Lucene search
K

11967 matches found

seebug.org
seebug.org
added 2014/07/01 12:0 a.m.16 views

PHP File Sharing System 1.5.1 - Multiple Vulnerabilities

No description provided by source. Title: PHP File Sharing System 1.5.1 Multiple Vulnerabilities Author: blake Tested on: Windows XP SP3 with xampplite 1 XSS http://192.168.1.149/fss/index.php?cam= 2 Directory transversal http://192.168.1.149/fss/index.php?cam=/../../../../../../../.. 3 Shell...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.25 views

MaticMarket 2.02 for PHP Nuke LFI Vulnerability

No description provided by source. MaticMarket 2.02 for PHP Nuke LFI Vulnerability Url: http://sourceforge.net/projects/maticmarket Author: xer0x Expl: http://localhost/modules/maticmarket/deco/blanc/haut.php?modulename=../../../../../../../../../../../../../../etc/passwd%00...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.13 views

phpBB <= 2.0.10 Remote Command Execution Exploit (cgi version)

No description provided by source. !/usr/bin/perl wphpbb.cgi hack service: http://site/cgi-bin/wphpbb.cgi use CGI qw:standard; $CGI::HEADERSONCE = 1; $CGI = new CGI; $atak = $CGI-paramatak; $serv = $CGI-paramserv; $dir = $CGI-paramdir; $topic = $CGI-paramtopic; $cmd = $CGI-paramcmd; print...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.33 views

Open Bulletin Board <= 1.0.5 - SQL Injection Exploit

No description provided by source. !/usr/bin/perl -w OpenBB sql injection tested on Open Bulletin Board 1.0.5 with mysql coded by x97Rang 2005 RST/GHC Gr33tz: blf, 1dt.w0lf use IO::Socket; if @ARGV != 3 print \nUsage: $0 server path id\n; print like $0 forum.mysite.com / 1\n; print If found nothi...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.19 views

Jobscript4Web 3.5 - Multiple CSRF Vulnerability

No description provided by source. Title: Jobscript4Web 3.5 Multiple CSRF Vulnerability Date: 17/12/2009 Author: bi0 Software Link: http://www.jobscript4web.com/ Version: 3.5 CVE : /\ == \ /\ \ /\ \ \ \ \ \ \ \ \ /\ \ \ \ \ \ \ \ // // // 01000010 01101001 01001111...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.17 views

Eventy Online Scheduler 1.8 - Multiple Vulnerabilities

No description provided by source. Eventy Online Scheduler V1.8 - Multiple Vulnerabilties =================================================================== .:. Author : AtT4CKxT3rR0r1ST .:. Contact : [email protected] , [email protected] .:. Home : http://www.iphobos.com/blog/ .:. Script :...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.24 views

CoBaLT 0.1 - Multiple Remote SQL Injection Vulnerabilities

No description provided by source. ---------------------------------------- CoBaLT v1.0 Remote SQL İnjection Vulnerabiltiy Discovered : U238 Mail : [email protected] WebPage : http://ugur238.org The End Script: http://www.aspindir.com/indir.asp?ID=5414 Script Alternativ :...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.17 views

webid <= 1.0.4 - Multiple Vulnerabilities

No description provided by source. :::::::-. ... ::::::. :::. ;;, ';, ;; ;;;;;;;, ;;; ' . ' $$, $$$$ $$$ $$$ Y$c$$ 888,o8P'88 .d888 888 Y88 MMMMP YmmMMMM MMM YM Discovered by dun \ posdubatgmail.com 2012-08-17 WeBid = 1.0.4 Multiple Vulnerabilities Script: Open source php/mysql fully featured...

7.1AI score
Exploits0
Cisco Threats
Cisco Threats
added 2014/06/30 2:15 p.m.83 views

Threat Outbreak Alert RuleID7930: Email Messages Distributing Malicious Software on February 17, 2015

Medium Alert ID: 34789 First Published: 2014 June 30 14:15 GMT Last Updated: 2015 February 17 20:26 GMT Version: 103 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID7930KV...

0.3AI score
Exploits0
Hacker One
Hacker One
added 2014/06/30 4:9 a.m.35 views

WePay: CSRF on email address operations. Also performing unintended operations.

After authentication in the WePay application, a user can navigate to the "My Settings" tab and perform operations like makeprimary and resend on the email addresses. These operations do not have any CSRF tokens present in the request. The only value unknown to an attacker present in the request ...

