Lucene search
+L

108 matches found

Packet Storm
Packet Storm
added 2017/12/10 12:0 a.m.30 views

TeamCity 2017.1.5 Privilege Escalation

TeamCity 2017.1.5 - Weak file permissions - Privilege Escalation ===================================================== Vendor Homepage: http://www.jetbrains.com Date: 17 Oct 2017 Version : TeamCity Version: 2017.1.5 Build: 47175 Tested on: Windows 7 Ultimate SP1 EN and Windows 10 x64 Author:...

0.6AI score
Exploits0
Openbugbounty
Openbugbounty
added 2017/10/31 12:43 p.m.13 views

kdshop.it XSS vulnerability

Open Bug Bounty ID: OBB-382596 Description| Value ---|--- Affected Website:| kdshop.it Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

6.3AI score
Exploits0
Positive Technologies
Positive Technologies
added 2017/09/27 12:0 a.m.20 views

PT-2017-11811 · Red Hat +1 · Freeipa +1

Name of the Vulnerable Software and Affected Versions: FreeIPA versions 4.x Description: The issue allows a remote authenticated user to bypass intended account-locking restrictions via an unlock action with an old session ID for the same user account that had been created for an earlier session...

8.8CVSS6.8AI score0.01687EPSS
Exploits1References11
0day.today
0day.today
added 2015/08/27 12:0 a.m.21 views

IP.Board 4.X - Stored XSS Vulnerability

Exploit for php platform in category web applications Exploit Title: IP.Board 4.X Stored XSS Date: 27-08-2015 Software Link: https://www.invisionpower.com/ Exploit Author: snop. Contact: http://twitter.com/rabbitzorg Website: http://rabbitz.org Category: webapps 1. Description A registered or...

7.1AI score
Exploits0
UbuntuCve
UbuntuCve
added 2015/05/18 3:59 p.m.15 views

CVE-2015-2704

realmd allows remote attackers to inject arbitrary configurations in to sssd.conf and smb.conf via a newline character in an LDAP response...

5CVSS6AI score0.02915EPSS
Exploits0References2
Packet Storm
Packet Storm
added 2015/04/24 12:0 a.m.29 views

WordPress QAEngine Theme 1.4 Privilege Escalation

Theme Link: https://www.enginethemes.com/themes/qaengine/ - Vulnerability Description: + 1st Vulnerability: qaengine vulnerability allows an attacker to have an administrator account on the target's website vuln code in /qaengine/includes/aecore/class-ae-users.php: public function insert...

0.4AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.26 views

TinyWebGallery <= 1.7.6 LFI / Remote Code Execution Exploit

No description provided by source. ?php / ----------------------------------------------------------- TinyWebGallery = 1.7.6 LFI / Remote Code Execution Exploit ----------------------------------------------------------- author...: EgiX mail.....: n0b0d13satgmaildotcom link.....:...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.15 views

Wordpress Usernoise Plugin 3.7.8 - Persistent XSS Vulnerability

No description provided by source. Details ============================= Application: Usernoise http://usernoise.karevn.com/ Version: 3.7.8 probably earlier versions as well Type: Wordpress plugin Developer: Nikolay Karev http://karevn.com/ - http://profiles.wordpress.org/karevn/ Vulnerability:...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.33 views

falt4 cms rc4 10.9.2007 Multiple Vulnerabilities

No description provided by source. H - Security Labs Falt4 CMS RC4 10.9.2007 Security Report /Advisory ID : HSEC20071012 General Information -------------------------- Name : Falt4Extreme CMS RC4 10.9.2007 Vendor HomePage :http://sourceforge.net/projects/falt4/ Platforms : PHP && MySQL...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2012/09/02 12:0 a.m.103 views

Chamilo 1.8.8.4 Multiple Vulnerabilities

Chamilo 1.8.8.4 Multiple Vulnerabilities ======================== CVE: CVE-2012-4029 Issue: Reflected XSS PHPSELF in third-party app, Stored XSS PHPSELF XSS http://chamilo-1.8.8.4/main/inc/lib/phpdocx/pdf/www/examples.php/'"img src=404 onerror=alert1 Stored XSS unfiltered input categoryname...

1.1AI score0.01442EPSS
Exploits2
Packet Storm
Packet Storm
added 2012/08/27 12:0 a.m.53 views

Chamilo 1.8.8.4 XSS / File Deletion

Chamilo 1.8.8.4 Multiple Vulnerabilities ======================== CVE: CVE-2012-4029 Issue: Reflected XSS PHPSELF in third-party app, Stored XSS PHPSELF XSS http://chamilo-1.8.8.4/main/inc/lib/phpdocx/pdf/www/examples.php/'" Stored XSS unfiltered input categoryname...

