Lucene search
+L

62 matches found

Exploit DB
Exploit DB
added 2017/06/07 12:0 a.m.38 views

DC/OS Marathon UI - Docker (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'DC/OS Marathon UI Docker Exploit', 'Description' = %q Utilizing the DCOS Cluster's Marathon UI, an attacker can create a docker container with the...

7.4AI score
Exploits0
Openbugbounty
Openbugbounty
added 2017/05/04 10:35 a.m.8 views

winterthur-marathon.ch XSS vulnerability

Open Bug Bounty ID: OBB-231433 Description| Value ---|--- Affected Website:| winterthur-marathon.ch Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

6.3AI score
Exploits0
Openbugbounty
Openbugbounty
added 2017/04/13 2:31 p.m.13 views

melbournemarathon.shopdesq.com XSS vulnerability

Vulnerable URL: https://melbournemarathon.shopdesq.com/search?search=OPENBUGBOUNTY" Details: Description| Value ---|--- Patched:| Yes, at 28.07.2017 Latest check for patch:| 28.07.2017 19:19 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculate...

6.3AI score
Exploits0
Metasploit
Metasploit
added 2017/03/03 2:56 p.m.12 views

DC/OS Marathon UI Docker Exploit

Utilizing the DCOS Cluster's Marathon UI, an attacker can create a docker container with the '/' path mounted with read/write permissions on the host server that is running the docker container. As the docker container executes command as uid 0 it is honored by the host operating system allowing...

10AI score
Exploits0
Openbugbounty
Openbugbounty
added 2016/05/11 3:4 p.m.19 views

brightonmarathon.info XSS vulnerability

Vulnerable URL: https://brightonmarathon.info/login.php?message=%22%3E%3Csvg/onload=prompt%28/OPENBUGBOUNTY/%29%3E Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP website status:| No...

6.3AI score
Exploits0
Openbugbounty
Openbugbounty
added 2015/09/29 3:2 p.m.10 views

marathonpetroleum.com XSS vulnerability

Vulnerable URL: http://www.marathonpetroleum.com/Search/?search2=%3CIMG+%22%22%22%3E%3CSCRIPT%3Ealert%28%22XSSPOSED%22%29%3C%2FSCRIPT%3E%22%3E Details: Description| Value ---|--- Patched:| Yes, at 09.06.2017 Latest check for patch:| 09.06.2017 10:09 GMT Vulnerability type:| XSS Vulnerability...

6.3AI score
Exploits0
The Hacker News
The Hacker News
added 2014/03/10 10:37 p.m.10 views

Edward Snowden at SXSW Conference: Would I do this again?, I Would!

The Whistleblower and Former National Security Agency NSA contractor Edward Snowden raised his voice and talked about citizen’s privacy once again. Yes, Snowden, whose leaks last year triggered debate on the massive surveillance conducted by the Government worldwide. In an interview, speaking via...

6.5AI score
Exploits0
The Hacker News
The Hacker News
added 2013/08/16 8:40 a.m.14 views

EHACK : The Largest Information Security Awareness Marathon Globally

More than 9000+ participants enter the Guinness book of World Records for the largest congregation for information Security. E-Hack, world largest Ethical Hacking workshop was organized by InfySEC at SRM University on July 27 and 28,2013 . The expected participant count was 4500+ but on the day o...

6.4AI score
Exploits0
The Hacker News
The Hacker News
added 2013/08/15 9:40 p.m.21 views

EHACK : The Largest Information Security Awareness Marathon Globally

More than 9000+ participants enter the Guinness book of World Records for the largest congregation for information Security. E-Hack, world largest Ethical Hacking workshop was organized by InfySEC at SRM University on July 27 and 28,2013 . The expected participant count was 4500+ but on the day o...

