Lucene search
K

4491 matches found

0day.today
0day.today
added 2010/06/09 12:0 a.m.30 views

SchoolMation Version 2.3 SQLi and XSS Vulnerability

Exploit for php platform in category web applications =================================================== SchoolMation Version 2.3 SQLi and XSS Vulnerability =================================================== 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'...

7.1AI score
Exploits0
ThreatPost
ThreatPost
added 2010/04/20 6:11 p.m.10 views

Haciendo amigos

Cuando haga amigos, considere ubicarlos en grupos. Puede organizarlos en grados de privacidad aquéllos que sepan de mi familia y aquéllos que no o personas que se conocen entre ellas. La gente puede pertenecer a más de un grupo si usted así lo desea. Piense en qué tipo de amigos son. ¿Familia?...

0.5AI score
Exploits0
Fedora
Fedora
added 2010/04/09 3:57 a.m.11 views

[SECURITY] Fedora 13 Update: alienarena-7.33-2.fc13

Alien Arena 2009 is an online deathmatch game with over 30 levels, seven mo des of play, loads of mutators, built-in bots, multiple player characters and w eapons with alt-fire modes...

3AI score
Exploits0
exploitpack
exploitpack
added 2010/04/05 12:0 a.m.23 views

Joomla! Component JInventory 1.23.02 - Local File Inclusion

Joomla! Component JInventory 1.23.02 - Local File Inclusion --------------------------------------------------------------------------------- Joomla Component JInventory Local File Inclusion --------------------------------------------------------------------------------- Author : Chip D3 Bi0s...

Exploits0
Exploit DB
Exploit DB
added 2010/04/05 12:0 a.m.43 views

Joomla! Component JInventory 1.23.02 - Local File Inclusion

--------------------------------------------------------------------------------- Joomla Component JInventory Local File Inclusion --------------------------------------------------------------------------------- Author : Chip D3 Bi0s Group : LatinHackTeam Email & msn : [email protected] Date ...

7.4AI score
Exploits0
Atlassian
Atlassian
added 2010/03/01 3:54 a.m.21 views

JQL breaks issue security levels based on custom fields

The MultiSelectCustomFieldIndexer does 2 things: index but don't store a case-folded version in the field "customfield10017:retail" store a "raw" version in a new field with the raw added to the end "customfield10017raw:Retail" The problem is that com.atlassian.jira.security.type.GroupCF looks fo...

2.7AI score
Exploits0
Packet Storm
Packet Storm
added 2010/01/04 12:0 a.m.33 views

WD-CMS 3.0 XSS / File Disclosure

Exploit Title: WD-CMS 3.0 Multiple Vulnerabilities Date: December 31st, 2009 Author: Sora Software Link: http://www.webdiamond.net/cms.html Version: 3.0 Tested on: Windows Vista and Linux Backtrack 3 --------------------------------------------------------------- WD-CMS 3.0 Multiple Vulnerabiliti...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2010/01/01 12:0 a.m.20 views

WD-CMS 3.0 - Multiple Vulnerabilities

WD-CMS 3.0 - Multiple Vulnerabilities Exploit Title: WD-CMS 3.0 Multiple Vulnerabilities Date: December 31st, 2009 Author: Sora Software Link: http://www.webdiamond.net/cms.html Version: 3.0 Tested on: Windows Vista and Linux Backtrack 3...

0.5AI score
Exploits0
0day.today
0day.today
added 2010/01/01 12:0 a.m.31 views

WD-CMS 3.0 Multiple Vulnerabilities

Exploit for unknown platform in category web applications =================================== WD-CMS 3.0 Multiple Vulnerabilities =================================== Exploit Title: WD-CMS 3.0 Multiple Vulnerabilities Date: December 31st, 2009 Author: Sora Software Link:...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2008/12/05 12:0 a.m.23 views

Easy News Content Management (News.mdb) Database Disclosure Vuln

No description provided by source. Author : BeyazKurt Contact : [email protected] Site : www.khg-crew.ws - KOSOVA HACKERS GROUP Script : Easy Content Management Publishing Script Site : http://easy-news.org/content-management-terns.asp Description : An easy to use ASP-based content management...

7.1AI score
Exploits0
Nmap
Nmap
added 2008/11/06 2:52 a.m.416 views

smb-enum-sessions NSE Script

Enumerates the users logged into a system either locally or through an SMB share. The local users can be logged on either physically on the machine, or through a terminal services session. Connections to a SMB share are, for example, people connected to fileshares or making RPC calls. Nmap's...

