Lucene search
K

2730 matches found

Prion
Prion
added 2009/08/04 4:30 p.m.9 views

Directory traversal

Directory traversal vulnerability in ZNC before 0.072 allows remote attackers to overwrite arbitrary files via a crafted DCC SEND request...

7.5CVSS6.7AI score0.02918EPSS
Exploits0References7Affected Software1
OSV
OSV
added 2009/08/04 4:30 p.m.1 views

DEBIAN-CVE-2009-2658

Directory traversal vulnerability in ZNC before 0.072 allows remote attackers to overwrite arbitrary files via a crafted DCC SEND request...

7.5CVSS7AI score0.02918EPSS
Exploits0References1
OSV
OSV
added 2009/08/04 4:30 p.m.8 views

CVE-2009-2658

Directory traversal vulnerability in ZNC before 0.072 allows remote attackers to overwrite arbitrary files via a crafted DCC SEND request...

6.4AI score
Exploits0References8
Cvelist
Cvelist
added 2009/08/04 4:13 p.m.24 views

CVE-2009-2658

Directory traversal vulnerability in ZNC before 0.072 allows remote attackers to overwrite arbitrary files via a crafted DCC SEND request...

6.3AI score0.02918EPSS
Exploits0References7
Debian CVE
Debian CVE
added 2009/08/04 4:13 p.m.17 views

CVE-2009-2658

Directory traversal vulnerability in ZNC before 0.072 allows remote attackers to overwrite arbitrary files via a crafted DCC SEND request...

7.5CVSS5.8AI score0.02918EPSS
Exploits0
NVD
NVD
added 2009/07/16 4:30 p.m.23 views

CVE-2009-2481

mt-wizard.cgi in Six Apart Movable Type before 4.261, when global templates are not initialized, allows remote attackers to bypass access restrictions and 1 send e-mail to arbitrary addresses or 2 obtain sensitive information via unspecified vectors...

5.8CVSS6.6AI score0.01233EPSS
Exploits0References6
0day.today
0day.today
added 2009/04/21 12:0 a.m.15 views

Dokeos LMS <= 1.8.5 (whoisonline.php) PHP Code Injection Exploit

Exploit for unknown platform in category web applications ================================================================ Dokeos LMS = 1.8.5 whoisonline.php PHP Code Injection Exploit ================================================================ ?php /...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2009/04/07 12:0 a.m.15 views

Lanius CMS 0.5.2 - Arbitrary File Upload

Lanius CMS 0.5.2 - Arbitrary File Upload = 0.4.6 and Lanius CMS $maxsz 53. return sprintfUPLOADTOOBIG, convertbytes$filesz, convertbytes$maxsz; 54. 55. $thyname = basenameurldecode$FILES$elem'name'; 56. if isset$allowedext 57. $ext = fileext$thyname; 58. if $ext==='' || !inarray$ext, $allowedext...

Exploits0
RedHat Linux
RedHat Linux
added 2009/04/01 8:23 a.m.6 views

kernel: rt_cache leak leads to lack of network connectivity

The icmpsend function in net/ipv4/icmp.c in the Linux kernel before 2.6.25, when configured as a router with a REJECT route, does not properly manage the Protocol Independent Destination Cache aka DST in some situations involving transmission of an ICMP Host Unreachable message, which allows remo...

7.1CVSS6.2AI score0.04623EPSS
Exploits2References4
Cvelist
Cvelist
added 2009/03/23 7:26 p.m.22 views

CVE-2009-1047

Cross-site scripting XSS vulnerability in the Send by e-mail module in the "Printer, e-mail and PDF versions" module 5.x before 5.x-4.4 and 6.x before 6.x-1.4, a module for Drupal, allows remote attackers to inject arbitrary web script or HTML via vectors involving outbound HTML e-mail...

5.7AI score0.00845EPSS
Exploits0References2
CVE
CVE
added 2009/03/23 7:26 p.m.61 views

CVE-2009-1047

CVE-2009-1047 is a Drupal XSS vulnerability in the Send by e-mail module of the Printer, e-mail and PDF versions module. The issue affects Drupal 5.x before 5.x-4.4 and 6.x before 6.x-1.4, enabling remote attackers to inject arbitrary web script or HTML via outbound HTML e-mail. Impact is web ses...

