8003 matches found
Winamp 5.5.8 (in_mod plugin) Stack Overflow Exploit (SEH)
Exploit for windows platform in category local exploits !/usr/bin/python finally got time to finish what I started... Winamp 5.5.8.2985 inmod plugin Stack Overflow SEH WINDOWS XP SP3 EN Fully Patched Bug found by http://www.exploit-db.com/exploits/15248/ POC and Exploit by fdisk This POC was...
Winamp 5.5.8 (in_mod plugin) - Local Stack Overflow (SEH)
Winamp 5.5.8 inmod plugin - Local Stack Overflow SEH !/usr/bin/python finally got time to finish what I started... Winamp 5.5.8.2985 inmod plugin Stack Overflow SEH WINDOWS XP SP3 EN Fully Patched Bug found by http://www.exploit-db.com/exploits/15248/ POC and Exploit by @fdiskyou e-mail: rui at...
Microsoft Internet Explorer 8 use-after-free Vulnerability
US-CERT is aware of a vulnerability affecting Microsoft Internet Explorer 8. This vulnerability is due to improper handling of circular memory references. Exploitation of this vulnerability may allow an attacker to execute arbitrary code in the context of the user or cause a denial-of-service...
SQL injection authentication bypass
Added: 01/04/2011 Background Structured Query Language SQL is the most common language understood by modern relational databases. Problem A web program uses input parameters within an SQL query in an unsafe manner. This could allow a remote attacker to manipulate the authentication query via a...
MyBB 1.6 SQL Injection
================================= MyBB 1.6 /search.php POST /mybb/search.php action=dosearch&forums=2&keywords='+or+'a'+'a&postthread=1 = /private.php POST /mybb/private.php mypostkey=&keywords='+or+'a'+'a&quicksearch=Search+PMs&allbox=Check+All&fromfid=0&fid=4&jumpto=4&action=dostuff 6. SOLUTION...
MODx Revolution CMS 2.0.4-pl2 Remote XSS POST Injection Vulnerability
Summary MODx Revolution is a powerful PHP Content Management Framework that plays nicely with custom code and helps you build sites faster and maintain them with ease. With Revolution you'll leverage the best things to come around since MVC and Active Record. Description The MODx Revolution CMS...
Secunia Research: Winamp NSV Table of Contents Parsing Integer Overflow
====================================================================== Secunia Research 30/11/2010 - Winamp NSV Table of Contents Parsing Integer Overflow - ====================================================================== Table of Contents Affected...
CVE-2010-4398
creationtimestamp| type| source ---|---|--- 2010-11-24 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/15609 2020-10-09 17:20:16+00:00| seen| MISP/d765ce80-c55a-4fd6-8a7e-242cca159458 2023-06-14 21:10:03+00:00| seen| MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123 2024-10-18...
Perl MIME Boundary 'multipart_init' Unspecified Security Vulnerability
Perl is prone to an unspecified security vulnerability because the MIME part of the 'multipartinit' is not random. OpenVAS Vulnerability Test $Id: gbperlcgi44892.nasl 5323 2017-02-17 08:49:23Z teissa $ Perl MIME Boundary 'multipartinit' Unspecified Security Vulnerability Authors: Michael Meyer...
openEngine 2.0 100226 - Local File Inclusion / Cross-Site Scripting
SecPod Technologies www.secpod.com Title : openEngine Local File Inclusion and XSS Vulnerabilities Vendor : http://www.openengine.de Advisory : http://secpod.org/blog/?p=152 http://secpod.org/advisories/SECPODOpenengineLFIXSSVuln.txt Version : openEngine 2.0 100226; other versions may also be...
openEngine 2.0 Cross Site Scripting / Local File Inclusion
SecPod Technologies www.secpod.com Title : openEngine Local File Inclusion and XSS Vulnerabilities Vendor : http://www.openengine.de Advisory : http://secpod.org/blog/?p=152 http://secpod.org/advisories/SECPODOpenengineLFIXSSVuln.txt Version : openEngine 2.0 100226; other versions may also be...
Bugzilla Response Splitting and Security Bypass Vulnerabilities
Bugzilla is prone to a response-splitting vulnerability and a security- bypass vulnerability. Successfully exploiting these issues may allow an attacker to bypass certain security restrictions; obtain sensitive information; and influence or misrepresent how web content is served, cached, or...
Pecio CMS 2.0.5 Cross Site Scripting
Pecio Content Management System CMS v2.0.5 Cross-Site scripting Vulnerability SecPod Technologies www.secpod.com Author: Antu Sanadi SecPod ID: 1006 09/10/2010 Issue Discovered 09/21/2010 Vendor Notified 09/21/2010 Vendor Confirmed Solution not available. Class: Cross-Site Scripting Severity:...
VUPEN Security Research - Microsoft Office Word Document Array Indexing Vulnerability (CVE-2010-2750)
VUPEN Security Research - Microsoft Office Word Document Array Indexing Vulnerability CVE-2010-2750 http://www.vupen.com/english/research.php I. BACKGROUND --------------------- Microsoft Office Word, included in the Microsoft Office suite, is a powerful authoring program that gives the ability t...
Apple QuickTime (Mac OSX) - RTSP Content-Type Overflow (Metasploit)
$Id: quicktimertspcontenttype.rb 10617 2010-10-09 06:55:52Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
phpMyFAQ 'index.php' Cross Site Scripting Vulnerability
phpMyFAQ is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to stea...
Motorito Cross Site Scripting / SQL Injection
============================================= INTERNET SECURITY AUDITORS ALERT 2010-005 - Original release date: March 30th, 2010 - Last revised: September 23th, 2010 - Discovered by: Mario Diaz Caldera - Severity: 5.5/10 CVSS Base Score ============================================= I...
Syncrify Multiple Remote Security Bypass Vulnerabilities
Syncrify is prone to multiple remote security-bypass vulnerabilities. Exploiting these issues may allow a remote attacker to bypass certain security restrictions and perform unauthorized actions. Syncrify 2.1 Build 415 and prior are affected. OpenVAS Vulnerability Test $Id: gbsyncrify43333.nasl...
Apache Traffic Server Remote DNS Cache Poisoning Vulnerability
Apache Traffic Server is prone to a remote DNS cache-poisoning vulnerability. An attacker can exploit this issue to divert data from a legitimate site to an attacker-specified site. Successful exploits will allow the attacker to manipulate cache data, potentially facilitating man-in-the-middle,...
Webkit (Apple Safari 4.1.25.0.2 Google Chrome 5.0.375.125) - Memory Corruption
Webkit Apple Safari 4.1.25.0.2 Google Chrome 5.0.375.125 - Memory Corruption TITLE: WEBKIT APPLE SAFARI 4.1.2/5.0.2 & GOOGLE CHROME 5.0.375.125 MEMORY CORRUPTION VULNERABILITY TESTED OS: WINDOWS XP SP3 SEVERITY: HIGH CVE-NUMBER: CVE-2010-1813 DISCOVERED DATE: 2010-06-29 FIXED DATE: GOOGLE CHROME...