CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

9282 matches found

exploitpack•added 2006/06/14 12:0 a.m.•13 views

Microsoft Windows XP2000 - Mrxsmb.sys Local Privilege Escalation (MS06-030)

Microsoft Windows XP2000 - Mrxsmb.sys Local Privilege Escalation MS06-030 /////////////////////////////////////////////////////////////////////////////////////// // Mrxsmb.sys XP & 2K Ring0 Exploit 6/12/2005 // Tested on XP SP2 && 2K SP4 // Disable ReadOnly Memory protection //...

0.4AI score

Exploits0

canvas•added 2006/06/13 7:6 p.m.•47 views

Immunity Canvas: MS06_025

Name| ms06025 ---|--- CVE| CVE-2006-2371 Exploit Pack| CANVAS Description| RasMan RPC Server Signedness Bug Notes| CVE Name: CVE-2006-2371 VENDOR: Microsoft Notes: If you choose the wrong version to attack, RasMan may stop responding with MSRPC Pipe Not Available errors, and will most likely not...

7.5CVSS6.3AI score0.38613EPSS

Exploits6

canvas•added 2006/06/13 7:6 p.m.•36 views

Immunity Canvas: MS06_024

Name| ms06024 ---|--- CVE| CVE-2006-0025 Exploit Pack| CANVAS Description| Microsoft Windows Media Player Malformed PNG Vulnerability Notes| CVE Name: CVE-2006-0025 VENDOR: Microsoft MSADV: MS06-024 Repeatability: One shot MSRC: http://www.microsoft.com/technet/security/bulletin/ms06-024.mspx CVS...

9.3CVSS6.3AI score0.64793EPSS

Exploits5

securityvulns•added 2006/05/20 12:0 a.m.•28 views

[SA20147] Sun ONE/Java System Web Server Cross-Site Scripting Vulnerability

TITLE: Sun ONE/Java System Web Server Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA20147 VERIFY ADVISORY: http://secunia.com/advisories/20147/ CRITICAL: Less critical IMPACT: Cross Site Scripting WHERE: From remote SOFTWARE: Sun Java System Application Server Sun ONE 7.x...

0.4AI score

Exploits0

Prion•added 2006/05/19 10:2 a.m.•12 views

Default credentials

stopWebLogic.sh in BEA WebLogic Server 8.1 before Service Pack 4 and 7.0 before Service Pack 6 displays the administrator password to stdout when executed, which allows local users to obtain the password by viewing a local display...

4.6CVSS6.9AI score0.00088EPSS

Exploits0References5Affected Software1

Tenable Nessus•added 2006/05/11 12:0 a.m.•9 views

Windows XP SP1 VPN Detection

Binary data 3563.prm...

7.3AI score

Exploits0

Positive Technologies•added 2006/04/26 12:0 a.m.•4 views

PT-2006-3037 · Microsoft · Outlook +2

Name of the Vulnerable Software and Affected Versions: Internet Explorer 6 for Windows XP SP2 Description: The issue allows remote attackers to modify command line arguments to an invoked mail client via " double quote characters in a mailto: scheme handler. This can be demonstrated by launching...

5CVSS6.9AI score0.15697EPSS

Exploits0References5

Prion•added 2006/04/21 10:2 a.m.•11 views

Cross site scripting

Cross-site scripting XSS vulnerability in calendar/Visitor.cgi in KCScripts Calendar, distributed individually and as part of Portal Pack 6.0 and earlier, allows remote attackers to inject arbitrary web script or HTML via the sortorder parameter...

2.6CVSS6.2AI score0.00558EPSS

Exploits0References7Affected Software2

NVD•added 2006/04/21 10:2 a.m.•10 views

CVE-2006-1969

Cross-site scripting XSS vulnerability in search/search.cgi in an unspecified KCScripts script, probably Search Engine or Site Search, distributed individually and as part of Portal Pack 6.0 and earlier, allows remote attackers to inject arbitrary web script or HTML via the q parameter...

2.6CVSS5.8AI score0.00527EPSS

Exploits0References6

CVE•added 2006/04/21 10:0 a.m.•42 views

CVE-2006-1970

CVE-2006-1970 denotes a cross-site scripting (XSS) vulnerability in the classifieds/viewcat.cgi component of KCScripts Classifieds, distributed standalone and as part of Portal Pack 6.0 and earlier. The issue allows remote attackers to inject arbitrary web script or HTML via the cat_id parameter....

