Lucene search
+L

8003 matches found

CERT
CERT
added 2011/05/31 12:0 a.m.18 views

HP LoadRunner buffer overflow vulnerability

Overview HP LoadRunner contains a buffer overflow vulnerability when parsing Virtual User script files. Description According to HP's website: HP LoadRunner software is the industry standard for performance validation. It allows you to prevent application performance problems by detecting...

7.7AI score
Exploits0References1
CERT
CERT
added 2011/05/31 12:0 a.m.39 views

Imperva SecureSphere management GUI contains an XSS vulnerability

Overview An XSS vulnerability exists in the Imperva SecureSphere management GUI. Description Dell SecureWorks' SWRX-2011-001 advisory states:"A vulnerability exists in Imperva SecureSphere due to improper validation of user-controlled input. User-controllable input is not properly sanitized for...

4.3CVSS5.9AI score0.01248EPSS
Exploits0References3
FreeBSD
FreeBSD
added 2011/04/27 12:0 a.m.43 views

ejabberd -- remote denial of service vulnerability

It's reported in CVE advisory that: expaterl.c in ejabberd before 2.1.7 and 3.x before 3.0.0-alpha-3, and exmpp before 0.9.7, does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service memory and CPU consumption via a crafted XML documen...

9.3CVSS6.8AI score0.02125EPSS
Exploits0References1
Metasploit
Metasploit
added 2011/04/08 2:6 p.m.16 views

ManageEngine Applications Manager Authenticated Code Execution

This module logs into the Manage Engine Applications Manager to upload a payload to the file system and a batch script that executes the payload. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule...

7.1AI score
Exploits0
Zero Science Lab
Zero Science Lab
added 2011/04/06 12:0 a.m.36 views

Anfibia Reactor 2.1.1 (login.do) Remote XSS POST Injection Vulnerability

Summary Fast web-based server monitoring. Keep an eye on servers, connections, databases, cpu, hard drives and more! Description The Anfibia Reactor JS service suffers from a XSS vulnerability when parsing user input to the 'email' parameter via POST method in 'reactor/login.do' script at the...

6.1AI score
Exploits0
RedHat Linux
RedHat Linux
added 2011/04/04 8:1 p.m.5 views

glibc: fnmatch() alloca()-based memory corruption flaw

The GNU C Library aka glibc or libc6 before 2.12.2 and Embedded GLIBC EGLIBC allow context-dependent attackers to execute arbitrary code or cause a denial of service memory consumption via a long UTF8 string that is used in an fnmatch call, aka a "stack extension attack," a related issue to...

5.1CVSS6.5AI score0.14323EPSS
Exploits1References4
Packet Storm
Packet Storm
added 2011/04/04 12:0 a.m.32 views

Planex Mini-300PU / Mini100s Cross Site Scripting

GotGeek Labs http://www.gotgeek.com.br/ Planex Mini-300PU & Mini100s Cross-site Scripting Vulnerability + Description Mini-300PU: The PLANEX Mini-300PU is the greatest network printing solution to both USB and Parallel printer ports. It provides 2 USB 2.0 and 1 Parallel printer ports, which can...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2011/04/04 12:0 a.m.35 views

ZO Tech Multiple Print Server Cross Site Scripting

GotGeek Labs http://www.gotgeek.com.br/ ZO Tech Multiple Print Servers Cross-site Scripting Vulnerability + Description 1 PA101 Fast Parallel Port Print Server 2 PU201 Fast USB Print Server 3 PA301 Parallel Port Print Server 4 PS531 USB & Parallel Print Server + Information Title: ZO Tech Multipl...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2011/04/04 12:0 a.m.22 views

ZO Tech Multiple Print Servers - Cross-Site Scripting

ZO Tech Multiple Print Servers - Cross-Site Scripting GotGeek Labs http://www.gotgeek.com.br/ ZO Tech Multiple Print Servers Cross-site Scripting Vulnerability + Description 1 PA101 Fast Parallel Port Print Server 2 PU201 Fast USB Print Server 3 PA301 Parallel Port Print Server 4 PS531 USB &...

6.8AI score
Exploits0
exploitpack
exploitpack
added 2011/04/04 12:0 a.m.19 views

Planet FPS-1101 - Cross-Site Scripting

Planet FPS-1101 - Cross-Site Scripting GotGeek Labs http://www.gotgeek.com.br/ Planet FPS-1101 Cross-site Scripting Vulnerability + Description Equipped with the Parallel printing interfaces, the FPS-1101 makes your printer available be shared in most popular network environment. With the embedde...

