Lucene search
+L

3102 matches found

Exploit DB
Exploit DB
added 2008/05/14 12:0 a.m.27 views

AS-GasTracker 1.0.0 - Insecure Cookie Handling

--==+================================================================================+==-- --==+ AS-GasTracker 1.0.0 Insecure Cookie Handling Vulnerability +==-- --==+================================================================================+==-- Discovered By: t0pP8uZz Discovered On: 14 MA...

7.4AI score
Exploits0
0day.today
0day.today
added 2008/05/14 12:0 a.m.25 views

AS-GasTracker 1.0.0 Insecure Cookie Handling Vulnerability

Exploit for unknown platform in category web applications ========================================================== AS-GasTracker 1.0.0 Insecure Cookie Handling Vulnerability ==========================================================...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2008/05/14 12:0 a.m.11 views

AS-GasTracker 1.0.0 Insecure Cookie Handling Vulnerability

No description provided by source. --==+================================================================================+==-- --==+ AS-GasTracker 1.0.0 Insecure Cookie Handling Vulnerability +==-- --==+================================================================================+==-- Discovere...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2008/05/14 12:0 a.m.8 views

AS-GasTracker 1.0.0 - Insecure Cookie Handling

AS-GasTracker 1.0.0 - Insecure Cookie Handling --==+================================================================================+==-- --==+ AS-GasTracker 1.0.0 Insecure Cookie Handling Vulnerability +==-- --==+================================================================================+==...

0.2AI score
Exploits0
CVE
CVE
added 2008/03/31 10:0 p.m.61 views

CVE-2008-1563

CVE-2008-1563 affects the Wireshark (formerly Ethereal) SCTP dissector, specifically the decode-as feature in packet-bssap.c. The issue exists in Wireshark versions 0.99.6 through 0.99.8, where a malformed packet can be crafted by a remote attacker to trigger an application crash (denial of servi...

4.3CVSS6.1AI score0.03779EPSS
Exploits1References24Affected Software1
Prion
Prion
added 2008/03/04 12:44 a.m.12 views

Design/Logic Flaw

Untrusted search path vulnerability in src/mainwindow.c in Net Activity Viewer 0.2.1 allows local users with Net Activity Viewer privileges to execute arbitrary code via a malicious gksu program, which is invoked during the Restart As Root action...

4.7CVSS7.7AI score0.00306EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2008/03/04 12:0 a.m.48 views

CVE-2008-1132

Net Activity Viewer 0.2.1 has an untrusted search path vulnerability in src/mainwindow.c, enabling local users with Net Activity Viewer privileges to execute arbitrary code via a malicious gksu invoked during Restart As Root. Impact: arbitrary code execution with the caller's privileges. Exploita...

4.7CVSS7.2AI score0.00306EPSS
Exploits0References2Affected Software1
Exploit DB
Exploit DB
added 2008/02/26 12:0 a.m.69 views

WordPress Plugin Sniplets 1.1.2 - Remote File Inclusion / Cross-Site Scripting / Remote Code Execution

Wordpress Plugin Sniplets 1.1.2 Multiple Vulnerabilities by NBBN 1 Remote File Inclusion File: /modules/syntaxhighlight.php Register Globals: ON Vuln code: "/ http://victim.tld/wordpress/wp-content/plugins/sniplets/view/admin/pager.php?page=%22%3E%3Cscript%3Ealert%22XSS%22%3C/script%3E 3 Remote...

7.4AI score
Exploits0
Positive Technologies
Positive Technologies
added 2007/11/20 12:0 a.m.7 views

PT-2007-6975 · Oracle · Javamail

Name of the Vulnerable Software and Affected Versions: Javamail affected versions not specified Description: The issue arises when Javamail fails to properly handle a series of invalid login attempts where the same e-mail address is used as both the username and password. Specifically, if the...

5CVSS7.3AI score0.0176EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2007/11/12 12:0 a.m.21 views

FreeBSD : plone -- unsafe data interpreted as pickles (ffba6ab0-90b5-11dc-9835-003048705d5a)

Plone projectreports : This hotfix corrects a vulnerability in the statusmessages and linkintegrity modules, where unsafe network data was interpreted as python pickles. This allows an attacker to run arbitrary python code within the Zope/Plone process. %NASLMINLEVEL 70300 C Tenable Network...

7.5CVSS5.6AI score0.02187EPSS
Exploits0References2
myhack58
myhack58
added 2007/06/10 12:0 a.m.14 views

pjblog upload vulnerability-vulnerability warning-the black bar safety net

First of all have pjblog the super administrator accounteven is to take their blog to the test Log in, post a new log, pass an asp horse, and the extension to get rid of that pjblog seemingly didn't do the file header check, remember address Then login the backend, the recovery database before...

