Lucene search
K

561 matches found

Tenable Nessus
Tenable Nessus
added 2011/11/22 12:0 a.m.27 views

Fedora 15 : puppet-2.6.12-1.fc15 (2011-14994)

A bug in puppet's SSL certificate handling could allow nodes with a valid certificate to impersonate the puppet master. To be vulnerable, a user would have had to set the certdnsnames variable and generated certificates. This setting is not set by default in the Fedora/EPEL packages. This update...

2.6CVSS5.6AI score0.02454EPSS
Exploits0References2
myhack58
myhack58
added 2011/04/27 12:0 a.m.30 views

Quick. CMS v3. 0 CSRF flaws and fixes-vulnerability warning-the black bar safety net

Exploit Title: Quick CMS v3. 0 Cross Site Request Forgery Add Admin User + Author : ^Xecuti0n3r + E-mail : xecuti0n3ryahoo.com + Category : Web Apps XSRF + Dork : intext:"Quick. Cms v3. 0" inurl:admin.php + Demo CMS Link: http://opensolution.org/Quick.Cms 1 1 0 I'm ^Xecuti0n3r member from...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2011/04/26 12:0 a.m.31 views

Quick.CMS 3.0 - Cross-Site Request Forgery

Exploit Title: Quick CMS v3.0 Cross Site Request Forgery Add Admin User + Author : ^Xecuti0n3r + E-mail : xecuti0n3ryahoo.com + Category : Web Apps XSRF + Dork : intext:"Quick.Cms v3.0" inurl:admin.php + Demo CMS Link: http://opensolution.org/Quick.Cms 1 1 0 I'm ^Xecuti0n3r member from Inj3ct0r...

7AI score
Exploits0
exploitpack
exploitpack
added 2011/04/26 12:0 a.m.15 views

Quick.CMS 3.0 - Cross-Site Request Forgery

Quick.CMS 3.0 - Cross-Site Request Forgery + Exploit Title: Quick CMS v3.0 Cross Site Request Forgery Add Admin User + Author : ^Xecuti0n3r + E-mail : xecuti0n3ryahoo.com + Category : Web Apps XSRF + Dork : intext:"Quick.Cms v3.0" inurl:admin.php + Demo CMS Link: http://opensolution.org/Quick.Cms...

0.7AI score
Exploits0
Exploit DB
Exploit DB
added 2010/09/13 12:0 a.m.42 views

AA SMTP Server 1.1 - Crash (PoC)

========================= AA SMTP SERVER v.1.1 -- Crash POC ========================= Application : AA SMTP SERVER v.1.1 Vendor URL : http://www.aa2soft.com/download.htm Category : Windows/POC/Crash Author : ..:: SONiC ::.. aka theM4LW4r3 Special thanks to : Ashwin Vamshi,Sid3^effects,r0073r...

7.4AI score
Exploits0
RedHat Linux
RedHat Linux
added 2010/03/29 12:0 p.m.2 views

pam_krb5: Password prompt varies for existent and non-existent users

pamkrb5 2.2.14 through 2.3.4, as used in Red Hat Enterprise Linux RHEL 5, generates different password prompts depending on whether the user account exists, which allows remote attackers to enumerate valid usernames...

5CVSS5.9AI score0.03326EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2010/02/19 12:0 a.m.64 views

Mandriva Update for drakxtools MDVA-2010:062-1 (drakxtools)

Check for the Version of drakxtools OpenVAS Vulnerability Test Mandriva Update for drakxtools MDVA-2010:062-1 drakxtools Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modi...

6.8CVSS8.1AI score0.04408EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2009/01/05 7:8 a.m.8 views

Issue with core dump owner

The docoredump function in fs/exec.c in Linux kernel 2.4.x and 2.6.x up to 2.6.24-rc3, and possibly other versions, does not change the UID of a core dump file if it exists before a root process creates a core dump in the same location, which might allow local users to obtain sensitive informatio...

2.1CVSS5.7AI score0.00425EPSS
Exploits2References4
UbuntuCve
UbuntuCve
added 2008/09/04 6:41 p.m.35 views

CVE-2008-3920

Unspecified vulnerability in BitlBee before 1.2.2 allows remote attackers to "recreate" and "hijack" existing accounts via unspecified vectors...

