Lucene search
K

164 matches found

CNVD
CNVD
added 2016/07/13 12:0 a.m.4 views

Drupal Coder Remote Code Execution Vulnerability

Drupal is a free, open-source content management system developed in the PHP language maintained by the Drupal community; Coder is Drupal's encoder module. A remote code execution vulnerability exists in the Drupal Coder module. Because the module does not adequately validate user-entered script...

8.7AI score
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2015/09/23 12:0 a.m.5 views

The vulnerability of the ATML component in Microsoft Lync, the Microsoft Office suite, and the Windows operating system allows a perpetrator to execute arbitrary code.

The vulnerability of the ATML component in Microsoft Lync, the Microsoft Office suite, and the Windows operating system is due to buffer overflow. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a specially crafted script file...

9.3CVSS6.4AI score0.35639EPSS
Exploits0References2Affected Software1
Exploit DB
Exploit DB
added 2015/08/21 12:0 a.m.44 views

Mozilla - Maintenance Service Log File Overwrite Privilege Escalation

Source: https://code.google.com/p/google-security-research/issues/detail?id=427&can=1 Mozilla Maintenance Service: Log File Overwrite Elevation of Privilege Platform: Windows Version: Mozilla Firefox 38.0.5 Class: Elevation of Privilege Summary: The maintenance service creates a log file in a use...

7.4AI score
Exploits0
0day.today
0day.today
added 2015/08/21 12:0 a.m.55 views

Mozilla Maintenance Service Log File Overwrite Elevation of Privilege Exploit

Exploit for windows platform in category local exploits Source: https://code.google.com/p/google-security-research/issues/detail?id=427&can=1 Mozilla Maintenance Service: Log File Overwrite Elevation of Privilege Platform: Windows Version: Mozilla Firefox 38.0.5 Class: Elevation of Privilege...

3.3CVSS9AI score0.00797EPSS
Exploits1
Cvelist
Cvelist
added 2015/02/01 2:0 a.m.28 views

CVE-2015-0926

Labtech before 100.237 on Linux uses world-writable permissions for root-executed scripts, which allows local users to gain privileges by modifying a script file...

6.5AI score0.00353EPSS
Exploits0References1
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.21 views

Sybase Advantage Data Architect - "*.SQL" Format Heap Oveflow

No description provided by source. Exploit Title: Sybase Advantage Data Architect .SQL Format Heap Oveflow RCE Date: 2010-10-16 Author: d0lc3 @rmallof - http://elotrolad0.blogspot.com/ Software Link: http://www.sybase.com/products/databasemanagement/advantagedatabaseserver/data-architect-utility...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.11 views

WihPhoto 0.86 -dev sendphoto.php File Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/6929/info A vulnerability has been reported for WihPhoto that may result in the disclosure of files to remote attackers. The vulnerability exists due to inadequate verification of some URI parameters in the sendphoto.php...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.25 views

Nukebrowser 2.x Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/6731/info Nukebrowser is prone to an issue which may allow remote attackers to include files located on remote servers. This issue is present in the nukebrowser.php script file. Under some circumstances, it is possible fo...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.15 views

TalentSoft Web+ Application Server (Linux) 4.6 Example Script File Disclosure

No description provided by source. source: http://www.securityfocus.com/bid/1725/info Web+ is a development language for use in creating web-based client/server applications. In Linux versions of the product, an example script installed in Web+ Web+Ping which fails to correctly filter shell meta...

7.1AI score
Exploits0
Prion
Prion
added 2011/12/13 11:55 a.m.18 views

Design/Logic Flaw

The Tadasoft Restorepoint 3.2 evaluation image uses weak permissions www write access for unspecified scripts, which allows local users to gain privileges by modifying a script file...

7.2CVSS7.1AI score0.00336EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2011/11/15 6:55 p.m.21 views

CVE-2008-7303

The nonet and nointernet sandbox profiles in Apple Mac OS X 10.5.x do not propagate restrictions to all created processes, which allows remote attackers to access network resources via a crafted application, as demonstrated by use of launchctl to trigger the launchd daemon's execution of a script...