4.3CVSS5.7AI score0.00527EPSS

Exploits0References6Affected Software1

Cvelist•added 2006/04/21 10:0 a.m.•9 views

CVE-2006-1970

Cross-site scripting XSS vulnerability in classifieds/viewcat.cgi in KCScripts Classifieds, distributed individually and as part of Portal Pack 6.0 and earlier, allows remote attackers to inject arbitrary web script or HTML via the catid parameter...

5.7AI score0.00527EPSS

Exploits0References6

CVE•added 2006/04/21 10:0 a.m.•43 views

CVE-2006-1968

CVE-2006-1968 describes a cross-site scripting (XSS) vulnerability in KCScripts News Publisher (Portal Pack 6.0 and earlier) affecting the news/NsVisitor.cgi component. The issue arises from the sort_order parameter, allowing remote attackers to inject arbitrary web script or HTML. Public sources...

5.8CVSS5.7AI score0.008EPSS

Exploits0References6Affected Software2

Cvelist•added 2006/04/21 10:0 a.m.•11 views

CVE-2006-1968

Cross-site scripting XSS vulnerability in news/NsVisitor.cgi in KCScripts News Publisher, distributed individually and as part of Portal Pack 6.0 and earlier, allows remote attackers to inject arbitrary web script or HTML via the sortorder parameter...

5.7AI score0.008EPSS

Exploits0References6

securityvulns•added 2006/04/20 12:0 a.m.•27 views

Portal Pack 6 XSS vuln.

Portal Pack 6 XSS vuln. Vuln. discovered by : r0t Date: 20 april 2006 vendor:www.kcscripts.com/scripts/portal-pack.htm affected versions:6.0 and prior orginal advisoy: http://pridels.blogspot.com/2006/04/portal-pack-6-xss-vuln.html Vuln. Description: Portal Pack contains a flaws that allows a...

0.2AI score

Exploits0

Exploit DB•added 2006/04/20 12:0 a.m.•21 views

Portal Pack 6.0 - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/17628/info Portal Pack is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code executed i...

7.4AI score

Exploits0

canvas•added 2006/04/14 10:2 a.m.•33 views

Immunity Canvas: GROUPWISE_MESSENGER

Name| groupwisemessenger ---|--- CVE| CVE-2006-0992 Exploit Pack| CANVAS Description| Groupwise Messenger 2 Buffer Overflow Notes| CVE Name: CVE-2006-0992 VENDOR: Novell Repeatability: You get one shot Date public: 2006-04-13 CVE Url: https://vulners.com/cve/CVE-2006-0992 CVSS: 10.0...

10CVSS6.4AI score0.88808EPSS

Exploits12

Prion•added 2006/04/11 11:2 p.m.•13 views

Directory traversal

Multiple directory traversal vulnerabilities in Christian Kindahl TUGZip 3.4.0.0, 3.3.0.0, and 3.1.0.2 allow user-assisted attackers to create files in arbitrary directories via a .. dot dot in an archive pack with a crafted 1 .gz, 2 .jar, 3 .rar, or 4 .zip file...

5CVSS7.3AI score0.00688EPSS

Exploits1References5Affected Software1

NVD•added 2006/04/11 11:2 p.m.•6 views

CVE-2006-1715

5CVSS6.8AI score0.00688EPSS

Exploits1References5

CVE•added 2006/04/11 11:0 p.m.•47 views

CVE-2006-1715

The CVE-2006-1715 entry concerns Christian Kindahl TugZip (versions 3.4.0.0, 3.3.0.0, 3.1.0.2). The vulnerability arises in archive extraction where a dot-dot (..) path in a crafted archive pack (formats: .gz, .jar, .rar, or .zip) can lead to directory traversal, enabling a user‑assisted attacker...

5CVSS6.8AI score0.00688EPSS

Exploits1References5Affected Software1

Cvelist•added 2006/04/11 11:0 p.m.•13 views

CVE-2006-1715

6.8AI score0.00688EPSS

Exploits1References5

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by