7.5CVSS5.9AI score0.02109EPSS
Exploits0References1
Prion
Prion
added 2008/09/04 6:41 p.m.18 views

Security feature bypass

Unspecified vulnerability in BitlBee before 1.2.2 allows remote attackers to "recreate" and "hijack" existing accounts via unspecified vectors...

7.5CVSS6.6AI score0.02109EPSS
Exploits0References11Affected Software1
Packet Storm
Packet Storm
added 2008/07/31 12:0 a.m.21 views

hiox-addadmin.txt

"; fclose$file; $creat = "false"; echo "New User Created Please Wait You will be Redirected to Login Page "; else echo "Enter correct Username or Password "; if$creat == "true" ? tr width=400 height...

7.4AI score
Exploits0
FreeBSD
FreeBSD
added 2008/05/05 12:0 a.m.47 views

mysql -- MyISAM table privileges security bypass vulnerability

SecurityFocus reports: MySQL is prone to a security-bypass vulnerability. An attacker can exploit this issue to overwrite existing table files in the MySQL data directory, bypassing certain security restrictions...

4.6CVSS6.4AI score0.02588EPSS
Exploits2
exploitpack
exploitpack
added 2008/03/10 12:0 a.m.10 views

Gallarific - search.php?query Cross-Site Scripting

Gallarific - search.php?query Cross-Site Scripting source: https://www.securityfocus.com/bid/28163/info Gallarific is prone to a cross-site scripting vulnerability and multiple authentication-bypass vulnerabilities. An attacker may leverage these issues to execute arbitrary script code in the...

0.4AI score
Exploits0
RedHat Linux
RedHat Linux
added 2008/01/31 6:23 p.m.5 views

Issue with core dump owner

The docoredump function in fs/exec.c in Linux kernel 2.4.x and 2.6.x up to 2.6.24-rc3, and possibly other versions, does not change the UID of a core dump file if it exists before a root process creates a core dump in the same location, which might allow local users to obtain sensitive informatio...

2.1CVSS5.7AI score0.00425EPSS
Exploits2References4
securityvulns
securityvulns
added 2008/01/12 12:0 a.m.46 views

Naymz multiple XSS

Naymz is a online profile system with positive and accurate information that you want others to find when they search for you online. Community Search fails to sanitize: 1."scriptalert'xss'/script...

6.8AI score
Exploits0
Packet Storm
Packet Storm
added 2008/01/11 12:0 a.m.23 views

naymz-xss.txt

Naymz is a online profile system with positive and accurate information that you want others to find when they search for you online. Community Search fails to sanitize: 1."alert'xss'...

7.4AI score
Exploits0
seebug.org
seebug.org
added 2007/07/05 12:0 a.m.22 views

HTTP SERVER (httpsv1.6.2) 404 Denial of Service

No description provided by source. !/usr/bin/perl GetOpt STD module use IO::Socket; use Getopt::Std; getopts":i:p:",%args; ifdefined $argsi $ip = $argsi; ifdefined $argsp $port = $argsp; if!defined $argsi or !defined $argsp print "-----------------------------------------------------\n"; print...

7.1AI score
Exploits0
NVD
NVD
added 2006/07/18 3:46 p.m.15 views

CVE-2006-3616

Multiple cross-site scripting XSS vulnerabilities in Carbonize Lazarus Guestbook 1.6 and earlier allow remote attackers to inject arbitrary web script or HTML via 1 the show parameter in codes-english.php and 2 the img parameter in picture.php, after the name of an existing file...

4.3CVSS5.8AI score0.02433EPSS
Exploits1References9
Cvelist
Cvelist
added 2006/07/14 9:0 p.m.17 views

CVE-2006-3616

Multiple cross-site scripting XSS vulnerabilities in Carbonize Lazarus Guestbook 1.6 and earlier allow remote attackers to inject arbitrary web script or HTML via 1 the show parameter in codes-english.php and 2 the img parameter in picture.php, after the name of an existing file...

5.8AI score0.02433EPSS
Exploits1References9
OSV
OSV
added 2006/05/15 12:0 a.m.12 views

DSA-1056-1 webcalendar - verbose error message

Bulletin has no description...

5CVSS6.1AI score0.01655EPSS
Exploits0
Rows per page
Query Builder