Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3627 matches found

Debian CVE
Debian CVEadded 2009/01/15 5:0 p.m.23 views

CVE-2008-5905

The web interface plugin in KTorrent before 3.1.4 allows remote attackers to bypass intended access restrictions and upload arbitrary torrent files, and trigger the start of downloads and seeding, via a crafted HTTP POST request...

4.3CVSS6.5AI score0.00117EPSS
Exploits0
Cvelist
Cvelistadded 2009/01/15 5:0 p.m.25 views

CVE-2008-5905

The web interface plugin in KTorrent before 3.1.4 allows remote attackers to bypass intended access restrictions and upload arbitrary torrent files, and trigger the start of downloads and seeding, via a crafted HTTP POST request...

6.5AI score0.00117EPSS
Exploits0References13
UbuntuCve
UbuntuCveadded 2009/01/15 12:0 a.m.21 views

CVE-2008-5905

The web interface plugin in KTorrent before 3.1.4 allows remote attackers to bypass intended access restrictions and upload arbitrary torrent files, and trigger the start of downloads and seeding, via a crafted HTTP POST request...

4.3CVSS6AI score0.00117EPSS
Exploits0References4
exploitpack
exploitpackadded 2008/12/18 12:0 a.m.13 views

2532Gigs 1.2.2 Stable - Remote Command Execution

2532Gigs 1.2.2 Stable - Remote Command Execution ---------------------------------------------------------------- Fix / errorreporting0; $host = explode'/',$argv1; $exec = $argv2 or usage; $sock = fsockopen$host0,80; $post = "content="; $leng = strlen$post; $data = "POST /$host1/calcssedit.php...

7.7AI score
Exploits0
Packet Storm
Packet Stormadded 2008/11/29 12:0 a.m.23 views

linksys-xss.txt

Linksys WRT160N Wireless Router Double encoding XSS Vulnerability By David Gil http://www.infosec.com.mx [email protected] Using Double encoding attack you can inject XSS code into a HTTP POST request a common user can be easily cheated and compromise router password or router configuration...

7.4AI score
Exploits0
exploitpack
exploitpackadded 2008/11/02 12:0 a.m.425 views

DZCP (deV!L_z Clanportal) 1.4.9.6 - Blind SQL Injection

DZCP deV!Lz Clanportal 1.4.9.6 - Blind SQL Injection use HTTP::Cookies; use LWP::UserAgent; my $ua = LWP::UserAgent-new cookiejar = HTTP::Cookies-new,; $ua-agent 'Mozilla/5.0 Gecko/20061206 Firefox/1.5.0.9' ; usage; print "\n"; $server = $ARGV0; $dir = $ARGV1; $username = $ARGV2; $password =...

Exploits0
seebug.org
seebug.orgadded 2008/11/01 12:0 a.m.14 views

U-Mail Webmail 4.91 (edit.php) Arbitrary File Write Vulnerability

No description provided by source. U-Mail Webmail Arbitrary File Write Vulnerability ================================================== Vulnerable: U-Mail 4.91 Vendors: www.comingchina.com Category: Input Validation Error Impact: An attacker can write arbitrary data to new files. Author: Shennan...

7.1AI score
Exploits0
Saint
Saintadded 2008/10/31 12:0 a.m.35 views

Trend Micro OfficeScan CGI programs POST request buffer overflow

Added: 10/31/2008 CVE: CVE-2008-3862 BID: 31859 OSVDB: 49275 Background Trend Micro OfficeScan is a centralized virus and security scan management system. Problem A buffer overflow vulnerability allows remote attackers to execute arbitrary commands by sending specially crafted HTTP POST requests ...

10CVSS7.7AI score0.34509EPSS
Exploits6
Saint
Saintadded 2008/10/31 12:0 a.m.35 views

Trend Micro OfficeScan CGI programs POST request buffer overflow

Added: 10/31/2008 CVE: CVE-2008-3862 BID: 31859 OSVDB: 49275 Background Trend Micro OfficeScan is a centralized virus and security scan management system. Problem A buffer overflow vulnerability allows remote attackers to execute arbitrary commands by sending specially crafted HTTP POST requests ...

10CVSS7.7AI score0.34509EPSS
Exploits6
exploitpack
exploitpackadded 2008/10/31 12:0 a.m.12 views

U-Mail Webmail 4.91 - edit.php Arbitrary File Write

U-Mail Webmail 4.91 - edit.php Arbitrary File Write U-Mail Webmail Arbitrary File Write Vulnerability ================================================== Vulnerable: U-Mail 4.91 Vendors: www.comingchina.com Category: Input Validation Error Impact: An attacker can write arbitrary data to new files...