7.6CVSS6.2AI score0.03537EPSS
Exploits1References2
NVD
NVD
added 2011/10/14 10:55 a.m.26 views

CVE-2011-3218

The "Save for Web" selection in QuickTime Player in Apple Mac OS X through 10.6.8 exports HTML documents that contain an http link to a script file, which allows man-in-the-middle attackers to conduct cross-site scripting XSS attacks by spoofing the http server during local viewing of an exported...

2.6CVSS4.9AI score0.01293EPSS
Exploits0References6
Prion
Prion
added 2011/10/14 10:55 a.m.21 views

Cross site scripting

The "Save for Web" selection in QuickTime Player in Apple Mac OS X through 10.6.8 exports HTML documents that contain an http link to a script file, which allows man-in-the-middle attackers to conduct cross-site scripting XSS attacks by spoofing the http server during local viewing of an exported...

2.6CVSS5.2AI score0.01293EPSS
Exploits0References6Affected Software2
Saint
Saint
added 2010/10/11 12:0 a.m.20 views

Novell iManager getMultiPartParameters file upload vulnerability

Added: 10/11/2010 BID: 43635 OSVDB: 68320 Background Novell iManager is a web-based management interface for other Novell products. Problem The getMultiPartParameters function in the nps.jar web application in Novell iManager allows remote attackers to upload arbitrary files to the server. By...

1.9AI score
Exploits0
Check Point Advisories
Check Point Advisories
added 2010/01/24 12:0 a.m.3 views

TikiWiki jhot.php Script File Upload Security Bypass (CVE-2006-4602)

TikiWiki, also known as Tiki CMS/Groupware or simply Tiki, is a powerful wiki-based Content Management System CMS which allows users and/or groups of users to manage their data on-line via a web browser. TikiWiki provides numerous features, including Wiki-based Documentation, Groupware, Blogging...

7.5CVSS7.5AI score0.42596EPSS
Exploits8
exploitpack
exploitpack
added 2010/01/22 12:0 a.m.11 views

yPlay 1.0.76 - .mp3 Local Crash (PoC)

yPlay 1.0.76 - .mp3 Local Crash PoC !/usr/bin/perl Usage--file created--load file--b00m.mp3 BOOM print "\n"; print "! yPlay 1.0.76 .mp3 Local Crash PoC\n"; print "\n"; print "! Author: cr4wl3r\n"; print "! Mail: cr4wl3r!linuxmail.org\n"; print "\n"; my $boom = "A" x 1337; my $filename = "b00m.mp3...

0.1AI score
Exploits0
CVE
CVE
added 2009/06/12 9:7 p.m.91 views

CVE-2009-1840

CVE-2009-1840 affects Mozilla Firefox (before 3.0.11), Thunderbird and SeaMonkey, where content policy checks were not performed before loading a script file into a XUL document. This allowed a crafted HTML document (e.g., via a web bug in email or a web page/ad) to bypass intended access restric...

9.3CVSS7.2AI score0.02224EPSS
Exploits0References22Affected Software3
Packet Storm
Packet Storm
added 2008/04/21 12:0 a.m.22 views

philboard1-sql.txt

Philboard W1L3D4 v1.0 Multiple SQL İnjection Vulnerable Author : U238 mail : setuid.noexec0x1aqhotmaildotcom webpage: http://noexec.blogspot.com Script : http://www.aspindir.com/Goster/4703 Script2: http://rapidshare.de/files/39107179/philboardtrge.zip.html...

7.4AI score
Exploits0
myhack58
myhack58
added 2006/12/28 12:0 a.m.36 views

The use of the system vulnerabilities to easily bypass your CAPTCHA-vulnerability warning-the black bar safety net

CAPTCHA's every time you access the page when randomly generated pictures, the content is generally numbers and letters the more powerful point and Chinese, you need the visitor to put in letters to fill into the form submission, thus effectively preventing brute force. CAPTCHA is also used to...

0.3AI score
Exploits0
myhack58
myhack58
added 2006/12/18 12:0 a.m.28 views

Mysteriously replaced Windows XP user password-vulnerability warning-the black bar safety net

Windows XP startup scriptstartup scriptsis a computer in the login screen to appear before running the batch file, which functions similar to the Windows 9×and DOS automatically executed batch file, the autoexec. bat. Using this feature, you can write a batch file to re-set the user password, and...

0.1AI score
Exploits0
Rows per page
Query Builder