Lucene search
+L

2420 matches found

attackerkb
attackerkb
added 2008/06/20 11:48 a.m.20 views

CVE-2008-2791

SQL injection vulnerability in product.detail.php in Kalptaru Infotech Comparison Engine Power Script 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter...

7.5CVSS6.4AI score0.00973EPSS
Exploits1References5
nvd
nvd
added 2008/06/20 11:48 a.m.19 views

CVE-2008-2791

SQL injection vulnerability in product.detail.php in Kalptaru Infotech Comparison Engine Power Script 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter...

7.5CVSS8.4AI score0.00973EPSS
Exploits1References4
cve
cve
added 2008/06/20 10:0 a.m.45 views

CVE-2008-2791

CVE-2008-2791 describes a SQL injection vulnerability in the Kalptaru Infotech Comparison Engine Power Script 1.0, specifically in the file or process related to product.detail.php . The underlying cause is an unsafely handled id parameter that allows remote attackers to inject arbitrary SQL comm...

7.5CVSS8.4AI score0.00973EPSS
Exploits1References4Affected Software1
exploitpack
exploitpack
added 2008/06/17 12:0 a.m.19 views

Comparison Engine Power 1.0 - Blind SQL Injection

Comparison Engine Power 1.0 - Blind SQL Injection !/usr/bin/perl use LWP::UserAgent; use Getopt::Long; if!$ARGV1 print " \n"; print " VIVA ISLAME VIVA ISLAME \n"; print " VIVA ISLAME VIVA ISLAME \n"; print " \n"; print " Comparison Engine Power 1.0 Blind SQL Injection Exploit \n"; print " \n";...

0.5AI score
Exploits0
exploitdb
exploitdb
added 2008/06/17 12:0 a.m.43 views

Comparison Engine Power 1.0 - Blind SQL Injection

!/usr/bin/perl use LWP::UserAgent; use Getopt::Long; if!$ARGV1 print " \n"; print " VIVA ISLAME VIVA ISLAME \n"; print " VIVA ISLAME VIVA ISLAME \n"; print " \n"; print " Comparison Engine Power 1.0 Blind SQL Injection Exploit \n"; print " \n"; print " Author: Mr.SQL \n"; print " EMAIL :...

7.4AI score
Exploits0
zdt
zdt
added 2008/06/17 12:0 a.m.23 views

Comparison Engine Power 1.0 Blind SQL Injection Exploit

Exploit for unknown platform in category web applications ======================================================= Comparison Engine Power 1.0 Blind SQL Injection Exploit ======================================================= !/usr/bin/perl use LWP::UserAgent; use Getopt::Long; if!$ARGV1 print "...

7.1AI score
Exploits0
prion
prion
added 2008/06/06 10:32 p.m.19 views

Design/Logic Flaw

Skype 3.6.0.248, and other versions before 3.8.0.139, uses a case-sensitive comparison when checking for dangerous extensions, which allows user-assisted remote attackers to bypass warning dialogs and possibly execute arbitrary code via a file: URI with a dangerous extension that uses a different...

9.3CVSS8AI score0.04235EPSS
Exploits0References7Affected Software1
myhack58
myhack58
added 2008/05/20 12:0 a.m.20 views

Open a Nday MS08-0 1 0(CVE-2 0 0 8-0 0 7 6)-vulnerability warning-the black bar safety net

The recent IE holes in a large stack,record what I know: 1. MS08-0 1 0:In addition to the VFP control of at least the TP mentioned above is able to take advantage of. 2. MS08-0 2 2:script ENCODER processing on the hole,but I see you want to use is too difficult,the hints about the patch compariso...

7.5AI score
Exploits0
prion
prion
added 2008/05/18 2:20 p.m.15 views

Authentication flaw

The admin.php file in Rantx allows remote attackers to bypass authentication and gain privileges by setting the logininfo cookie to "", which is present in the password file and probably passes an insufficient comparison...

7.5CVSS7.9AI score0.02451EPSS
Exploits1References4Affected Software1
nvd
nvd
added 2008/05/18 2:20 p.m.19 views

CVE-2008-2297

The admin.php file in Rantx allows remote attackers to bypass authentication and gain privileges by setting the logininfo cookie to "", which is present in the password file and probably passes an insufficient comparison...

