Lucene search
K

71 matches found

n0where
n0where
added 2019/03/05 11:31 p.m.218 views

Semi-Automated Network Penetration Testing Framework: Legion

Legion, a fork of SECFORCE’s Sparta, is an open source, easy-to-use, super-extensible and semi-automated network penetration testing framework that aids in discovery, reconnaissance and exploitation of information systems. Legion is developed and maintained by GoVanguard. Features Automatic recon...

0.5AI score
Exploits0References1
Prion
Prion
added 2019/01/02 2:29 p.m.18 views

Design/Logic Flaw

Prior to CouchDB version 2.3.0, CouchDB allowed for runtime-configuration of key components of the database. In some cases, this lead to vulnerabilities where CouchDB admin users could access the underlying operating system as the CouchDB user. Together with other vulnerabilities, it allowed full...

6.5CVSS7.2AI score0.03228EPSS
Exploits0References4Affected Software1
UbuntuCve
UbuntuCve
added 2019/01/02 2:29 p.m.24 views

CVE-2018-17188

Prior to CouchDB version 2.3.0, CouchDB allowed for runtime-configuration of key components of the database. In some cases, this lead to vulnerabilities where CouchDB admin users could access the underlying operating system as the CouchDB user. Together with other vulnerabilities, it allowed full...

7.2CVSS6.8AI score0.03228EPSS
Exploits0References2
Packet Storm
Packet Storm
added 2018/05/28 12:0 a.m.49 views

wityCMS 0.6.1 Cross Site Scripting

Exploit Title: wityCMS 0.6.1 Persistent XSS on "Website's name" field Date: 05/28/2018 Exploit Author: Nathu Nandwani Website: http://nandtech.co/ Vendor Homepage: https://creatiwity.net/witycms Software Link: https://github.com/Creatiwity/wityCMS/releases/tag/0.6.1 Version: 0.6.1 Tested on:...

0.02178EPSS
Exploits5
OpenVAS
OpenVAS
added 2016/08/09 12:0 a.m.42 views

Debian Security Advisory DSA 3645-1 (chromium-browser - security update)

Several vulnerabilities have been discovered in the chromium web browser. CVE-2016-5139 GiWan Go discovered a use-after-free issue in the pdfium library. CVE-2016-5140 Ke Liu discovered a use-after-free issue in the pdfium library. CVE-2016-5141 Sergey Glazunov discovered a URL spoofing issue...

7.5CVSS0.5AI score0.01849EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2015/10/29 12:0 a.m.23 views

FreeBSD : openafs -- information disclosure (017a493f-7db6-11e5-a762-14dae9d210b8)

The OpenAFS development team reports : When constructing an Rx acknowledgment ACK packet, Andrew-derived Rx implementations do not initialize three octets of data that are padding in the C language structure and were inadvertently included in the wire protocol CVE-2015-7762. Additionally, OpenAFS...

5CVSS5.3AI score0.02133EPSS
Exploits0References4
OSV
OSV
added 2015/07/23 12:0 a.m.31 views

DSA-3315-1 chromium-browser - security update

Bulletin has no description...

9.8CVSS8.1AI score0.19069EPSS
Exploits3
exploitpack
exploitpack
added 2015/06/26 12:0 a.m.63 views

ManageEngine Asset Explorer 6.1 - Persistent Cross-Site Scripting

ManageEngine Asset Explorer 6.1 - Persistent Cross-Site Scripting Title: =============== ManageEngine Asset Explorer v6.1 - XSS Vulnerability CVE-ID: ==================================== CVE-2015-2169 CVSS: ==================================== 3.5 Product & Service Introduction Taken from their...

4.3CVSS6.2AI score0.0774EPSS
Exploits5
FreeBSD
FreeBSD
added 2015/05/06 12:0 a.m.32 views

suricata -- TLS/DER Parser Bug (DoS)

OISF Development Team reports: The OISF development team is pleased to announce Suricata 2.0.8. This release fixes a number of issues in the 2.0 series. The most important issue is a bug in the DER parser which is used to decode SSL/TLS certificates could crash Suricata. This issue was reported b...

5CVSS6.2AI score0.01134EPSS
Exploits0References2
FreeBSD
FreeBSD
added 2014/10/22 12:0 a.m.37 views

libpurple/pidgin -- multiple vulnerabilities

The pidgin development team reports:...