6.4AI score
Exploits0
The Hacker News
The Hacker News
added 2013/04/23 7:43 p.m.11 views

Hacked Twitter account of The Associated Press posted bogus report of attack at White House

The Associated Press Twitter account has been hacked,and posted a bogus post about explosions at the White House and Barack Obama is injured. Within a few minutes, Twitter suspended the account, and Julie Pace, the chief White House correspondent for The A.P., announced at a White House briefing...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2013/04/23 8:43 a.m.8 views

Hacked Twitter account of The Associated Press posted bogus report of attack at White House

The Associated Press Twitter account has been hacked,and posted a bogus post about explosions at the White House and Barack Obama is injured. Within a few minutes, Twitter suspended the account, and Julie Pace, the chief White House correspondent for The A.P., announced at a White House briefing...

7AI score
Exploits0
CISA
CISA
added 2013/04/17 12:0 a.m.21 views

Scams Exploiting Boston Marathon Explosion

Malicious actors are exploiting the April 15 explosions at the Boston Marathon in attempts to collect money intended for charities and to spread malicious code. Fake websites and social networking accounts have been set up to take advantage of those interested in learning more details about the...

6.9AI score
Exploits0
ThreatPost
ThreatPost
added 2013/04/16 5:8 p.m.14 views

Bruce Schneier on the Boston Marathon Bombing and the Psychology of Fear

Dennis Fisher talks with Bruce Schneier about the effects of the Boston Marathon bombing, how the psychology of fear plays into people’s reactions to these events and what the political aftermath could be...

Exploits0References2
ThreatPost
ThreatPost
added 2012/04/25 3:31 p.m.11 views

UK Govt. Investigating London Marathon Data Breach That Spilled Info On 38,000

The UK Information Commissioner’s Office ICO said it is looking into a possible data breach of the Website used by organizers of the London Marathon – major, international sporting event that attracted more than 37,000 runners for the 37th running on April 22nd. According to a BBC report, the hom...

1.8AI score
Exploits0References1
The Hacker News
The Hacker News
added 2011/04/08 8:42 p.m.16 views

DerbyCon Security Conference 2011

We are happy to announce that Offensive Security will be sponsoring DerbyCon. DerbyCon is a new hacker conference located in Louisville Kentucky. Our goal is to bring back an old style, community driven hacker con chocked full of amazing talks, live events and all around fun. The idea for DerbyCo...

6.5AI score
Exploits0
securityvulns
securityvulns
added 2010/05/11 12:0 a.m.39 views

MOPS-2010-018: EFront ask_chat chatrooms_ID SQL Injection Vulnerability

MOPS-2010-018: EFront askchat chatroomsID SQL Injection Vulnerability May 9th, 2010 A preauth SQL injection vulnerability was discovered in the chat feature of EFront that allows retrieving all data from the database by simple URL manipulation. Affected versions Affected is EFront = 3.6.2 Credits...

8.8AI score
Exploits0
NVD
NVD
added 2006/12/20 11:28 p.m.15 views

CVE-2006-6664

Format string vulnerability in Marathon Aleph One before 0.17.1 and 2006-12-17 might allow remote attackers to cause a denial of service application crash or execute arbitrary code via format string specifiers in the TopLevelLogger::logMessageV function in Misc/Logging.cpp. NOTE: some details wer...

5CVSS7.8AI score0.02649EPSS
Exploits0References5
NVD
NVD
added 2006/12/20 11:28 p.m.12 views

CVE-2006-6663

The server component in Marathon Aleph One before 0.17.1 and 2006-12-17 allows remote attackers to cause a denial of service application crash via unspecified vectors related to "gathering net games."...

5CVSS6.6AI score0.0172EPSS
Exploits0References6
CVE
CVE
added 2006/12/20 11:0 p.m.34 views

CVE-2006-6663

The CVE-2006-6663 entry concerns the Marathon Aleph One server component, affected in versions prior to 0.17.1 and dated 2006-12-17. The vulnerability allows remote attackers to cause an application crash (denial of service) through unspecified vectors related to the process of “gathering net gam...

5CVSS6.9AI score0.0172EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2006/12/20 11:0 p.m.19 views

CVE-2006-6663

The server component in Marathon Aleph One before 0.17.1 and 2006-12-17 allows remote attackers to cause a denial of service application crash via unspecified vectors related to "gathering net games."...

6.6AI score0.0172EPSS
Exploits0References6
Rows per page
Query Builder