527 matches found
大汉网络 /jcms/interface/ldap/receive.jsp 接口未授权更改密钥
相关代码如下 if state.equals"S" //注册应用 boolean b = ldapBlf.writeXMLappname,enckey,ldapurl,webtype,ssourl,encrypttype; 未授权注册并覆盖了 enckey 得到 enckey 之后利用可以参照 https://www.sebug.net/vuldb/ssvid-90213...
phpFileManager 0.9.8 Remote 代码执行
No description provided by source...
Wireshark /wiretap/pcapng.c 远程拒绝服务漏洞
No description provided by source...
BlackHat topic analysis: analysis of BGP hijacking exploit-vulnerability warning-the black bar safety net
BGP hijacking in 2 0 0 8 years defcon conference once involved, however, in 2 0 1 5 year's blackhat has been selected as the subject, visible the seriousness of the problem, frozen three feet, a cold, BGP hijacking issues to organizations around the world work together to solve it. 0×0 0 what is ...
The vulnerability of the Red Hat Enterprise Linux operating system allows malicious actors to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the policycoreutils-debuginfo-2.0.83 package in the Red Hat Enterprise Linux operating system can lead to violations of confidentiality, integrity, and accessibility of protected information. This vulnerability can be exploited locally...
WordPress slideshow plugin RevSlider exploit-vulnerability warning-the black bar safety net
Any read: /wp-admin/admin-ajax. php? action=revslidershowimage&img=../wp-config.php Any upload: !/ usr/bin/perl Title: Slider Revolution/Showbiz Pro shell upload exploit Author: Simo Ben youssef Contact: SimoatMorxploitcom Discovered: 1 5 October 2 0 1 4 Coded: 1 5 October 2 0 1 4 Updated: 2 5...
PMB 4.1.3 - (Authenticated) SQL Injection
Exploit Title: PMB = 4.1.3 Post-Auth SQL Injection Vulnerability Google Dork: inurl:opaccss Date: 25-12-2014 Exploit Author: XD4rker Ismail Belkacim Email: xd4rkeratgmail.com Twitter: @xd4rker Vendor Homepage: http://www.sigb.net Software Link: http://forge.sigb.net/redmine/projects/pmb/files...
WordPress Plugin 0.9.7 Joomla! Component 2.0.0 Creative Contact Form - Arbitrary File Upload
WordPress Plugin 0.9.7 Joomla! Component 2.0.0 Creative Contact Form - Arbitrary File Upload !/usr/bin/python Exploit Name: Wordpress and Joomla Creative Contact Form Shell Upload Vulnerability Wordpress plugin version: = 0.9.7 Joomla extension version: = 2.0.0 Vulnerability discovered by Gianni...
Weilian /product.asp SQL注入漏洞
No description provided by source...
Uni-vert PhpLeague 0.82 Joueurs.PHP SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/19880/info Uni-vert PhpLeague is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data. This issue may allow an attacker to compromise the application, access or modify data,...
xterm DECRQSS Remote Command Execution Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/33060/info The 'xterm' program is prone to a remote command-execution vulnerability because it fails to sufficiently validate user input. Successfully exploiting this issue would allow an attacker to execute arbitrary...
PHPKick 0.8 - statistics.php SQL Injection Exploit
No description provided by source. !/usr/bin/env python coding: utf-8 from pocsuite.net import req from pocsuite.poc import Output, POCBase from pocsuite.utils import register class TestPOCPOCBase: vulID = '69551' version = '1' author = 'RickGray' vulDate = '2010-08-08' createDate = '2015-10-15'...
almond classifieds ads (bsql/xss) Multiple Vulnerabilities
No description provided by source. -----------------------------I AM MUSLIM !!------------------------------ ============================================================================== / \ | | | | / \ | | | | / \ | | | | / \ | || | / \ | | | | / \ | | IN THE NAME OF // \ || || // \ || ||...
Web Directory Script <= 2.0 (name) SQL Injection Vulnerability
No description provided by source. Web Directory Script = 2.0 SQL Injection Vulnerability Author: !DoktOR! Contact: coder5attopmail.kz Home Page: www.antichat.ru Date found: 23.08.08 Product: Web Directory Script Version: 2.0 Download script:...
SendStudio 4.0.1 Cross Site Scripting and Security Bypass Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/37554/info SendStudio also called Email Marketer is prone to a cross-site scripting issue and a security-bypass issue. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecti...
Joomla Component com_extplorer <= 2.0.0 RC2 Local Directory Traversal
No description provided by source. -------------------------------------------------------------------------------------------------------------- ----- H-T Team HouSSaMix + ToXiC350 from MoroCCo ---------------------------------------------------------...
Dosya Yukle Scrtipi 1.0 - Shell Upload Vulnerability
No description provided by source...
Multiple Vendor ICMP Message Handling DoS
No description provided by source. source: http://www.securityfocus.com/bid/13124/info Multiple vendor implementations of TCP/IP Internet Control Message Protocol ICMP are reported prone to several denial-of-service attacks. ICMP is employed by network nodes to determine certain automatic actions...
Remote CVS <= 1.11.15 (error_prog_name) Remote Exploit
No description provided by source. / Remote CVS = 1.11.15 exploit for the errorprogname double free vuln. by Gyan Chawdhary, [email protected] Vulnerability Description: The Vulnerability lies in the serveargumentx function. The Argumentx command parameter is used to append data to a previously...
Mercury Mail <= 4.01a (Pegasus) IMAP Buffer Overflow Exploit
No description provided by source. / Mercury imap4 server remote buffer overflow exploit author : c0d3r kaveh razavi [email protected] [email protected] package : Mercury mail transport system 4.01a and prolly prior workaround : upgrade to 4.01b version advisory : not available right now company...