Lucene search
+L

196 matches found

securityvulns
securityvulns
added 2010/11/24 12:0 a.m.20 views

Juniper VPN client unauthorized access

It's possible to execute Internet Explorer with System rights before authentication via remote session...

4.5AI score
Exploits0References1
OpenVAS
OpenVAS
added 2010/03/12 12:0 a.m.28 views

Mandriva Update for openssh MDVA-2010:090 (openssh)

Check for the Version of openssh OpenVAS Vulnerability Test Mandriva Update for openssh MDVA-2010:090 openssh Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...

4.4CVSS5.4AI score0.00522EPSS
Exploits1References2
seebug.org
seebug.org
added 2009/10/03 12:0 a.m.18 views

FlatPress 0.804-0.812.1 Local File Inclusion to Remote Command Execution vulnerability exploit

No description provided by source. ?php / Author: Giuseppe Zmax Fuggiano giuseppedotfuggianoatgmaildotcom Description: FlatPress 0.804-0.812.1 Local File Inclusion to Remote Command Execution vulnerability exploit fp-includes/core/core.users.php. This code posts a crafted comment with a very simp...

7.1AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2009/06/22 2:30 p.m.3 views

CVE-2009-2150

Multiple cross-site request forgery CSRF vulnerabilities in Campus Virtual-LMS allow 1 remote attackers to hijack the authentication of arbitrary users for requests that terminate a session via login/logout.php, and might allow remote attackers to hijack the authentication of certain users via a ...

6.8CVSS5.6AI score0.00891EPSS
Exploits0References2
securityvulns
securityvulns
added 2009/05/12 12:0 a.m.57 views

[oCERT-2009-004] AjaxTerm session id collision

2009-004 AjaxTerm session id collision Description: AjaxTerm, an open source web based terminal, uses a form of random session id generation which can lead to remote session hijacking. The ajaxterm.js script allocates session ids on the client side using the following method: var...

7.2AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2009/01/22 11:30 p.m.5 views

CVE-2009-0256

Session fixation vulnerability in the authentication library in TYPO3 4.0.0 through 4.0.9, 4.1.0 through 4.1.7, and 4.2.0 through 4.2.3 allows remote attackers to hijack web sessions via unspecified vectors related to 1 frontend and 2 backend authentication...

7.5CVSS5.5AI score0.01793EPSS
Exploits0References8
Packet Storm
Packet Storm
added 2008/10/15 12:0 a.m.21 views

phpwebgallery-hijackexec.txt

$b'.$sort.';' 64. ; An attacker could be able to inject and execute PHP code through $GET'sort', that is passed to createfunction at line 63 see http://www.securityfocus.com/bid/31398. Only admin can access to the plugins management interface, but the attacker might be able to retrieve a valid...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2008/10/14 12:0 a.m.6 views

PHPWebGallery 1.7.2 - Session Hijacking Code Execution

PHPWebGallery 1.7.2 - Session Hijacking Code Execution $b'.$sort.';' 64. ; An attacker could be able to inject and execute PHP code through $GET'sort', that is passed to createfunction at line 63 see https://www.securityfocus.com/bid/31398. Only admin can access to the plugins management interfac...

1AI score
Exploits0
Exploit DB
Exploit DB
added 2008/10/14 12:0 a.m.24 views

PHPWebGallery 1.7.2 - Session Hijacking / Code Execution

$b'.$sort.';' 64. ; An attacker could be able to inject and execute PHP code through $GET'sort', that is passed to createfunction at line 63 see https://www.securityfocus.com/bid/31398. Only admin can access to the plugins management interface, but the attacker might be able to retrieve a valid...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2008/05/15 12:0 a.m.1685 views

Debian OpenSSH/OpenSSL Package Random Number Generator Weakness (SSL check)

The remote x509 certificate on the remote SSL server has been generated on a Debian or Ubuntu system which contains a bug in the random number generator of its OpenSSL library. The problem is due to a Debian packager removing nearly all sources of entropy in the remote version of OpenSSL. An...

7.8CVSS6.5AI score0.70721EPSS
Exploits8References3
exploitpack
exploitpack
added 2007/03/18 12:0 a.m.18 views

Moodle 1.5.2 - moodledata Remote Session Disclosure

Moodle 1.5.2 - moodledata Remote Session Disclosure --/ INTRODUCTION -- / Advisory : MOODLE 2KB SESSION|O:6:"object":12:s:12:"sessiontest";s:10:"zN0PiMhwWK";s:8:"encoding"; s:10:"iso-8859-1";s:7:"fromurl";s:69:"http://www.TARGET.com/moodle/mod/forum/...

Exploits0
Exploit DB
Exploit DB
added 2007/03/18 12:0 a.m.35 views

Moodle 1.5.2 - 'moodledata' Remote Session Disclosure

--/ INTRODUCTION -- / Advisory : MOODLE 2KB SESSION|O:6:"object":12:s:12:"sessiontest";s:10:"zN0PiMhwWK";s:8:"encoding"; s:10:"iso-8859-1";s:7:"fromurl";s:69:"http://www.TARGET.com/moodle/mod/forum/ view.php?id=100";s:10:"logincount";i:1;s:18:"calcoursereferer";i:0;s:15:"cal...

7.4AI score
Exploits0
0day.today
0day.today
added 2007/03/18 12:0 a.m.67 views

Moodle <= 1.5.2 (moodledata) Remote Session Disclosure Vulnerability

Exploit for unknown platform in category web applications ==================================================================== Moodle 2KB SESSION|O:6:"object":12:s:12:"sessiontest...

7.1AI score
Exploits0
NVD
NVD
added 2004/12/31 5:0 a.m.21 views

CVE-2004-2182

Session fixation vulnerability in Macromedia JRun 4.0 allows remote attackers to hijack user sessions by pre-setting the user session ID information used by the session server...

7.5CVSS6.4AI score0.01244EPSS
Exploits0References2
NVD
NVD
added 2004/02/28 5:0 a.m.11 views

CVE-2004-0944

The web management interface for Mitel 3300 Integrated Communications Platform ICP before 4.2.2.11 generates easily predictable web session IDs, which allows remote attackers to hijack other sessions via the parentsessionid cookie...

5CVSS6.7AI score0.01373EPSS
Exploits0References3
NVD
NVD
added 2000/01/29 5:0 a.m.18 views

CVE-2000-0111

The RightFax web client uses predictable session numbers, which allows remote attackers to hijack user sessions...

7.5CVSS6.7AI score0.01403EPSS
Exploits0References1
Rows per page
Query Builder