Lucene search
K

725 matches found

Cvelist
Cvelist
•added 2014/12/12 12:0 a.m.•19 views

CVE-2014-7260

The Server Side Includes SSI implementation in the File Upload BBS component in ULTRAPOP.JP i-HTTPD allows remote attackers to execute arbitrary commands by uploading files containing commands in SSI directives...

7.6AI score0.02103EPSS
Exploits0References3
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2014/12/09 12:0 a.m.•37 views

JVN#16406395: "File Upload BBS" of i-HTTPD vulnerable to remote command execution

i-HTTPD is a web server for Windows, implementing Server Side Includes SSI. i-HTTPD contains "File Upload BBS". When "File Upload BBS" is activated, a user can upload files on the server, and i-HTTPD processes SSI directives in the uploaded files CWE-97. Impact An arbitrary command may be execute...

7.5CVSS6.8AI score0.02103EPSS
Exploits0
0day.today
0day.today
•added 2014/12/08 12:0 a.m.•86 views

PBBoard CMS SQL Injection Vulnerability

PBBoard CMS version 3.0.1 updated on 13/09/2014 and below suffer from multiple remote SQL injection vulnerabilities. Vulnerability title: SQL Injection in PBBoard CMS CVE: CVE-2014-9215 CMS: PBBoard Vendor: Power bulletin board - http://www.pbboard.info/ Product:...

7.5CVSS0.4AI score0.02333EPSS
Exploits6
seebug.org
seebug.org
•added 2014/12/08 12:0 a.m.•54 views

Wordpress 3.9.2 /wp-includes/formatting.php č·Øē«™č„šęœ¬ę¼ę“ž

No description provided by source...

7.1AI score
Exploits0
CVE
CVE
•added 2014/08/18 10:0 a.m.•95 views

CVE-2014-5203

CVE-2014-5203 affects WordPress 3.9.x before 3.9.2, where the widget implementation in wp-includes/class-wp-customize-widgets.php can be triggered to execute arbitrary code via crafted serialized data. The NVD/NVИ records show a high severity (base score 7.5) with network exploitability and no au...

7.5CVSS7.6AI score0.03892EPSS
Exploits0References3Affected Software1
WPVulnDB
WPVulnDB
•added 2014/08/01 10:59 a.m.•10 views

Delightful Downloads 1.3.1.1 - includes/functions.php User-Agent HTTP Header Stored XSS

The Delightful Downloads WordPress plugin was affected by an includes/functions.php User-Agent HTTP Header Stored XSS security vulnerability...

0.2AI score
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2014/08/01 10:59 a.m.•23 views

JS MultiHotel 2.2.1 - includes/delete_img.php path Parameter Reflected XSS

The js-multihotel WordPress plugin was affected by an includes/deleteimg.php path Parameter Reflected XSS security vulnerability...

4.3CVSS2.4AI score0.02041EPSS
Exploits1References3Affected Software1
WPVulnDB
WPVulnDB
•added 2014/08/01 12:0 a.m.•27 views

WordPress <= 3.3.2 - Cross-Site Scripting (XSS) in wp-includes/default-filters.php

...

4.3CVSS1.3AI score0.0212EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2014/08/01 12:0 a.m.•9 views

WordPress 1.0-3.8.1 - Authenticated Admin Blind SQL Injection

Description The vulnerable line in question is line 230 of wp-includes/bookmark.php in WordPress 3.8.1...

7.1AI score
Exploits0References1
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•12 views

Gnat-TGP <= 1.2.20 Remote File Include Vulnerability

No description provided by source. !/usr/bin/env python coding: utf-8 import re from pocsuite.net import req from pocsuite.poc import Output, POCBase from pocsuite.utils import register class GnatTGPRemoteFileIncludePOCBase: vulID = '67834' version = '1' vulDate = '2010-03-03' author = ' '...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•15 views

Imatix Xitami 2.5 Server Side Includes Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/10778/info It is reported that Imatix Xitami is affected by a cross-site scripting vulnerability in the server side includes test script. This issue is due to a failure of the application to properly sanitize user-supplie...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•26 views

WHMCS 4.x & 5.x - Multiple Web Vulnerabilities

No description provided by source. Exploit Title: WHMCS v4.x & v5.x - Multiple Web Vulnerabilities Date: 2013-12-10 Exploit Author: ahwak2000 Vendor Homepage: http://whmcs.com/ Version: 4.x , 5.x Tested on: win 7 +------------------+ | Vulnerability | +------------------+ File :...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•21 views

Signkorn Guestbook <= 1.3 (dir_path) Remote File Include Vulnerability

No description provided by source. ============================================================================================== Signkorn Guestbook = v1.3 dirpath Remote File Inclusion Exploit =============================================================================================== Critica...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•19 views

ASCET Interactive Huski CMS 'i' Parameter Local File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/38126/info Huski CMS is prone to a local file-include vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue may allow an attacker to compromise the application and the computer;...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•14 views

blogplus 1.0 - Multiple Local File Inclusion Vulnerabilities

No description provided by source. --:local file include:-- --------------------------------- script:blog+ v1.0 ---------------------------------------------- download from:http://www.ziddu.com/download/3151643/blogplusv1.0final.zip.html ----------------------------------------------...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•12 views

PostNuke <= 0.763 (PNSV lang) Remote Code Execution Exploit

No description provided by source. ? print ' ::::::::: :::::::::: ::: ::: ::::::::::: ::: :+: :+: :+: :+: :+: :+: :+: +:+ +:+ +:+ +:+ +:+ +:+ +:+ ++ +:+ +++:++ ++ +:+ ++ ++ ++ ++ ++ ++ ++ ++ ++ + + + +++ + + ::::::::::: :::::::::: ::: :::: :::: :+: :+: :+: :+: +:+:+: :+:+:+ +:+ +:+ +:+ +:+ +:+...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•26 views

Drake CMS < 0.2.3 ALPHA rev.916Remote File Inclusion Vulnerability

No description provided by source. Coding 4 Fun c4f.pl Drake CMS v0.2.2 ALPHA rev.846 http://drakecms.org ; Class = Remote File Inclusion ; Download = https://sourceforge.net/project/showfiles.php?groupid=166901&packageid=192077&releaseid=420102 ; Found by = GregStar gregstaratc4fdotpl ;...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•13 views

Job Site 1.0 - Multiple Vulnerabilities

No description provided by source. Jobsite logo - Multiple Vulnerabilties =================================================================== .:. Author : AtT4CKxT3rR0r1ST .:. Contact : [email protected] , [email protected] .:. Home : http://www.iphobos.com/blog/ .:. Script :...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•15 views

WordPress 2.1.1 wp-includes/theme.php iz Variable Arbitrary Command Execution

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•15 views

Lanius CMS <= 0.5.2 - Remote Arbitrary File Upload Exploit

No description provided by source. ?php / -------------------------------------------------------- Lanius CMS = 0.5.2 Remote Arbitrary File Upload Exploit -------------------------------------------------------- author...: EgiX mail.....: n0b0d13satgmaildotcom link.....: http://www.laniuscms.org/...

7.1AI score
Exploits0
Rows per page
Query Builder