Lucene search
+L

44 matches found

Patchstack
Patchstack
added 2024/04/15 12:0 a.m.9 views

WordPress Login with phone number Plugin <= 1.7.16 is vulnerable to Privilege Escalation

Software Login with phone number Type Plugin Vulnerable versions = 1.7.16 Fixed in 1.7.17 OWASP Top 10 A1: Broken Access Control Classification Privilege Escalation CVE CVE-2024-32507 Patch priority High CVSS severity High 8.8 Developer Hamid Alinia PSID e4775c75d080 Credits Emili Castells Requir...

8.8CVSS6.8AI score0.00461EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/04/10 12:0 a.m.12 views

WordPress Login with phone number Plugin <= 1.6.93 is vulnerable to Cross Site Request Forgery (CSRF)

Software Login with phone number Type Plugin Vulnerable versions = 1.6.93 Fixed in 1.6.94 OWASP Top 10 A5: Security Misconfiguration Classification Cross Site Request Forgery CSRF CVE CVE-2024-31424 Patch priority Low CVSS severity Low 8.8 Developer Hamid Alinia PSID 32dbb4921861 Credits Majed...

8.8CVSS6.6AI score0.0031EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/09/13 12:0 a.m.16 views

WordPress Login with phone number Plugin <= 1.5.6 is vulnerable to Cross Site Request Forgery (CSRF)

Software Login with phone number Type Plugin Vulnerable versions = 1.5.6 Fixed in 1.5.7 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-4916 Patch priority Low CVSS severity Low 8.8 Developer Hamid Alinia PSID af13ecc92bb0 Credits Lana Codes...

8.8CVSS7AI score0.00324EPSS
Exploits0References3Affected Software1
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.14 views

Pi3Web <= 2.0.3 (ISAPI) Remote Denial of Service Exploit

No description provided by source. Pi3Web ISAPI DoS vulnerability Discovered by: Hamid Ebadi CSIRT Team Member Amirkabir University CSIRT Laboratory APA Laboratory [email protected] Introduction Pi3Web is a free, multithreaded, highly configurable and extensible HTTP server and development...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.20 views

CuteNews <= 1.4.1 (function.php) Local File Include Exploit

No description provided by source. ?php // Happy NEW Iranian year . // Happy Norouz PERSIAN celebration // CuteNews 1.4.1 CutePHP.com Hash password Finder // by Hamid Ebadi // http://hamid.ir // Bug Discovered and Exploited by Hamid Ebadi .: Hamid Network Security Team :. // run it from your...

6.7AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2014/04/16 12:0 a.m.19 views

FreeBSD : nas -- multiple vulnerabilities (bf7912f5-c1a8-11e3-a5ac-001b21614864)

Hamid Zamani reports : multiple security problems buffer overflows, format string vulnerabilities and missing input sanitising, which could lead to the execution of arbitrary code. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...

7.5CVSS5.6AI score0.0408EPSS
Exploits2References4
Hacker One
Hacker One
added 2014/03/18 8:55 a.m.15 views

OkCupid: XSS in okcupid.com by hamid

Hello okcupid my name is hamid ashraf . i find XSS in okcupid.com ... first creat a account okucpid after creat a account go settings chang the email add xss payload " when you add the payload show the alert here is the proof in pic note .. this bug i am not show public Thanks : :...

6.2AI score
Exploits0
Exploit DB
Exploit DB
added 2009/01/01 12:0 a.m.27 views

Linux/x86 - /proc/sys/net/ipv4/ip_forward 0 + exit() Shellcode (83 bytes)

Linux/x86 - /proc/sys/net/ipv4/ipforward 0 + exit Shellcode 83 bytes. Shellcode exploit for Linuxx86 platform / In The Name of G0D Linux/x86 - Set '/proc/sys/net/ipv4/ipforward' to '0' & exit Size : 83 Bytes fun for routers ; Author : By Hamid Zamani aka HAMIDx9 Member of ^^Ashiyane Digital...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2008/11/14 12:0 a.m.20 views

pi3web-dos.txt

Pi3Web ISAPI DoS vulnerability Discovered by: Hamid Ebadi CSIRT Team Member Amirkabir University CSIRT Laboratory APALaboratory [email protected] Introduction Pi3Web is a free, multithreaded, highlyconfigurable and extensible HTTP server and development environment for crossplatform internet serv...

