includes lost device protection that...

0.8AI score
Exploits0
OwnCloud
OwnCloudβ€’added 2015/03/25 6:44 p.m.β€’56 views

Bypass of file blacklist - ownCloud

A blacklist bypass vulnerability including UTF-8 encoding in file paths in the mentioned ownCloud versions, allows authenticated remote attackers to bypass the file blacklist and upload files such as the .htaccess files. An attacker could leverage this bypass by uploading a .htaccess and execute...

6CVSS6.9AI score0.00131EPSS
Exploits0Affected Software1
OwnCloud
OwnCloudβ€’added 2015/03/25 6:44 p.m.β€’40 views

Bypass of file blacklist on Microsoft Windows Platform - ownCloud

A blacklist bypass vulnerability including UTF-8 encoding in file paths in the mentioned ownCloud Server versions, when running on a Microsoft Windows Platform, allows authenticated remote attackers to bypass the file blacklist and upload files such as the .htaccess files. An attacker could...

6CVSS6.8AI score0.00131EPSS
Exploits0Affected Software1
CNVD
CNVDβ€’added 2015/03/25 12:0 a.m.β€’1 views

Webroot Spy Sweeper Enterprise Information Disclosure Vulnerability

Webroot Spy Sweeper is a suite of anti-spyware software from the US company Webroot. Spy Sweeper Enterprise is an enterprise version of Spy Sweeper, which provides real-time, comprehensive protection against spyware for browsing the Web, reading e-mail, downloading and installing software, and...

6.5AI score
Exploits0References1
Check Point Advisories
Check Point Advisoriesβ€’added 2014/12/18 12:0 a.m.β€’0 views

WebRooT Hack Tools

A command execution vulnerability has been reported in multiple PHP servers. The vulnerability is due to the existence of a backdoor file on the PHP server within a specific library. A remote attacker can exploit this vulnerability by sending a request to the malicious backdoor file...

4.7AI score
Exploits0
exploitpack
exploitpackβ€’added 2014/10/14 12:0 a.m.β€’24 views

Croogo 2.0.0 - Arbitrary PHP Code Execution

Croogo 2.0.0 - Arbitrary PHP Code Execution !/usr/bin/env python Croogo 2.0.0 Arbitrary PHP Code Execution Exploit Vendor: Fahad Ibnay Heylaal Product web page: http://www.croogo.org Affected version: 2.0.0 Summary: Croogo is a free, open source, content management system for PHP, released under...

0.3AI score
Exploits0
Exploit DB
Exploit DBβ€’added 2014/09/24 12:0 a.m.β€’24 views

Glype 1.4.9 - Cookie Injection Directory Traversal Local File Inclusion

------------------------------------------------------------------------ Glype proxy cookie jar path traversal allows code execution ------------------------------------------------------------------------ Securify, September 2014...

7.4AI score
Exploits0
NVD
NVDβ€’added 2014/09/11 3:55 p.m.β€’15 views

CVE-2014-5393

Directory traversal vulnerability in the JobScheduler Operations Center JOC in SOS JobScheduler before 1.6.4246 and 1.7.x before 1.7.4241 allows remote authenticated users with the info permission to read arbitrary files in the webroot via unspecified vectors...

4CVSS6.2AI score0.00391EPSS
Exploits1References7
Prion
Prionβ€’added 2014/09/11 3:55 p.m.β€’15 views

Directory traversal

Directory traversal vulnerability in the JobScheduler Operations Center JOC in SOS JobScheduler before 1.6.4246 and 1.7.x before 1.7.4241 allows remote authenticated users with the info permission to read arbitrary files in the webroot via unspecified vectors...

4CVSS6.6AI score0.00391EPSS
Exploits1References7Affected Software1
Prion
Prionβ€’added 2014/09/09 10:55 a.m.β€’13 views

Security feature bypass

The Security - Free aka com.webroot.security application 3.6.0.6610 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

5.4CVSS6.4AI score0.00134EPSS
Exploits0References3Affected Software1
seebug.org
seebug.orgβ€’added 2014/07/01 12:0 a.m.β€’21 views

Allaire JRun 2.3 File Source Code Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1833/info Allaire JRun is a web application development suite with JSP and Java Servlets. JRun contains a vulnerability that allows a user to access documents outside of the webroot. Requesting a malformed URL using the...

7.1AI score
Exploits0
seebug.org
seebug.orgβ€’added 2014/07/01 12:0 a.m.β€’287 views

MinaliC Webserver 1.0 - Directory Traversal Vulnerability

No description provided by source. ------------------------------------------------------------------------ Software................MinaliC Webserver 1.0 Vulnerability...........Directory Traversal Download................http://sourceforge.net/projects/minalic/ Release Date............10/24/2010...

7.1AI score
Exploits0
seebug.org
seebug.orgβ€’added 2014/07/01 12:0 a.m.β€’15 views

nginx 0.7.61 - WebDAV Directory Traversal

No description provided by source. Bug Title: nginx webdav copy/move method directory traversal Program: nginx Version: nginx/0.7.61 - other versions may also be affected Website: http://sysoev.ru/nginx/ Severity: Low Date discovered: 23 September 2009 The webdav component has to be enabled and t...

7.1AI score
Exploits0
seebug.org
seebug.orgβ€’added 2014/07/01 12:0 a.m.β€’16 views

Citrix Nfuse 1.51 Webroot Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2956/info Citrix Nfuse is an application portal server meant to provide the functionality of any application on the server via a web browser. Nfuse works in conjunction with a previously-installed webserver. It has been...

7.1AI score
Exploits0
seebug.org
seebug.orgβ€’added 2014/07/01 12:0 a.m.β€’11 views

Spyce 2.1.3 spyce/examples/getpost.spy Name Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/27898/info Spyce is prone to multiple input-validation vulnerabilities that can lead to information disclosure or client-side script execution. An attacker may leverage these issues to execute arbitrary script code in the...

7.1AI score
Exploits0
seebug.org
seebug.orgβ€’added 2014/07/01 12:0 a.m.β€’21 views

FrontPage 98/Personal WebServer 1.0,Personal Web Server 2.0 htimage.exe File Existence Disclosure

No description provided by source. source: http://www.securityfocus.com/bid/1141/info htimage.exe can be used to determine if a specified path and filename exists on the target host or not. The specified path must be on the same logical drive as the web content. Any file can be specified as an...

7.1AI score
Exploits0
seebug.org
seebug.orgβ€’added 2014/07/01 12:0 a.m.β€’10 views

NewAtlanta ServletExec/ISAPI 4.1 Path Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/4793/info ServletExec/ISAPI is a plug-in Java Servlet/JSP engine for Microsoft IIS. It runs with IIS on Microsoft Windows NT/2000/XP systems. ServletExec/ISAPI discloses the absolute path to the webroot directory when sen...

7.1AI score
Exploits0
seebug.org
seebug.orgβ€’added 2014/07/01 12:0 a.m.β€’13 views

Spyce 2.1.3 spyce/examples/automaton.spy Direct Request Error Message Information Disclosure

No description provided by source. source: http://www.securityfocus.com/bid/27898/info Spyce is prone to multiple input-validation vulnerabilities that can lead to information disclosure or client-side script execution. An attacker may leverage these issues to execute arbitrary script code in the...

7.1AI score
Exploits0
Rows per page
Query Builder