6.4CVSS9.2AI score0.03838EPSS
Exploits0References1
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.21 views

Hycus CMS Multiple Vulnerabilities

No description provided by source. Vulnerability ID: HTB22737 Reference: http://www.htbridge.ch/advisory/lfiinhycuscms.html Product: Hycus CMS Vendor: Hycus Web Development Team http://www.hycus.com/ Vulnerable Version: 1.0.3 Vendor Notification: 07 December 2010 Vulnerability Type: LFI Status: N...

6.7AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.42 views

wu-ftpd 2.4.2/2.5 .0/2.6 .0 - Remote Format String Stack Overwrite (1)

No description provided by source. source: http://www.securityfocus.com/bid/1387/info Washington University ftp daemon wu-ftpd is a very popular unix ftp server shipped with many distributions of Linux and other UNIX operating systems. Wu-ftpd is vulnerable to a very serious remote attack in the...

7.1AI score
Exploits0
Hacker One
Hacker One
added 2014/06/20 12:0 a.m.86 views

Internet Bug Bounty: SPL ArrayObject/SPLObjectStorage Unserialization Type Confusion Vulnerabilities

This vulnerability was reported directly to the PHP development team. A detailed summary is available here: https://www.sektioneins.de/en/blog/14-08-27-unserialize-typeconfusion.html...

7.5CVSS7.7AI score0.30128EPSS
Exploits4
Hacker One
Hacker One
added 2014/05/28 12:0 a.m.26 views

Internet Bug Bounty: Locale::parseLocale Double Free

This bug was reported directly to the PHP development team: https://bugs.php.net/bug.php?id=67349...

6.9AI score
Exploits0
OpenVAS
OpenVAS
added 2013/12/07 12:0 a.m.41 views

Debian Security Advisory DSA 2811-1 (chromium-browser - several vulnerabilities)

Several vulnerabilities have been discovered in the chromium web browser. CVE-2013-6634 Andrey Labunets discovered that the wrong URL was used during validation in the one-click sign on helper. CVE-2013-6635 cloudfuzzer discovered use-after-free issues in the InsertHTML and Indent DOM editing...

7.5CVSS0.2AI score0.01949EPSS
Exploits0References1
exploitpack
exploitpack
added 2013/06/21 12:0 a.m.37 views

GLPI 0.83.8 - Multiple Vulnerabilities

GLPI 0.83.8 - Multiple Vulnerabilities GLPI v0.83.8 Multiple Error-based SQL Injection Vulnerabilities Vendor: INDEPNET Development Team Product web page: http://www.glpi-project.org Affected version: 0.83.7 and 0.83.8 Summary: GLPI, an initialism for Gestionnaire libre de parc informatique Free...

0.3AI score
Exploits0
Packet Storm
Packet Storm
added 2013/06/20 12:0 a.m.39 views

GLPI 0.83.8 SQL Injection

GLPI v0.83.8 Multiple Error-based SQL Injection Vulnerabilities Vendor: INDEPNET Development Team Product web page: http://www.glpi-project.org Affected version: 0.83.7 and 0.83.8 Summary: GLPI, an initialism for Gestionnaire libre de parc informatique Free Management of Computer Equipment, was...

0.3AI score
Exploits0
0day.today
0day.today
added 2013/06/20 12:0 a.m.42 views

GLPI 0.83.7 Parameter Traversal Arbitrary File Access Vulnerability

GLPI version 0.83.7 suffers from a parameter traversal vulnerability that allows for arbitrary file access. GLPI v0.83.7 itemtype Parameter Traversal Arbitrary File Access Exploit Vendor: INDEPNET Development Team Product web page: http://www.glpi-project.org Affected version: 0.83.7 Summary: GLP...

7.1AI score
Exploits0
0day.today
0day.today
added 2013/06/03 12:0 a.m.30 views

Elastix 2.4.0 Cross Site Scripting Vulnerability

Elastix version 2.4.0 suffers from a cross site scripting vulnerability Exploit Title: elastix 2.4.0 XSS Vulnerability Date: 28/05/2013 Exploit Author: cheki Vendor Homepage: elastix.org Software Link: http://www.elastix.org/index.php/en/downloads/main-distro.html Version: Elastix 2.4.0 Stable CV...

6.6AI score
Exploits0
Packet Storm
Packet Storm
added 2012/12/28 12:0 a.m.25 views

CubeCart 5.0.7 Insecure Backup Handling

OVERVIEW CubeCart 5.0.7 and lower versions are vulnerable to Insecure Backup File Handling which leads to the disclosure of the application configuration file. 2. BACKGROUND CubeCart is an "out of the box" ecommerce shopping cart software solution which has been written to run on servers that...

7.4AI score
Exploits0
Rows per page
Query Builder