Lucene search
+L

8003 matches found

0day.today
0day.today
added 2011/01/09 12:0 a.m.28 views

Winamp 5.5.8 (in_mod plugin) Stack Overflow Exploit (SEH)

Exploit for windows platform in category local exploits !/usr/bin/python finally got time to finish what I started... Winamp 5.5.8.2985 inmod plugin Stack Overflow SEH WINDOWS XP SP3 EN Fully Patched Bug found by http://www.exploit-db.com/exploits/15248/ POC and Exploit by fdisk This POC was...

6.8AI score
Exploits0
exploitpack
exploitpack
added 2011/01/08 12:0 a.m.16 views

Winamp 5.5.8 (in_mod plugin) - Local Stack Overflow (SEH)

Winamp 5.5.8 inmod plugin - Local Stack Overflow SEH !/usr/bin/python finally got time to finish what I started... Winamp 5.5.8.2985 inmod plugin Stack Overflow SEH WINDOWS XP SP3 EN Fully Patched Bug found by http://www.exploit-db.com/exploits/15248/ POC and Exploit by @fdiskyou e-mail: rui at...

0.3AI score
Exploits0
CISA
CISA
added 2011/01/07 12:0 a.m.14 views

Microsoft Internet Explorer 8 use-after-free Vulnerability

US-CERT is aware of a vulnerability affecting Microsoft Internet Explorer 8. This vulnerability is due to improper handling of circular memory references. Exploitation of this vulnerability may allow an attacker to execute arbitrary code in the context of the user or cause a denial-of-service...

7.4AI score
Exploits0References2
Saint
Saint
added 2011/01/04 12:0 a.m.17 views

SQL injection authentication bypass

Added: 01/04/2011 Background Structured Query Language SQL is the most common language understood by modern relational databases. Problem A web program uses input parameters within an SQL query in an unsafe manner. This could allow a remote attacker to manipulate the authentication query via a...

1AI score
Exploits0
Packet Storm
Packet Storm
added 2010/12/24 12:0 a.m.22 views

MyBB 1.6 SQL Injection

================================= MyBB 1.6 /search.php POST /mybb/search.php action=dosearch&forums=2&keywords='+or+'a'+'a&postthread=1 = /private.php POST /mybb/private.php mypostkey=&keywords='+or+'a'+'a&quicksearch=Search+PMs&allbox=Check+All&fromfid=0&fid=4&jumpto=4&action=dostuff 6. SOLUTION...

0.2AI score
Exploits0
Zero Science Lab
Zero Science Lab
added 2010/12/06 12:0 a.m.35 views

MODx Revolution CMS 2.0.4-pl2 Remote XSS POST Injection Vulnerability

Summary MODx Revolution is a powerful PHP Content Management Framework that plays nicely with custom code and helps you build sites faster and maintain them with ease. With Revolution you'll leverage the best things to come around since MVC and Active Record. Description The MODx Revolution CMS...

6.1AI score
Exploits0
securityvulns
securityvulns
added 2010/12/01 12:0 a.m.42 views

Secunia Research: Winamp NSV Table of Contents Parsing Integer Overflow

====================================================================== Secunia Research 30/11/2010 - Winamp NSV Table of Contents Parsing Integer Overflow - ====================================================================== Table of Contents Affected...

9.3CVSS0.9AI score0.05539EPSS
Exploits0
Circl
Circl
added 2010/11/24 12:0 a.m.14 views

CVE-2010-4398

creationtimestamp| type| source ---|---|--- 2010-11-24 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/15609 2020-10-09 17:20:16+00:00| seen| MISP/d765ce80-c55a-4fd6-8a7e-242cca159458 2023-06-14 21:10:03+00:00| seen| MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123 2024-10-18...

7.8CVSS5.8AI score0.08661EPSS
Exploits2References5
OpenVAS
OpenVAS
added 2010/11/17 12:0 a.m.12 views

Perl MIME Boundary 'multipart_init' Unspecified Security Vulnerability

Perl is prone to an unspecified security vulnerability because the MIME part of the 'multipartinit' is not random. OpenVAS Vulnerability Test $Id: gbperlcgi44892.nasl 5323 2017-02-17 08:49:23Z teissa $ Perl MIME Boundary 'multipartinit' Unspecified Security Vulnerability Authors: Michael Meyer...

0.2AI score
Exploits0References2
Exploit DB
Exploit DB
added 2010/11/16 12:0 a.m.30 views

openEngine 2.0 100226 - Local File Inclusion / Cross-Site Scripting

SecPod Technologies www.secpod.com Title : openEngine Local File Inclusion and XSS Vulnerabilities Vendor : http://www.openengine.de Advisory : http://secpod.org/blog/?p=152 http://secpod.org/advisories/SECPODOpenengineLFIXSSVuln.txt Version : openEngine 2.0 100226; other versions may also be...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2010/11/16 12:0 a.m.26 views

openEngine 2.0 Cross Site Scripting / Local File Inclusion

SecPod Technologies www.secpod.com Title : openEngine Local File Inclusion and XSS Vulnerabilities Vendor : http://www.openengine.de Advisory : http://secpod.org/blog/?p=152 http://secpod.org/advisories/SECPODOpenengineLFIXSSVuln.txt Version : openEngine 2.0 100226; other versions may also be...

