Lucene search
K

8 matches found

Pen Test Partners Blog
Pen Test Partners Blog
added 2020/08/26 6:46 a.m.32 views

A Vulnerability Disclosure Program is not just a page on a web site

It’s great to see an increasing number of organisations starting down the path of a Vulnerability Disclosure Program or ‘VDP,’ but it increasingly strikes me that these are ‘check box’ exercises rather than a genuine desire to interact positively with researchers and improve security. A VDP is a...

6.5AI score
Exploits0
Packet Storm
Packet Storm
added 2011/01/21 12:0 a.m.30 views

SplashID 5.5 / SplashID Lite 4.6 For iPhone Password Caching Issue

I submitted this vulnerability report about the password database SplashID to cert.org in early November 2010. CERT bounced it back saying they were too busy. No big deal, so I sent it to the product's vendor, SplashData, on 11/5/2010. I worked with SplashData for a few weeks to help them...

7.4AI score
Exploits0
CISA
CISA
added 2010/04/13 12:0 a.m.14 views

Sun Java Deployment Toolkit Plugin and ActiveX Control Vulnerability

The Sun Java Development Toolkit plugin and ActiveX control contain a vulnerability. This vulnerability is due to insufficient argument validation. By convincing a user to visit a specially crafted HTML document, an attacker may be able to exploit this vulnerability and execute an arbitrary JAR...

6.7AI score
Exploits0References1
seebug.org
seebug.org
added 2007/03/12 12:0 a.m.21 views

HC Newssystem 1.0-1.4 (index.php ID) Remote SQL Injection Vulnerability

No description provided by source. HC NEWSSYSTEM 1.0-4 index.php "ID" Blind SQL Injection Type : SQL Injection Release Date : 2007-03-08 Product / Vendor : HC Design News Publisher. http://www.hcdesign.at/demo Bug : http://localhost/script/index.php?option=news&aktion=komm&ID=-SQL Inj.- SQL Inj...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2007/03/10 12:0 a.m.14 views

HC Newssystem 1.0-1.4 - index.php?ID SQL Injection

HC Newssystem 1.0-1.4 - index.php?ID SQL Injection HC NEWSSYSTEM 1.0-4 index.php "ID" Blind SQL Injection Type : SQL Injection Release Date : 2007-03-08 Product / Vendor : HC Design News Publisher. http://www.hcdesign.at/demo Bug : http://localhost/script/index.php?option=news&aktion=komm&ID=-SQL...

Exploits0
securityvulns
securityvulns
added 2006/06/15 12:0 a.m.36 views

TikiWiki Sql injection & XSS Vulnerabilities

---------------------------------------------------------------- Security Advisory ^ http://securitynews.ir/ Advisory Title: TikiWiki Sql injection & XSS Vulnerabilities @ Author : bug @ securitynews.ir $ Product Vendor : http://tikiwiki.org/ . Affected Versions : 1.9.3.2 and maybe before / Relea...

0.5AI score
Exploits0
Saint
Saint
added 2006/03/13 12:0 a.m.48 views

phpRPC decode function command execution

Added: 03/13/2006 CVE: CVE-2006-1032 BID: 16833 OSVDB: 23514 Background phpRPC is an xmlrpc library written in PHP supporting most databases. Problem A vulnerability in the decode function allows a remote attacker to execute arbitrary PHP commands placed inside a tag. Resolution phpRPC is no long...

7.5CVSS7.4AI score0.03484EPSS
Exploits6
Saint
Saint
added 2006/03/13 12:0 a.m.45 views

phpRPC decode function command execution

Added: 03/13/2006 CVE: CVE-2006-1032 BID: 16833 OSVDB: 23514 Background phpRPC is an xmlrpc library written in PHP supporting most databases. Problem A vulnerability in the decode function allows a remote attacker to execute arbitrary PHP commands placed inside a tag. Resolution phpRPC is no long...

7.5CVSS7.4AI score0.03484EPSS
Exploits6
Rows per page
Query Builder