Lucene search
+L

5083 matches found

Kitploit
Kitploit
added 2013/02/25 11:39 p.m.91 views

[Web-Sorrow] Tool for Misconfiguration, Version Detection, Enumeration, and Server Information Scanning

Web-Sorrow is a perl based tool for misconfiguration, version detection, enumeration, and server information scanning. It's entirely focused on Enumeration and collecting Info on the target server. Web-Sorrow is a "safe to run" program, meaning it is not designed to be an exploit or perform any...

9.8AI score
Exploits0
Cvelist
Cvelist
added 2013/02/24 9:0 p.m.47 views

CVE-2013-0212

store/swift.py in OpenStack Glance Essex 2012.1, Folsom 2012.2 before 2012.2.3, and Grizzly, when in Swift single tenant mode, logs the Swift endpoint's user name and password in cleartext when the endpoint is misconfigured or unusable, allows remote authenticated users to obtain sensitive...

5.7AI score0.02965EPSS
Exploits0References12
CVE
CVE
added 2013/02/14 10:0 p.m.83 views

CVE-2012-5634

CVE-2012-5634 affects Xen when using Intel VT-d PCI passthrough and a device behind a legacy PCI bridge. The VT-d configuration is not properly validated, allowing a local guest to inject an interrupt and potentially cause a denial of service to other guests. The vulnerability is documented in Xe...

6.1CVSS4AI score0.00716EPSS
Exploits0References8Affected Software1
Cvelist
Cvelist
added 2013/02/14 10:0 p.m.22 views

CVE-2012-5634

Xen 4.2.x, 4.1.x, and 4.0, when using Intel VT-d for PCI passthrough, does not properly configure VT-d when supporting a device that is behind a legacy PCI Bridge, which allows local guests to cause a denial of service to other guests by injecting an interrupt...

3.8AI score0.00716EPSS
Exploits0References8
Ubuntu
Ubuntu
added 2013/01/29 11:23 p.m.56 views

USN-1710-1: OpenStack Glance vulnerability

Dan Prince discovered an issue in Glance error reporting. An authenticated attacker could exploit this to expose the Glance operator's Swift credentials for a misconfigured or otherwise unusable Swift endpoint...

4CVSS5.3AI score0.02965EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2013/01/29 3:0 p.m.36 views

CVE-2013-0212

store/swift.py in OpenStack Glance Essex 2012.1, Folsom 2012.2 before 2012.2.3, and Grizzly, when in Swift single tenant mode, logs the Swift endpoint's user name and password in cleartext when the endpoint is misconfigured or unusable, allows remote authenticated users to obtain sensitive...

4CVSS5.9AI score0.02965EPSS
Exploits0References2
ThreatPost
ThreatPost
added 2012/12/27 5:57 p.m.17 views

WordPress W3 Total Cache Misconfiguration Leaves Some Blogs Vulnerable

An apparent misconfiguration exists in W3 Total Cache W3TC, a popular plugin for the WordPress blogging platform, that could allow an attacker to browse and download password hashes and other database information. W3 Total Cache W3TC is a framework for WordPress that helps speed up blogs by cachi...

7.4AI score
Exploits0References3
0day.today
0day.today
added 2012/12/24 12:0 a.m.41 views

WordPress Plugin - W3 Total Cache Remote Sql Injection Exploit

Exploit for php platform in category web applications From the developers' description 1, W3 Total Cache is: The most complete WordPress performance framework. Recommended by web hosts like: MediaTemple, Host Gator, Page.ly and WP Engine and countless more. Trusted by countless sites like:...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2012/12/07 12:0 a.m.45 views

Oracle MySQL For Microsoft Windows MOF Execution

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 'Oracle MySQL for Microsoft Windows MO...

6CVSS5.5AI score0.31664EPSS
Exploits15
Metasploit
Metasploit
added 2012/12/06 9:56 a.m.67 views

Oracle MySQL for Microsoft Windows MOF Execution

This module takes advantage of a file privilege misconfiguration problem specifically against Windows MySQL servers due to the use of a .mof file. This may result in arbitrary code execution under the context of SYSTEM. This module requires a valid MySQL account on the target machine. This module...

6CVSS8AI score0.31664EPSS
Exploits15
Exploit DB
Exploit DB
added 2012/12/06 12:0 a.m.33 views

Oracle MySQL (Windows) - MOF Execution (Metasploit)

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 'Oracle MySQL for Microsoft Windows MO...

