Lucene search
K

976 matches found

seebug.org
seebug.org
added 2014/07/01 12:0 a.m.27 views

Huawei SmartAX MT880 - Multiple CSRF Vulnerabilities

No description provided by source. Description: Huawei MT880 is a device offered by the algerian telecom operator - FAWRI, to provide ADSL Internet connexion and it's already widely in use. Overview: Huawei MT880 firmware and its default configuration has flaws, which allows LAN users to gain...

7.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2014/06/13 12:0 a.m.42 views

openSUSE Security Update : java-1_6_0-openjdk (openSUSE-SU-2011:0155-1)

Multiple vulnerabilities were fixed in java-160-openjdk : - CVE-2010-4448: CVSS v2 Base Score: 2.6 AV:N/AC:H/Au:N/C:N/I:P/A:N: DNS cache poisoning by untrusted applets - CVE-2010-4450: CVSS v2 Base Score: 3.7 AV:L/AC:H/Au:N/C:P/I:P/A:P: Launcher incorrect processing of empty library path entries ...

10CVSS8.3AI score0.04132EPSS
Exploits1References10
Hacker One
Hacker One
added 2014/04/20 10:3 p.m.15 views

Respondly: Allowed method disclosure

The URL "https://respond.ly/" has the following allowed methods, which include DAV methods: ACL, BASELINECONTROL, CHECKIN, CHECKOUT, CONNECT, COPY, DEBUG, GET, HEAD, INDEX, INVALID, INVOKE, LABEL, LINK, LOCK, MERGE, MKACTIVITY, MKCOL, MKDIR, MKWORKSPACE, MOVE, NOTIFY, OPTIONS, PATCH, PIN, POLL,...

7.1AI score
Exploits0
Hacker One
Hacker One
added 2014/02/23 4:8 p.m.111 views

Phabricator: Bypass auth.email-domains

Email addresses are stored as VARCHAR128. However, Phabricator does not verify the length of an email address upon registration. This allows attackers to bypass the allowed email-domains defined in auth.email-domains. Exploiting this is rather straightforward: get an email address of 128 characte...

3.7AI score
Exploits0
Hacker One
Hacker One
added 2013/11/15 1:35 a.m.129 views

HackerOne: GIF flooding

Current limits --------------------- Image size: 1 MB Image dimensions: 2048x2048px File types: jpg/png/gif Another image hack --------------------- A GIF composed of 40k 1x1 images made Paperclip freeze until timeout. As attachments I sent the file composed of 40k images, and a screenshot of the...

1.1AI score
Exploits0
RedHat Linux
RedHat Linux
added 2013/11/14 5:25 p.m.3 views

python-django: directory traversal with "ssi" template tag

Directory traversal vulnerability in Django 1.4.x before 1.4.7, 1.5.x before 1.5.3, and 1.6.x before 1.6 beta 3 allows remote attackers to read arbitrary files via a file path in the ALLOWEDINCLUDEROOTS setting followed by a .. dot dot in a ssi template tag...

5CVSS5.9AI score0.03182EPSS
Exploits2References5
OSV
OSV
added 2013/09/16 7:14 p.m.2 views

DEBIAN-CVE-2013-4315

Directory traversal vulnerability in Django 1.4.x before 1.4.7, 1.5.x before 1.5.3, and 1.6.x before 1.6 beta 3 allows remote attackers to read arbitrary files via a file path in the ALLOWEDINCLUDEROOTS setting followed by a .. dot dot in a ssi template tag...

5CVSS6.5AI score0.03182EPSS
Exploits2References1
OSV
OSV
added 2013/09/12 1:30 p.m.2 views

DEBIAN-CVE-2013-5738

The getallowedmimetypes function in wp-includes/functions.php in WordPress before 3.6.1 does not require the unfilteredhtml capability for uploads of .htm and .html files, which might make it easier for remote authenticated users to conduct cross-site scripting XSS attacks via a crafted file...

4.3CVSS5.8AI score0.02361EPSS
Exploits1References1
OSV
OSV
added 2013/09/12 1:30 p.m.2 views

DEBIAN-CVE-2013-5739

The default configuration of WordPress before 3.6.1 does not prevent uploads of .swf and .exe files, which might make it easier for remote authenticated users to conduct cross-site scripting XSS attacks via a crafted file, related to the getallowedmimetypes function in wp-includes/functions.php...

