CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

210 matches found

securityvulns•added 2003/05/26 12:0 a.m.•63 views

PHP source code injection in BLNews

Product: BLNews Version: 2.1.3 OffSite: http://www.blnews.de/ Problem: PHP source code injection -------------------------------------------- Vulnerability: ------------admin/objects.inc.php4------------ if $itheme!="blubb" include"$Serverpath/admin/tools.inc.php4";...

Exploit DB•added 2003/04/26 12:0 a.m.•21 views

Mike Bobbitt Album.PL 0.61 - Remote Command Execution

source: https://www.securityfocus.com/bid/7444/info A remote command execution vulnerability has been reported for Album.pl. The vulnerability reportedly exists when alternate configuration files are used. The precise technical details of this vulnerability are currently unknown. This BID will be...

exploitpack•added 2003/04/15 12:0 a.m.•15 views

IkonBoard 3.1 - Lang Cookie Arbitrary Command Execution (1)

IkonBoard 3.1 - Lang Cookie Arbitrary Command Execution 1 source: https://www.securityfocus.com/bid/7361/info It has been reported that IkonBoard is prone to an arbitrary command execution vulnerability. The vulnerability is due to insufficient sanitization performed on user supplied cookie data...

securityvulns•added 2003/04/12 12:0 a.m.•16 views

Buffer Overflow Vulnerability Found in MailMax Version 5

Buffer Overflow Vulnerability Found in MailMax Version 5 http://www.smartmax.com Discovered by Dennis Rand www.Infowarfare.dk ------------------------------------------------------------------------ -----SUMMARY This is a scalable e-mail server that supports SMTP, IMAP4 and POP3 protocols. Its...

securityvulns•added 2002/11/28 12:0 a.m.•20 views

Remote Frame Pointer Overwrite vulnerability in LIB CGI in Language C.

======================================== INetCop Security Advisory 2002-0x82-007 ======================================== Title: Remote Frame Pointer Overwrite vulnerability in LIB CGI in Language C. 0x01. Description A simple mode of develop CGI in language C. The libcgi package is a library...

securityvulns•added 2002/11/02 12:0 a.m.•21 views

ion-p.exe allows Remote File Retrieving

ion-p.exe allows Remote File Retrieving Exploit Example: www.Server.com/cgi-bin/ion-p.exe?page=c:winntrepairsam Zero X, member of www.lobnan.de -- Powered by Outblaze...

Exploit DB•added 2002/09/18 12:0 a.m.•24 views

Trillian 0.6351/0.7x - Identd Buffer Overflow

// source: https://www.securityfocus.com/bid/5733/info Trillian ships with an ident server to facilitate connections to IRC servers that require an ident response before allowing access. A buffer overflow condition exists in the Trillian ident server, which may potentially be exploited to cause a...

securityvulns•added 2002/07/09 12:0 a.m.•35 views

KF Web Server version 1.0.2 shows file and directory content

KF Web Server version 1.0.2 shows file and directory content .oO Overview Oo. KF Web Server version 1.0.2 shows file and directory content Discovered on 2002, July, 2nd Vendor: KeyFocus http://www.keyfocus.net/kfws/ KF Web Server 1.0.2 is a free personal web server available for Windows...

securityvulns•added 2002/07/02 12:0 a.m.•41 views

XSS in Slashcode

There is a nasty Cross Site ScriptingXSS vuln in Slashcode. This was used a day or so go on slashdot.org and resulted in most of the site being taken down for an hour or so. The maintainers of slashcode have patched the problem in CVS but have not even mentioned it anywhere that I can find. This...

securityvulns•added 2002/06/22 12:0 a.m.•39 views

[AP] YaBB Cross-Site Scripting vulnerability

-- ------------------------- -- - AngryPacket Security Advisory - -- ------------------------- -- - +--------------------- -- - + advisory information +------------------ -- - author: methodic [email protected] release date: 06/21/2002 homepage: http://sec.angrypacket.com advisory...

