CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Exploit DB•added 2011/03/11 12:0 a.m.•175 views

Oracle WebLogic - POST Session Fixation

Name Oracle WebLogic – Session Fixation Via HTTP POST Request Vendor Website http://www.oracle.com/ Date Released 11 March 2011 – CVE-2010-4437 Affected Software Oracle WebLogic Server 9.0, 9.1, 9.2.4, 10.0.2, 10.3.2, 10.3.3 Researcher Roberto Suggi Liverani Description Oracle WebLogic servlet...

5.8CVSS7AI score0.48894EPSS

exploitpack•added 2011/03/11 12:0 a.m.•37 views

Oracle WebLogic - POST Session Fixation

Oracle WebLogic - POST Session Fixation Name Oracle WebLogic – Session Fixation Via HTTP POST Request Vendor Website http://www.oracle.com/ Date Released 11 March 2011 – CVE-2010-4437 Affected Software Oracle WebLogic Server 9.0, 9.1, 9.2.4, 10.0.2, 10.3.2, 10.3.3 Researcher Roberto Suggi Liveran...

5.8CVSS6.6AI score0.48894EPSS

Packet Storm•added 2011/03/06 12:0 a.m.•60 views

EggAvatar For vBulletin 3.8.x SQL Injection

!/usr/bin/env perl use LWP::UserAgent; sub banner print "\n"; print " DSecurity \n"; print "\n"; print " Email:dsecurity.vnatgmail.com \n"; print "\n"; if@ARGVnew; $ua-agent"DSecurity"; $ua-cookiejar; sub login@ my $username=shift; my $password=shift; my $req = HTTP::Request-newPOST =...

0.5AI score

htbridge•added 2011/02/15 12:0 a.m.•30 views

Cross-site Scripting (XSS) Vulnerability in Question and Answer Forum

High-Tech Bridge SA Security Research Lab has discovered vulnerability in Question and Answer Forum WordPress plugin which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerability in Question and Answer Forum The vulnerability exists due to input...

4.3CVSS6AI score

Exploit DB•added 2011/02/08 12:0 a.m.•23 views

dotProject 2.1.5 - Cross-Site Request Forgery

Source: http://packetstormsecurity.org/files/view/98245/dotProject2.1.5-xsrf.txt input type="hidden" name="userrole" value="1...

7AI score

Exploit DB•added 2011/02/01 12:0 a.m.•20 views

NetLink - Arbitrary File Upload

====================================== NetLink Remote Arbitrary File Upload Vulnerability Download: http://sourceforge.net/projects/kp-netlink/ by lumut-- Homepage: lumutcherenza.biz ====================================== upload.php "; echo ""; echo "Filename: ".$filename; echo "File Type:...

7.4AI score

htbridge•added 2010/11/30 12:0 a.m.•21 views

Multiple Vulnerabilities in BEdita

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in BEdita which could be exploited to perform cross-site scripting and cross-site request forgery attacks. 1 Cross-site scripting XSS vulnerability in BEdita The vulnerability exists due to input sanitation error in...

5.1CVSS7AI score

The Hacker News•added 2010/11/29 10:1 a.m.•17 views

The OWASP HTTP Post Tool ! Download Now

The OWASP HTTP Post Tool allows you to test your web applications to ensure its stability from HTTP GET and HTTP POST attacks. This tool was programmed by the author to over come the short comings of other HTTP attack tools such as Slowloris and PyLoris. In other words this QA tool was created to...

6.4AI score

exploitpack•added 2010/11/24 12:0 a.m.•9 views

D-Link DIR-300 - WiFi Key Security Bypass

D-Link DIR-300 - WiFi Key Security Bypass source: https://www.securityfocus.com/bid/45038/info The D-Link DIR-300 wireless router is prone to a security-bypass vulnerability. Remote attackers can exploit this issue to modify the WiFi key and possibly other configuration settings. Successful...

7.4AI score

htbridge•added 2010/10/13 12:0 a.m.•26 views

Multiple Vulnerabilities in Zomplog

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in Zomplog which could be exploited to perform cross-site scripting and cross-site request forgery attacks. 1 Cross-site scripting XSS vulnerabilities in Zomplog 1.1 The vulnerability exists due to input sanitation...

5.1CVSS6.6AI score

htbridge•added 2010/10/13 12:0 a.m.•34 views

Cross-site Scripting (XSS) Vulnerability in NinkoBB

High-Tech Bridge SA Security Research Lab has discovered vulnerability in NinkoBB which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerability in NinkoBB: CVE-2010-4874 The vulnerability exists due to input sanitation error in parameters...

4.3CVSS5.7AI score0.08061EPSS

Exploits1Affected Software1

Check Point Advisories•added 2010/09/14 12:0 a.m.•29 views

Microsoft IIS Repeated Parameter Request Denial of Service (MS10-065; CVE-2010-1899)

IIS is a collection of Internet services packaged with several versions of the Windows operating system. A denial of service vulnerability has been reported in Microsoft Internet Information Services IIS. A remote attacker could use this issue to create a denial of service condition, thus crashin...

4.3CVSS6.3AI score0.85958EPSS

htbridge•added 2010/09/01 12:0 a.m.•35 views

Cross-site Scripting (XSS) Vulnerabilities in ATutor

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in ATutor which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerability in ATutor The vulnerability exists due to input sanitation error in the "cid" parameter in...

2.6CVSS6.3AI score