1.1AI score
Exploits0
Exploit DB
Exploit DBadded 2008/10/31 12:0 a.m.24 views

U-Mail Webmail 4.91 - 'edit.php' Arbitrary File Write

U-Mail Webmail Arbitrary File Write Vulnerability ================================================== Vulnerable: U-Mail 4.91 Vendors: www.comingchina.com Category: Input Validation Error Impact: An attacker can write arbitrary data to new files. Author: Shennan Wang Date: 2008-10-30 Web:...

7.4AI score
Exploits0
Saint
Saintadded 2008/10/31 12:0 a.m.35 views

Trend Micro OfficeScan CGI programs POST request buffer overflow

Added: 10/31/2008 CVE: CVE-2008-3862 BID: 31859 OSVDB: 49275 Background Trend Micro OfficeScan is a centralized virus and security scan management system. Problem A buffer overflow vulnerability allows remote attackers to execute arbitrary commands by sending specially crafted HTTP POST requests ...

10CVSS7.8AI score0.34509EPSS
Exploits6
Packet Storm
Packet Stormadded 2008/10/29 12:0 a.m.19 views

7shop-upload.txt

!/usr/bin/perl use warnings; use strict; use LWP::UserAgent; use HTTP::Request::Common; my $fname = rand1000 . ".php"; int.. yes i know PU! print Spoofing + + Discovered && Coded By: t0pP8uZz + + + + Contact IRC: irc.rizon.net sectalk + + Vendor not notified! Later versions maybe vuln! + + + +...

7.4AI score
Exploits0
securityvulns
securityvulnsadded 2008/10/29 12:0 a.m.95 views

Secunia Research: Trend Micro OfficeScan CGI Parsing Buffer Overflows

====================================================================== Secunia Research 22/10/2008 - Trend Micro OfficeScan CGI Parsing Buffer Overflows - ====================================================================== Table of Contents Affected...

10CVSS0.8AI score0.34509EPSS
Exploits6
NVD
NVDadded 2008/10/23 10:0 p.m.12 views

CVE-2008-3862

Stack-based buffer overflow in CGI programs in the server in Trend Micro OfficeScan 7.3 Patch 4 build 1367 and other builds before 1374, and 8.0 SP1 Patch 1 before build 3110, allows remote attackers to execute arbitrary code via an HTTP POST request containing crafted form data, related to...

10CVSS7.9AI score0.34509EPSS
Exploits6References9
Prion
Prionadded 2008/10/23 10:0 p.m.17 views

Stack overflow

Stack-based buffer overflow in CGI programs in the server in Trend Micro OfficeScan 7.3 Patch 4 build 1367 and other builds before 1374, and 8.0 SP1 Patch 1 before build 3110, allows remote attackers to execute arbitrary code via an HTTP POST request containing crafted form data, related to...

10CVSS8.3AI score0.34509EPSS
Exploits6References9Affected Software1
seebug.org
seebug.orgadded 2008/10/23 12:0 a.m.37 views

趋势科技OfficeScan CGI解析栈溢出漏洞

BUGTRAQ ID: 31859 CVECAN ID: CVE-2008-3862 OfficeScan是一种针对整个网段的分布式杀毒软件。 OfficeScan服务器在解析CGI请求时存在栈溢出漏洞。如果远程攻击者通过HTTP POST请求向受影响的CGI可执行程序发送了特制的表单数据的话,就可以触发这个溢出,导致执行任意指令。 Trend Micro OfficeScan 8.0 Trend Micro OfficeScan 7.3 Trend Micro ----------- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...

10CVSS6.4AI score0.34509EPSS
Exploits6
NVD
NVDadded 2008/10/08 10:0 p.m.8 views

CVE-2008-4493

Microsoft PicturePusher ActiveX control PipPPush.DLL 7.00.0709, as used in Microsoft Digital Image 2006 Starter Edition, allows remote attackers to force the upload of arbitrary files by using the AddString and Post methods and a modified PostURL to construct an HTTP POST request. NOTE: this issu...

6.8CVSS6.8AI score0.42139EPSS
Exploits1References5
Prion
Prionadded 2008/10/08 10:0 p.m.10 views

Design/Logic Flaw

Microsoft PicturePusher ActiveX control PipPPush.DLL 7.00.0709, as used in Microsoft Digital Image 2006 Starter Edition, allows remote attackers to force the upload of arbitrary files by using the AddString and Post methods and a modified PostURL to construct an HTTP POST request. NOTE: this issu...

6.8CVSS7.4AI score0.42139EPSS
Exploits1References5Affected Software1
Cvelist
Cvelistadded 2008/10/08 8:44 p.m.12 views

CVE-2008-4493

Microsoft PicturePusher ActiveX control PipPPush.DLL 7.00.0709, as used in Microsoft Digital Image 2006 Starter Edition, allows remote attackers to force the upload of arbitrary files by using the AddString and Post methods and a modified PostURL to construct an HTTP POST request. NOTE: this issu...

6.8AI score0.42139EPSS
Exploits1References5
Rows per page
Query Builder