Atlassian Confluence Server OGNL Remote Code Execution

Added: 09/20/2021 Background Atlassian Confluence is a collaboration and knowledge management application. Problem Atlassian Confluence has an OGNL injection vulnerability that would allow an unauthenticated user to execute arbitrary code on a Confluence Server. Resolution Upgrade to Confluence...

Disk Savvy Enterprise GET buffer overflow

Added: 12/01/2016 Background Disk Savvy Enterprise is a disk space usage analyzer. Problem A buffer overflow in Disk Savvy Enterprise when handling GET requests could allow remote code execution. Resolution Upgrade to a version higher than 9.1.14 when available. References Limitations Exploit wor...

Sun JDK 1.1.x,Sun JRE 1.1.x Listening Socket Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1545/info A set of flaws in multiple vendors' Java implementation allows a malicious applet to open a listening socket to accept network connections against the security policy. Java applications use the...

GREED 0.81 GRX File List Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/12033/info greed Get and Resume Elite Edition is prone to a buffer overflow vulnerability. The issue is exposed when the client processes GRX file lists. GRX file lists allow file downloads to be scripted. Since GRX file...

Microsoft IIS 5.0 In-Process Table Privelege Elevation Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/3193/info A vulnerability exists in Microsoft's Internet Information Services 5.0 which could allow a user with write permission to run any code with System privileges. http://www.exploit-db.com/sploits/21072.zip...

Motorola Timbuktu Pro 8.6.5 - Multiple Denial of Service Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/28186/info Motorola Timbuktu Pro is prone to multiple denial-of-service vulnerabilities. Exploiting these issues will allow attackers to crash the affected application, denying further service to legitimate users...

WeBid <= 1.0.5 Directory Traversal Vulnerability

Exploit for php platform in category web applications Author: loneferret of Offensive Security Product: WeBid Version: 1.0.4 & 1.0.5 and maybe older versions Vendor Site: http://www.webidsupport.com Software Download:...

SetSeed CMS 5.8.20 (loggedInUser) Remote SQL Injection Vulnerability

Summary SetSeed is a self-hosted CMS which lets you rapidly build and deploy complete websites and online stores for your clients. Description SetSeed CMS is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements to the vulnerable script using the cookie input...

TFTPUtil GUI 1.4.5 - Denial of Service (Metasploit)

Title: TFTPUtil GUI v1.4.5 Invalid Request DoS CVE-ID: OSVDB-ID: Author: Vuk Ivanovic Published: 2010-12-04 Verified: yes This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more informati...