0.6AI score
Exploits0
Atlassian
Atlassian
added 2007/05/18 6:7 p.m.23 views

Assign Groups to Project Role screen allows entry of users as groups

When assigning groups to a project role, the screen allows the user to specify a group that is really a user name...

2.5AI score
Exploits0
exploitpack
exploitpack
added 2007/05/07 12:0 a.m.13 views

PHP PEAR 1.5.3 - INSTALL-AS Attribute Arbitrary File Overwrite

PHP PEAR 1.5.3 - INSTALL-AS Attribute Arbitrary File Overwrite source: https://www.securityfocus.com/bid/24111/info PEAR is prone to a vulnerability that lets attackers overwrite arbitrary files. An attacker-supplied package may supply directory-traversal strings through the 'install-as' attribut...

0.2AI score
Exploits0
xssed
xssed
added 2007/03/31 12:0 a.m.8 views

Unfixed XSS vulnerability at as-w03s.nmsu.edu

Security researcher cyber, has submitted on 31/03/2007 a cross-site-scripting XSS vulnerability affecting as-w03s.nmsu.edu, which at the time of submission ranked 23673 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 31/03/2007. It is currently...

Exploits0References1
securityvulns
securityvulns
added 2007/01/04 12:0 a.m.56 views

openoffice.org security update

Important: openoffice.org security update Advisory: RHSA-2007:0001-3 Type: Security Advisory Severity: Important Issued on: 2007-01-03 Last updated on: 2007-01-03 Affected Products: Red Hat Desktop v. 3 Red Hat Desktop v. 4 Red Hat Enterprise Linux AS v. 3 Red Hat Enterprise Linux AS v. 4 Red Hat...

9.3CVSS7.4AI score0.0824EPSS
Exploits0
PyPA
PyPA
added 2006/12/07 11:28 p.m.10 views

PYSEC-2006-6

Unspecified vulnerability in PlonePAS in Plone 2.5 and 2.5.1, when anonymous member registration is enabled, allows an attacker to "masquerade as a group."...

4.3CVSS6.9AI score0.00996EPSS
Exploits0References8Affected Software1
seebug.org
seebug.org
added 2006/12/05 12:0 a.m.26 views

KDE JPEG KFile Info插件EXIF本地拒绝服务漏洞

JPEG kfile-info插件用于多个KDE应用程序显示图象META信息。 JPEG kfile-info插件在解析图象META信息时存在问题,本地攻击者可以利用漏洞对使用此插件的应用程序进行拒绝服务攻击。 目前没有详细漏洞细节提供。 KDE KDE 3.5.5 KDE KDE 3.5.4 KDE KDE 3.5.3 KDE KDE 3.5.2 KDE KDE 3.5 KDE KDE 3.4.3 - Gentoo Linux KDE KDE 3.4.2 KDE KDE 3.4.1 + RedHat Fedora Core4 KDE KDE 3.4 KDE KDE 3.4 KDE KD...

7AI score
Exploits0
securityvulns
securityvulns
added 2006/11/02 12:0 a.m.43 views

[Full-disclosure] Multiple vulnerabilities in SAP Web Application Server 6.40 and 7.00

Advisory Name : Multiple vulnerabilities in SAP Web Application Server Release Date : 2 November 2006 Application : SAP Web AS 6.40 patch 136 and 7.00 patch 66 Platform : All platforms except the third vulnerability Impacts : Remote file disclosure, remote DoS, local privilege escalation Author :...

0.5AI score
Exploits0
CVE
CVE
added 2006/08/18 7:55 p.m.75 views

CVE-2005-4807

CVE-2005-4807 concerns the GNU Binutils gas assembler. The vulnerability is a stack-based buffer overflow in the as_bad function within messages.c, triggered by a .c file containing crafted inline assembly code. Under affected configurations, an attacker could potentially execute arbitrary code w...

7.5CVSS7.8AI score0.11917EPSS
Exploits1References7Affected Software1
Debian CVE
Debian CVE
added 2006/08/18 7:55 p.m.39 views

CVE-2005-4807

Stack-based buffer overflow in the asbad function in messages.c in the GNU as gas assembler in Free Software Foundation GNU Binutils before 20050721 allows attackers to execute arbitrary code via a .c file with crafted inline assembly code...

7.5CVSS7.7AI score0.11917EPSS
Exploits1
Rows per page
Query Builder