Lucene search
K

1933 matches found

Packet Storm
Packet Storm
added 2013/02/25 12:0 a.m.19 views

MTP Guestbook 1.0 Cross Site Scripting

MTP Guestbook 1.0 Multiple Remote Script Insertion Vulnerabilities alert1;' / input type="hidden" name="insc...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2013/01/01 12:0 a.m.21 views

Linux/x86 - Insertion Decoder + Null-Free Shellcode (33+ bytes)

Linux/x86 - Insertion Decoder + Null-Free Shellcode 33+ bytes. Shellcode exploit for Linuxx86 platform / Insertion Decoder Shellcode - C Language - Linux/x86 Copyright C 2013 Geyslan G. Bem, Hacking bits http://hackingbits.com [email protected] This program is free software: you can redistribute ...

7.1AI score
Exploits0
Zero Science Lab
Zero Science Lab
added 2012/11/30 12:0 a.m.20 views

Axis Commerce 0.8.7.2 Remote Script Insertion Vulnerabilities

Summary Powerful open source ecommerce platform. Description Axis Commerce suffers from multiple stored XSS vulnerabilities when input passed via several parameters to several scripts is not properly sanitized before being returned to the user. This can be exploited to execute arbitrary HTML and...

6.1AI score
Exploits0
Packet Storm
Packet Storm
added 2012/11/30 12:0 a.m.28 views

Axis Commerce 0.8.7.2 Cross Site Scripting

Axis Commerce 0.8.7.2 Remote Script Insertion Vulnerabilities alert'XSS';", "base":"TESTSTRING", "secure":"TESTSTRING2", "rootcategory":"2"' / input type="hidden" name="a...

7.4AI score
Exploits0
0day.today
0day.today
added 2012/11/30 12:0 a.m.27 views

Axis Commerce 0.8.7.2 Cross Site Scripting Vulnerability

Axis Commerce version 0.8.7.2 suffers from multiple stored cross site scripting vulnerabilities. Axis Commerce 0.8.7.2 Remote Script Insertion Vulnerabilities alert'XSS';", "base":"TESTSTRING",...

6.7AI score
Exploits0
Packet Storm
Packet Storm
added 2012/11/08 12:0 a.m.39 views

AWCM 2.2 Access Bypass

Vulnerability Report AWCM 2.2 CVE-Candidate-ID: CVE-2012-2437, CVE-2012-2438 Issue: Access Control Bug in AWCM 2.2, Anyone can build the cookie and inserts DB records. Author: Sooel Son sonpostman at gmail dot com Source Code: http://sourceforge.net/projects/awcm/ 1. Details: CVE-2012-2437 Withou...

5CVSS0.2AI score0.02434EPSS
Exploits4
OpenVAS
OpenVAS
added 2012/09/12 12:0 a.m.33 views

Microsoft System Center Configuration Manager XSS Vulnerability (2741528)

This host is missing an important security update according to Microsoft Bulletin MS12-062. OpenVAS Vulnerability Test $Id: secpodms12-062.nasl 6520 2017-07-04 14:28:49Z cfischer $ Microsoft System Center Configuration Manager XSS Vulnerability 2741528 Authors: Rachana Shetty Copyright: Copyright...

4.3CVSS0.16162EPSS
Exploits1References3
exploitpack
exploitpack
added 2012/08/27 12:0 a.m.33 views

xt:Commerce VEYTON 4.0.15 - products_name_de Script Insertion

xt:Commerce VEYTON 4.0.15 - productsnamede Script Insertion xt:Commerce VEYTON 4.0.15 productsnamede Script Insertion Vulnerability input type="hidden" name="dat...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2012/08/27 12:0 a.m.41 views

xt:Commerce VEYTON 4.0.15 - 'products_name_de' Script Insertion

xt:Commerce VEYTON 4.0.15 productsnamede Script Insertion Vulnerability input type="hidden" name="dateavailable" valu...

7.4AI score
Exploits0
0day.today
0day.today
added 2012/08/27 12:0 a.m.40 views

xt:Commerce VEYTON 4.0.15 (products_name_de) Script Insertion Vulnerability

Exploit for php platform in category web applications xt:Commerce VEYTON 4.0.15 productsnamede Script Insertion Vulnerability form name="XSS" method="POST"...