exploitpack•added 2002/04/23 12:0 a.m.•12 views

Matu FTP 1.74 - Client Buffer Overflow

Matu FTP 1.74 - Client Buffer Overflow source: https://www.securityfocus.com/bid/4572/info An issue has been reported which could allow for a malicious ftp server to execute arbitrary code on a Matu FTP client. If,upon user connection, a FTP server '220' response is of excessive length, a...

securityvulns•added 2002/01/31 12:0 a.m.•88 views

[ WWWThreads, UBBThreads ] Security Hole in upload system

WWWThreads, UBBThreads Security Hole in upload system Author: RootExtractor, CompuMe [email protected], [email protected] I. Details II. Vulnerable ver's III. Example, Xploit IV. Solution Details : ..: config.inc.php :.. ------------------------- snip ------------------------------ //...

exploitpack•added 2001/12/11 12:0 a.m.•13 views

Brian Dorricott MAILTO 1.0.7-9 - Unauthorized Mail Server Use

Brian Dorricott MAILTO 1.0.7-9 - Unauthorized Mail Server Use source: https://www.securityfocus.com/bid/3669/info MAILTO is a program maintained by Brian Dorricott. It enables web servers to allow forms to be converted into mail messages that can be sent to numerous recipients. An issue exists in...

securityvulns•added 2001/09/06 12:0 a.m.•35 views

directorymanager bug

Directory Manager Execute Command !BUG! Version Affected : Directory Manager 0.9 Directory Manager is a directory manager ; i realy don't know what he does. it has a serious security flaw, which allows any person to execute commands on attacked system as webserver-user. From editimage.php : if !$...

securityvulns•added 2001/07/18 12:0 a.m.•26 views

PHP local DoS: self-fetching throught HTTP

PHP scripting allows "opening" files througth HTTP: $file=fopen"http://host/page.html","r"; If script opening itself throught HTTP, it will result in DoS attack: as much as possible HTTP connections and great number of executing PHP scripts. Timeout settings are useless. Possible solutions: -...

securityvulns•added 2001/05/19 12:0 a.m.•29 views

dqs 3.2.7 local root exploit.

Subject: dqs 3.2.7 local root exploit. Hello. DESCRIPTION: I found a buffer overflow vunerability on the /usr/bin/dsh dqs 3.2.7 package. I really don't know if this bug was discovered already. if thats right, then sorry =. If a long line on the first argument is gived, the program gives a SIGSEGV...

Exploit DB•added 2001/03/15 12:0 a.m.•29 views

WU-FTPD 2.4/2.5/2.6 / Trolltech ftpd 1.2 / ProFTPd 1.2 / BeroFTPD 1.3.4 FTP - glob Expansion

source: https://www.securityfocus.com/bid/2496/info Many FTP servers are vulnerable to a denial of service condition resulting from poor globbing algorithms and user resource usage limits. Globbing generates pathnames from file name patterns used by the shell, eg. wildcards denoted by and ?,...

securityvulns•added 2001/03/05 12:0 a.m.•38 views

WFTPD Pro 3.00 R1 Buffer Overflow

When sending a command cwd followed by a long argument 500 char '.' the server crashes with: Anwendungspopup: WFTPD Service Control: WFTPD.EXE - Fehler in Anwendung: Die Anweisung in "0x2e2e2e2e" verweist auf Speicher in "0x2e2e2e2e". Der Vorgang "read" konnte nicht auf dem Speicher durchgefЭhrt...

Exploit DB•added 2001/01/25 12:0 a.m.•50 views

Solaris 2.6/2.7 - '/usr/bin/write' Local Overflow

include include / /usr/bin/write overflow proof of conecpt. Tested on Solaris 7 x86 Pablo Sor, Buenos Aires, Argentina. 01/2000 [email protected] usage: write-exp shelloffset retaddroffset default offset should work. / long getesp asm"movl %esp,%eax"; char shell =...

Exploit DB•added 2000/09/21 12:0 a.m.•22 views

extent technologies rbs isp 2.5 - Directory Traversal

source: https://www.securityfocus.com/bid/1704/info A remote user is capable of gaining read access to any file residing in the same directory of a host running Extent RBS ISP through directory traversal. Appending '../' to the 'image' variable request on port 8002 will enable a user to read any...

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by