CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

81 matches found

Prion•added 2007/05/31 12:30 a.m.•10 views

Remote file inclusion

Multiple PHP remote file inclusion vulnerabilities in OpenBASE Alpha 0.6 allow remote attackers to execute arbitrary PHP code via a URL in the rootprefix parameter to 1 index.php, 2 emailsubscribe.php, 3 download.php, or 4 development.php...

7.5CVSS8.2AI score0.08993EPSS

Exploits0References8Affected Software1

NVD•added 2007/05/31 12:30 a.m.•15 views

CVE-2007-2947

7.5CVSS7.6AI score0.08993EPSS

Exploits0References8

CVE•added 2007/05/31 12:0 a.m.•38 views

CVE-2007-2947

CVE-2007-2947 involves OpenBASE Alpha 0.6 with multiple PHP remote file inclusion vulnerabilities. The flaw allows an attacker to provide a URL via the root_prefix parameter to one of four scripts (index.php, email_subscribe.php, download.php, or development.php) to cause the system to include re...

7.5CVSS7.7AI score0.08993EPSS

Exploits0References8Affected Software1

Cvelist•added 2007/05/31 12:0 a.m.•19 views

CVE-2007-2947

7.6AI score0.08993EPSS

Exploits0References8

Packet Storm•added 2007/05/30 12:0 a.m.•23 views

openbase-rfi.txt

DeltaSecurityTEAM WwW.DeltaSecurity.iR Portal Name = OpenBASE Alpha 0.6 Class = Remote File Inclusion Risk = High Remote File Execution Download = Http://openbase.sourceforge.net Discoverd By = DeltahackingTEAM User In Delta Team = Dav00dCracker Conatact = [email protected]...

7.4AI score

Exploits0

seebug.org•added 2007/05/27 12:0 a.m.•173 views

OpenBASE 0.6a (root_prefix) Remote File Inclusion Vulnerabilities

No description provided by source. DeltaSecurityTEAM WwW.DeltaSecurity.iR Portal Name = OpenBASE Alpha 0.6 Class = Remote File Inclusion Risk = High Remote File Execution Download = Http://openbase.sourceforge.net Discoverd By = DeltahackingTEAM User In Delta Team = Dav00dCracker Conatact =...

7.1AI score

Exploits0

Exploit DB•added 2007/05/25 12:0 a.m.•26 views

OpenBASE 0.6a - 'root_prefix' Remote File Inclusion

7.4AI score

Exploits0

0day.today•added 2007/05/25 12:0 a.m.•36 views

OpenBASE 0.6a (root_prefix) Remote File Inclusion Vulnerabilities

Exploit for unknown platform in category web applications ================================================================= OpenBASE 0.6a rootprefix Remote File Inclusion Vulnerabilities ================================================================= DeltaSecurityTEAM Portal Name = OpenBASE Alp...

7.1AI score

Exploits0

exploitpack•added 2007/05/25 12:0 a.m.•15 views

OpenBASE 0.6a - root_prefix Remote File Inclusion

OpenBASE 0.6a - rootprefix Remote File Inclusion DeltaSecurityTEAM WwW.DeltaSecurity.iR Portal Name = OpenBASE Alpha 0.6 Class = Remote File Inclusion Risk = High Remote File Execution Download = Http://openbase.sourceforge.net Discoverd By = DeltahackingTEAM User In Delta Team = Dav00dCracker...

0.1AI score

Exploits0

NVD•added 2006/11/10 2:7 a.m.•18 views

CVE-2006-5851

openexec in OpenBase SQL before 10.0.1 allows local users to create arbitrary files via a symlink attack on the /tmp/output file, a different vulnerability than CVE-2006-5328...

2.1CVSS6.7AI score0.00737EPSS

Exploits1References5

NVD•added 2006/11/10 2:7 a.m.•23 views

CVE-2006-5852

Untrusted search path vulnerability in openexec in OpenBase SQL before 10.0.1 allows local users to gain privileges via a modified PATH that references a malicious helper binary, as demonstrated by 1 cp, 2 rm, and 3 killall, different vectors than CVE-2006-5327...

