Lucene search
K

11967 matches found

OpenVAS
OpenVAS
added 2015/03/25 12:0 a.m.15 views

IT-Grundschutz M4.338: Einsatz von File und Registry Virtualization bei Clients ab Windows Vista

IT-Grundschutz M4.338: Einsatz von File und Registry Virtualization bei Clients ab Windows Vista. Stand: 15. Ergnzungslieferung 15. EL. Hinweis: Nur ein genereller Test, ob Vista File und Registry Virtualization aktiviert ist. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might...

7.3AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2015/03/24 12:0 a.m.17 views

OVAL Linux Compliance Checks

Binary data ovallinux.nbin...

7.3AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2015/03/24 12:0 a.m.248 views

PHP 5.4.x < 5.4.39 Multiple Vulnerabilities

According to its banner, the version of PHP 5.4.x installed on the remote host is prior to 5.4.39. It is, therefore, affected by multiple vulnerabilities : - A use-after-free error exists related to function 'unserialize', which can allow a remote attacker to execute arbitrary code. Note that thi...

7.5CVSS7.8AI score0.42593EPSS
Exploits16References10
seebug.org
seebug.org
added 2015/03/24 12:0 a.m.27 views

KingCms最新版(k9)注入4枚打包

简要描述: KingCms最新版(k9)注入4枚打包 详细说明: 朋友的公司想购买kingcms的授权,让我帮忙看下。发现kingcms很长一段时间没更新了,憋了一段时间放出了最新版的k92014-12-13更新,官网下下来学习一下。 在wooyun上看到了几个漏洞,如: WooYun: kingcms最新版sql注入漏洞 注入点:POST /apps/content/index.php HTTP/1.1 注入参数:where 问题文件在 /apps/content/index.php...

7AI score
Exploits0
myhack58
myhack58
added 2015/03/23 12:0 a.m.32 views

Breakdown of the Android system those DOS vulnerability-vulnerability warning-the black bar safety net

0x00 Preface The Android system there are some vulnerabilities can lead to system reboot, of course, allow the system to restart just a phenomenon, these vulnerabilities there may also be elevation of Privilege, execution code, etc. This article to restart this phenomenon is the basis for...

0.7AI score
Exploits0
seebug.org
seebug.org
added 2015/03/17 12:0 a.m.18 views

phpb2b最新版两处sql注入#2

简要描述: RT 详细说明: 在friendlinkcontrol.php中: function add global $smarty; using "message"; $pms = new Messages; if isset$POST'do' && !empty$POST'friendlink' pbsubmitcheck'friendlink'; $data = $POST'friendlink'; $result = false; $data'status' = 0; $data'created' = $data'modified' =...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2015/03/17 12:0 a.m.29 views

Metasploit Project &lt; 4.11.1 - Initial User Creation Cross-Site Request Forgery (Metasploit)

Exploit Title: Metasploit Project initial User Creation CSRF Google Dork: N/A Date: 14-2-2015 Exploit Author: Mohamed Abdelbaset Elnoby @SymbianSyMoh Vendor Homepage: http://www.metasploit.com/ Software Link: http://www.rapid7.com/products/metasploit/editions-and-features.jsp Version: Free/Pro...

7AI score
Exploits0
seebug.org
seebug.org
added 2015/03/11 12:0 a.m.20 views

KingCms最新版越权大礼包

简要描述: KingCms最新版越权大礼包 详细说明: 朋友的公司想购买kingcms的授权,让我帮忙看下。发现kingcms很长一段时间没更新了,憋了一段时间放出了最新版的k9,官网下下来学习一下。 在wooyun看到了几个漏洞,如:http://wooyun.org/bugs/wooyun-2010-043520 这里的越权大礼包包括删除网站所有会员、重置所有会员密码、修改所有会员用户名。 0x00:先来看看获得相关权限的绕过方法吧 Kingcms使用 $u=new user; $u-authrole'XXX'; 来验证用户是否具有XXX的权限,关键是user类。...

7.1AI score
Exploits0
CVE
CVE
added 2015/03/07 2:0 a.m.45 views

CVE-2015-2235

CVE-2015-2235 is rejected and not used; this entry does not represent an active vulnerability.

6.4AI score
Exploits0
Silent Robot Systems
Silent Robot Systems
added 2015/03/05 4:0 a.m.22 views

Exploiting XXE Vulnerabilities in OXML Documents - Part 1

OXML is a common document format; think docx Microsoft Word Document, pptx Microsoft Powerpoint, xlsx Excel Spreadsheet, etc. An OXML document is a zip file containing XML files and any media files. When the document is rendered, the rendering library unzips the document and then parses the...

