Lucene search
K

923 matches found

RedHat Linux
RedHat Linux
added 2008/11/25 8:41 a.m.8 views

vim: arbitrary code execution in commands: K, Control-], g]

Vim 3.0 through 7.x before 7.2.010 does not properly escape characters, which allows user-assisted attackers to 1 execute arbitrary shell commands by entering a K keystroke on a line that contains a ";" semicolon followed by a command, or execute arbitrary Ex commands by entering an argument afte...

9.3CVSS6.1AI score0.09207EPSS
Exploits1References4
NVD
NVD
added 2008/09/19 5:15 p.m.22 views

CVE-2008-4131

Multiple unspecified vulnerabilities in Sun Solaris 8 through 10 allow local users to gain privileges via vectors related to handling of tags with 1 the -t option and 2 the :tag command in the a vi, b ex, c vedit, d view, and e edit programs...

7.2CVSS6.7AI score0.00773EPSS
Exploits0References9
OSV
OSV
added 2008/09/18 5:59 p.m.3 views

DEBIAN-CVE-2008-4101

Vim 3.0 through 7.x before 7.2.010 does not properly escape characters, which allows user-assisted attackers to 1 execute arbitrary shell commands by entering a K keystroke on a line that contains a ";" semicolon followed by a command, or execute arbitrary Ex commands by entering an argument afte...

9.3CVSS7.6AI score0.09207EPSS
Exploits1References1
UbuntuCve
UbuntuCve
added 2008/09/18 5:59 p.m.38 views

CVE-2008-4101

Vim 3.0 through 7.x before 7.2.010 does not properly escape characters, which allows user-assisted attackers to 1 execute arbitrary shell commands by entering a K keystroke on a line that contains a ";" semicolon followed by a command, or execute arbitrary Ex commands by entering an argument afte...

9.3CVSS6.1AI score0.09207EPSS
Exploits1References2
Packet Storm
Packet Storm
added 2008/08/22 12:0 a.m.34 views

vim-sanitize.txt

Vim: Arbitrary Code Execution in Commands: K, Control-, g 1. SUMMARY Product : Vim -- Vi IMproved Versions : 3.0--current, possibly older Impact : Arbitrary code execution Wherefrom: Local Original : http://www.rdancer.org/vulnerablevim-K.html Insufficient sanitization can lead to Vim executing...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2008/04/08 12:0 a.m.50 views

CAU-EX-2008-0001.txt

/ \ / \ | | | | ----====/ /\/ /\ | || |====---- | | | || | | | | | | | | | | | | | ------======\ / /| || || || |======------ / || || / Computer Academic Underground http://www.caughq.org Exploit Code ===============/======================================================== Exploit ID:...

7.4AI score0.4853EPSS
Exploits7
ATTACKERKB
ATTACKERKB
added 2007/12/20 8:46 p.m.3 views

CVE-2007-6492

The IMWeb.IMWebControl.1 ActiveX control in IMWeb.dll 7.0.0.x, and possibly IMWebControl.dll, in iMesh 7.1.0.x and earlier allows remote attackers to cause a denial of service Internet Explorer 7 crash via an empty string in the argument to the ProcessRequestEx method...

7.1CVSS5.6AI score0.01518EPSS
Exploits1References6
NVD
NVD
added 2007/07/17 10:30 p.m.16 views

CVE-2007-3834

Multiple cross-site scripting XSS vulnerabilities in Ex Libris ALEPH allow remote attackers to inject arbitrary web script or HTML via unspecified vectors related to a URL that can be discovered through a keyword search. NOTE: this may be related to the MetaLib XSS issue, CVE-2007-3835...

4.3CVSS5.3AI score0.01307EPSS
Exploits0References5
NVD
NVD
added 2007/07/17 10:30 p.m.16 views

CVE-2007-3835

Cross-site scripting XSS vulnerability in Ex Libris MetaLib 3.13 and 4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to a resource id that can be discovered through a search...

2.6CVSS5.6AI score0.01307EPSS
Exploits0References8
Prion
Prion
added 2007/07/17 10:30 p.m.14 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Ex Libris ALEPH allow remote attackers to inject arbitrary web script or HTML via unspecified vectors related to a URL that can be discovered through a keyword search. NOTE: this may be related to the MetaLib XSS issue, CVE-2007-3835...