4.6CVSS6.8AI score0.00753EPSS

Exploits1References5

CVE•added 2006/11/10 2:0 a.m.•44 views

CVE-2006-5852

CVE-2006-5852 describes an untrusted search path vulnerability in OpenBase SQL prior to 10.0.1. Local users can gain privileges by placing a malicious helper binary in a modified PATH that OpenBase will reference, with demonstrations involving cp, rm, and killall. The vulnerability stems from PAT...

4.6CVSS7AI score0.00753EPSS

Exploits1References5Affected Software1

Cvelist•added 2006/11/10 2:0 a.m.•25 views

CVE-2006-5851

openexec in OpenBase SQL before 10.0.1 allows local users to create arbitrary files via a symlink attack on the /tmp/output file, a different vulnerability than CVE-2006-5328...

6.7AI score0.00737EPSS

Exploits1References5

Cvelist•added 2006/11/10 2:0 a.m.•29 views

CVE-2006-5852

6.8AI score0.00753EPSS

Exploits1References5

CVE•added 2006/11/10 2:0 a.m.•47 views

CVE-2006-5851

CVE-2006-5851 affects OpenBase SQL prior to 10.0.1. It enables local users to create arbitrary files via a symlink attack on the /tmp/output file, constituting a local file-creation vulnerability distinct from CVE-2006-5328. The root cause is a symlink/temporary-file handling issue in OpenBase SQ...

2.1CVSS6.7AI score0.00737EPSS

Exploits1References5Affected Software1

Packet Storm•added 2006/11/09 12:0 a.m.•32 views

openexec_createfile.pl.txt

!/usr/bin/perl http://www.digitalmunition.com written by kf kflistsatdigitalmunitiondotcom \n\nTargets:\n\n"; foreach $key sortkeys %tgts $a,$b = split/:/,$tgts"$key"; print "\t$key . $a\n"; print "\n"; exit 1; $ret = pack"l", $retval; $a,$b = split/:/,$tgts"$target"; print " Target: $a $b\n";...

7.4AI score

Exploits0

seebug.org•added 2006/11/09 12:0 a.m.•48 views

Xcode OpenBase <= 10.0.0 (unsafe system call) Local Root Exploit (OSX)

No description provided by source. !/usr/bin/perl http://www.digitalmunition.com written by kf kflistsatdigitalmunitiondotcom = ftp://www.openbase.com/pub/OpenBase10.0 vulnerable ? This is some fairly blatant and retarded use of system cd cp chmod chown rm mkdir and killall appear as strings in t...

7.1AI score

Exploits0

seebug.org•added 2006/11/09 12:0 a.m.•28 views

Xcode OpenBase <= 10.0.0 (symlink) Local Root Exploit (OSX)

No description provided by source. !/usr/bin/perl http://www.digitalmunition.com written by kf kflistsatdigitalmunitiondotcom = ftp://www.openbase.com/pub/OpenBase10.0 vulnerable ? Create a new file anywhere on the filesystem with rw-rw-rw privs. Sorry you can NOT overwrite existing files. Writin...

7.1AI score

Exploits0

Exploit DB•added 2006/11/08 12:0 a.m.•34 views

Xcode OpenBase 10.0.0 (OSX) - Symlink Privilege Escalation

7AI score

Exploits0

Exploit DB•added 2006/11/08 12:0 a.m.•36 views

Xcode OpenBase 10.0.0 (OSX) - Unsafe System Call Privilege Escalation

!/usr/bin/perl http://www.digitalmunition.com written by kf kflistsatdigitalmunitiondotcom \n\nTargets:\n\n"; foreach $key sortkeys %tgts $a,$b = split/:/,$tgts"$key"; print "\t$key . $a - $b\n"; print "\n"; exit 1; $ret = pack"l", $retval; $a,$b = split/:/,$tgts"$target"; print " Target: $a -...

7.4AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by