7.4AI score
Exploits0
seebug.org
seebug.org
added 2008/11/13 12:0 a.m.18 views

Pi3Web &lt;= 2.0.3 (ISAPI) Remote Denial of Service Exploit

No description provided by source. Pi3Web ISAPI DoS vulnerability Discovered by: Hamid Ebadi CSIRT Team Member Amirkabir University CSIRT Laboratory APA Laboratory [email protected] Introduction Pi3Web is a free, multithreaded, highly configurable and extensible HTTP server and development...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2007/11/27 12:0 a.m.27 views

runcms-overwrite.txt

RunCmss Bug Yahoo! Crawler body font-size: 10px; font-family: verdana; INPUT BORDER-TOP-WIDTH: 1px; FONT-WEIGHT: bold; BORDER-LEFT-WIDTH: 1px; FONT-SIZE: 10px; BORDER-LEFT-COLOR: D50428; BACKGROUND: 590009; BORDER-BOTTOM-WIDTH: 1px; BORDER-BOTTOM-COLOR: D50428; COLOR: 00ff00; BORDER-TOP-COLOR:...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2007/06/26 12:0 a.m.55 views

phpTrafficA &lt; 1.4.2

Application: phpTrafficA 1.4.2 Web Site: http://soft.zoneo.net/phpTrafficA/ Versions: all Platform: linux, windows Bug: injection sql , xss , full path ------------------------------------------------------- 1 Introduction 2 Bug 3 Proof of concept 4 Credits =========== 1 Introduction ===========...

0.8AI score
Exploits0
securityvulns
securityvulns
added 2006/04/10 12:0 a.m.56 views

TUGZip Archive Extraction Directory traversal

TUGZip Archive Extraction Directory traversal TUGZip is a powerful award-winning freeware archiving utility for WindowsA® that provides support for a wide range of compressed, encoded and disc-image files, as well as many other very powerful features; all through an easy to use application...

6.8AI score
Exploits0
exploitpack
exploitpack
added 2006/03/26 12:0 a.m.18 views

CuteNews 1.4.1 - function.php Local File Inclusion

CuteNews 1.4.1 - function.php Local File Inclusion CuteNews 1.4.1 user Hash password Finder CuteNews 1.4.1 and Below user Hash password Finder Security ? . Bug Discovered and Exploited by Hamid Ebadi .: Hamid Network Security Team :. Happy Norouz PERSIAN new year celebration Greetz to all Iranian...

7.4AI score
Exploits0
0day.today
0day.today
added 2006/03/26 12:0 a.m.76 views

CuteNews <= 1.4.1 (function.php) Local File Include Exploit

Exploit for unknown platform in category web applications =========================================================== CuteNews CuteNews 1.4.1 user Hash password Finder CuteNews 1.4.1 and Below user Hash password Finder Security ? . Bug Discovered and Exploited by Hamid Ebadi .: Hamid Network...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2006/03/23 12:0 a.m.40 views

cutenews 1.4.1 Arbitrary File Access

cutenews 1.4.1 Arbitrary File Access Cute news is a powerful and easy for using news management system that use flat files to store its database. It supports comments, archives, search function, image uploading, backup function, IP banning, flood protection ... http://cutephp.com Credit: The...

0.6AI score
Exploits0
securityvulns
securityvulns
added 2006/03/20 12:0 a.m.43 views

[SA19289] CuteNews &quot;archive&quot; Disclosure of Sensitive Information Vulnerability

TITLE: CuteNews "archive" Disclosure of Sensitive Information Vulnerability SECUNIA ADVISORY ID: SA19289 VERIFY ADVISORY: http://secunia.com/advisories/19289/ CRITICAL: Moderately critical IMPACT: Exposure of sensitive information WHERE: From remote SOFTWARE: CuteNews 1.x...

1.1AI score
Exploits0
exploitpack
exploitpack
added 2006/02/28 12:0 a.m.8 views

Farsinews 2.5 - Directory Traversal Arbitrary users.db Access

Farsinews 2.5 - Directory Traversal Arbitrary users.db Access !/usr/bin/perl FarsiNews 2.5pro Show User&Passowrd Exploit by Hessam-x www.hessamx.net / | \ | | / \ \ / | |/ // \ \ / \ Y // \ | | \ | / \ / / / / / / Iran Hackerz Security Team WebSite: www.hackerz.ir Description Name :...

0.3AI score
Exploits0
0day.today
0day.today
added 2006/02/28 12:0 a.m.40 views

FarsiNews <= 2.5 Directory Traversal Arbitrary (users.db) Access Exploit

Exploit for unknown platform in category web applications ======================================================================== FarsiNews | \ | / \ / / / / / / Iran Hackerz Security Team Description Name : FarsiNews version : 2.5Pro in FarsiNews if you change the archive value :...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2006/02/25 12:0 a.m.43 views

Archive_Tar v 1.2&#40;Tested&#41; &#40;Tar file management class&#41; Directory traversal

ArchiveZipr Zip file management class Directory traversal This class provides handling of tar files in PHP. It supports creating, listing, extracting and adding to tar files. Gzip support is available if PHP has the zlib extension built-in or loaded. Bz2 compression is also supported with the bz2...

6.9AI score
Exploits0
Rows per page
Query Builder