Lucene search
K

9791 matches found

securityvulns
securityvulns
added 2009/01/31 12:0 a.m.37 views

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. E107: обход CAPTCHA, межсайтовый скриптинг...

4.3CVSS1.5AI score0.05435EPSS
Exploits1References5Affected Software4
securityvulns
securityvulns
added 2009/01/25 12:0 a.m.24 views

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

1.5AI score
Exploits0References3Affected Software2
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2009/01/23 12:0 a.m.26 views

JVN#80771386 Fulltext search CGI vulnerability allows third party to gain administrative privileges

Fulltext search CGI is a website search software from futomi's CGI Cafe. Fulltext search CGI contains a vulnerability that allows an attacker to gain administrative privileges. Impact A remote attacker could impersonate an administrator of fulltext search CGI. Solution Update the Software Update ...

7.5CVSS6.5AI score0.01359EPSS
Exploits0
securityvulns
securityvulns
added 2009/01/22 12:0 a.m.22 views

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

1.5AI score
Exploits0References2
securityvulns
securityvulns
added 2009/01/20 12:0 a.m.30 views

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. Power Phlogger: SQL injection, DoS...

4.3CVSS2.1AI score0.21633EPSS
Exploits2References5Affected Software2
securityvulns
securityvulns
added 2009/01/18 12:0 a.m.17 views

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

1.5AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2009/01/16 12:0 a.m.59 views

ZDI-09-004: Oracle TimesTen evtdump Remote Format String Vulnerability

ZDI-09-004: Oracle TimesTen evtdump Remote Format String Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-09-004 January 14, 2009 -- Affected Vendors: Oracle -- Affected Products: Oracle TimesTen -- TippingPointTM IPS Customer Protection: TippingPoint IPS customers have been protecte...

0.9AI score
Exploits0
securityvulns
securityvulns
added 2009/01/16 12:0 a.m.28 views

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. e-Vision CMS: crossite scripting...

1.5AI score
Exploits0References5Affected Software3
Metasploit
Metasploit
added 2009/01/15 7:9 a.m.22 views

AWStats migrate Remote Command Execution

This module exploits an arbitrary command execution vulnerability in the AWStats CGI script. AWStats v6.4 and v6.5 are vulnerable. Perl based payloads are recommended with this module. The vulnerability is only present when AllowToUpdateStatsFromBrowser is enabled in the AWStats configuration fil...

5.1CVSS10AI score0.58356EPSS
Exploits10
NVD
NVD
added 2009/01/14 1:30 a.m.21 views

CVE-2008-5440

Unspecified vulnerability in the TimesTen Data Server component in Oracle Database 7.0.5.0.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the January 2009 CPU. Oracle has not commented on...

7.5CVSS5.8AI score0.11891EPSS
Exploits0References9
Prion
Prion
added 2009/01/14 1:30 a.m.19 views

Format string

Unspecified vulnerability in the TimesTen Data Server component in Oracle Database 7.0.5.0.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the January 2009 CPU. Oracle has not commented on...

7.5CVSS6.3AI score0.11891EPSS
Exploits0References9Affected Software1
Cvelist
Cvelist
added 2009/01/14 1:0 a.m.25 views

CVE-2008-5440

Unspecified vulnerability in the TimesTen Data Server component in Oracle Database 7.0.5.0.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the January 2009 CPU. Oracle has not commented on...

5.8AI score0.11891EPSS
Exploits0References9
CVE
CVE
added 2009/01/14 1:0 a.m.56 views

CVE-2008-5440

Summary: CVE-2008-5440 concerns Oracle TimesTen In-Memory Database, specifically the TimesTen Data Server component. Connected sources clearly describe a format string vulnerability in the evtdump CGI module, triggered by the HTTP/message handling (parameter ‘msg’), which can be exploited remotel...

7.5CVSS6AI score0.11891EPSS
Exploits0References9Affected Software1
Saint
Saint
added 2009/01/14 12:0 a.m.32 views

HP OpenView Network Node Manager getcvdata.exe parameter string buffer overflow

Added: 01/14/2009 CVE: CVE-2008-0067 BID: 33147 Background HP OpenView Network Node Manager is network availability and performance management software. Problem A buffer overflow vulnerability allows remote attackers to execute arbitrary commands by sending an HTTP request for the getcvdata.exe C...

10CVSS7.8AI score0.63419EPSS
Exploits19
Saint
Saint
added 2009/01/14 12:0 a.m.33 views

HP OpenView Network Node Manager getcvdata.exe parameter string buffer overflow

Added: 01/14/2009 CVE: CVE-2008-0067 BID: 33147 Background HP OpenView Network Node Manager is network availability and performance management software. Problem A buffer overflow vulnerability allows remote attackers to execute arbitrary commands by sending an HTTP request for the getcvdata.exe C...

10CVSS7.7AI score0.63419EPSS
Exploits19
Zero Day Initiative
Zero Day Initiative
added 2009/01/14 12:0 a.m.37 views

Oracle TimesTen evtdump Remote Format String Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle TimesTen. User interaction is not required to exploit this vulnerability. The specific flaw exists in the evtdump CGI module, which is used to write to an internal log file. The parameter...

7.5CVSS3.2AI score0.11891EPSS
Exploits0References1
Saint
Saint
added 2009/01/14 12:0 a.m.18 views

HP OpenView Network Node Manager getcvdata.exe parameter string buffer overflow

Added: 01/14/2009 CVE: CVE-2008-0067 BID: 33147 Background HP OpenView Network Node Manager is network availability and performance management software. Problem A buffer overflow vulnerability allows remote attackers to execute arbitrary commands by sending an HTTP request for the getcvdata.exe C...

10CVSS7.8AI score0.63419EPSS
Exploits19
Packet Storm
Packet Storm
added 2009/01/13 12:0 a.m.19 views

HSPell 1.1 Command Execution

!/usr/bin/perl use IO::Socket; print q HSpell v1.1 Command Execution Exploit Theres a 1000 ways to improve this exploit, but I really couldn't be fucked with it. Made By ZeN http://dusecurity.com/ http://darkcode.me/ ; $host = 'site.com'; $port = '80'; $path = '/cgi-bin/cilla.cgi'; ShellMe: print...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2009/01/13 12:0 a.m.21 views

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. FCKeditor: crossite scripting, information leak. WOSendNews: crossite scripting, information leak...

1.9AI score
Exploits0References5Affected Software3
exploitpack
exploitpack
added 2009/01/13 12:0 a.m.15 views

HSPell 1.1 - cilla.cgi Remote Command Execution

HSPell 1.1 - cilla.cgi Remote Command Execution !/usr/bin/perl use IO::Socket; print q HSpell v1.1 Command Execution Exploit Theres a 1000 ways to improve this exploit, but I really couldn't be fucked with it. Made By ZeN http://dusecurity.com/ http://darkcode.me/ ; $host = 'site.com'; $port =...

7.7AI score
Exploits0
Rows per page
Query Builder