CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Cvelist•added 2007/11/14 1:0 a.m.•18 views

CVE-2007-5952

Cross-site scripting XSS vulnerability in admin/index.php in Helios Calendar 1.2.1 Beta allows remote attackers to inject arbitrary web script or HTML via the username parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

5.6AI score0.0152EPSS

Exploits1References4

NVD•added 2007/10/15 11:17 p.m.•9 views

CVE-2007-5466

Multiple buffer overflows in eXtremail 2.1.1 and earlier allow remote attackers to 1 have an unknown impact by sending multiple long strings to the IMAP port 143/tcp; 2 execute arbitrary code via a long string in an IMAP AUTHENTICATE PLAIN action, involving the ifParseAuthPlain function; 3 execut...

10CVSS7.9AI score0.59218EPSS

Exploits0References11

Exploit DB•added 2007/10/15 12:0 a.m.•24 views

eXtremail 2.1.1 - 'LOGIN' Remote Stack Overflow

/ extremail-v4.c Copyright c 2006 by eXtremail include include include include include define BUFSIZE 8192 define NOP 0x41 define PAD 0 / do you feel lucky? / define DEFPORT 4501 define PORTADMIN DEFPORT define PORTSHELL 4444 static const char bndshelllnx =...

7.4AI score

0day.today•added 2007/10/15 12:0 a.m.•26 views

eXtremail <= 2.1.1 (LOGIN) Remote Stack Overflow Exploit

Exploit for linux platform in category remote exploits ======================================================== eXtremail eXtremail include include include include include define BUFSIZE 8192 define NOP 0x41 define PAD 0 / do you feel lucky? / define DEFPORT 4501 define PORTADMIN DEFPORT define...

seebug.org•added 2007/10/15 12:0 a.m.•18 views

eXtremail <= 2.1.1 (LOGIN) Remote Stack Overflow Exploit

No description provided by source. / extremail-v4.c Copyright c 2006 by [email protected] eXtremail =2.1.1 remote root exploit x86-lnx by mu-b - Sun Oct 08 2006 - Tested on: eXtremail 2.1.1 lnx Overflow in LOGIN command of admin interface. ...

exploitpack•added 2007/10/15 12:0 a.m.•13 views

eXtremail 2.1.1 - LOGIN Remote Stack Overflow

eXtremail 2.1.1 - LOGIN Remote Stack Overflow / extremail-v4.c Copyright c 2006 by eXtremail include include include include include define BUFSIZE 8192 define NOP 0x41 define PAD 0 / do you feel lucky? / define DEFPORT 4501 define PORTADMIN DEFPORT define PORTSHELL 4444 static const char...

0.7AI score

0day.today•added 2007/09/29 12:0 a.m.•12 views

MDPro 1.0.76 Remote SQL Injection Exploit

Exploit for unknown platform in category web applications ========================================= MDPro 1.0.76 Remote SQL Injection Exploit ========================================= !/usr/bin/perl use strict; use IO::Socket; my $app = "MDPro 1.0.76"; my $type = "SQL Injection"; my $author =...

seebug.org•added 2007/09/29 12:0 a.m.•14 views

MDPro 1.0.76 Remote SQL Injection Exploit

No description provided by source. !/usr/bin/perl use strict; use IO::Socket; my $app = "MDPro 1.0.76"; my $type = "SQL Injection"; my $author = "undefined1"; my $settings = "magicquotesruntime = off, mysql = 4.1.0"; $| = 1; print ":: $app $type - by $author ::\n\n\n"; my $url = shift || usage;...

Prion•added 2007/09/27 7:17 p.m.•21 views

Design/Logic Flaw

SimpNews 2.41.03 allows remote attackers to obtain sensitive information via 1 an invalid lang parameter to admin/index.php; or a direct request to 2 admin/dbginfos.php, 3 admin/heading.php, or 4 evsearch.php; which reveals the path in various error messages...

5CVSS6.7AI score0.00894EPSS

Exploits0References10Affected Software1

securityvulns•added 2007/09/26 12:0 a.m.•48 views

SimpNews version 2.41.03 File Content Disclosure Vulnerability

netVigilance Security Advisory 69 SimpNews version 2.41.03 File Content Disclosure Vulnerability Description: SimpNews is a news system written in PHP. Features: Data stored in MySQL, admin interface, support for multiple languages, support for multiple instances in one database, own header,...

5CVSS0.00507EPSS

Packet Storm•added 2007/09/26 12:0 a.m.•50 views

simpnews24103-fdisclose.txt

5CVSS6.7AI score0.00507EPSS

Packet Storm•added 2007/09/26 12:0 a.m.•55 views

simpnews24103-xss.txt

netVigilance Security Advisory 70 SimpNews version 2.41.03 Multiple XSS Attack Vulnerabilities Description: SimpNews is a news system written in PHP. Features: Data stored in MySQL, admin interface, support for multiple languages, support for multiple instances in one database, own header, multip...

4.3CVSS6.7AI score0.04929EPSS

securityvulns•added 2007/09/26 12:0 a.m.•44 views

SimpGB version 1.46.02 Information Disclosure Vulnerability

netVigilance Security Advisory 66 SimpGB version 1.46.02 Information Disclosure Vulnerability Description: SimpGB is a guestbook with data stored in MySQL, administration interface and support for multiple languages. Features: Data stored in MySQL, Administration interface, Support for multiple...

6.8AI score

securityvulns•added 2007/09/26 12:0 a.m.•48 views

SimpNews version 2.41.03 Multiple XSS Attack Vulnerabilities

4.3CVSS0.8AI score0.04929EPSS