Lucene search
+L

210 matches found

Cvelist
Cvelist
added 2012/05/15 8:0 p.m.19 views

CVE-2012-1248

app/config/core.php in baserCMS 1.6.15 and earlier does not properly handle installations in shared-hosting environments, which allows remote attackers to hijack sessions by leveraging administrative access to a different domain...

6.7AI score0.02699EPSS
Exploits0References5
0day.today
0day.today
added 2012/04/28 12:0 a.m.65 views

MySQLDumper 1.24.4 Multiple Vulnerabilities

Exploit for php platform in category web applications ================================================================================================ Vulnerable Software: MySQLDumper Version 1.24.4 Downloaded from: http://sourceforge.net/projects/mysqldumper/files/ MD5 SUM:...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2012/02/28 7:38 a.m.11 views

Irongeek's Shared hosting MD5 Change Detection Script

Irongeek's Shared hosting MD5 Change Detection Script Adrian Crenshaw aka Irongeek just release another great tool for web admins that will monitor the files on a website, and report any changed via email. Actually "irongeek.com" was hacked few days back which is hosted on a shared hosting. There...

7.3AI score
Exploits0
Packet Storm
Packet Storm
added 2012/02/23 12:0 a.m.16 views

Interspire Shopping Cart Insecure Permissions

========= Product: Interspire Shopping Cart ========= Problem: config/config.php MUST be httpd-readable inter-domain read access permitted, which is a problem on shared hosting ========= About product: What is Interspire Shopping Cart? Interspire Shopping Cart is the most feature rich, all-in-one...

7.4AI score
Exploits0
ThreatPost
ThreatPost
added 2011/08/04 7:6 p.m.19 views

Massive Injection Campaign Affecting More Than Six Million Pages

We recently reported on a massive drive-by-download campaign affecting some 90,000 Web pages. In the less than two weeks since that report, the same campaign is now affecting more than six million pages. The obvious question is: why has there been such an aggressive increase in the number of...

7.1AI score
Exploits0References2
0day.today
0day.today
added 2011/03/31 12:0 a.m.46 views

Pligg CMS 1.1.3 Multiple Vulnerabilities

Exploit for php platform in category web applications Exploit title: Pligg CMS file existence exploration/shared hosting privilege escalation H.ackAck.net Found by: Jelmer de Hen 15/03/2011 I released some Pligg exploits: http://h.ackack.net/the-pligg-cms-0dayset-1.html 22/03/2011 a patch became...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2011/03/30 12:0 a.m.38 views

Pligg CMS 1.1.3 - Multiple Vulnerabilities

Pligg CMS 1.1.3 - Multiple Vulnerabilities Exploit title: Pligg CMS file existence exploration/shared hosting privilege escalation H.ackAck.net Found by: Jelmer de Hen 15/03/2011 I released some Pligg exploits: http://h.ackack.net/the-pligg-cms-0dayset-1.html 22/03/2011 a patch became evailable;...

0.4AI score
Exploits0
Exploit DB
Exploit DB
added 2011/03/30 12:0 a.m.29 views

Pligg CMS 1.1.3 - Multiple Vulnerabilities

Exploit title: Pligg CMS file existence exploration/shared hosting privilege escalation H.ackAck.net Found by: Jelmer de Hen 15/03/2011 I released some Pligg exploits: http://h.ackack.net/the-pligg-cms-0dayset-1.html 22/03/2011 a patch became evailable; patching took 7 days:...

7.4AI score
Exploits0
OpenVAS
OpenVAS
added 2011/02/22 12:0 a.m.38 views

Mandriva Update for tomcat5 MDVSA-2011:030 (tomcat5)

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

1.2CVSS5.5AI score0.01353EPSS
Exploits1References3
The Hacker News
The Hacker News
added 2010/11/11 12:49 a.m.9 views

Watcher 1.4.1 - latest version download

"Watcher is a runtime passive-analysis tool for HTTP-based Web applications. Being passive means it won't damage production systems, it's completely safe to use in Cloud computing, shared hosting, and dedicated hosting environments. Watcher detects Web-application security issues as well as...