6CVSS7AI score0.31664EPSS
Exploits15
Positive Technologies
Positive Technologies
added 2012/12/03 12:0 a.m.5 views

PT-2012-6060 · Mariadb Foundation +2 · Mariadb +2

Name of the Vulnerable Software and Affected Versions: MySQL versions 5.5.19 and possibly other versions MariaDB versions 5.5.28a and possibly other versions Description: The issue allows remote authenticated users to gain privileges by leveraging the FILE privilege to create files as the MySQL...

6CVSS4.5AI score0.31664EPSS
Exploits15References15
securityvulns
securityvulns
added 2012/04/09 12:0 a.m.59 views

php(5.3.10-5.4.0)_XSS_vulns.txt

============================================================================================= Vulnerable Software: PHP 5.3.10/5.4.0 php-5.3.10-Win32-VC9-x86.zip MD5 SUM: af452dfa681ae03ff42eea6d1c7348cd php-5.4.0-Win32-VC9-x86.zip MD5 SUM: b1b0abe883f84eb6d76793aabf1aa612 Downloaded...

6.7AI score
Exploits0
Packet Storm
Packet Storm
added 2012/04/09 12:0 a.m.50 views

PHP 5.3.10 / 5.4.0 Cross Site Scripting

============================================================================================= Vulnerable Software: PHP 5.3.10/5.4.0 php-5.3.10-Win32-VC9-x86.zip MD5 SUM: af452dfa681ae03ff42eea6d1c7348cd php-5.4.0-Win32-VC9-x86.zip MD5 SUM: b1b0abe883f84eb6d76793aabf1aa612 Downloaded...

Exploits0
Metasploit
Metasploit
added 2012/03/06 5:30 a.m.178 views

Squid Proxy Port Scanner

A exposed Squid proxy will usually allow an attacker to make requests on their behalf. If misconfigured, this may give the attacker information about devices that they cannot normally reach. For example, an attacker may be able to make requests for internal IP addresses against an open Squid prox...

6.8AI score
Exploits0
OpenVAS
OpenVAS
added 2012/02/23 12:0 a.m.1362 views

Microsoft IIS Default Welcome Page Information Disclosure Vulnerability

Microsoft IIS Webserver is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

5.2AI score
Exploits0
Vulnerability Lab
Vulnerability Lab
added 2012/01/28 12:0 a.m.33 views

NASA Subdomains FCKEditor - Multiple Vulnerabilities

Document Title: =============== NASA Subdomains FCKEditor - Multiple Vulnerabilities References Source: ==================== http://vulnerability-lab.com/getcontent.php?id=400 Release Date: ============= 2012-01-28 Vulnerability Laboratory ID VL-ID: ==================================== 400 Produc...

7.1AI score
Exploits0
Vulnerability Lab
Vulnerability Lab
added 2012/01/28 12:0 a.m.16 views

NASA Subdomains FCKEditor - Multiple Vulnerabilities

Document Title: =============== NASA Subdomains FCKEditor - Multiple Vulnerabilities References Source: ==================== http://vulnerability-lab.com/getcontent.php?id=400 Release Date: ============= 2012-01-28 Vulnerability Laboratory ID VL-ID: ==================================== 400 Produc...

0.1AI score
Exploits0
seebug.org
seebug.org
added 2011/10/05 12:0 a.m.82 views

JBoss addURL Misconfiguration Attack

No description provided by source. !/usr/bin/perl Exploit Title: JBoss, JMX Console, misconfigured DeploymentScanner Date: Oct 3 2011 Author: y0ug at codsec.com Version: Tested on: Linux CVE : CVE-2010-0738 POC against misconfigured JBoss JMX Console It use the addUrl method in DeploymentScanner...

5CVSS5.8AI score0.79415EPSS
Exploits28
OpenVAS
OpenVAS
added 2011/08/03 12:0 a.m.27 views

Debian Security Advisory DSA 2246-1 (mahara)

The remote host is missing an update to mahara announced via advisory DSA 2246-1. OpenVAS Vulnerability Test $Id: deb22461.nasl 6613 2017-07-07 12:08:40Z cfischer $ Description: Auto-generated from advisory DSA 2246-1 mahara Authors: Thomas Reinke Copyright: Copyright c 2011 E-Soft Inc...

6.8CVSS0.3AI score0.02529EPSS
Exploits0
Rows per page
Query Builder