Xenstore: Guests can create orphaned Xenstore nodes (XSA-415)

By creating multiple nodes inside a transaction resulting in an error, a malicious guest can create orphaned nodes in the Xenstore data base, as the cleanup after the error will not remove all nodes already created. When the transaction is committed after this situation, nodes without a valid...

CVE-2022-42310

Xenstore: Guests can create orphaned Xenstore nodes By creating multiple nodes inside a transaction resulting in an error, a malicious guest can create orphaned nodes in the Xenstore data base, as the cleanup after the error will not remove all nodes already created. When the transaction is...

silvertentacle.com Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1051963 Security Researcher howardpotts Helped patch 258 vulnerabilities Received 3 Coordinated Disclosure badges Received 1 recommendations , a holder of 3 badges for responsible and coordinated disclosure, found a security vulnerability affecting silvertentacle.com websi...

CVE-2018-1685

IBM DB2 for Linux, UNIX and Windows includes DB2 Connect Server 9.7, 10.1, 10.5, and 11.1 contains a vulnerability in db2cacpy that could allow a local user to read any file on the system. IBM X-Force ID: 145502...

Malware exploit: Dakcomet

Dakcomet Kevin Breen - DarkComet From Defense To Offense - Identify your Attacker Slides POC by Shawn Denbow and Jesse Herts Wikipedia Vulnerabilities Remote file read Data base poisoning SQL injection DarkComet ToolKit DarkComet Metasploit Module Last updated on 14th Jan 2017 None...

Blog Torrent 0.80 BTDownload.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/11839/info It is reported that Blog Torrent is affected by a cross-site scripting vulnerability. This issue is due to a failure of the application to properly sanitize user-supplied URI input. This issue could permit a...

SuSE 6.3/6.4/7.0 sdb Arbitrary Command Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/3208/info An input validation error exists in sdb, the SuSE Support Data Base. The problem exists in the sdbsearch.cgi script, which uses data directly from the 'Referer' header field from a HTTP request as a path when...

My School Script Data Base Download Vulnerability

No description provided by source. ======================================================================================== | Title : My School Script Data Base Download Vulnerability | Author : indoushka | Home : www.iqs3cur1ty.com | Bug : DB ====================== Exploit By indoushka...

Symantec Web Gateway Security Management Console Multiple Security Issues

SUMMARY Symantec Web Gateway SWG Appliance management console is susceptible to both local and remote access cross-site scripting XSS and local access SQL injection sqli vulnerabilities. Successful exploitation may result in an authorized user gaining unauthorized access to files on the managemen...

OracleBI Discoverer 10.1.2.48.18 Cross Site Scripting

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= INDEPENDENT SECURITY RESEARCHER PENETRATION TESTING SECURITY -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Author: Ur0b0r0x Tiwtte: @Ur0b0r0x Email: [email protected] Line: GreyHat Home: ur0b0r0x.blogspot.com Exploit Title: OracleBI Discoverer Ver 10.1.2.48.18 - Full...

SnitzTM Forums 2000 Version 3.4.07 (Data Base Dump) Vulnerability

Exploit for php platform in category web applications ================================================================= SnitzTM Forums 2000 Version 3.4.07 Data Base Dump Vulnerability =================================================================...

kanarya shop (Data Base Dump) Vulnerability

Exploit for php platform in category web applications =========================================== kanarya shop Data Base Dump Vulnerability =========================================== 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ ...

Mp3 MuZik Data Base Download Vulnerability

Exploit for asp platform in category web applications ========================================== Mp3 MuZik Data Base Download Vulnerability ========================================== ======================================================================================== | Title : Mp3 MuZik Data...

SuSE 6.3/6.4/7.0 sdb - Arbitrary Command Execution

source: https://www.securityfocus.com/bid/3208/info An input validation error exists in sdb, the SuSE Support Data Base. The problem exists in the sdbsearch.cgi script, which uses data directly from the 'Referer' header field from a HTTP request as a path when opening it's "keylist.txt" file. The...

SuSE 6.36.47.0 sdb - Arbitrary Command Execution

SuSE 6.36.47.0 sdb - Arbitrary Command Execution source: https://www.securityfocus.com/bid/3208/info An input validation error exists in sdb, the SuSE Support Data Base. The problem exists in the sdbsearch.cgi script, which uses data directly from the 'Referer' header field from a HTTP request as...