55 matches found
OTRS 3.3.x < 3.3.19 Information Disclosure Vulnerability
OTRS is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:otrs:otrs"; if...
svkexternwebbkap.svenskakyrkan.se XSS vulnerability
Vulnerable URL: https://svkexternwebbkap.svenskakyrkan.se/Admin/Login/Login.aspx?ReturnUrl=/default.aspx?id=1324984=1" Details: Description| Value ---|--- Patched:| No Latest check for patch:| 25.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not...
deichmann.com XSS vulnerability
Vulnerable URL: http://www.deichmann.com/IT/it/shop/Home-uomo/Home-uomo-scarpe.cat?x" Details: Description| Value ---|--- Patched:| Yes, at 21.06.2016 Latest check for patch:| 21.06.2016 04:21 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 7329 Google Pagerank|...
XAMPP 3.2.1跨站脚本漏洞
No description provided by source. Title : XAMPP 3.2.1 Cross Site Scripting Author : DevilScreaM Date : 15 January 2014 Category : Web Applications Vendor : http://sourceforge.net/projects/xampp Version : 3.2.1 Type : PHP Greetz : 0day-id.com | newbie-security.or.id | Borneo Security | Indonesian...
Joomla! Component com_civicrm 4.2.2 - Remote Code Injection
Exploit Title: joomla component comcivicrm remode code injection exploit Google Dork:"Index of /joomla/administrator/components/comcivicrm/civicrm/packages/OpenFlashChart" Date: 20/04/2013 Exploit Author: iskorpitx Vendor Homepage: http://civicrm.org Software Link:...
Exposing 25 Facebook phishing websites
Exposing 25 Facebook phishing websites Geeks at Security Web-Center Found 25 Facebook and list them. Sometimes spammers create fake pages that look like the Facebook login page. When you enter your email and password on one of these pages, the spammer records your information and keeps it. This i...
Microsoft IIS 6.0 Bypass
? printr' IIS 6 WEBDAV Exploit.By [email protected] && Securiteweb.org Usage: php '.$argv0.' source/path/put host path Example: php '.$argv0.' source www.tian6.com /blog/readme.asp Example2: php '.$argv0.' path www.tian6.com /secret/ Example3: php '.$argv0.' put www.tian6.com /secret/ test.txtevil...
CVE-2009-1085
Piwik 0.2.32 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain the API key and other sensitive information via a direct request for misc/cron/archive.sh...
Mail Machine <= 3.989 Local File Inclusion Exploit
No description provided by source. !/usr/bin/perl -w Mail Machine Local File Include Exploit Vuln. v3.980, v3.985, v3.987, v3.988 and v3.989 ! Application homepage : http://www.mikesworld.net/mailmachine.shtml ! Author : H4 / Team XPK ! Contact : [email protected]...
CGI bugs
No description provided...
paFileDB pafiledb.php id Parameter XSS
The version of paFileDB installed on the remote host is vulnerable to cross-site scripting attacks due to its failure to sanitize input to the 'id' parameter of the 'pafiledb.php' script before using it to generate dynamic HTML. An attacker may use these flaws to steal cookies of users of the...
CBOS Web-based Configuration Utility Vulnerability
...
SUBMISSION - multiple vulnerabilities in Prospero 1.3.5 CGI
= Warped Force Advisory = Author: darkyoda [email protected] Subject: Multiple vulnerabilities in Prospero 1.3.5 CGI Discovered: 12.15.00 Announced: 2.1.01 Vendor Status: Maintainer notified 12.27.00. New version released. Current version is 1.3.7 Platforms: Any web server capable of running...
CVE-2020-35155
...
Detectoid for Skype for Business Server 2015, Web Components Server
Detectoid for Skype for Business Server 2015, Web Components Server...