Lucene search
K

159 matches found

FreeBSD
FreeBSD
added 2009/12/10 12:0 a.m.36 views

piwik -- php code execution

secunia reports: Stefan Esser has reported a vulnerability in Piwik, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to the core/Cookie.php script using "unserialize" with user controlled input. This can be exploited to e.g. execute...

7.5CVSS7.1AI score0.16949EPSS
Exploits2References3
OpenVAS
OpenVAS
added 2008/10/24 12:0 a.m.23 views

NetScaler web management cookie cipher weakness

The remote web server is prone to an information disclosure attack. Description : The version of the Citrix NetScaler web management interface on the remote host uses weak encryption for protecting the HTTP cookie content by XORing sensitive values, including the username and password, with a fix...

4.3CVSS0.1AI score0.00699EPSS
Exploits0References1
exploitpack
exploitpack
added 2008/07/12 12:0 a.m.16 views

Fuzzylime CMS 3.01 - poll Remote Code Execution (Perl)

Fuzzylime CMS 3.01 - poll Remote Code Execution Perl !/usr/bin/perl !!UPDATED!!!!UPDATED!!!!UPDATED!!!!UPDATED!!!!UPDATED!!!!UPDATED!!!!UPDATED!! after i noticed that there was a problem changing $cmd,i fixed it.this is the result. Fuzzylime 3.01 Remote Code Execution Credits: real and inphex C:...

0.2AI score
Exploits0
Exploit DB
Exploit DB
added 2008/06/15 12:0 a.m.31 views

SH-News 3.0 - Insecure Cookie Handling

...:::::SH-News 3.0 Insecure Cookie Handling Vulnerability ::::.... Virangar Security Team www.virangar.net www.virangar.ir -------- Discoverd By :virangar security teamhadihadi special tnx to:MR.nosrati,black.shadowes,MR.hesy,Zahra & all virangar members & all hackerz greetz:to my best friend in...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2007/12/06 12:0 a.m.28 views

NetScaler Web Management Interface Cookie Credentials Encryption Weakness

The version of the Citrix NetScaler web management interface on the remote host uses weak encryption for protecting the HTTP cookie content by XORing sensitive values, including the username and password, with a fixed key stream. %NASLMINLEVEL 70300 netscalerwebcookiecrypto.nasl GPLv2 History:...

4.3CVSS5.4AI score0.00699EPSS
Exploits0References2
Prion
Prion
added 2007/11/15 10:46 p.m.30 views

Code injection

KDE Konqueror 3.5.6 and earlier allows remote attackers to cause a denial of service crash via large HTTP cookie parameters...

5CVSS7.2AI score0.03338EPSS
Exploits1References4Affected Software1
NVD
NVD
added 2007/11/15 10:46 p.m.22 views

CVE-2007-6000

KDE Konqueror 3.5.6 and earlier allows remote attackers to cause a denial of service crash via large HTTP cookie parameters...

5CVSS6.7AI score0.03338EPSS
Exploits1References4
UbuntuCve
UbuntuCve
added 2007/11/15 10:46 p.m.29 views

CVE-2007-6000

KDE Konqueror 3.5.6 and earlier allows remote attackers to cause a denial of service crash via large HTTP cookie parameters...

5CVSS5.9AI score0.03338EPSS
Exploits1References1
Cvelist
Cvelist
added 2007/11/15 10:0 p.m.27 views

CVE-2007-6000

KDE Konqueror 3.5.6 and earlier allows remote attackers to cause a denial of service crash via large HTTP cookie parameters...

6.7AI score0.03338EPSS
Exploits1References4
CVE
CVE
added 2007/11/15 10:0 p.m.46 views

CVE-2007-6000

CVE-2007-6000 affects KDE Konqueror up to version 3.5.6, allowing remote attackers to trigger a denial of service (crash) by sending large HTTP cookie parameters. Affected software: Konqueror (KDE desktop) prior to 3.5.7(?) with reliance on cookie handling. Root cause details are not extensively ...

