Lucene search
K

11967 matches found

Cvelist
Cvelist
added 2016/07/22 1:0 a.m.22 views

CVE-2016-4619

...

Exploits0
Openbugbounty
Openbugbounty
added 2016/07/21 3:14 a.m.21 views

moorings.co.uk XSS vulnerability

Vulnerable URL:...

6.3AI score
Exploits0
Packet Storm
Packet Storm
added 2016/07/21 12:0 a.m.685 views

OpenSSHD 7.2p2 User Enumeration

!/usr/bin/python CVEs: CVE-2016-6210 Credits for this go to Eddie Harari Author: 0o -- nullnull nu11.nu11 at yahoo.com Oh, and it is n-u-one-one.n-u-one-one, no l's... Wonder how the guys at packet storm could get this wrong : Date: 2016-07-19 Purpose: User name enumeration against SSH daemons...

6.8AI score0.88944EPSS
Exploits12
wpexploit
wpexploit
added 2016/07/19 12:0 a.m.13 views

Form Lightbox - Arbitrary Option Update Leading to Admin Account

This is a plugin that is no longer in the WordPress repository, however, is still in use on some sites. With this vulnerability an attacker can update any option in the WordPress database. This includes gaining an admin access. Using the file ajax.php that contains the following line: updateoptio...

0.4AI score
Exploits0References2
Openbugbounty
Openbugbounty
added 2016/07/11 1:26 p.m.8 views

esquareworld.com XSS vulnerability

Vulnerable URL: http://www.esquareworld.com/login.php?msg=...

6.9AI score
Exploits0
Exploit DB
Exploit DB
added 2016/07/11 12:0 a.m.15 views

Linux x86-64 Continuously-Probing Reverse Shell via Socket + Port-range + Password - 172 Bytes

Linux x86-64 Continuously-Probing Reverse Shell via Socket + Port-range + Password - 172 Bytes. Shellcode exploit for linx86-64 platform include include // Exploit Title: Continuously-Probing Reverse Shell via Socket + port-range + password 172 bytes // Date: 07/10/2016 // Exploit Author: CripSli...

0.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2016/06/30 12:0 a.m.48 views

Symantec Endpoint Protection Client 12.1.x < 12.1 RU6 MP5 Multiple Vulnerabilities (SYM16-010)

The version of Symantec Endpoint Protection Client installed on the remote host is 12.1 prior to 12.1 RU6 MP5. It is, therefore, affected by multiple vulnerabilities : - An array indexing error exists in the UnRAR component in the Unpack::ShortLZ function in unpack15.cpp that is triggered when...

10CVSS8.4AI score0.53402EPSS
Exploits6References9
exploitpack
exploitpack
added 2016/06/29 12:0 a.m.21 views

Symantec AntiVirus - Heap Overflow Modifying MIME Messages

Symantec AntiVirus - Heap Overflow Modifying MIME Messages Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=818 Symantec attempts to clean or remove components from archives or other multipart containers that they detect as malicious. The code that they use to remove components...

0.5AI score
Exploits0
Openbugbounty
Openbugbounty
added 2016/06/28 10:30 a.m.9 views

stember.com XSS vulnerability

Vulnerable URL: http://www.stember.com/default.php?page="=1993-1992 Details: Description| Value ---|--- Patched:| No Latest check for patch:| 27.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 22458805 VIP website status:| No Check stember.com SSL connection...

6.3AI score
Exploits0
ossfuzz
ossfuzz
added 2016/06/24 6:5 p.m.13 views

Heap-buffer-overflow in archive_le16dec

Project: https://github.com/libarchive/libarchive.git...

0.1AI score
Exploits0Affected Software1
OpenVAS
OpenVAS
added 2016/06/21 12:0 a.m.19 views

Elastic Kibana/X-Pack Detection (HTTP)

HTTP based detection of Elastic Kibana and X-Pack. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7AI score
Exploits0
exploitpack
exploitpack
added 2016/06/20 12:0 a.m.11 views

Airia - Cross-Site Request Forgery (Add Content)

Airia - Cross-Site Request Forgery Add Content document.forms.csrfpoc.submit;...

0.7AI score
Exploits0
Talos
Talos
added 2016/06/19 12:0 a.m.35 views

Libarchive Rar RestartModel Code Execution Vulnerability

SUMMARY An exploitable heap overflow vulnerability exists in the Rar decompression functionality of libarchive. A specially crafted Rar file can cause a heap corruption eventually leading to code execution. An attacker can send a malformed file to trigger this vulnerability. TESTED VERSIONS...

7.8CVSS7.9AI score0.04757EPSS
Exploits2
Hacker One
Hacker One
added 2016/06/18 6:48 p.m.36 views

Nextcloud: Business/Functional logic bypass: Remove admins from admin group.

In nextcloud the default admin can not be removed from his admin group. The group toggle request looks like this: POST /nextcloud/index.php/settings/ajax/togglegroups.php HTTP/1.1 Host: 139.59.9.184 User-Agent: Mozilla/5.0 Macintosh; Intel Mac OS X 10.11; rv:47.0 Gecko/20100101 Firefox/47.0 Accep...

0.4AI score
Exploits0
myhack58
myhack58
added 2016/06/16 12:0 a.m.15 views

Struts2 S033 with the latest S037 detailed analysis-vulnerability warning-the black bar safety net

Just after children's Day back found that struts2 shows the S033, so put down the hands of the Lollipop quickly analyze. ! 0x01 vulnerability review First recall S033 According to the official description ! Obviously there are two key points: the first is the REST Plugin,the other is Dynamic Meth...

8.1AI score
Exploits0
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
added 2016/06/02 12:0 a.m.15 views

SecurityCheck and SecurityCheck Pro Vulnerable Versions: 2.8.9

Stored XSS and SQL Injection in SecurityCheck and SecurityCheck Pro Vulnerable Versions: 2.8.9 possibly below resolution: update to version 2.8.10 update notice: https://securitycheck.protegetuordenador.com/index.php/downloads/securitycheck-j3x...

1.9AI score
Exploits0References3Affected Software1
FireEye
FireEye
added 2016/05/22 3:0 a.m.15 views

Targeted Attacks against Banks in the Middle East

Introduction In the first week of May 2016, FireEye’s DTI identified a wave of emails containing malicious attachments being sent to multiple banks in the Middle East region. The threat actors appear to be performing initial reconnaissance against would-be targets, and the attacks caught our...

7.1AI score
Exploits0
Kitploit
Kitploit
added 2016/05/13 10:30 p.m.24 views

CJExploiter - Drag and Drop ClickJacking Exploit Development Assistance Tool

CJExploiter is drag and drop ClickJacking exploit development assistance tool. First open the "index.html" with your browser locally and enter target URL and click on "View Site". You can dynamically create your own inputs. Finally by click the "Exploit It" you can see the P0C. Summery...

7.2AI score
Exploits0References1
myhack58
myhack58
added 2016/05/11 12:0 a.m.878 views

In-depth understanding of cross-site WebSocket hijacking vulnerability principle and prevention-vulnerability and early warning-the black bar safety net

Preamble WebSocket as the HTML5 new features, one of extra to attract the developer's attention, because it appears that the client mainly refers to the browser provided on the Socket support as possible, so in between the client and server provides a based on a single TCP connection is a...

7.4AI score
Exploits0
F5 Networks
F5 Networks
added 2016/05/04 12:0 a.m.45 views

SOL71059632 - PHP vulnerability CVE-2015-8616

Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...

8.6CVSS2.5AI score0.02173EPSS
Exploits1References4
Rows per page
Query Builder