Lucene search
K

330 matches found

RedHat Linux
RedHat Linux
added 2015/03/26 11:58 a.m.3 views

kernel: infiniband: uverbs: unprotected physical memory access

It was found that the Linux kernel's Infiniband subsystem did not properly sanitize input parameters while registering memory regions from user space via the uverbs API. A local user with access to a /dev/infiniband/uverbsX device could use this flaw to crash the system or, potentially, escalate...

6.9CVSS6.3AI score0.00441EPSS
Exploits0References4
exploitpack
exploitpack
added 2014/09/25 12:0 a.m.42 views

Cart Engine 3.0 - Multiple Vulnerabilities

Cart Engine 3.0 - Multiple Vulnerabilities === Details === Quantum Leap Advisory: http://www.quantumleap.it/cart-engine-3-0-multiple-vulnerabilities-sql-injection-reflected-xss-open-redirect/ Affected Product: Cart Engine Version: 3.0 === Executive Summary === SQL Injection: Using a specially...

0.4AI score
Exploits0
Cvelist
Cvelist
added 2014/07/02 6:0 p.m.20 views

CVE-2014-4599

Multiple cross-site scripting XSS vulnerabilities in forms/search.php in the WP-Business Directory wp-ttisbdir plugin 1.0.2 and earlier for WordPress allow remote attackers to inject arbitrary web script or HTML via the 1 edit, 2 searchterm, 3 pageid, 4 page, or 5 pagelinks parameter...

5.9AI score0.01629EPSS
Exploits1References1
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.27 views

chillycms 1.1.3 - Multiple Vulnerabilities

No description provided by source. www.BugReport.ir AmnPardaz Security Research Team Title: chillyCMS Multiple Vulnerabilities Vendor: http://frozenpepper.de/ Vulnerable Version: 1.1.3 Latest version till now Exploitation: Remote with browser Fix: N/A - Description: chillyCMS is a Content...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2014/03/20 12:0 a.m.21 views

No-CMS 0.6.6 Cross Site Scripting

Exploit Title: No-CMS 0.6.6 Cross site scripting Date: 2014 18 March Author: Dr.3v1l Vendor Homepage: http://getnocms.com Version : 0.6.6 Tested on: Windows Category: webapps Google Dork: intext:"Powered by No-CMS" + Exploit : http:///No-CMS-master/No-CMS-master/index.php/installer/install URL...

7.4AI score
Exploits0
myhack58
myhack58
added 2012/07/31 12:0 a.m.20 views

WEBTASK SQL injection and fix-vulnerability warning-the black bar safety net

Author: phiA Test system:: BackTrack 5 Example: http://www.revistapenseleve.com.br/exibe.php?id=1395%27 SQLi http://www.reporterbrasil.com.br/exibe.php?id=22%27 SQLi http://www.penseleve.com.br/exibe.php?id=1575%27 SQLi many more @ google ! Solution: Filter exibe. php id=input parameters...

1.6AI score
Exploits0
myhack58
myhack58
added 2012/04/12 12:0 a.m.19 views

joomla component The Estate Agent (com_estateagent) SQL injection and fix-vulnerability warning-the black bar safety net

Title: joomla component comestateagent SQL injection Vulnerability Author: xDarkSton3x [email protected] Test system platforms: linux + windows Developer: http://www.eaimproved.eu/index.php Test: http://www.badguest.cn/index.php?option=comestateagent&Itemid=4 7&act=object&task=showEO&id=sqli...

2.1AI score
Exploits0
OpenVAS
OpenVAS
added 2012/03/12 12:0 a.m.25 views

Debian Security Advisory DSA 2414-1 (fex)

The remote host is missing an update to fex announced via advisory DSA 2414-1. OpenVAS Vulnerability Test $Id: deb24141.nasl 6612 2017-07-07 12:08:03Z cfischer $ Description: Auto-generated from advisory DSA 2414-1 fex Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc...

4.3CVSS0.04852EPSS
Exploits0
OSV
OSV
added 2012/02/21 12:0 a.m.25 views

DSA-2414-1 fex - cross-site scripting

Bulletin has no description...

4.3CVSS6AI score0.04852EPSS
Exploits1
myhack58
myhack58
added 2012/02/20 12:0 a.m.21 views

4PSA CMS SQl injection flaws and fixes-vulnerability warning-the black bar safety net

Title: 4PSA CMS SQL Injection Vulnerabilities Author: BHG Security Center www.2cto.com Nitrojen90 Development program official website: http://www.4psa.com/ Affected version: latest version Risk level: high Testing platform: GNU/Linux - Windows Example: http://www.badguest.cn /print. php? id=SQL...