6.8AI score
Exploits0
Packet Storm
Packet Storm
added 2011/04/04 12:0 a.m.29 views

Planet FPS-1101 Cross Site Scripting

GotGeek Labs http://www.gotgeek.com.br/ Planet FPS-1101 Cross-site Scripting Vulnerability + Description Equipped with the Parallel printing interfaces, the FPS-1101 makes your printer available be shared in most popular network environment. With the embedded web server, the FPS-1101 is...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2011/03/31 12:0 a.m.67 views

'Andy's PHP Knowledgebase' SQL Injection Vulnerability (CVE-2011-1546)

'Andy's PHP Knowledgebase' SQL Injection Vulnerability CVE-2011-1546 Mark Stanislav - [email protected] I. DESCRIPTION --------------------------------------- A vulnerability exists in aviewusers.php allowing for SQL injection of the 's' query parameter. II. TESTED VERSION...

7.5CVSS7.5AI score0.01991EPSS
Exploits6
0day.today
0day.today
added 2011/03/29 12:0 a.m.22 views

webEdition CMS Local File Inclusion Vulnerability

Exploit for php platform in category web applications Software: webEdition CMS 6.1.0.2 Vendor: http://www.webedition.org Vuln Type: Local File Inclusion Download link: http://sourceforge.net/projects/webedition/files/webEdition/6.1.0.2/webEdition6102.tar.gz/download Author: eidelweiss contact:...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2011/03/27 12:0 a.m.37 views

McAfee Cross Site Scripting / Information Disclosure

Vulnerabilities in McAfee.com 1. VULNERABILITY DESCRIPTION - Cross Site Scripting http://download.mcafee.com/products/webhelp/4/1033/javascript:top.location.replace'attacker.in' - Information Disclosure Internal Hostname: http://www.mcafee.com/js/omniture/omnitureprofile.js $ ruby host-extract.rb...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2011/03/08 12:0 a.m.19 views

Icinga 1.3.0 / 1.2.1 Cross Site Scripting

Advisory: Cross-Site Scripting vulnerabilities in Icinga Advisory ID: SSCHADV2011-001 Author: Stefan Schurtz Affected Software: Successfully tested on: icinga-1.3.0 / icinga-1.2.1 Vendor URL: http://www.icinga.org Vendor Status: fixed csv export link to make it XSS save IE 1275 CVE-ID: -...

7.4AI score
Exploits0
Zero Science Lab
Zero Science Lab
added 2011/02/17 12:0 a.m.21 views

GAzie 5.10 (Login parameter) Multiple Remote Vulnerabilities

Summary GAzie is a multi-company management program ERP that runs on Apache web server with support for PHP and Mysql database. Open Source web-based application for small and medium enterprises. Description GAzie is prone to a cross-site scripting and an SQL Injection vulnerability because it...

6AI score
Exploits0
exploitpack
exploitpack
added 2011/02/10 12:0 a.m.13 views

LocatePC 1.05 (Ligatt Version + Others) - SQL Injection

LocatePC 1.05 Ligatt Version + Others - SQL Injection Affected Software: LocatePC 1.05 Consequences: Arbitrary SELECT queries against the LocatePC and "mysql" database. The LocatePC database contains enough information to stalk all users of the software. It may be possible to instruct the softwar...

8.6AI score
Exploits0
OpenVAS
OpenVAS
added 2011/02/01 12:0 a.m.36 views

Microsoft Internet Explorer 'ReleaseInterface()' Remote Code Execution Vulnerability

This host is installed with Internet Explorer and is prone to remote code execution vulnerability. This NVT has been replaced by NVT secpodms11-018.nasl OID:1.3.6.1.4.1.25623.1.0.900278. OpenVAS Vulnerability Test $Id: gbmsiereleaseinterfacecodeexecutionvuln.nasl 6526 2017-07-05 05:43:52Z cfische...

9.3CVSS0.3AI score0.31016EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2011/02/01 12:0 a.m.20 views

Microsoft Internet Explorer 'ReleaseInterface()' RCE Vulnerability

Internet Explorer is prone to a remote code execution RCE vulnerability. This VT has been deprecated and replaced by the VT with the OID: 1.3.6.1.4.1.25623.1.0.900278. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright ...

9.3CVSS8.4AI score0.31016EPSS
Exploits0References5
Zero Science Lab
Zero Science Lab
added 2011/01/22 12:0 a.m.67 views

CultBooking 2.0.4 (cultbooking.php) Multiple XSS/PD Vulnerabilities

Summary Open source hotel booking system Internet Booking Engine IBE. Via a central api called CultSwitch it is possible to make bookings and set the actual availabilities in the hotels pms. This is easy to install and easy to integrate with full support. Description CultBooking Hotel Booking...

6.2AI score
Exploits0
Rows per page
Query Builder