4.3CVSS5.3AI score0.01307EPSS
Exploits0References5Affected Software1
Prion
Prion
added 2007/07/17 10:30 p.m.12 views

Cross site scripting

Cross-site scripting XSS vulnerability in Ex Libris MetaLib 3.13 and 4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to a resource id that can be discovered through a search...

2.6CVSS5.9AI score0.01307EPSS
Exploits0References8Affected Software1
CVE
CVE
added 2007/07/17 10:0 p.m.51 views

CVE-2007-3834

CVE-2007-3834 covers multiple XSS vulnerabilities in Ex Libris ALEPH (and note may be related to the MetaLib XSS issue CVE-2007-3835). Affected: Ex Libris ALEPH; vulnerability type: cross-site scripting via unspecified vectors in a URL discoverable by keyword search. Impact details are limited to...

4.3CVSS5.4AI score0.01307EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2007/07/17 10:0 p.m.18 views

CVE-2007-3834

Multiple cross-site scripting XSS vulnerabilities in Ex Libris ALEPH allow remote attackers to inject arbitrary web script or HTML via unspecified vectors related to a URL that can be discovered through a keyword search. NOTE: this may be related to the MetaLib XSS issue, CVE-2007-3835...

5.3AI score0.01307EPSS
Exploits0References5
CVE
CVE
added 2007/07/17 10:0 p.m.41 views

CVE-2007-3835

CVE-2007-3835 has confirmed XSS in Ex Libris MetaLib 3.13 and 4. An attacker can inject arbitrary web script/HTML via an unspecified vector related to a resource identifier that can be discovered through a search. The vulnerability is remote in scope and leverages the user’s interaction with sear...

2.6CVSS5.6AI score0.01307EPSS
Exploits0References8Affected Software1
Cvelist
Cvelist
added 2007/07/17 10:0 p.m.21 views

CVE-2007-3835

Cross-site scripting XSS vulnerability in Ex Libris MetaLib 3.13 and 4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to a resource id that can be discovered through a search...

5.6AI score0.01307EPSS
Exploits0References8
0day.today
0day.today
added 2007/05/31 12:0 a.m.29 views

win32 IsDebuggerPresent ShellCode (NT/XP) 39 bytes

Exploit for win32 platform in category shellcode ================================================== win32 IsDebuggerPresent ShellCode NT/XP 39 bytes ================================================== / Shellcode Length: 39 bytes / / sets PEB-BeingDebugged to 0 / / IsDebuggerPresent/BeingDebugged...

7AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2006/12/04 11:28 a.m.3 views

CVE-2006-6274

SQL injection vulnerability in articles.asp in Expinion.net iNews 1 Publisher iNP 2.5 and earlier, and possibly 2 News Manager, allows remote attackers to execute arbitrary SQL commands via the ex parameter. NOTE: early reports of this issue reported it as XSS, but this was erroneous. The origina...

6.8CVSS6.4AI score0.02065EPSS
Exploits1References9
Cvelist
Cvelist
added 2006/12/04 11:0 a.m.22 views

CVE-2006-6274

SQL injection vulnerability in articles.asp in Expinion.net iNews 1 Publisher iNP 2.5 and earlier, and possibly 2 News Manager, allows remote attackers to execute arbitrary SQL commands via the ex parameter. NOTE: early reports of this issue reported it as XSS, but this was erroneous. The origina...

8.4AI score0.02065EPSS
Exploits1References8
securityvulns
securityvulns
added 2004/06/04 12:0 a.m.72 views

PHP Include Exploit in Mail Manage EX v3.1.8 and maybe others.

Description: PHP Include Exploit in Mail Manage EX v3.1.8 Compromise: a malicious PHP script from an external host may be included and executed. Vulnerable Systems: all system using mmex.php v3.1.8 and maybe lower not tested. Details: The PHP Include exploit exist in de folowing code,...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2004/06/03 12:0 a.m.31 views

Mail Manage EX 3.1.8 MMEX - 'Settings' PHP Remote File Inclusion

source: https://www.securityfocus.com/bid/10457/info Mail Manage EX is reportedly prone to a remote file include vulnerability. This vulnerability results from insufficient sanitization of user-supplied data and may allow remote attackers to include arbitrary PHP files located on remote servers...

7.4AI score
Exploits0
Rows per page
Query Builder