Atlassian Confluence Server OGNL Remote Code Execution

Added: 09/20/2021 Background Atlassian Confluence is a collaboration and knowledge management application. Problem Atlassian Confluence has an OGNL injection vulnerability that would allow an unauthenticated user to execute arbitrary code on a Confluence Server. Resolution Upgrade to Confluence...

Disk Savvy Enterprise GET buffer overflow

Added: 12/01/2016 Background Disk Savvy Enterprise is a disk space usage analyzer. Problem A buffer overflow in Disk Savvy Enterprise when handling GET requests could allow remote code execution. Resolution Upgrade to a version higher than 9.1.14 when available. References Limitations Exploit wor...

GREED 0.81 GRX File List Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/12033/info greed Get and Resume Elite Edition is prone to a buffer overflow vulnerability. The issue is exposed when the client processes GRX file lists. GRX file lists allow file downloads to be scripted. Since GRX file...

Microsoft IIS 5.0 In-Process Table Privelege Elevation Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/3193/info A vulnerability exists in Microsoft's Internet Information Services 5.0 which could allow a user with write permission to run any code with System privileges. http://www.exploit-db.com/sploits/21072.zip...

Motorola Timbuktu Pro 8.6.5 - Multiple Denial of Service Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/28186/info Motorola Timbuktu Pro is prone to multiple denial-of-service vulnerabilities. Exploiting these issues will allow attackers to crash the affected application, denying further service to legitimate users...

Sun JDK 1.1.x,Sun JRE 1.1.x Listening Socket Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1545/info A set of flaws in multiple vendors' Java implementation allows a malicious applet to open a listening socket to accept network connections against the security policy. Java applications use the...

WeBid <= 1.0.5 Directory Traversal Vulnerability

Exploit for php platform in category web applications Author: loneferret of Offensive Security Product: WeBid Version: 1.0.4 & 1.0.5 and maybe older versions Vendor Site: http://www.webidsupport.com Software Download:...

SetSeed CMS 5.8.20 (loggedInUser) Remote SQL Injection Vulnerability

Summary SetSeed is a self-hosted CMS which lets you rapidly build and deploy complete websites and online stores for your clients. Description SetSeed CMS is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements to the vulnerable script using the cookie input...

TFTPUtil GUI 1.4.5 - Denial of Service (Metasploit)

Title: TFTPUtil GUI v1.4.5 Invalid Request DoS CVE-ID: OSVDB-ID: Author: Vuk Ivanovic Published: 2010-12-04 Verified: yes This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more informati...