6.7AI score
Exploits0
Apache Tomcat
Apache Tomcat
added 2010/10/21 12:0 a.m.46 views

Fixed in Apache Tomcat 7.0.4

Low: SecurityManager file permission bypass CVE-2010-3718 When running under a SecurityManager, access to the file system is limited but web applications are granted read/write permissions to the work directory. This directory is used for a variety of temporary files such as the intermediate file...

1.2CVSS5.3AI score0.01353EPSS
Exploits1Affected Software1
Exploit DB
Exploit DB
added 2010/02/11 12:0 a.m.46 views

PHP 5.3.1 - 'session_save_path() Safe_mode()' Restriction Bypass Exploiot

source: https://www.securityfocus.com/bid/38182/info PHP is prone to a 'safemode' restriction-bypass vulnerability. Successful exploits could allow an attacker to write session files in arbitrary directions. This vulnerability would be an issue in shared-hosting configurations where multiple user...

7AI score
Exploits0
securityvulns
securityvulns
added 2010/01/05 12:0 a.m.43 views

FreeWebshop.org: multiple vulnerabilities

------------------------------------------------------------------------ FreeWebshop.org: multiple vulnerabilities ------------------------------------------------------------------------ Yorick Koster, March 2009 ------------------------------------------------------------------------ Abstract...

0.3AI score
Exploits0
Packet Storm
Packet Storm
added 2009/12/30 12:0 a.m.26 views

FreeWebShop 2.2.9 R2 SQL Injection / Traversal / Etc

------------------------------------------------------------------------ FreeWebshop.org: multiple vulnerabilities ------------------------------------------------------------------------ Yorick Koster, March 2009 ------------------------------------------------------------------------ Abstract...

0.2AI score
Exploits0
OpenVAS
OpenVAS
added 2009/10/01 12:0 a.m.40 views

PHP 5.2.11, 5.3.0 Multiple Restriction-Bypass Vulnerabilities

PHP is prone to a SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.100281"...

6.8CVSS4.7AI score0.02096EPSS
Exploits4References8
0day.today
0day.today
added 2009/09/27 12:0 a.m.58 views

PHP <=5.3 - preg_match() full path disclosure

Exploit for unknown platform in category remote exploits ============================================= PHP =5.3 - pregmatch full path disclosure ============================================= Title: PHP =5.3 - pregmatch full path disclosure CVE-ID: OSVDB-ID: Author: David Vieira-Kurz Published:...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2009/09/27 12:0 a.m.29 views

PHP 5.3 - preg_match() Full Path Disclosure

PHP 5.3 - pregmatch Full Path Disclosure MajorSecurity Advisory 57PHP =5.3 - pregmatch full path disclosure Details ======= Product: PHP =5.3 Security-Risk: moderated Remote-Exploit: yes Vendor-URL: http://www.php.net/ Vendor-Status: informed Advisory-Status: published Credits ============...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2009/08/10 12:0 a.m.18 views

PHP 5.3 - mail.log Configuration Option open_basedir Restriction Bypass

PHP 5.3 - mail.log Configuration Option openbasedir Restriction Bypass source: https://www.securityfocus.com/bid/36007/info PHP is prone to an 'openbasedir' restriction-bypass vulnerability because of a design error. Successful exploits could allow an attacker to write files in unauthorized...

0.1AI score
Exploits0
Exploit DB
Exploit DB
added 2009/08/10 12:0 a.m.37 views

PHP 5.3 - &#039;mail.log&#039; Configuration Option &#039;open_basedir&#039; Restriction Bypass

source: https://www.securityfocus.com/bid/36007/info PHP is prone to an 'openbasedir' restriction-bypass vulnerability because of a design error. Successful exploits could allow an attacker to write files in unauthorized locations. This vulnerability would be an issue in shared-hosting...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2009/04/10 12:0 a.m.25 views

PHP 5.2.9 cURL - Safe_mode open_basedir Restriction Bypass

PHP 5.2.9 cURL - Safemode openbasedir Restriction Bypass source: https://www.securityfocus.com/bid/34475/info PHP is prone to a 'safemode' and 'openbasedir' restriction-bypass vulnerability. Successful exploits could allow an attacker to access files in unauthorized locations. This vulnerability...

0.2AI score
Exploits0
Rows per page
Query Builder