6.9AI score
Exploits0
myhack58
myhack58
added 2015/03/04 12:0 a.m.41 views

PhpMoAdmin vulnerability analysis report-vulnerability warning-the black bar safety net

phpMoAdmin is a convenient online MongoDB management tool that can be used to create, delete and modify databases and indexes, view and data search tool that provides database startup time and memory statistics, support for JSON format data import and export the php application. Recently named...

0.1AI score
Exploits0
Hacker One
Hacker One
added 2015/02/27 3:6 p.m.23 views

X (Formerly Twitter): Cross site Port Scanning bug in twitter developers console

This vulnerability allow a port scanning a remote machine on internet . an attacker can scan a remote machine through this vulnerability using twitter ip as a proxy . The vulnerability exit on url https://dev.twitter.com/rest/tools/console through console an attacker can use GET or POST request...

7.2AI score
Exploits0
seebug.org
seebug.org
added 2015/02/27 12:0 a.m.25 views

HDWIKI最新版Update注入可修改管理员密码(MYSQL进制技巧)

简要描述: 最新版HDWIKI 5.1 GBK 无视GPC 上首页吧! 详细说明: 问题出在\hdwiki\control\user.php下 最新版HDWIKI 5.1 GBK版本 HDWIKI全局过滤,但是面对宽字节注入,就容易出问题了 function doeditprofile ifisset$this-post'submit' $gender = intval$this-post'gender'; $birthday = strtotime$this-post'birthday'; $location = $this-post'location'; $signature =...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2015/02/13 12:0 a.m.19 views

tipask注入漏洞

简要描述: sql注入漏洞(2次注入) 详细说明: 官方最新源码测试 在control中answer.php中 追问模块---追问 / function onappend $this-load"message"; $qid = intval$this-get2 ? $this-get2 : intval$this-post'qid'; $aid = intval$this-get3 ? $this-get3 : intval$this-post'aid'; $question = $ENV'question'-get$qid; $answer = $ENV'answer'-get$aid...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2015/02/11 12:0 a.m.38 views

PHPB2B某处漏洞直接查看mysql密码

简要描述: PHPB2B某处漏洞直接查看mysql密码 详细说明: PHPB2B某处漏洞直接查看mysql密码 官网下载的最新版 install/install.php 安装文件,查看下代码。 ?php / PHPB2B Copyright C 2007-2099, Ualink Inc. All Rights Reserved. The contents of this file are subject to the License; you may not use this file except in compliance with the License. @version...

6.9AI score
Exploits0
Hacker One
Hacker One
added 2015/02/09 6:51 p.m.20 views

Informatica: XSS in Search Communities Function

When you search for a URL on the communities page, you visit a URL that looks like this https://community.informatica.com/community/marketplace/search/?blkCatIds=free+apps&view=solution By replacing the search query with html ";alert0;t=" and making the final URL:...

0.7AI score
Exploits0
seebug.org
seebug.org
added 2015/02/05 12:0 a.m.28 views

某政府系统一处通用SQL注入漏洞

简要描述: RT 详细说明: 山东农友软件公司官网:http://www.nongyou.com.cn/ 案例如下: http://222.135.109.70:8100/wendengview.aspx?deptid=54&atid=291 http://61.133.119.187:8089/wendengview.aspx?deptid=54&atid=291 http://222.135.127.190:7000/wendengview.aspx?deptid=54&atid=291...

7.1AI score
Exploits0
CVE
CVE
added 2015/02/03 4:0 p.m.72 views

CVE-2015-1433

CVE-2015-1433 affects Roundcube (Roundcube Webmail) where the file program/lib/Roundcube/rcube_washtml.php mishandles quoting in the HTML style attribute, enabling remote XSS via email content. The vulnerability arises from incorrect quotation logic during sanitization of the style HTML attribute...

4.3CVSS7.8AI score0.03279EPSS
Exploits2References8Affected Software1
securityvulns
securityvulns
added 2015/02/02 12:0 a.m.73 views

[CVE-2015-1394] Photo Gallery &#40;Wordpress Plugin&#41; - Multiple XSS Vulnerabilities Version 1.2.8

CVE-2015-1394 Photo Gallery Wordpress Plugin - Multiple XSS Vulnerabilities Version 1.2.8 ---------------------------------------------------------------- Product Information: Software: Photo Gallery Wordpress Plugin Tested Version: 1.2.8, released on 15.01.2015 and has over half a million...

5.4AI score0.02331EPSS
Exploits4
0day.today
0day.today
added 2015/01/27 12:0 a.m.33 views

WordPress Revolution Slider Local File Disclosure Vulnerability

WordPress Revolution Slider plugin suffers from a local file disclosure vulnerability. Note that this finding houses site-specific data. + Title: Wordpress slider reolusion local file download + Date: 2015-01-25 + Author: JOK3R + Vendor Homepage:...

6.7AI score
Exploits0
Rows per page
Query Builder