Lucene search
K

8691 matches found

Exploit DB
Exploit DB
added 2013/10/31 12:0 a.m.23 views

ISPConfig - (Authenticated) Arbitrary PHP Code Execution (Metasploit)

This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit4 'ISPConfig Authenticated Arbitrary PHP Code Execution', 'Description' = %q ISPConfig allows an authenticated administrator to export...

8.8CVSS7.4AI score0.43103EPSS
Exploits5
Metasploit
Metasploit
added 2013/10/30 3:25 p.m.86 views

ISPConfig Authenticated Arbitrary PHP Code Execution

ISPConfig allows an authenticated administrator to export language settings into a PHP script which is intended to be reuploaded later to restore language settings. This feature can be abused to run aribitrary PHP code remotely on the ISPConfig server. This module was tested against version...

8.8CVSS0.7AI score0.43103EPSS
Exploits5
Check Point Advisories
Check Point Advisories
added 2013/09/22 12:0 a.m.0 views

PineApp Mail-SeCure confpremenu.php Export Log Command Injection

A command execution vulnerability has been reported in PineApp Mail-SeCure...

7.2AI score
Exploits0
Atlassian
Atlassian
added 2013/09/16 6:17 a.m.17 views

Resource file path traversal in IconDownloadResourceManager

To reproduce: 1. Create a new page title doesn't matter. 2. Insert an image with URL: code:none /confluence/images/icons/profilepics/../../../WEB-INF/classes/crowd.properties code with /confluence/ replaced with the correct base path. Edit the page, click +, click Image, select the From the Web...

1.5AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2013/09/16 6:17 a.m.20 views

Resource file path traversal in IconDownloadResourceManager

To reproduce: 1. Create a new page title doesn't matter. 2. Insert an image with URL: code:none /confluence/images/icons/profilepics/../../../WEB-INF/classes/crowd.properties code with /confluence/ replaced with the correct base path. Edit the page, click +, click Image, select the From the Web...

1.5AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2013/09/11 7:3 a.m.21 views

Arbitrary file creation in AbstractRendererExporterImpl

To reproduce: 1. Create a new space. 2. Create a new page. 3. Attach a file called test.txt to the page. 3. Edit the page, and add an image with the URL: code /confluence/s/download/attachments/pageid//../../../../../../../../../../../../tmp/test.txt code \pageid\ must be replaced with the actual...

0.1AI score
Exploits0
Kitploit
Kitploit
added 2013/08/29 1:11 a.m.35 views

[Resolver v1.0.9] The reverse/bruteforce DNS lookup

Resolver is a windows based tool which designed to preform a reverse DNS Lookup for a given IP address or for a range of IP’s in order to find its PTR. Updated to Version 1.0.3 added dns records brute force. Resolver features: Resolve a Single IP Resolve an IP Range Resolve IP’s provided in a tex...

7.3AI score
Exploits0
OpenVAS
OpenVAS
added 2013/08/27 12:0 a.m.26 views

Debian Security Advisory DSA 2743-1 (kfreebsd-9 - privilege escalation/information leak)

Several vulnerabilities have been discovered in the FreeBSD kernel that may lead to a privilege escalation or information leak. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2013-3077 Clement Lecigne from the Google Security Team reported an integer...

7.8CVSS0.02511EPSS
Exploits1References1
Kitploit
Kitploit
added 2013/08/14 4:40 a.m.15 views

[MISP v2.1] Malware Information Sharing Platform

The problem that we experienced in the past was the difficulty to exchange information about targeted malwares and attacks within a group of trusted partners, or a bilateral agreement. Even today much of the information exchange happens in unstructured reports where you have to copy-paste the...

6.8AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2013/08/08 12:0 a.m.25 views

phpMyAdmin 3.5.x < 3.5.8.2 / 4.0.x < 4.0.4.2 Multiple Vulnerabilities

Binary data 6967.prm...