7.4AI score
Exploits0
OpenVAS
OpenVAS
added 2010/11/05 12:0 a.m.27 views

Bugzilla Response Splitting and Security Bypass Vulnerabilities

Bugzilla is prone to a response-splitting vulnerability and a security- bypass vulnerability. Successfully exploiting these issues may allow an attacker to bypass certain security restrictions; obtain sensitive information; and influence or misrepresent how web content is served, cached, or...

5CVSS6AI score0.02391EPSS
Exploits1References3
Packet Storm
Packet Storm
added 2010/10/22 12:0 a.m.25 views

Pecio CMS 2.0.5 Cross Site Scripting

Pecio Content Management System CMS v2.0.5 Cross-Site scripting Vulnerability SecPod Technologies www.secpod.com Author: Antu Sanadi SecPod ID: 1006 09/10/2010 Issue Discovered 09/21/2010 Vendor Notified 09/21/2010 Vendor Confirmed Solution not available. Class: Cross-Site Scripting Severity:...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2010/10/16 12:0 a.m.47 views

VUPEN Security Research - Microsoft Office Word Document Array Indexing Vulnerability (CVE-2010-2750)

VUPEN Security Research - Microsoft Office Word Document Array Indexing Vulnerability CVE-2010-2750 http://www.vupen.com/english/research.php I. BACKGROUND --------------------- Microsoft Office Word, included in the Microsoft Office suite, is a powerful authoring program that gives the ability t...

9.3CVSS7.5AI score0.20833EPSS
Exploits1
Exploit DB
Exploit DB
added 2010/10/09 12:0 a.m.48 views

Apple QuickTime (Mac OSX) - RTSP Content-Type Overflow (Metasploit)

$Id: quicktimertspcontenttype.rb 10617 2010-10-09 06:55:52Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

9.3CVSS6.6AI score0.41916EPSS
Exploits10
OpenVAS
OpenVAS
added 2010/09/29 12:0 a.m.14 views

phpMyFAQ 'index.php' Cross Site Scripting Vulnerability

phpMyFAQ is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to stea...

7AI score
Exploits0References3
Packet Storm
Packet Storm
added 2010/09/24 12:0 a.m.39 views

Motorito Cross Site Scripting / SQL Injection

============================================= INTERNET SECURITY AUDITORS ALERT 2010-005 - Original release date: March 30th, 2010 - Last revised: September 23th, 2010 - Discovered by: Mario Diaz Caldera - Severity: 5.5/10 CVSS Base Score ============================================= I...

Exploits0
OpenVAS
OpenVAS
added 2010/09/22 12:0 a.m.12 views

Syncrify Multiple Remote Security Bypass Vulnerabilities

Syncrify is prone to multiple remote security-bypass vulnerabilities. Exploiting these issues may allow a remote attacker to bypass certain security restrictions and perform unauthorized actions. Syncrify 2.1 Build 415 and prior are affected. OpenVAS Vulnerability Test $Id: gbsyncrify43333.nasl...

0.2AI score
Exploits0References3
OpenVAS
OpenVAS
added 2010/09/10 12:0 a.m.20 views

Apache Traffic Server Remote DNS Cache Poisoning Vulnerability

Apache Traffic Server is prone to a remote DNS cache-poisoning vulnerability. An attacker can exploit this issue to divert data from a legitimate site to an attacker-specified site. Successful exploits will allow the attacker to manipulate cache data, potentially facilitating man-in-the-middle,...

4.3CVSS0.6AI score0.02612EPSS
Exploits0References3
exploitpack
exploitpack
added 2010/09/10 12:0 a.m.46 views

Webkit (Apple Safari 4.1.25.0.2 Google Chrome 5.0.375.125) - Memory Corruption

Webkit Apple Safari 4.1.25.0.2 Google Chrome 5.0.375.125 - Memory Corruption TITLE: WEBKIT APPLE SAFARI 4.1.2/5.0.2 & GOOGLE CHROME 5.0.375.125 MEMORY CORRUPTION VULNERABILITY TESTED OS: WINDOWS XP SP3 SEVERITY: HIGH CVE-NUMBER: CVE-2010-1813 DISCOVERED DATE: 2010-06-29 FIXED DATE: GOOGLE CHROME...

6.8CVSS0.1AI score0.09691EPSS
Exploits4
Rows per page
Query Builder