Lucene search
+L

131 matches found

cvelist
cvelist
added 2020/04/16 4:57 p.m.19 views

CVE-2020-11815

In Rukovoditel 2.5.2, attackers can upload arbitrary file to the server by just changing the content-type value. As a result of that, an attacker can execute a command on the server. This specific attack only occurs without the Maintenance Mode setting...

9.7AI score0.02308EPSS
Exploits1References1
cvelist
cvelist
added 2020/04/15 2:56 p.m.23 views

CVE-2020-11535

An issue was discovered in ONLYOFFICE Document Server 5.5.0. An attacker can craft a malicious .docx file, and exploit XML injection to enter an attacker-controlled parameter into the x2t binary, to rewrite this binary and/or libxcb.so.1, and execute code on a victim's server...

9.7AI score0.02318EPSS
Exploits0References2
hackerone
hackerone
added 2019/03/05 3:6 p.m.33 views

Valve: Malformed map detailed texture files in GoldSrc games lead to Remote Code Execution

A crafted map detailed texture file maps/detail.txt can be used to exploit a stack overflow vulnerability in hw.dll that can lead to remote code execution. Reproduction I used Counter-Strike for PoCs. Using a listen server - Place attached csassaultdetail.txt in cstrike/maps folder - Start the ga...

0.4AI score
Exploits0
hackerone
hackerone
added 2019/01/13 10:57 p.m.61 views

Weblate: No Rate Limit On Add new word

Hello I found in that there is no limit in the place of adding a new word which allows the attacker to add an infinite number of words which may cause a problem in the site and the server Steps To Reproduce : 1. Go To https://hosted.weblate.org/dictionaries/andors-trail/en/add And Fill in fields...

Exploits0
zdt
zdt
added 2017/10/10 12:0 a.m.37 views

ArcGIS Server 10.3.1 RMIClassLoader useCodebaseOnly=false Code Execution Exploit

ArcGIS Server version 10.3.1 suffers from an RMIClassLoader useCodebaseOnly=false remote code execution vulnerability. Using an Esri-provided image on Azure's Marketplace, ArcGIS Server 10.3.1 started Java's rmid on port 1098 and explicitly set the property java.rmi.server.useCodebaseOnly equal t...

8AI score
Exploits0
hackerone
hackerone
added 2017/10/06 8:49 a.m.47 views

RubyGems: Remote code execution on rubygems.org

When parsing a gem POSTed to the /api/v1/gems endpoint, the rubygems.org application immediately calls Gem::Package.newbody.spec inside app/models/pusher.rb. The authors of the application correctly observed that parsing untrusted YAML is dangerous since it can serialize more or less arbitrary...

7.5CVSS9.3AI score0.15853EPSS
Exploits1
debiancve
debiancve
added 2017/07/13 8:0 p.m.49 views

CVE-2017-1000029

Removed by vendor...

7.5CVSS8.2AI score0.07605EPSS
Exploits0
packetstorm
packetstorm
added 2016/07/23 12:0 a.m.23 views

Autobahn|Python Origin Header Manipulation

Observation: Autobahn|Python incorrectly checks the Origin header when the 'allowedOrigins' value is set. This can allow third parties to execute legitimate requests for WAMP WebSocket requests against an Autobahn|Python/Crossbar.io server within another browser's context. Proof of Concept: The...

7.4AI score
Exploits0
openvas
openvas
added 2016/03/03 12:0 a.m.61 views

OpenSSL SSLv2 DROWN Attack Vulnerability - Windows

OpenSSL is prone to the DROWN attack vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:openssl:openssl"; ifdescripti...

5.9CVSS8.1AI score0.82112EPSS
Exploits2References4
exploitpack
exploitpack
added 2014/09/24 12:0 a.m.18 views

Glype 1.4.9 - Cookie Injection Directory Traversal Local File Inclusion

Glype 1.4.9 - Cookie Injection Directory Traversal Local File Inclusion ------------------------------------------------------------------------ Glype proxy cookie jar path traversal allows code execution ------------------------------------------------------------------------ Securify, September...

Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.44 views

Zimbra - Privilegie Escalation via LFI (0day)

No description provided by source. Exploit Title: Zimbra 0day exploit / Privilegie escalation via LFI Date: 06 Dec 2013 Exploit Author: rubina119 Contact Email : rubina119atgmail.com Vendor Homepage: http://www.zimbra.com/ Version: 2009, 2010, 2011, 2012 and early 2013 versions are afected, Teste...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.23 views

Gattaca Server 2003 Language Variable Path Exposure

No description provided by source. source: http://www.securityfocus.com/bid/10729/info It is reported that Gattaca Server 2003 contains multiple path disclosure vulnerabilities. By sending HTTP requests to Gattaca's web server, it is reportedly possible to cause the application to return error...

7.1AI score
Exploits0
metasploit
metasploit
added 2012/06/07 11:2 a.m.104 views

MS02-065 Microsoft IIS MDAC msadcs.dll RDS DataStub Content-Type Overflow

This module can be used to execute arbitrary code on IIS servers that expose the /msadc/msadcs.dll Microsoft Data Access Components MDAC Remote Data Service RDS DataFactory service. The service is exploitable even when RDS is configured to deny remote connections handsafe.reg. The service is...

7.5CVSS8.4AI score0.76004EPSS
Exploits5
packetstorm
packetstorm
added 2011/03/19 12:0 a.m.38 views

TailoredWeb Shell Upload

Title : TailoredWeb FileShell Upload Vulnerability Author: eXeSoul Home : www.indishell.in or www.andhrahackers.com Email : [email protected] date : 19/3/2011 D0rk : Developed By TailoredWeb.com category : Web Apps php .-" "-. / \ | eXeSoul | |, .-. .-. ,| | o/ \o | |/ /\ | @ ^^ \|IIIIII|/ @8@8 /...

7.4AI score
Exploits0
zdi
zdi
added 2010/12/14 12:0 a.m.361 views

Microsoft SharePoint Server Arbitrary File Upload Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Sharepoint Server utilizing Microsoft's Office Document Load Balancer. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Office Document...

10CVSS7.1AI score0.93916EPSS
Exploits9References1
myhack58
myhack58
added 2007/01/03 12:0 a.m.19 views

Borrow from the administrator login penetration-vulnerability warning-the black bar safety net

Software author: withered Ling roseN. C. P. H Information source: evil octal information security team The most important experience is that we have a thought:the administrator how to get in,we'll how to get in. This station of penetration is relatively slow,it took more than a week. The site ver...

7.7AI score
Exploits0
packetstorm
packetstorm
added 2006/09/13 12:0 a.m.26 views

phpNULL.txt

Author: ShAnKaR Title: multiple PHP application poison NULL byte vulnerability Applications: phpBB 2.0.21, punBB 1.2.12 Threat Level: Critical Original advisory in Russian: http://www.security.nnov.ru/Odocument221.html Poison NULL byte vulnerability for perl CGI applications was described in 1...

7.4AI score
Exploits0
seebug
seebug
added 2006/04/09 12:0 a.m.24 views

Sire 2.0 (lire.php) Remote File Inclusion/Arbitary File Upload Vulnerability

No description provided by source. +File Inclusion: Input passed to the "rub" parameter in "lire.php" isn't properly verified, before it is used to include remote files Successful exploitation requires that "registerglobals" is enabled. lire.php code ? 73 ifempty$GET"rub"$rub=rtrim$rubriques0; el...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2005/01/22 12:0 a.m.27 views

Golden FTP Server 2.02b - Remote Buffer Overflow

Golden FTP Server 2.02b - Remote Buffer Overflow !/usr/bin/perl -w Barabas - www.whitehat.co.il - cheers to muts and all peeps at WH. XPSP2 goldenftpserver sploit - bind 4444 use strict; use Net::FTP; my $payload="\x41"x260; $payload .="\x65\x82\xa5\x7c";jmpesp $payload .="\x90"x32;not really...

1.1AI score
Exploits0
nessus
nessus
added 2005/01/03 12:0 a.m.43 views

MySQL Eventum index.php email Parameter XSS

The MySQL Eventum install hosted on the remote web server is vulnerable to a cross-site scripting attack because it fails to sanitize user-supplied input to the 'email' parameter of the 'index.php' script before using it to generate dynamic HTML output. With a specially crafted URL, an attacker c...

5.6AI score
Exploits0References2
Rows per page
Query Builder