5CVSS6.7AI score0.03338EPSS
Exploits1References4Affected Software1
0day.today
0day.today
added 2007/03/26 12:0 a.m.33 views

IceBB 1.0-rc5 Remote Code Execution Exploit

Exploit for unknown platform in category web applications =========================================== IceBB 1.0-rc5 Remote Code Execution Exploit =========================================== !/usr/bin/perl IceBB 1.0-rc5 Remote Code Execution Exploit 1. register a user 2. run this exploit with this...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2007/03/20 12:0 a.m.19 views

phpnukesplat-lfi.txt

!/usr/bin/perl Modulo Splatt Forum v4.0 RC1bbcoderef.php nameLocal File Include Exploit D.Script: http://sourceforge.net/projects/splattforum/ V.Code $modulename = $name; -------- Line : 17 include"modules/".$modulename."/functions.php"; -------- Line : 19 Dork: "Splatt Forum" Discovered & Coded ...

7.4AI score
Exploits0
0day.today
0day.today
added 2006/01/30 12:0 a.m.112 views

xeCMS 1.0.0 RC 2 (cookie) Remote Command Execution Exploit

Exploit for unknown platform in category web applications ========================================================== xeCMS 1.0.0 RC 2 cookie Remote Command Execution Exploit ========================================================== !/usr/bin/perl xeCMS 1.0.0 RC 2 Remote Command Execution Exploit...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2006/01/30 12:0 a.m.171 views

[Full-disclosure] Cross Site Cooking

Why, yes, I came up with the name, and had to find some bugs to be able to post this. Summary ------- There are three fairly interesting flaws in how HTTP cookies were designed and later implemented in various browsers; these shortcomings make it possible and alarmingly easy for malicious sites t...

0.2AI score
Exploits0
NVD
NVD
added 2005/06/15 4:0 a.m.14 views

CVE-2005-2041

Buffer overflow in addschup in HAURI ViRobot 2.0, and possibly other products, allows remote attackers to execute arbitrary code via a long ViRobotID cookie HTTPCOOKIE...

5CVSS7.8AI score0.05547EPSS
Exploits5References8
Cvelist
Cvelist
added 2004/09/01 4:0 a.m.21 views

CVE-2002-1152

Konqueror in KDE 3.0 through 3.0.2 does not properly detect the "secure" flag in an HTTP cookie, which could cause Konqueror to send the cookie across an unencrypted channel, which could allow remote attackers to steal the cookie via sniffing...

6.6AI score0.01625EPSS
Exploits0References5
CVE
CVE
added 2004/09/01 4:0 a.m.54 views

CVE-2002-1152

CVE-2002-1152 concerns Konqueror (KDE) versions 3.0 through 3.0.2. The issue is that Konqueror does not reliably detect the secure flag on HTTP cookies, allowing cookies to be sent over unencrypted channels. This could enable remote attackers to capture cookies via sniffing, potentially compromis...

7.5CVSS7AI score0.01625EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2003/06/11 4:0 a.m.15 views

CVE-2003-0405

Vignette StoryServer 5 and Vignette V/6 allows remote attackers to execute arbitrary TCL code via 1 an HTTP query or cookie which is processed in the NEEDS command, or 2 an HTTP Referrer that is processed in the VALIDPATHS command...

7.5AI score0.01575EPSS
Exploits0References5
NVD
NVD
added 2002/10/11 4:0 a.m.19 views

CVE-2002-1152

Konqueror in KDE 3.0 through 3.0.2 does not properly detect the "secure" flag in an HTTP cookie, which could cause Konqueror to send the cookie across an unencrypted channel, which could allow remote attackers to steal the cookie via sniffing...

7.5CVSS6.6AI score0.01625EPSS
Exploits0References5
Rows per page
Query Builder