6.5CVSS6.5AI score0.01832EPSS
Exploits0References17
OSV
OSV
added 2013/07/31 1:20 p.m.1 views

DEBIAN-CVE-2013-5003

Multiple SQL injection vulnerabilities in phpMyAdmin 3.5.x before 3.5.8.2 and 4.0.x before 4.0.4.2 allow remote authenticated users to execute arbitrary SQL commands via 1 the scale parameter to pmdpdf.php or 2 the pdfpagenumber parameter to schemaexport.php...

6.5CVSS10AI score0.01606EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2013/07/31 1:20 p.m.28 views

CVE-2013-5003

Multiple SQL injection vulnerabilities in phpMyAdmin 3.5.x before 3.5.8.2 and 4.0.x before 4.0.4.2 allow remote authenticated users to execute arbitrary SQL commands via 1 the scale parameter to pmdpdf.php or 2 the pdfpagenumber parameter to schemaexport.php...

6.5CVSS7AI score0.01606EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2013/07/30 6:0 p.m.24 views

CVE-2013-5002

Cross-site scripting XSS vulnerability in libraries/schema/ExportRelationSchema.class.php in phpMyAdmin 3.5.x before 3.5.8.2 and 4.0.x before 4.0.4.2 allows remote authenticated users to inject arbitrary web script or HTML via a crafted pageNumber value to schemaexport.php...

3.5CVSS5.4AI score0.00967EPSS
Exploits0
OSV
OSV
added 2013/07/29 2:6 p.m.10 views

MGASA-2013-0238 Updated phpmyadmin packages fix security vulnerabilities

Using a crafted SQL query, it was possible to produce an XSS on the SQL query form PMASA-2013-8CVE-2013-4995. In the setup/index.php, using a crafted hash with a Javascript event, untrusted JS code could be executed. In the Display chart view, a chart title containing HTML code was rendered...

6.5CVSS6.2AI score0.01832EPSS
Exploits0References8
phpMyAdmin
phpMyAdmin
added 2013/07/28 12:0 a.m.51 views

Self-XSS due to unescaped HTML output in schema export.

PMASA-2013-14 Announcement-ID: PMASA-2013-14 Date: 2013-07-28 Updated: 2013-07-30 Summary Self-XSS due to unescaped HTML output in schema export. Description When calling schemaexport.php with crafted parameters, it is possible to trigger an XSS. Severity We consider this vulnerability to be non...

3.5CVSS6.8AI score0.00967EPSS
Exploits0Affected Software1
RedHat Linux
RedHat Linux
added 2013/07/16 6:21 p.m.3 views

Kernel: udf: information leak on export

The udfencodefh function in fs/udf/namei.c in the Linux kernel before 3.6 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel heap memory via a crafted application...

1.9CVSS6.6AI score0.00429EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2013/07/16 5:18 p.m.2 views

Kernel: udf: information leak on export

The udfencodefh function in fs/udf/namei.c in the Linux kernel before 3.6 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel heap memory via a crafted application...

1.9CVSS6.6AI score0.00429EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2013/05/04 12:0 a.m.45 views

Mandriva Linux Security Advisory : phpmyadmin (MDVSA-2013:160)

Updated phpmyadmin package fixes security vulnerabilities : In some PHP versions, the pregreplace\ function can be tricked into executing arbitrary PHP code on the server. This is done by passing a crafted argument as the regular expression, containing a null byte. phpMyAdmin does not correctly...

6CVSS7.4AI score0.28851EPSS
Exploits16References2
NVD
NVD
added 2013/04/26 3:34 a.m.29 views

CVE-2013-3240

Directory traversal vulnerability in the Export feature in phpMyAdmin 4.x before 4.0.0-rc3 allows remote authenticated users to read arbitrary files or possibly have unspecified other impact via a parameter that specifies a crafted export type...

6.5CVSS6.8AI score0.05485EPSS
Exploits5References2
NVD
NVD
added 2013/04/26 3:34 a.m.26 views

CVE-2013-3241

export.php aka the export script in phpMyAdmin 4.x before 4.0.0-rc3 overwrites global variables on the basis of the contents of the POST superglobal array, which allows remote authenticated users to inject values via a crafted request...

4CVSS5.8AI score0.04188EPSS
Exploits5References2
Rows per page
Query Builder