0.2AI score0.01442EPSS
Exploits2
Exploit DB
Exploit DB
added 2011/09/22 12:0 a.m.24 views

JAKCMS PRO 2.2.5 - Arbitrary File Upload

Exploit Title: JAKCMS PRO = 2.2.5 Remote Arbitrary File Upload Exploit Google Dork: "Powered By JAKCMS" Date: 21/09/2011 Author: EgiX Software Link: http://www.jakcms.com/ Version: 2.2.5 Tested on: Windows 7 and Debian 6.0.2 ?php / -------------------------------------------------------- JAKCMS P...

7AI score
Exploits0
securityvulns
securityvulns
added 2011/08/27 12:0 a.m.52 views

Security advisory: SQL Injection in LedgerSMB 1.2.24 and lower

Hi all; The LedgerSMB development team has found an SQL injection issue in LedgerSMB 1.2.24. Because this issue stems from our common SQL-Ledger heritage, it affects all versions of LedgerSMB and has been confirmed in SQL-Ledger 2.8.33. We contacted Dieter when we initially discovered this and no...

0.5AI score
Exploits0
securityvulns
securityvulns
added 2011/04/14 12:0 a.m.42 views

ZDI-11-117: McAfee Firewall Reporter GeneralUtilities.pm isValidClient Authentication Bypass Vulnerability

ZDI-11-117: McAfee Firewall Reporter GeneralUtilities.pm isValidClient Authentication Bypass Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-117 April 11, 2011 -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C -- Affected Vendors: McAfee -- Affected Products: McAfee Firewall Reporter --...

0.3AI score
Exploits0
Exploit DB
Exploit DB
added 2010/08/10 12:0 a.m.27 views

Play! Framework 1.0.3.1 - Directory Traversal

Exploit Title: Play! Framework = 1.0.3.1 Directory Transversal Vulnerability Date: July 24, 2010 Author: kripthor Software Link: http://www.playframework.org/ Version: Play! Framework = 1.0.3.1 Tested on: Ubuntu 10 CVE : N/A Notes: 28/07/2010 at 14:03 - Developer contacted 28/07/2010 at 15:04 - F...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2010/06/23 12:0 a.m.37 views

UFO - Alien Invasion Code Execution

Remote Arbitrary Code Execution Vulnerability in UFO: Alien Invasion -------------------------------------------------------------------- June 18th, 2010 ======= Summary ======= Name: Remote Arbitrary Code Execution Vulnerability in UFO: Alien Invasion Release Date: June 18th, 2010 Discoverer:...

0.6AI score
Exploits0
0day.today
0day.today
added 2009/10/08 12:0 a.m.23 views

DreamPoll 3.1 Vulnerabilities

Exploit for unknown platform in category web applications ============================= DreamPoll 3.1 Vulnerabilities ============================= During a recent security audit of the DreamPoll 3.1 software by Dreamlevels, I discovered a number of XSS and SQL Injection vulnerabilities in the...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2009/10/08 12:0 a.m.12 views

DreamPoll 3.1 - SQL Injection

DreamPoll 3.1 - SQL Injection During a recent security audit of the DreamPoll 3.1 software by Dreamlevels, I discovered a number of XSS and SQL Injection vulnerabilities in the application. These vulnerabilities could be exploited to make unauthorized changes to a web site or compromise a client...

0.3AI score
Exploits0
seebug.org
seebug.org
added 2009/05/10 12:0 a.m.12 views

TinyWebGallery &lt;= 1.7.6 LFI / Remote Code Execution Exploit

No description provided by source. ?php / ----------------------------------------------------------- TinyWebGallery = 1.7.6 LFI / Remote Code Execution Exploit ----------------------------------------------------------- author...: EgiX mail.....: n0b0d13satgmaildotcom link.....:...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2009/05/08 12:0 a.m.6 views

TinyWebGallery 1.7.6 - Local File Inclusion Remote Code Execution

TinyWebGallery 1.7.6 - Local File Inclusion Remote Code Execution ?php / ----------------------------------------------------------- TinyWebGallery = 1.7.6 LFI / Remote Code Execution Exploit ----------------------------------------------------------- author...: EgiX mail.....:...

Exploits0
Rows per page
Query Builder