2682 matches found
X_CART Multiple Cross Site Scripting Vulnerabilities
XCART is prone to multiple cross site scripting vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:qualiteam:x-cart...
Apache Tomcat JSP Example Web Applications XSS Vulnerability - Active Check
Apache Tomcat is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2015 SCHUTZWERK GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later CPE =...
Apple Macintosh OS X .DS_Store 信息泄露漏洞
Apple Mac OS X 系统会在文件夹下生成一个.DSStore文件,里面包含了当前目录的目录以及文件夹名称。当开发者上传网站目录时,可能会把此文件上传到网站目录,导致信息泄露、后台暴露等。 !/usr/bin/env python coding: utf-8 import re from pocsuite.net import req from pocsuite.poc import POCBase, Output from pocsuite.utils import register from dsstore import DSStore class TestPOCPOCBas...
Microsoft Office Word Viewer Remote Code Execution Vulnerability (3032328)
This host is missing an important security update according to Microsoft Bulletin MS15-012. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
Splunk <= 6.1.1 XSS Vulnerability - Active Check
Splunk is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:splunk:splunk";...
Unauthenticated Reflected XSS vulnarbility in Asus RT-N10 Plus router
Title:- Reflected XSS vulnarbility in Asus RT-N10 Plus router Author: Kaustubh G. Padwad Product: ASUS Router RT-N10 Plus Firmware: 2.1.1.1.70 Severity: HIGH Auth: Not requierd Description: Vulnerable Parameter: flag= Vulnerability Class: Cross Site Scripting...
Adobe Flash Player Unspecified Code Execution Vulnerability (Jan 2015) - Linux
Adobe Flash Player is prone to unspecified arbitrary code execution vulnerability. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
WordPress Photocrati Theme 'prod_id' XSS Vulnerability
The WordPress theme Photocrati is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
AdaptCMS 3.0.3 Multiple Persistent XSS Vulnerabilities
Summary AdaptCMS is a Content Management System trying to be both simple and easy to use, as well as very agile and extendable. Not only so we can easily create Plugins or additions, but so other developers can get involved. Using CakePHP we are able to achieve this with a built-in plugin system...
Flat Calendar 1.1 HTML Injection
!/usr/bin/perl -w Title : Flat Calendar v1.1 HTML Injection Exploit Download : http://www.circulargenius.com/flatcalendar/FlatCalendar-v1.1.zip Author : ZoRLu / [email protected] Website : http://milw00rm.com / its online Twitter : https://twitter.com/milw00rm or @milw00rm Test : Windows7 Ultima...
iBackup Local Privilege Escalation Vulnerability - Windows
iBackup is prone to a local privilege escalation vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
LibreOffice RTF File Handling Multiple Vulnerabilities (Nov 2014) - Windows
LibreOffice is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:libreoffice:libreoffice";...
Wireshark Denial-of-Service Vulnerability-02 (Nov 2014) - Mac OS X
Wireshark is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wireshark:wireshark"...
RobotStats 1.0 - HTML Injection
Title : RobotStats v1.0 HTML Injection Vulnerability Author : ZoRLu / [email protected] / [email protected] Home : http://milw00rm.com / its online Twitter : https://twitter.com/milw00rm or @milw00rm Date : 22.11.2014 Demo : http://alpesoiseaux.free.fr/robotstats/ Download :...
WordPress CM Download Manager Plugin Remote PHP Code Execution Vulnerability
The CM Download Manager for WordPress is prone to remote PHP-code execution vulnerability SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Juniper Networks Junos OS RSVP DoS Vulnerability (JSA10652)
Juniper Networks Junos OS is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Microsoft Window Audio Service Privilege Escalation Vulnerability (3005607)
This host is missing an important security update according to Microsoft Bulletin MS14-071. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
Multiple D-Link Products Command Injection Vulnerability (Nov 2014) - Active Check
Multiple D-Link products are prone to a command injection vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description...
Python Integer Overflow Vulnerability 01 (Oct 2014) - Mac OS X
Python is prone to an integer overflow vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:python:python"; ifdescripti...
Microsoft Windows FAT32 Disk Partition Driver Privilege Escalation Vulnerability (2998579)
This host is missing an important security update according to Microsoft Bulletin MS14-063. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...