3.5CVSS5.9AI score0.01764EPSS
Exploits1References1
OSV
OSV
added 2013/09/12 1:30 p.m.3 views

UBUNTU-CVE-2013-5738

The getallowedmimetypes function in wp-includes/functions.php in WordPress before 3.6.1 does not require the unfilteredhtml capability for uploads of .htm and .html files, which might make it easier for remote authenticated users to conduct cross-site scripting XSS attacks via a crafted file...

4.3CVSS5.7AI score0.02361EPSS
Exploits1References5
w3af
w3af
added 2013/06/10 11:2 p.m.93 views

dav

This plugin finds WebDAV configuration errors. These errors are generally server configuration errors rather than a web application errors. To check for vulnerabilities of this kind, the plugin will try to PUT a file on a directory that has WebDAV enabled, if the file is uploaded successfully, th...

7.3AI score
Exploits0
seebug.org
seebug.org
added 2013/06/05 12:0 a.m.35 views

espcms后台getshell-2

简要描述: 第二集 详细说明: espcms后台可以在后台把php设为允许的图片类型,然后在广告位上传图片处上传shell此处方便演示,用了phpinfo 1.在后台把php文件设为允许的图片类型 http://127.0.0.1/espcms/adminsoft/index.php?archive=management&action=syssetting&listfunction=syssetting&groupid=&iframeheightwindow=621&iframewidthwindow=1430 2.广告位添加图片处,上传shell...

7.1AI score
Exploits0
myhack58
myhack58
added 2013/02/27 12:0 a.m.15 views

WordPress plugins wp-catpro arbitrary file upload-vulnerability warning-the black bar safety net

----------------------------------------------------------------------- Wordpress plugins - wp-catpro Arbitrary File Upload Vulnerability ----------------------------------------------------------------------- Author = Zikou-1 6 Mailbox = [email protected] Test System : Windows 7 , Backtrack 5r3...

0.1AI score
Exploits0
0day.today
0day.today
added 2013/01/30 12:0 a.m.33 views

Wordpress plugins wp-3dflick-slideshow Arbitrary File Upload Vulnerability

The attacker can uplaod file/shell.php.gif 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site :...

7AI score
Exploits0
0day.today
0day.today
added 2013/01/29 12:0 a.m.33 views

Wordpress plugins powerzoomer Arbitrary File Upload Vulnerability

The attacker can uplaod file/shell.php.gif 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site :...

7AI score
Exploits0
Nmap
Nmap
added 2012/07/09 8:57 a.m.497 views

sip-methods NSE Script

Enumerates a SIP Server's allowed methods INVITE, OPTIONS, SUBSCRIBE, etc. The script works by sending an OPTION request to the server and checking for the value of the Allow header in the response. Script Arguments sip.timeout See the documentation for the sip library. Example Usage nmap...

10CVSS0.99448EPSS
Exploits33
UbuntuCve
UbuntuCve
added 2012/04/28 10:6 a.m.47 views

CVE-2012-2213

Squid 3.1.9 allows remote attackers to bypass the access configuration for the CONNECT method by providing an arbitrary allowed hostname in the Host HTTP header. NOTE: this issue might not be reproducible, because the researcher is unable to provide a squid.conf file for a vulnerable system, and...

5CVSS6AI score0.12314EPSS
Exploits0References7
myhack58
myhack58
added 2011/08/05 12:0 a.m.23 views

WordPress timthumb. php remote file storage vulnerability analysis-vulnerability warning-the black bar safety net

Source:http://xuser. org/read. php? 1 8 作者 :xuser@fsafe Today on Twitter, see the About wordpress appeared vulnerability, then hastened to open the relevant page of the analysis of specific causes found to be timthumb. php remote storage file when the validation is insufficient and the resulting...

7AI score
Exploits0
exploitpack
exploitpack
added 2011/01/10 12:0 a.m.22 views

Maximus CMS 1.1.2 - FCKeditor Arbitrary File Upload

Maximus CMS 1.1.2 - FCKeditor Arbitrary File Upload | | /||\ / \ /===============================================================================\ |Exploit Title: maximus-cms fckeditor Arbitrary File Upload Vulnerability | |develop: http://www.php-maximus.org | |Version: Maximus 2008 CMS: Web...

Exploits0
RedHat Linux
RedHat Linux
added 2010/12/21 5:39 p.m.5 views

mod_auth_mysql: character encoding SQL injection flaw

SQL injection vulnerability in modauthmysql.c in the mod-auth-mysql aka libapache2-mod-auth-mysql module for the Apache HTTP Server 2.x, when configured to use a multibyte character set that allows a \ backslash as part of the character encoding, allows remote attackers to execute arbitrary SQL...

7.5CVSS6.2AI score0.01863EPSS
Exploits1References4
Rows per page
Query Builder