Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

wpexploit
wpexploitadded 2023/11/28 12:0 a.m.160 views

WP Mail Log < 1.1.3 – Incorrect Authorization in REST API Endpoints

Description The plugin does not correctly authorize its REST API endpoints, allowing users with the Contributor role to view and delete data that should only be accessible to Admin users. The following actions may be taken by a Contributor user: --- /wmllogs - Information leak Execute the followi...

7.6CVSS7.5AI score0.00117EPSS
Exploits2
Packet Storm
Packet Stormadded 2006/12/06 12:0 a.m.23 views

vtforum-13.txt

LiderHack.Org script name : Vt-Forum Lite System V.1.3 Script Download : http://aspindir.com/indir.asp?id=585 Risk : High Found By : St@rExT Thanks : Dekolax , ShaFuck31 , ST@ReXT , Dekolax , SwatHack , Maverick , Candark , Torlaq , Woheras , Siruas Vulnerable file : vfinfo.asp XSS Bug:...

7.4AI score
Exploits0
myhack58
myhack58added 2006/11/26 12:0 a.m.12 views

WEB2. 0 attack the trendy—Ajax Hacking-vulnerability warning-the black bar safety net

0 5 at the beginning, with web2. 0 this word in China each large network media such as a flood the emergence of Ajax technology AJAX, IE"Asynchronous JavaScript And XML"acronym, can be translated as asynchronous JavaScript and XML technology. At its core is a host in the browser called...

7.4AI score
Exploits0
Exploit DB
Exploit DBadded 2001/03/03 12:0 a.m.35 views

Slackware 7.1 - &#039;/usr/bin/mail&#039; Local Privilege Escalation

/ Slackware 7.1 /usr/bin/Mail Exploit give gid=1 bin if /usr/bin/Mail is setgid but it is not setgid, setuid for default. tested on my box sl 7.1 crazy exploited by kengz. GID.... \x01 = 1 bin \x02 = 2 , \x03 = 3 , ... \x0a = 10 \x0b = 11 .... / include include define GID "\x03" int mainint argc,...

7.4AI score
Exploits0
securityvulns
securityvulnsadded 2000/10/06 12:0 a.m.21 views

Pegasus mail file reading vulnerability

SUMMARY The default setup of Pegasus Mail contains a remotely exploitable security hole that allows a remote website to gain copies of files on the users hard drive. DETAILS Version tested: Pegasus Mail v3.12c with IE5.0 When the webpage containing the exploit code is viewed using IE5, Pegasus ma...

0.4AI score
Exploits0
securityvulns
securityvulnsadded 2000/07/21 12:0 a.m.62 views

Security Bulletin &#40;MS00-046&#41;

Microsoft Security Bulletin MS00-046 - -------------------------------------- Patch Available for "Cache Bypass" Vulnerability Originally Posted: July 20, 2000 Summary ======= Microsoft has released a patch that eliminates a security vulnerability in Microsoftr Outlookr and Outlook Express. The...

6.6AI score
Exploits0
Packet Storm
Packet Stormadded 1999/08/17 12:0 a.m.26 views

msie4-autoexec.bat-tdc.txt

Guninski's IE 4 reading AUTOEXEC.BAT. There is a bug in Internet Explorer 4.x patched which allows reading local files and sending them to an arbitrary server. The problem is: if you add '%01someURL' after the an about: URL, IE thinks that the document is loaded from the domain of 'someURL'. This...

7.4AI score
Exploits0
Rows per page
Query Builder