7AI score
Exploits0
0day.today
0day.today
added 2014/06/30 12:0 a.m.103 views

TP-LINK Model No. TL-WR841N / TL-WR841ND - Multiple Vulnerabilities

TP-LINK TL-WR841N / TL-WR841ND are vulnerable to many CSRF and XSS attacks because of no CSRF prevention technique and poor parameters filtration. Attacker is able to compromise router and steal config & log files. Title: TP-LINK Model No. TL-WR841N / TL-WR841ND - Multiple Vulnerabilities Date:...

6.5AI score
Exploits0
securityvulns
securityvulns
added 2014/06/19 12:0 a.m.140 views

[oss-security] CVE request for vulnerability in OpenStack Heat

A vulnerability was discovered in OpenStack see below. In order to ensure full traceability, we need a CVE number assigned that we can attach to further notifications. This issue is already public, although an advisory was not sent yet. Title: Heat template URL information leakage Reporter: Jason...

0.4AI score
Exploits0
seebug.org
seebug.org
added 2014/06/17 12:0 a.m.19 views

Discuz跨域数据劫持+附件类型限制绕过

简要描述: 两个凑一块发了 详细说明: 1 跨域数据劫持(csrf token formhash盗取) 下载远程附件功能不会对文件内容(文件格式)进行检测导致可以上传恶意的swf文件(扩展名还是图片扩展名),进而进行跨域数据劫持: 伪造图片CrossDomainDataHijack.jpg相关代码: package com.powerflasher.SampleApp import flash.external.ExternalInterface; import flash.display.Sprite; import flash.display.Sprite; import...

7.1AI score
Exploits0
FreeBSD
FreeBSD
added 2014/06/12 12:0 a.m.24 views

asterisk -- multiple vulnerabilities

The Asterisk project reports: Asterisk Manager User Unauthorized Shell Access. Manager users can execute arbitrary shell commands with the MixMonitor manager action. Asterisk does not require system class authorization for a manager user to use the MixMonitor action, so any manager user who is...

6.5CVSS7.1AI score0.05679EPSS
Exploits0References3
Vulnerability Lab
Vulnerability Lab
added 2014/06/11 12:0 a.m.17 views

PayPal GoToMaxx PDFMailer - Local Overflow Vulnerability

Document Title: =============== PayPal GoToMaxx PDFMailer - Local Overflow Vulnerability References: =========== http://www.vulnerability-lab.com/getcontent.php?id=1274 http://www.vulnerability-lab.com/getcontent.php?id=940 Video: https://www.youtube.com/watch?v=IXhwfZV6x0M Release Date:...

7.4AI score
Exploits0
Fortinet
Fortinet
added 2014/06/06 12:0 a.m.54 views

Multiple Vulnerabilities in OpenSSL

...

6.8CVSS6.7AI score0.99977EPSS
Exploits14
Cvelist
Cvelist
added 2014/06/05 5:0 p.m.21 views

CVE-2014-2577

Multiple cross-site scripting XSS vulnerabilities in the Transform Content Center in Bottomline Technologies Transform Foundation Server before 4.3.1 Patch 8 and 5.x before 5.2 Patch 7 allow remote attackers to inject arbitrary web script or HTML via the 1 pn parameter to index.fsp/document.pdf, ...

5.7AI score0.02018EPSS
Exploits2References6
seebug.org
seebug.org
added 2014/06/04 12:0 a.m.41 views

SOAPpy 0.12.5 多个漏洞

0×01:Background SOAPpy provides tools for building SOAP clients and servers.The goal of the SOAPpy team is to provide a full featured SOAP library for Python that is very simple to use and that fully supports dynamic interaction between clients and servers. SOAPpy use sax.xml as SOAP parser to...

5CVSS6.7AI score0.01797EPSS
Exploits2
0day.today
0day.today
added 2014/06/01 12:0 a.m.22 views

AuraCMS 3.0 - Multiple Vulnerabilities

Exploit for php platform in category web applications Exploit Title: AuraCMS 3.0 Multiple Vulnerabilities Date: 05/28/2014 Author: Mustafa ALTINKAYNAK Download URL :http://auracms.org/ Software Link: http://codeload.github.com/auracms/AuraCMS/zip/master Vuln Category: CWE-79 XSS - CWE-98 LFI Test...

7.1AI score
Exploits0
Hacker One
Hacker One
added 2014/05/30 12:42 p.m.49 views

Slack: SSRF on https://whitehataudit.slack.com/account/photo

During post request to https://whitehataudit.slack.com/account/photo: POST /account/photo HTTP/1.1 Host: whitehataudit.slack.com User-Agent: Mozilla/5.0 Macintosh; Intel Mac OS X 10.9; rv:29.0 Gecko/20100101 Firefox/29.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8...

7AI score
Exploits0
Rows per page
Query Builder