Lucene search
K

63 matches found

myhack58
myhack58
added 2019/03/06 12:0 a.m.146 views

CVE-2019-5786: chrome in the wild exploit 0day vulnerability alerts-a vulnerability alert-the black bar safety net

! 0x00 vulnerability background Beijing 3 month 6 days, 360CERT monitoring to chrome release version update72.0.3626.119-72.0.3626.121, fixes in the wild using CVE-2019-5786。 The vulnerability to harm is more serious, a greater impact. 0x01 vulnerability details CVE-2019-5786 is located on the...

6.8AI score0.61537EPSS
Exploits10
myhack58
myhack58
added 2018/12/13 12:0 a.m.129 views

phpMyAdmin released a security update to fix 3 vulnerabilities-vulnerability warning-the black bar safety net

phpMyAdmin release new versions that fix multiple security vulnerabilities phpMyAdmin released yesterday the new version 4. 8. 4, fixes multiple security vulnerabilities. Previous, 12 on 9, phpMyAdmin official has released the update notice, to remind the user to 11, afternoon to evening for...

0.7AI score0.03254EPSS
Exploits0
myhack58
myhack58
added 2018/11/25 12:0 a.m.122 views

WordPress Plugin Quizlord 2.0 XSS vulnerability reproduction and analysis-vulnerability warning-the black bar safety net

WordPress is a PHP language development blog platform, users can support PHP and MySQL database server set up your own website. You can also put WordPress as a CMS to use. WordPress often broke loopholes is it the plug-in there Security. Vulnerability reproduction First build worepress, my versio...

7.2AI score
Exploits0
Node.js
Node.js
added 2017/07/07 4:40 p.m.49 views

Directory Traversal

Overview Affected versions of quickserver resolve relative file paths, resulting in a directory traversal vulnerability. A malicious actor can use this vulnerability to access files outside of the intended directory root, which may result in the disclosure of private files on the vulnerable syste...

5CVSS4.4AI score0.02005EPSS
Exploits1Affected Software1
0day.today
0day.today
added 2017/01/23 12:0 a.m.66 views

Oracle PeopleSoft HCM 9.2 Cross Site Scripting Vulnerability

Exploit for windows platform in category local exploits Application: Oracle PeopleSoft Vendor: Oracle Bugs: XXS Reported: 31.10.2016 Vendor response: 1.11.2016 Date of Public Advisory: 17.01.2017 Reference: Oracle CPU Jan 2017 Authors: Vahagn Vardanyan, Dmitry Yudin 1. ADVISORY INFORMATION Title:...

5.8CVSS6.7AI score0.01606EPSS
Exploits2
Zero Science Lab
Zero Science Lab
added 2016/07/19 12:0 a.m.438 views

Wowza Streaming Engine 4.5.0 Remote Privilege Escalation Exploit

Summary Wowza Streaming Engine is robust, customizable, and scalable server software that powers reliable video and audio streaming to any device. Learn the benefits of using Wowza Streaming Engine to deliver high-quality live and on-demand video content to any device. Description The application...

8.8CVSS5.8AI score0.00209EPSS
Exploits2
seebug.org
seebug.org
added 2016/07/19 12:0 a.m.31 views

httpoxy Remote Agent infection vulnerability

Vulnerability details and summary from the A. Foreword httpoxy is a newly exposed vulnerability is mainly present in apache and other components in the HTTP header of the Proxy Field name is converted to“HTTPPROXY”, Value value is unchanged, and thus will be passed to the corresponding CGI to...

6.9AI score
Exploits0
Hacker One
Hacker One
added 2016/04/25 11:39 a.m.77 views

LocalTapiola: Content Spoofing or Text Injection (404 error page injection on yrityspalvelu)

Vulnerability Description: Application allows users to inject any content on the 404 not found webpage Vulnerable Location: https://yrityspalvelu.tapiola.fi/a1/has%20been%20changed%20by%20a%20new%20one%20https://www.attacker.com%20so%20go%20to%20the%20new%20one%20since%20this%20one Fix : just use...

1.2AI score
Exploits0
seebug.org
seebug.org
added 2015/07/02 12:0 a.m.155 views

Linux glibc 缓冲区溢出 (幽灵(Ghost))

近日国外安全研究人员披露一个在 Linux Glibc 库上发现的严重的安全问题,它可以让攻击者在本地或者远程获取操作系统的控制权限,编号为CVE-2015-0235,命名为幽灵(GHOST)漏洞。什么是GHOST?为什么命名为GHOST?漏洞最早起源于:The first vulnerable version of the GNU C Library is glibc-2.2, released on November 10, 2000.“During a code audit performed internally at Qualys, we discovered a buffer...

10CVSS7.5AI score0.94859EPSS
Exploits29
exploitpack
exploitpack
added 2014/12/15 12:0 a.m.56 views

phpMyAdmin 4.0.x4.1.x4.2.x - Denial of Service

phpMyAdmin 4.0.x4.1.x4.2.x - Denial of Service ============= DESCRIPTION: ============= A vulnerability present in in phpMyAdmin 4.0.x before 4.0.10.7, 4.1. x before 4.1.14.8, and 4.2.x before 4.2.13.1 allows remote attackers to cause a denial of service resource consumption via a long password...

