17 matches found
EUVD-2014-2085
Malware in sbrugna...
EUVD-2013-7018
Malware in sbrugna...
EUVD-2007-2367
Malware in sbrugna...
EUVD-2018-4935
Malware in sbrugna...
EUVD-2008-6335
Malware in sbrugna...
CVE-2025-54380
CVE-2025-54380 affects Opencast before version 17.6. The issue arises when fetching mediapackage elements from a MediPackage XML file, causing Opencast to disclose hashed global system account credentials (org.opencastproject.security.digest.user and org.opencastproject.security.digest.pass) to a...
CVE-2025-39240
Some Hikvision Wireless Access Point are vulnerable to authenticated remote command execution due to insufficient input validation. Attackers with valid credentials can exploit this flaw by sending crafted packets containing malicious commands to affected devices, leading to arbitrary command...
CVE-2025-2263
During login to the web server in "Sante PACS Server.exe", OpenSSL function EVPDecryptUpdate is called to decrypt the username and password. A fixed 0x80-byte stack-based buffer is passed to the function as the output buffer. A stack-based buffer overflow exists if a long encrypted username or...
Important: Red Hat Security Advisory: Red Hat OpenShift Service Mesh 2.2.10 security update
Red Hat OpenShift Service Mesh 2.2.10 Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References...
Blackhole Exploit Kit attack on WampServer & Wordpress sites
Blackhole Exploit Kit attack on WampServer & Wordpress sites Kimberly from Stopmalvertising found Blackhole Exploit Kit on Website of most popular Webserver software site WAMPSERVER. Almost at the bottom of the webpage they notice a Javascript requesting a file from jquery.googlecode.com. The URL...
phpWebSite - 'page_id' Cross-Site Scripting
source: https://www.securityfocus.com/bid/49176/info phpWebSite is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of...
Softbiz B2B trading Marketplace Script - buyers_subcategories SQL Injection
Exploit Title: Softbiz B2B trading Marketplace Script buyerssubcategories SQL Injection Vulnerability Date :15/4/2010 Author : AnGrY BoY Contact: [email protected] & [email protected] Home : http://www.kurd-security.com Software Link : N/A Version : Softbiz B2B trading Marketplace Script Tested o...
DeluxeBB <= 1.09 Remote Admin Email Change Exploit
Exploit for unknown platform in category web applications ================================================== DeluxeBB unbufferedquery"UPDATE ".$prefix."users SET email='$xemail', msn='$xmsn', icq='$xicq', ... WHERE username='$membercookie'"; So, editing cookie "membercookie" you can change remote...
PHPGuestbook 0.0.2/1.0 - HTML Injection
source: https://www.securityfocus.com/bid/17537/info phpGuestbook is prone to an HTML-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script code would be executed in the...
AppServ 2.5.x and Prior Exploit
what AppServ ========== AppServ is the Apache/PHP/MySQL open source software installer packages. Objective : - Easy to buid Webserver and Database Server - For those who just beginning client/server programming. - For web programmers/developers using PHP & MySQL. - For programming techniques that...
phpBB 2.0.3 - Script Injection
phpBB 2.0.3 - Script Injection source: https://www.securityfocus.com/bid/6248/info phpBB does not properly sanitize user input in forum postings. This could allow a malicious user to inject script code into a forum post which would in turn be executed when the page is viewed by other users. Scrip...
Cayman 3220-H DSL Router 1.0GatorSurf 5.3 - Denial of Service
Cayman 3220-H DSL Router 1.0GatorSurf 5.3 - Denial of Service source: https://www.securityfocus.com/bid/1219/info Large usernames or passwords sent to the router's HTTP interface restart the router. Router log will show "restart not in response to admin command" Open the router interface with you...