Lucene search
K

69 matches found

seebug.org
seebug.org
added 2009/08/28 12:0 a.m.18 views

Wordpress Plugin WP-Syntax <= 0.9.1 Remote Command Execution

No description provided by source. ====================================================================== Wordpress plugin WP-Syntax = 0.9.1 Remote Code Execution ====================================================================== This vulnerability was originally discovered by Raz0r on...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2009/08/27 12:0 a.m.19 views

WordPress WP-Syntax 0.9.1 Command Execution

====================================================================== Wordpress plugin WP-Syntax $functions if isnull$functions continue; foreach$functions as $function $string = calluserfuncarray$function, array$string; return $string; ... Global variable testfilter is not defined, so...

7.4AI score
Exploits0
Prion
Prion
added 2008/07/31 10:41 p.m.11 views

Session fixation

Session fixation vulnerability in phpFreeChat 1.1 allows remote authenticated users to hijack web sessions by setting the sessionid parameter to match the victim's nickid parameter...

6.5CVSS6.7AI score0.01158EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2007/07/16 10:0 p.m.26 views

CVE-2007-3799

The sessionstart function in ext/session in PHP 4.x up to 4.4.7 and 5.x up to 5.2.3 allows remote attackers to insert arbitrary attributes into the session cookie via special characters in a cookie that is obtained from 1 PATHINFO, 2 the sessionid function, and 3 the sessionstart function, which...

7.7AI score0.07919EPSS
Exploits0References32
0day.today
0day.today
added 2007/05/24 12:0 a.m.16 views

Dokeos <= 1.6.5 (courseLog.php scormcontopen) SQL Injection Exploit

Exploit for unknown platform in category web applications =================================================================== Dokeos = 1.6.5 courseLog.php scormcontopen SQL Injection Exploit =================================================================== !/usr/bin/perl -w Dokeos = 1.6.5 SQL...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2007/03/06 12:0 a.m.24 views

Advisory4-20022007.txt

--------------------------------------------------------------------------------- | . | | \ \ / /||/ | | | \ Y / | \ \ \ | \ \ \ / / | | \ / | || | /| | | | // \ | | / |||| || |/ //\ \ | | / / | | Security without illusions | | www.virtuax.be | | |...

7.4AI score
Exploits0
0day.today
0day.today
added 2006/11/03 12:0 a.m.23 views

PostNuke <= 0.763 (PNSV lang) Remote Code Execution Exploit

Exploit for unknown platform in category web applications =========================================================== PostNuke = 0.763 PNSV lang Remote Code Execution Exploit =========================================================== ? print ' ::::::::: :::::::::: ::: ::: ::::::::::: ::: :+: :+:...

7.1AI score
Exploits0
0day.today
0day.today
added 2006/05/01 12:0 a.m.13 views

Invision Power Board 2.* commands execution exploit

Exploit for php platform in category web applications !/usr/bin/perl Invision Power Board 2. commands execution exploit by RST/GHC vulnerable versions new Proto = "tcp", PeerAddr = "$host", PeerPort = "80" || die "- CONNECTION FAILED"; $login = s/./"%".ucsprintf"%2.2x",ord$1/eg; $password =...

7.1AI score
Exploits0
CVE
CVE
added 2005/11/16 7:37 a.m.47 views

CVE-2003-1245

The CVE-2003-1245 issue affects Mambo Site Server (CMS) in version 4.0.12, where index2.php allows a remote attacker to gain administrator access by sending a URL with session_id set to the MD5 hash of a valid session cookie. Root cause is improper validation of cookies, enabling session imperson...

10CVSS6.9AI score0.04144EPSS
Exploits1References3
Rows per page
Query Builder