Lucene search
K

151 matches found

myhack58
myhack58
added 2014/05/08 12:0 a.m.22 views

Struts2 then exposed S2-0 2 0 patch bypass vulnerability – evil regular expressions-vulnerability warning-the black bar safety net

4 on 2 to 4 November, the network exposed in the article“Security researchers noted that the Apache Struts2 vulnerability Bulletin S2-0 2 0, in process repair CVE-2 0 1 4-0 0 9 4 bug fixes program vulnerability exists, resulting patch is completely bypassed.” Affected products: Struts 2.0.0 –...

0.6AI score
Exploits0
seebug.org
seebug.org
added 2013/11/25 12:0 a.m.18 views

Destoon最新版本20131010补丁后,全版本继续注入

简要描述: Destoon最新版本20131010补丁后,全版本继续注入 详细说明: 问题出在api/js.php这个漏洞,这个星期工作忙,结果别人提交了,官方补丁都出来了。 下载补丁,发现官方的修复比较马虎,没有理解漏洞的本质,分分钟绕过再次注入。 建议官方好好思考一下这个漏洞产生的根本原因。 漏洞证明: stripsql过滤了union这个字符串,但是实际上是可以绕过的。 由于需要伪造referer,所以用php写的脚本进行漏洞利用,需要根据实际情况修改里面的路径。 POC里面host参数为域名,本机测试为localhost,ver参数为版本,里面写了3,4,5三个版本的利用代码。...

7.1AI score
Exploits0
myhack58
myhack58
added 2013/01/21 12:0 a.m.17 views

To bypass PHPCMS patch to continue injection-vulnerability warning-the black bar safety net

Vulnerability author: I want to get a shell Submission time: 2013-01-16 Disclosure time: 2013-01-21 Vulnerability type: SQL injection vulnerability Brief description: Inadvertently looked phpcms patch, just want to spit slot. In addition PHPCMS released a patch why not in the forum thank tick it,...

0.1AI score
Exploits0
ThreatPost
ThreatPost
added 2012/12/18 6:36 p.m.23 views

Cisco VoIP Hacker Urges Closer Look at Firmware Security Vulnerabilities

Ang Cui’s “Funtenna” is just the latest eye-opener into the security of embedded networked devices such as printers, VoIP phones, routers and other core, connected infrastructure. The Columbia University PhD candidate’s recent hack of a Cisco-branded VoIP phone demonstrates the risk posed by...

0.1AI score
Exploits0References2
Packet Storm
Packet Storm
added 2012/07/24 12:0 a.m.43 views

Symantec Web Gateway 5.0.3.18 LFI / Command Execution

!/usr/bin/python ''' The original patch for the Symantec Web Gateway 5.0.2 LFI vulnerability removed the /tmp/networkScript file but left the entry in /etc/sudoers, allowing us to simply recreate the file and obtain a root shell using a different LFI vulnerability. Timeline: 06 Jun 2012:...

7.2CVSS0.59287EPSS
Exploits2
Packet Storm
Packet Storm
added 2011/03/08 12:0 a.m.56 views

Majordomo2 Directory Traversal

-------------------------- NSOADV-2011-003 --------------------------- Majordomo2 'help' Command Directory Traversal Patch Bypass 111101111 11111 00110 00110001111 111111 01 01 1 11111011111111 11111 0 11 01 0 11 1 1 111011001 11111111101 1 11 0110111 1 1111101111 1001 0 1 10 11 0 10 11 1111111 1...

5CVSS0.2AI score0.85451EPSS
Exploits6
seebug.org
seebug.org
added 2007/04/02 12:0 a.m.48 views

MS Windows Animated Cursor (.ANI) Remote Exploit (eeye patch bypass)

No description provided by source. ..:: jamikazu presents ::.. Windows Animated Cursor Handling Exploit 0day Version3 Works on fully patched Windows Vista I think it is first real remote code execution exploit on vista = Tested on: Windows Vista Enterprise Version 6.0 Build 6000 default...

7.1AI score
Exploits0
0day.today
0day.today
added 2007/04/01 12:0 a.m.21 views

MS Windows Animated Cursor (.ANI) Remote Exploit (eeye patch bypass)

Exploit for unknown platform in category remote exploits ==================================================================== MS Windows Animated Cursor .ANI Remote Exploit eeye patch bypass ==================================================================== Windows Animated Cursor Handling...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2007/04/01 12:0 a.m.34 views

Microsoft Windows - Animated Cursor '.ani' Remote (eeye patch Bypass)

..:: jamikazu presents ::.. Windows Animated Cursor Handling Exploit 0day Version3 Works on fully patched Windows Vista I think it is first real remote code execution exploit on vista = Tested on: Windows Vista Enterprise Version 6.0 Build 6000 default installation and UAC enabled Windows Vista...

7AI score
Exploits0
exploitpack
exploitpack
added 2006/04/25 12:0 a.m.35 views

Fenice Oms 1.10 - GET Remote Buffer Overflow

Fenice Oms 1.10 - GET Remote Buffer Overflow / IHS Iran Homeland Security public source code Fenice - Open Media Streaming Server remote BOF exploit author : c0d3r "kaveh razavi" [email protected] package : fenice-1.10.tar.gz and prolly prior versions workaround : update after patch release...

0.3AI score
Exploits0
Friends Of PHP
Friends Of PHP
added 1970/01/01 12:0 a.m.32 views

CVE-2026-46626: SymfonyRuntime CVE-2024-50340 Patch Bypass: Web Requests Can Still Set APP_ENV/APP_DEBUG via parse_str/SAPI Argv Mismatch

More info at https://symfony.com/cve-2026-46626...

7.3CVSS5.8AI score0.63422EPSS
Exploits0Affected Software1
Rows per page
Query Builder