7.1AI score
Exploits0
Zero Science Lab
Zero Science Lab
added 2012/08/23 12:0 a.m.39 views

xt:Commerce VEYTON 4.0.15 (products_name_de) Script Insertion Vulnerability

Summary One shop system, many shop solutions. The shop software xt:Commerce 4 is the basic framework for online shops and for merchants who install and configure their own shop. Description xt:Commerce suffers from a stored XSS vulnerability when parsing user input to the 'productsnamede' paramet...

6.1AI score
Exploits0
myhack58
myhack58
added 2012/08/14 12:0 a.m.24 views

WordPress SimpleMail Plugin Email fields script insertion vulnerabilities and fixes-vulnerability warning-the black bar safety net

WordPress is a PHP language and MySQL database development Blog(blog, blogengine, users can support PHP and MySQL database server on build your own Blog. SimpleMail plugin for WordPress 1.0.6 and other versions in the realization on the presence of a plurality of vulnerabilities, through the e-ma...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2012/08/13 12:0 a.m.35 views

WordPress SimpleMail Plugin Email字段脚本插入漏洞

CVE ID: CVE-2012-2579 WordPress是一种使用PHP语言和MySQL数据库开发的Blog(博客、网志引擎,用户可以在支持PHP和MySQL数据库的服务器上建立自己的Blog。 SimpleMail plugin for WordPress 1.0.6及其他版本在实现上存在多个漏洞,通过电子邮件的字段"To"、"From"、"Date"、"Subject"传递的输入没有正确过滤即用于显示电子邮件,可被恶意利用执行脚本插入攻击,查看后会在受影响站点的用户浏览器中执行 0 WordPress SimpleMail Plugin 1.x 厂商补丁: WordPress...

4.3CVSS0.03748EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2012/08/01 12:0 a.m.43 views

Scientific Linux Security Update : php on SL3.x i386/x86_64

Various integer overflow flaws were found in the PHP gd extension script that could be forced to resize images from an untrusted source, possibly allowing a remote attacker to execute arbitrary code as the apache user. CVE-2007-3996 An integer overflow flaw was found in the PHP chunksplit functio...

7.5CVSS7AI score0.08878EPSS
Exploits1References9
xssed
xssed
added 2012/07/02 12:0 a.m.10 views

Unfixed Script Insertion vulnerability at www.forums.mihandownload.com

Security researcher a3q, has submitted on 07/02/2012 a Script Insertion vulnerability affecting www.forums.mihandownload.com, which at the time of submission ranked 1234 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 13/02/2012. It is currentl...

Exploits0References1
Cvelist
Cvelist
added 2012/06/27 12:0 a.m.25 views

CVE-2012-3799

Multiple cross-site request forgery CSRF vulnerabilities in the Maestro module 7.x-1.x before 7.x-1.2 for Drupal allow remote attackers to hijack the authentication of administrators for requests that 1 change workflows or 2 insert cross-site scripting XSS sequences...

6.6AI score0.01174EPSS
Exploits1References8
NVD
NVD
added 2012/05/23 9:55 p.m.19 views

CVE-2012-0295

The Manager service in the management console in Symantec Endpoint Protection SEP 12.1 before 12.1 RU1-MP1 allows remote attackers to conduct file-insertion attacks and execute arbitrary code by leveraging exploitation of CVE-2012-0294...

9.3CVSS7.4AI score0.04025EPSS
Exploits0References4
Prion
Prion
added 2012/05/23 9:55 p.m.19 views

Code injection

The Manager service in the management console in Symantec Endpoint Protection SEP 12.1 before 12.1 RU1-MP1 allows remote attackers to conduct file-insertion attacks and execute arbitrary code by leveraging exploitation of CVE-2012-0294...

9.3CVSS7.8AI score0.04025EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2012/05/23 9:0 p.m.27 views

CVE-2012-0295

The Manager service in the management console in Symantec Endpoint Protection SEP 12.1 before 12.1 RU1-MP1 allows remote attackers to conduct file-insertion attacks and execute arbitrary code by leveraging exploitation of CVE-2012-0294...

7.4AI score0.04025EPSS
Exploits0References4
CVE
CVE
added 2012/05/23 9:0 p.m.53 views

CVE-2012-0295

Affected product: Symantec Endpoint Protection Manager (SEP MGR)

9.3CVSS7.6AI score0.04025EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder