Lucene search
+L

994 matches found

patchstack
patchstack
added 2011/09/19 12:0 a.m.7 views

WordPress Disclosure Policy Plugin 1.0 - Remote File Inclusion

This WordPress Disclosure Policy plugin is prone to remote file include vulnerability. It allows an attacker to include a remote file and get access to the server. Solution Upgrade the plugin...

3.7AI score
Exploits0References1Affected Software1
patchstack
patchstack
added 2011/09/19 12:0 a.m.15 views

WordPress Annonces Plugin 1.2.0.0 - Remote File Inclusion

WordPress Annonces plugin is prone to remote file include vulnerability. It allows an attacker to include a remote file and get access to the server. Solution Upgrade the plugin...

4.8AI score
Exploits0References1Affected Software1
patchstack
patchstack
added 2011/09/19 12:0 a.m.8 views

WordPress TheCartPress Plugin 1.1.1 - Remote File Inclusion

TheCartPress plugin is prone to remote file include vulnerability. It allows an attacker to include a remote file and get access to the server. Solution Update the plugin...

4AI score
Exploits0References1Affected Software1
patchstack
patchstack
added 2011/09/19 12:0 a.m.9 views

WordPress Mailing List Plugin 1.3.2 - Remote File Inclusion

This Mailing List plugin is prone to remote file include vulnerability. It allows an attacker to include a remote file and get access to the server. Solution Upgrade the plugin...

4.1AI score
Exploits0References1Affected Software1
openvas
openvas
added 2011/06/01 12:0 a.m.12 views

Nmap NSE net: x11-access

Checks if you're allowed to connect to the X server. If the X server is listening on TCP port 6000+n where n is the display number, it is possible to check if you're able to get connected to the remote display by sending a X11 initial connection request. In reply, the success byte 0x00 or 0x01 wi...

7.3AI score
Exploits0
seebug
seebug
added 2011/05/05 12:0 a.m.41 views

Discuz! NT 3.1.0 后台拿webshell

简要描述: 通过后台写入aspx木马,直接拿到webshell,然后获取整个服务器权限。 详细说明: 1、访问http://127.0.0.1/admin/global/globaltemplatesedit.aspx?path=../tools/&filename=rss.aspx&templateid=1&templatename=Default,写入aspx木马。 2、写入aspx木马后,访问http://127.0.0.1/tools/rss.aspx就可以了。 漏洞证明:...

7.1AI score
Exploits0
thn
thn
added 2011/03/27 9:38 p.m.10 views

Comodo Hacker - "Comodogate" Iranian hacker claims all internet is insecure !

Comodo Hacker - "Comodogate" Iranian hacker claims all internet is insecure Message By Comodo Hacker : Hello I'm writing this to the world, so you'll know more about me.. At first I want to give some points, so you'll be sure I'm the hacker: I hacked Comodo from InstantSSL.it, their CEO's e-mail...

7.1AI score
Exploits0
thn
thn
added 2011/01/05 2:0 a.m.11 views

Unkn0wnV1rus said - Indian Reserve Bank is Venerable and easy to hack !

Unkn0wnV1rus said - Indian Reserve Bank is Venerable and easy to hack ! Hello Friends, Last night I got a email from "Unkn0wnV1rus" . He/she submit us a news about "Venerability of Indian Reserve Bank's website" . He claim that he have access to server . Purpose of publishing this news is just to...

6.7AI score
Exploits0
saint
saint
added 2011/01/05 12:0 a.m.79 views

SSH password weakness

Added: 01/05/2011 CVE: CVE-1999-0502 Background Passwords are the most commonly used method of authenticating users to a server. The combination of a login name and password is used to verify the identity of a user requesting access, and to determine what parts of the server the user has permissi...

7.5CVSS9.6AI score0.53618EPSS
Exploits41
saint
saint
added 2011/01/05 12:0 a.m.50 views

SSH password weakness

Added: 01/05/2011 CVE: CVE-1999-0502 Background Passwords are the most commonly used method of authenticating users to a server. The combination of a login name and password is used to verify the identity of a user requesting access, and to determine what parts of the server the user has permissi...

7.5CVSS9.9AI score0.53618EPSS
Exploits41
exploitpack
exploitpack
added 2010/09/26 12:0 a.m.72 views

Blue River Mura CMS - Directory Traversal

Blue River Mura CMS - Directory Traversal Sep 24, 2010 Title: Blue River Mura CMS Directory Traversal Version: 1.0 Issue type: Directory Traversal Affected vendor: Blue River Interactive Group Release date: 24/09/2010 Discovered by: Steven Seeley & Rohan Stelling Summary Mura CMS is an open sourc...

5CVSS0.06853EPSS
Exploits5
zdt
zdt
added 2010/09/25 12:0 a.m.74 views

FreePBX <= 2.8.0 Recordings Interface Allows Remote Code Execution

Exploit for php platform in category web applications ================================================================== FreePBX = 2.8.0 Recordings Interface Allows Remote Code Execution ================================================================== Vendor: FreePBX http://www.freepbx.org/...

7.1AI score0.09566EPSS
Exploits5
nvd
nvd
added 2010/08/20 8:0 p.m.11 views

CVE-2010-3098

Directory traversal vulnerability in IoRush Software FTP Rush 1.1.3 and possibly earlier allows remote FTP servers to overwrite arbitrary files via a ".." dot dot backslash in a filename...

9.3CVSS6.8AI score0.0152EPSS
Exploits0References2
packetstorm
packetstorm
added 2010/06/25 12:0 a.m.17 views

ActiveCollab 2.3.0 Directory Traversal / Local File Inclusion

============================================================ PAINSEC SECURITY RESEARCH GROUP SECURITY ADVISORY 2010-001 - Original release date: June 24th, 2010 - Discovered by: Jose Carlos de Arriba dade at painsec dot com - Severity: 10/10 Base CVSS Score...

7.4AI score
Exploits0
osv
osv
added 2010/05/05 1:22 p.m.2 views

DEBIAN-CVE-2010-0401

OpenTTD before 1.0.1 accepts a company password for authentication in response to a request for the server password, which allows remote authenticated users to bypass intended access restrictions or cause a denial of service daemon crash by sending a company password packet...

6.5CVSS7AI score0.01199EPSS
Exploits0References1
prion
prion
added 2009/12/29 11:30 p.m.17 views

Security feature bypass

The default configuration of Cisco ASA 5500 Series Adaptive Security Appliance Cisco ASA 7.0, 7.1, 7.2, 8.0, 8.1, and 8.2 allows portal traffic to access arbitrary backend servers, which might allow remote authenticated users to bypass intended access restrictions and access unauthorized web site...

6.5CVSS6.9AI score0.01307EPSS
Exploits0References6Affected Software1
cvelist
cvelist
added 2009/11/02 3:0 p.m.22 views

CVE-2009-3839

Unspecified vulnerability in the Solaris Trusted Extensions Policy configuration in Sun Solaris 10, and OpenSolaris snv37 through snv125, might allow remote attackers to execute arbitrary code by leveraging access to the X server...

7.7AI score0.0293EPSS
Exploits0References5
cve
cve
added 2009/09/15 10:0 p.m.67 views

CVE-2009-3166

Bugzilla 3.4rc1–3.4.1 vulnerability: token.cgi places a password in the login URL after a reset, allowing context-dependent attackers to obtain passwords via web server access logs, Referer logs, or browser history. The provided documents confirm Bugzilla involvement and CVE-2009-3166, but do not...

5CVSS6.2AI score0.01159EPSS
Exploits1References5Affected Software1
exploitdb
exploitdb
added 2009/06/08 12:0 a.m.43 views

Shop Script Pro 2.12 - SQL Injection

!/usr/bin/perl =about VENDOR Shop Script Pro 2.12 maybe other versions vulnerable too http://www.shop-script.com/ AUTHOR discovered & written by Ams ax330d doggy gmail dot com http://www.0x416d73.name/ VULN. DESCRIPTION Look in index.php at line 101. Variable $currentcurrency is set from...

7.4AI score
Exploits0
jvn
jvn
added 2008/12/25 7:22 a.m.4 views

BlackJumboDog authentication bypass vulnerability

Overview BlackJumboDog from SapporoWorks contains an authentication bypass vulbnerability. BlackJumboDog from SapporoWorks is a software that provides server functions for an intranet. BlackJumboDog contains an authentication bypass vulnerability. Tsuyoshi Ishibashi of Mitsui Bussan Secure...

5CVSS6.9AI score0.01474EPSS
Exploits0References6
Rows per page
Query Builder