4.3CVSS5.8AI score0.00845EPSS
Exploits0References2Affected Software2
Prion
Prion
added 2009/03/20 6:30 p.m.17 views

Design/Logic Flaw

Unspecified vulnerability in the Send by e-mail module in the "Printer, e-mail and PDF versions" module 5.x before 5.x-4.4 and 6.x before 6.x-1.4, a module for Drupal, allows remote attackers to send unlimited spam messages via unknown vectors related to the flood control API...

5CVSS7.2AI score0.01186EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2009/03/20 6:0 p.m.50 views

CVE-2009-1037

CVE-2009-1037 affects Drupal’s Send by e-mail module within the "Printer, e-mail and PDF versions" module. The vulnerability concerns the flood control API and allows remote attackers to cause unlimited spam messages via vectors related to flood control behavior. Affected versions are 5.x before ...

5CVSS6.8AI score0.01186EPSS
Exploits0References4Affected Software1
myhack58
myhack58
added 2008/12/25 12:0 a.m.29 views

Wordpress 2.7.0 admin remote code execution vulnerability-vulnerability warning-the black bar safety net

by Ryatpuretot mail: puretot at gmail dot com team: http://www.80vul.com date: 2008-12-18 Analysis: This vulnerability out in the background: wp-admin/post.php if currentusercan'editpost', $postID if $last = wpcheckpostlock $post-ID $lastuser = getuserdata $last ; $lastusername = $lastuser ?...

8.2AI score
Exploits0
OSV
OSV
added 2008/12/10 12:30 a.m.1 views

DEBIAN-CVE-2008-4311

The default configuration of system.conf in D-Bus aka DBus before 1.2.6 omits the sendtype attribute in certain rules, which allows local users to bypass intended access restrictions by 1 sending messages, related to sendrequestedreply; and possibly 2 receiving messages, related to...

4.6CVSS6.7AI score0.00409EPSS
Exploits0References1
NVD
NVD
added 2008/12/10 12:30 a.m.15 views

CVE-2008-4311

The default configuration of system.conf in D-Bus aka DBus before 1.2.6 omits the sendtype attribute in certain rules, which allows local users to bypass intended access restrictions by 1 sending messages, related to sendrequestedreply; and possibly 2 receiving messages, related to...

4.6CVSS5.9AI score0.00409EPSS
Exploits0References17
exploitpack
exploitpack
added 2008/11/19 12:0 a.m.20 views

MyTopix 1.3.0 - SQL Injection

MyTopix 1.3.0 - SQL Injection evil = ''; $this - socket = socketcreateAFINET, SOCKSTREAM, SOLTCP; $this - inj = '-1+UNION+SELECT+concatmembersname,0x3a,memberspass+FROM+mymembers+WHERE+membersid=2--'; private function send$packet if!$this - socket $this - socket = socketcreateAFINET, SOCKSTREAM,...

0.1AI score
Exploits0
Packet Storm
Packet Storm
added 2008/10/31 12:0 a.m.32 views

absolutefilesend-cookie.txt

| | / | \ \ / / / | / | | | | \ | | | | \ V / | | | | | | | | | | | | | || | | | | | | | | | | | | | | || | / || | || \ | Author : Hakxer Home : Www.educ-up.com Type Gap : Insecure cookie handling script : Absloute File Send see script http://www.xigla.com/afilesend/demo.htm Greetz : Allah ,...

7.4AI score
Exploits0
seebug.org
seebug.org
added 2008/10/31 12:0 a.m.23 views

Absolute File Send 1.0 Remote Cookie Handling Vulnerability

No description provided by source. | | / | \ \ / / / | / | | | | \ | | | | \ V / | | | | | | | | | | | | | || | | | | | | | | | | | | | | || | / || | || \ | Author : Hakxer Home : Www.educ-up.com Type Gap : Insecure cookie handling script : Absloute File Send see script...

7.1AI score
Exploits0
0day.today
0day.today
added 2008/10/30 12:0 a.m.50 views

Absolute File Send 1.0 Remote Cookie Handling Vulnerability

Exploit for unknown platform in category web applications =========================================================== Absolute File Send 1.0 Remote Cookie Handling Vulnerability =========================================================== | | / | \ \ / / / | / | | | | \ | | | | \ V / | | | | | | |...

7.1AI score
Exploits0
Rows per page
Query Builder