Lucene search
K

11967 matches found

Prion
Prion
added 2015/09/16 2:59 p.m.11 views

Cross site request forgery (csrf)

Multiple cross-site request forgery CSRF vulnerabilities in the Contact Form Generator plugin 2.0.1 and earlier for WordPress allow remote attackers to hijack the authentication of administrators for requests that 1 create a field, 2 update a field, 3 delete a field, 4 create a form, 5 update a...

6.8CVSS7AI score0.03021EPSS
Exploits1References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2015/09/08 12:0 a.m.34 views

Google Chrome < 44.0.2403.89 Multiple Vulnerabilities

Binary data 8853.pasl...

6.8CVSS9.4AI score0.02732EPSS
Exploits0References2
seebug.org
seebug.org
added 2015/09/07 12:0 a.m.17 views

iTunes 10.6.1.7 - '.PLS' Title Buffer Overflow

No description provided by source. nsehlonger = "\xeb\x1E\x90\x90" nsehshorter = "\xeb\x06\x90\x90" seh = 0x72d119de pop pop ret from msacm32.drv shell = "\xdd\xc1\xd9\x74\x24\xf4\xbb\x2b\x2b\x88\x37\x5a\x31\xc9" + "\xb1\x33\x83\xea\xfc\x31\x5a\x13\x03\x71\x38\x6a\xc2\x79" +...

7.1AI score
Exploits0
0day.today
0day.today
added 2015/09/01 12:0 a.m.23 views

Joomla GoogleSearch (CSE) 3.0.2 Cross Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit title: Joomla Component GoogleSearch CSE 3.0.2 - XSS Vulnerability Author: Bet0 Twitter: https://twitter.com/Bet0Shinoda Website: www.mc-crew.or.id Google Dork: inurl:"index.php?option=comgooglesearchcse" Date: 29 Agustus 2015 Vendor...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2015/08/31 12:0 a.m.13 views

Edimax PS-1206MF - Web Admin Authentication Bypass

Edimax PS-1206MF - Web Admin Authentication Bypass Title: Edimax PS-1206MF - Web Admin Auth Bypass Date: 30.08.15 Vendor: edimax.com Firmware version: 4.8.25 Author: Smash Contact: smash at devilteam.pl HTTP authorization is not being properly verified while sendind POST requests to .cgi, remote...

0.9AI score
Exploits0
0day.today
0day.today
added 2015/08/29 12:0 a.m.26 views

MS SQL Server 2000/2005 SQLNS.SQLNamespace COM Object Refresh() Unhandled Pointer Exploit

Exploit for windows platform in category remote exploits % Function PaddingintLen Dim strRet, intSize intSize = intLen/2 - 1 For I = 0 To intSize Step 1 strRet = strRet & unescape"%u4141" Next Padding = strRet End Function Function PackDWORDstrPoint strTmp = replacestrPoint, "0x", "" PackDWORD =...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2015/08/28 12:0 a.m.18 views

Pluck CMS 4.7.3 - Multiple Vulnerabilities

Pluck CMS 4.7.3 - Multiple Vulnerabilities Title: Pluck 4.7.3 - Multiple vulnerabilities Date: 28.08.15 Vendor: pluck-cms.org Affected versions: = 4.7.3 current Tested on: Apache2.2 / PHP5 / Deb32 Author: Smash | smaash.net Contact: smash at devilteam.pl Few vulnerabilities. Bugs: - local file...

0.4AI score
Exploits0
Packet Storm
Packet Storm
added 2015/08/26 12:0 a.m.24 views

ZSNES 1.51 Stack-Based Buffer Overflow

Exploit Author: Juan Sacco - http://www.exploitpack.comp Tested on: GNU/Linux - Kali Linux 2.0 Description: ZSNES v1.51 and prior is prone to a stack-based buffer overflow vulnerability because the application fails to perform adequate boundary-checks on user-supplied input. An attacker could...

1AI score
Exploits0
0day.today
0day.today
added 2015/08/24 12:0 a.m.18 views

Easy Address Book Web Server 1.6 - USERID Remote Buffer Overflow Exploit

Exploit for windows platform in category remote exploits !/usr/bin/python Exploit Title: Easy Address Book Web Server 1.6 - USERID Remote Buffer Overflow Version: 1.6 Date: 2015-08-23 Author: Tracy Turben email protected Software Link: http://www.efssoft.com/ Tested on: Win7x32-EN,Win7x64-EN from...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2015/08/22 12:0 a.m.28 views

Vifi Radio 1 Cross Site Request Forgery

. | | / | | \ \ | | \ / | |\ / / /\ \ / \ | Y / ^ / / || / / / / /\ /\ \ \ \ | / \ / http://h4x0resec.blogspot.com / \ | \ \ / // / \ / / / / Vifi Radio v1 - CSRF Arbitrary Change Password Exploit My + Discovered by: KnocKout Contact : [email protected] HomePage :...