10CVSS9.1AI score0.99448EPSS
Exploits33
Prion
Prion
added 2008/08/13 1:41 a.m.27 views

Design/Logic Flaw

The dl module in Ruby 1.8.5 and earlier, 1.8.6 through 1.8.6-p286, 1.8.7 through 1.8.7-p71, and 1.9 through r18423 does not check "taintness" of inputs, which allows context-dependent attackers to bypass safe levels and execute dangerous functions by accessing a library using DL.dlopen...

7.5CVSS6.4AI score0.13666EPSS
Exploits1References30Affected Software1
NVD
NVD
added 2008/08/13 1:41 a.m.18 views

CVE-2008-3657

The dl module in Ruby 1.8.5 and earlier, 1.8.6 through 1.8.6-p286, 1.8.7 through 1.8.7-p71, and 1.9 through r18423 does not check "taintness" of inputs, which allows context-dependent attackers to bypass safe levels and execute dangerous functions by accessing a library using DL.dlopen...

7.5CVSS6.7AI score0.13666EPSS
Exploits1References30
CVE
CVE
added 2008/08/13 1:0 a.m.98 views

CVE-2008-3655

CVE-2008-3655 affects Ruby 1.8.5 and earlier, 1.8.6 through 1.8.6-p286, 1.8.7 through 1.8.7-p71, and 1.9 through r18423. It does not properly restrict access to critical variables and methods at various safe levels, allowing context‑dependent attackers to bypass access restrictions via (1) untrac...

7.5CVSS6.8AI score0.14085EPSS
Exploits1References32Affected Software1
CVE
CVE
added 2008/08/13 1:0 a.m.75 views

CVE-2008-3657

CVE-2008-3657 is a confirmed issue in the Ruby DL module where inputs are not tainted, allowing context-dependent attackers to bypass safe levels and call dangerous functions via DL.dlopen. Affected are Ruby 1.8.5 and older, 1.8.6 up to -p286, 1.8.7 up to -p71, and 1.9 up to r18423. Connected adv...

7.5CVSS6.7AI score0.13666EPSS
Exploits1References30Affected Software1
UbuntuCve
UbuntuCve
added 2008/08/12 12:0 a.m.38 views

CVE-2008-3657

The dl module in Ruby 1.8.5 and earlier, 1.8.6 through 1.8.6-p286, 1.8.7 through 1.8.7-p71, and 1.9 through r18423 does not check "taintness" of inputs, which allows context-dependent attackers to bypass safe levels and execute dangerous functions by accessing a library using DL.dlopen...

7.5CVSS7.1AI score0.13666EPSS
Exploits1References2
RubySec
RubySec
added 2008/08/08 12:0 a.m.26 views

Ruby missing "taintness" checks in dl module

The dl module in Ruby 1.8.5 and earlier, 1.8.6 through 1.8.6-p286, 1.8.7 through 1.8.7-p71, and 1.9 through r18423 does not check "taintness" of inputs, which allows context-dependent attackers to bypass safe levels and execute dangerous functions by accessing a library using DL.dlopen...

7.5CVSS6AI score0.13666EPSS
Exploits1References1Affected Software1
RubySec
RubySec
added 2008/08/08 12:0 a.m.24 views

Ruby multiple insufficient safe mode restrictions

Ruby 1.8.5 and earlier, 1.8.6 through 1.8.6-p286, 1.8.7 through 1.8.7-p71, and 1.9 through r18423 does not properly restrict access to critical variables and methods at various safe levels, which allows context-dependent attackers to bypass intended access restrictions via 1 untracevar, 2...

7.5CVSS5.8AI score0.14085EPSS
Exploits1References1Affected Software1
OpenVAS
OpenVAS
added 2008/01/17 12:0 a.m.30 views

Debian Security Advisory DSA 1157-1 (ruby1.8)

The remote host is missing an update to ruby1.8 announced via advisory DSA 1157-1. Several vulnerabilities have been discovered in the interpreter for the Ruby language, which may lead to the bypass of security restrictions or denial of service. The Common Vulnerabilities and Exposures project...

7.5CVSS0.3AI score0.10192EPSS
Exploits1
OpenVAS
OpenVAS
added 2008/01/17 12:0 a.m.22 views

Debian: Security Advisory (DSA-1139-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.4CVSS6.7AI score0.05739EPSS
Exploits0References3
Rows per page
Query Builder