5CVSS8AI score0.11055EPSS
Exploits4
Packet Storm
Packet Storm
added 2013/11/25 12:0 a.m.27 views

Tapuz Flix Password Bypass

Advisory: Tapuz - Flix Password ByPass Vendor URL: http://www.tapuz.co.il Author: Liad Mizrachi Status: Not Fixed ========================== Vulnerability Description ========================== Flix is 'Tapuz' video streaming service allowing users to upload their video and share it with others, ...

0.1AI score
Exploits0
Nmap
Nmap
added 2013/10/31 4:4 a.m.1597 views

http-iis-short-name-brute NSE Script

Attempts to brute force the 8.3 filenames commonly known as short names of files and directories in the root folder of vulnerable IIS servers. This script is an implementation of the PoC "iis shortname scanner". The script uses ,? and to bruteforce the short name of files present in the IIS...

10CVSS9.1AI score0.99448EPSS
Exploits33
OpenVAS
OpenVAS
added 2013/05/24 12:0 a.m.29 views

Google Chrome Multiple Vulnerabilities-01 May13 (Windows)

The host is installed with Google Chrome and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbgooglechromemultvuln01may13win.nasl 6086 2017-05-09 09:03:30Z teissa $ Google Chrome Multiple Vulnerabilities-01 May13 Windows Authors: Antu Sanadi Copyright: Copyright c 2013...

7.5CVSS0.5AI score0.11999EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2012/07/04 12:0 a.m.42 views

Google Chrome Multiple Vulnerabilities - July 12 (Windows)

This host is installed with Google Chrome and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbgooglechromemultvulnjul12win.nasl 5988 2017-04-20 09:02:29Z teissa $ Google Chrome Multiple Vulnerabilities - July 12 Windows Authors: Rachana Shetty Copyright: Copyright c 2012...

9.3CVSS0.9AI score0.02123EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2012/07/04 12:0 a.m.25 views

Google Chrome Multiple Vulnerabilities - July 12 (Linux)

This host is installed with Google Chrome and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbgooglechromemultvulnjul12lin.nasl 5963 2017-04-18 09:02:14Z teissa $ Google Chrome Multiple Vulnerabilities - July 12 Linux Authors: Rachana Shetty Copyright: Copyright c 2012...

9.3CVSS0.8AI score0.02123EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2012/05/17 12:0 a.m.29 views

Google Chrome Multiple Vulnerabilities - May 12 (Linux)

This host is installed with Google Chrome and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbgooglechromemultvulnmay12lin.nasl 5912 2017-04-10 09:01:51Z teissa $ Google Chrome Multiple Vulnerabilities - May 12 Linux Authors: Madhuri D Copyright: Copyright c 2012 Greenbone...

10CVSS0.9AI score0.03344EPSS
Exploits0References3
Packet Storm
Packet Storm
added 2011/11/17 12:0 a.m.55 views

Tiki Wiki CMS Groupware Cross Site Scripting

Advisory: Tiki Wiki CMS Groupware Multiple XSS vulnerabilities Advisory ID: INFOSERVE-ADV2011-01 Author: Stefan Schurtz Contact: [email protected] Affected Software: Successfully tested on Tiki 7.2 & 8.0 RC1 Vendor URL: http://info.tiki.org/ Vendor Status: fixed for Tiki 7 New Tiki 6 LTS...

0.00949EPSS
Exploits3
Zero Science Lab
Zero Science Lab
added 2011/07/25 12:0 a.m.16 views

Online Grades 3.2.5 Multiple XSS Vulnerabilities

Summary Online Grades is the leading free-software project that allows K-12+ student grades attendance information to be posted onto a dynamic web site. Description Online Grades suffers from multiple cross-site scripting vulns. The issue is triggered when input passed via multiple parameters to...

5.9AI score
Exploits0
0day.today
0day.today
added 2011/04/05 12:0 a.m.31 views

ZO Tech Multiple Print Servers Cross-site Scripting Vulnerability

Exploit for hardware platform in category web applications GotGeek Labs http://www.gotgeek.com.br/ ZO Tech Multiple Print Servers Cross-site Scripting Vulnerability + Description 1 PA101 Fast Parallel Port Print Server 2 PU201 Fast USB Print Server 3 PA301 Parallel Port Print Server 4 PS531 USB &...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2009/06/19 12:0 a.m.32 views

PHP 5.2.10 safe_mode Bypass

PHP safemode bypass with exec/system/passthru Once again php public new version :php5.2.10 ,and it fix lots of bugs, like this : Bug 45997safemode bypass with exec/system/passthru incorrect fix php5.2.10 ... b = strrchrcmd, PHPDIRSEPARATOR; ifdef PHPWIN32 if b && b == '\' && b == cmd...

7.4AI score
Exploits0
Rows per page
Query Builder