7.5CVSS7.3AI score0.02451EPSS
Exploits1References4
cvelist
cvelist
added 2008/05/18 2:0 p.m.24 views

CVE-2008-2297

The admin.php file in Rantx allows remote attackers to bypass authentication and gain privileges by setting the logininfo cookie to "", which is present in the password file and probably passes an insufficient comparison...

7.3AI score0.02451EPSS
Exploits1References4
securityvulns
securityvulns
added 2008/04/21 12:0 a.m.64 views

Deciphering the Simple Machines Forum audio Captcha

The Simple Machine’s Forum audio Captcha that has been hardened from attack. I have contacted SMF about this flaw and it has been verified. I go into greater detail of how i am able to break this captcha here: http://www.rooksecurity.com/blog/?p=6 Exploit Code:...

7.2AI score
Exploits0
cve
cve
added 2008/04/16 5:0 p.m.62 views

CVE-2008-1842

The CVE-2008-1842 issue affects HP OpenView Network Node Manager (OV NNM) v8.01 and earlier (7.53 and older), where ovspmd.exe mishandles a long TCP request to port 8886. The described integer signedness error can cause a heap-based buffer overflow, enabling a remote attacker to crash the daemon ...

10CVSS7.7AI score0.12193EPSS
Exploits1References9Affected Software1
ubuntucve
ubuntucve
added 2008/04/09 9:5 p.m.45 views

CVE-2007-0071

Integer overflow in Adobe Flash Player 9.0.115.0 and earlier, and 8.0.39.0 and earlier, allows remote attackers to execute arbitrary code via a crafted SWF file with a negative Scene Count value, which passes a signed comparison, is used as an offset of a NULL pointer, and triggers a buffer...

9.3CVSS7.7AI score0.92501EPSS
Exploits2References1
securityvulns
securityvulns
added 2008/04/09 12:0 a.m.52 views

Re: Multiple vulnerabilities in HP OpenView NNM 7.53

Luigi Auriemma Application: HP OpenView Network Node Manager http://www.openview.hp.com/products/nnm/ Versions: = 7.53 Platforms: Windows tested, Solaris, Linux, HP-UX Bug: memory corruption in ovspmd Exploitation: remote Date: 08 Apr 2008 Author: Luigi Auriemma e-mail: [email protected] web:...

1AI score
Exploits0
nvd
nvd
added 2007/11/15 1:46 a.m.28 views

CVE-2007-4691

The NSURL component in Apple Mac OS X 10.4 through 10.4.10 performs case-sensitive comparisons that allow attackers to bypass intended restrictions for local file system URLs...

10CVSS5.9AI score0.02105EPSS
Exploits1References8
cvelist
cvelist
added 2007/11/15 1:0 a.m.29 views

CVE-2007-4268

Integer signedness error in the Networking component in Apple Mac OS X 10.4 through 10.4.10 allows local users to execute arbitrary code via a crafted AppleTalk message with a negative value, which satisfies a signed comparison during mbuf allocation but is later interpreted as an unsigned value,...

7.4AI score0.00671EPSS
Exploits1References9
cvelist
cvelist
added 2007/11/15 1:0 a.m.30 views

CVE-2007-4691

The NSURL component in Apple Mac OS X 10.4 through 10.4.10 performs case-sensitive comparisons that allow attackers to bypass intended restrictions for local file system URLs...

6.9AI score0.02105EPSS
Exploits1References8
seebug
seebug
added 2007/08/26 12:0 a.m.38 views

Diskeeper 9 Remote Memory Disclosure Exploit

No description provided by source. / Diskeeper Remote Memory Disclosure Credit: Pravus pravus -a-t- hush -d-o-t- com Greetz: Scientology for making a remotely accessible disk defragmenter. Felix, Jenna, and Isaac. Vulnerability Description: This vulnerability involves a memory comparison function...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2007/08/18 12:0 a.m.31 views

Remote Memory Read in Diskeeper 9 - 2007

Diskeeper Remote Memory Disclosure Credit: Pravus pravus -a-t- hush -d-o-t- com Greetz: Scientology for making a remotely accessible disk defragmenter. Felix, Jenna, and Isaac. Vulnerability Description: This vulnerability involves a memory comparison function that is remotely, anonymously...

0.7AI score
Exploits0
Rows per page
Query Builder