1AI score
Exploits0
myhack58
myhack58
added 2012/01/06 12:0 a.m.20 views

Mediashaker blind defect and repair-vulnerability warning-the black bar safety net

Title: Mediashaker Blind SQL Injection Vulnerabilitiy Author: H4ckCity Security Team www.badguest.cnWwW.H4ckCity.Org Affect all versions Developer: http://www.mediashaker.com/ Testing platform: GNU/Linux Ubuntu - Windows Server - win7 Sample test http://www.badguest.cn /content. php? id=1 Blind S...

0.7AI score
Exploits0
myhack58
myhack58
added 2011/12/22 12:0 a.m.17 views

Joomla component(com_dshop) SQL injection flaws and fixes-vulnerability warning-the black bar safety net

Title: Joomla Component comdshop SQL Injection Vulnerability Author: CoBRa21 www.badguest.cn uykucu at windowslive.com Level: high risk SQL defects http://www.badguest.cn /PATH/index. php? option=comdshop&controller=fpage&task=flypage&idofitem=1 2 SQL Test example...

1.2AI score
Exploits0
myhack58
myhack58
added 2011/12/09 12:0 a.m.17 views

phpBB MyPage plugin sql injection and fix-vulnerability warning-the black bar safety net

==================================================== MyPage plugin phpBB SQL Injection All versions ==================================================== Title: SQL Injection on the plugin, phpBB plugin MyPage Author: CrazyMouse from HackSociety.net version: 0.2.3 currently all versions are affect...

0.4AI score
Exploits0
myhack58
myhack58
added 2011/11/30 12:0 a.m.15 views

Wordpress plugins skysa-official of XSS flaws and fixes-vulnerability warning-the black bar safety net

Wordpress skysa-official plugin to allow the remote computer toxssinsert Wordpress skysa-official plugin Cross-Site Scripting Vulnerabilities Download address: http://wordpress.org/extend/plugins/skysa-official/ Test example: http://www.badguest.cn /path/wp-content/plugins/skysa-official/skysa...

1.8AI score
Exploits0
seebug.org
seebug.org
added 2011/10/31 12:0 a.m.39 views

WordPress Classipress Theme <= 3.1.4 Stored XSS

No description provided by source. Exploit Title: WordPress Classipress Theme = 3.1.4 Stored XSS Date: 2011-09-26 Author: Paul Loftness Contact:http://attackvectorlabs.blogspot.com Vendor: Appthemes LLc. Product Web Page: http://www.appthemes.com/themes/classipress/ Version: =3.1.4 Tested Version...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2011/10/31 12:0 a.m.52 views

WordPress Theme classipress 3.1.4 - Persistent Cross-Site Scripting

Exploit Title: WordPress Classipress Theme = 3.1.4 Stored XSS Date: 2011-09-26 Author: Paul Loftness Contact:http://attackvectorlabs.blogspot.com Vendor: Appthemes LLc. Product Web Page: http://www.appthemes.com/themes/classipress/ Version: =3.1.4 Tested Versions: 3.1.4, 3.0.5.3 Summary:...

7.4AI score
Exploits0
seebug.org
seebug.org
added 2011/10/13 12:0 a.m.18 views

WordPress Pretty Link 1.4.56 Cross Site Scripting

No description provided by source. Vulnerability ID: HTB23049 Reference: https://www.htbridge.ch/advisory/multiplevulnerabilitiesinprettylinkwordpressplugin.html Product: Pretty Link WordPress Plugin Vendor: Caseproof http://blairwilliams.com/ Vulnerable Version: 1.4.56 and probably prior Tested...

6.7AI score
Exploits0
myhack58
myhack58
added 2011/09/28 12:0 a.m.27 views

redmind Online-Shop / E-Commerce-System SQL injection flaws and fixes-vulnerability warning-the black bar safety net

Title: redmind Online-Shop / E-Commerce-System SQL Injection Vulnerability Software address: Test platform: Linux IDBlackcoder Author: MbahSemar www.92hack.net The defect file: http://www.xxxx.net/product.php?prodID=SQLi Example http://www.xxx.net/product.php?prodID=9999 and 1=2 union select...

0.8AI score
Exploits0
myhack58
myhack58
added 2011/09/26 12:0 a.m.13 views

AACMS injection 0day and fix-vulnerability warning-the black bar safety net

the includeonce 'common.php'; $keyword = $REQUEST'keyword'; //.....!@$%^& amp; ifempty$keyword sexit$lang'argerror'; $where = "; $where .= "title LIKE '%$keyword%'";//%for fuzzy queries, and more. $title = 'search'; .... include template'search'; POC...

0.4AI score
Exploits0
Zero Science Lab
Zero Science Lab
added 2011/07/31 12:0 a.m.23 views

Digital Scribe 1.5 (register_form()) Multiple POST XSS Vulnerabilities

Summary The Digital Scribe is a free, intuitive system designed to help teachers put student work and homework assignments online. Description Digital Scribe suffers from multiple POST XSS vulnerabilities. Input thru the POST parameters 'title', 'last' and 'email' in register.php is not sanitized...

6AI score
Exploits0
Rows per page
Query Builder