1AI score
Exploits0
ThreatPost
ThreatPost
added 2015/08/20 1:32 p.m.33 views

Details Surface on Patched Sandbox Violation Vulnerability in iOS

Apple patched an issue last week in iOS that could have allowed attackers to bypass the third-party app-sandbox protection mechanism on devices and read arbitrary managed preferences via a special app. The issue, which was present in versions of iOS prior to 8.4.1, stems from a vulnerability with...

4.3CVSS7.2AI score0.01362EPSS
Exploits0References5
Exploit DB
Exploit DB
added 2015/08/18 12:0 a.m.47 views

vBulletin &lt; 4.2.2 - Memcache Remote Code Execution

vBulletin's memcache setting is vulnerable in certain versionsall before 4.2.2 to an RCE. vBulletin seem to have refused to classify it as a vulnerability or post anything about it, or put anything in the announcements on their website. They say "PL2 4.2.2 should prevent the use of localhost,"...

7AI score
Exploits0
0day.today
0day.today
added 2015/08/17 12:0 a.m.122 views

vBulletin 4.2.2 Memcache Remote Code Execution Exploit

vBulletin versions prior to 4.2.2 suffer from a memcache related remote code execution vulnerability. Not really a 0day since it's fixed in some versions, but still an exploit that doesn't seem to be "that" public. Please note, I didn't find this. vBulletin's memcache setting is vulnerable in...

7.9AI score
Exploits0
0day.today
0day.today
added 2015/08/15 12:0 a.m.186 views

Microsoft Windows HTA (HTML Application) - Remote Code Execution Exploit

Microsoft Windows HTA HTML Application remote code execution exploit that leverages MS14-064. !/usr/bin/php poc'."\n\n"; $reza = socketcreateAFINET, SOCKSTREAM, 0 or die'Failed to create socket!'; socketbind$reza, 0,$port; socketlisten$...

9.3CVSS0.2AI score0.94996EPSS
Exploits39
Openbugbounty
Openbugbounty
added 2015/08/14 5:52 p.m.21 views

marfinbank.ua XSS vulnerability

Vulnerable URL: http://marfinbank.ua/web/mb-ru.nsf/search/Search?SearchView=%3Cimg%20src=%22123%22%20onerror=%22alert%28%27XSSPOSED%27%29;%22%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 25.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed...

6.3AI score
Exploits0
Prion
Prion
added 2015/08/14 1:59 a.m.20 views

Design/Logic Flaw

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vector...

10CVSS7.4AI score0.49204EPSS
Exploits4References10Affected Software5
Openbugbounty
Openbugbounty
added 2015/08/13 8:23 a.m.17 views

fanpop.com XSS vulnerability

Vulnerable URL: http://www.fanpop.com/search Details: Description| Value ---|--- Patched:| No Latest check for patch:| 25.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 2608 Google Pagerank| 6 VIP website status:| Yes Check fanpop.com SSL connection:| Grade...

6.3AI score
Exploits0
ThreatPost
ThreatPost
added 2015/08/04 8:0 a.m.17 views

Researchers Uncover Chinese VPN Service Used by APT Crews for Cover

Building a business can be expensive and time-consuming, and owners will look for ways to save money wherever they can. Researchers from RSA Security have found a VPN provider in China that is taking this to an unusual extreme: hacking Windows servers around the world for use as VPN nodes on a...

1.9AI score
Exploits0References2
0day.today
0day.today
added 2015/08/01 12:0 a.m.204 views

BIND9 - TKEY PoC Exploit

Exploit for multiple platform in category dos / poc / PoC for BIND9 TKEY assert Dos CVE-2015-5477 Usage: tkill What it does: - First sends a "version" query to see if the server is up. - Regardless of the version response, it then sends the DoS packet. - Then it waits 5 seconds for a response. If...

7.8CVSS0.1AI score0.91284EPSS
Exploits12
Openbugbounty
Openbugbounty
added 2015/07/30 2:45 a.m.15 views

mobile.topshop.com XSS vulnerability

Vulnerable URL: http://mobile.topshop.com/webapp/wcs/stores/servlet/CatalogNavigationSearchResultCmd?langId=-1=13058=34058=1=1=1=20=20=1="-eval"al"%2b"e"%2b"rt"xssposed""-"=noredirect Details: Description| Value ---|--- Patched:| No Latest check for patch:| 30.07.2017 Vulnerability type:| XSS...

6.3AI score
Exploits0
Rows per page
Query Builder