Lucene search
K

354 matches found

Exploit DB
Exploit DB
added 2009/09/15 12:0 a.m.38 views

NetAccess IP3 - (Authenticated) Ping Option Command Injection

NetAccess IP3 - Force into shell By: r00t Shouts: G., Tee, ES, s1ngl3, and D1g1t5 Requirements: Remote access to an IP3 Any level control panel username/password Vendor Information: Thanks to Sebastian Wolfgarten sebastian at wolfgarten dot com for including vendor information in his AFD vuln...

7.4AI score
Exploits0
myhack58
myhack58
added 2009/08/05 12:0 a.m.20 views

Joe guest(JoeKoe) CMS 4.0 background to get shell-vulnerability warning-the black bar safety net

Without any technology, purely blind Simon Joe guestJoeKoe CMS 4.0 background to get the shell. Come backstage—system administration—site configuration—site namein the site name there is written a word. ! joekoeshell1 Then by word of the link is connected. www.XXX.com/index.asp !...

0.6AI score
Exploits0
myhack58
myhack58
added 2009/08/02 12:0 a.m.24 views

Alternative get 94kk Forum administrator password to get the shell-vulnerability warning-the black bar safety net

Excerpt from: Qglfnt's Blog Not much to say, directly into the topic. Can to on Google to the“Powered by 94kk 2.1.0”this is 94KKBBS the latest edition, as a keyword search. Just find a forum, click on“login”in the login do not fill in the user name and password, but directly click on the“Forgot...

7.3AI score
Exploits0
myhack58
myhack58
added 2009/07/16 12:0 a.m.57 views

xml. http download get SHELL-vulnerability warning-the black bar safety net

Excerpts from: hi.baidu.com/systemexp Note the following statement in SA under the purview of the Executive, for N more extended stored procedure is deleted when using the best results. DECLARE @B varbinary8 0 0 0, @hr int, @http INT, @down INT EXEC spoacreate Microsoft. XMLHTTP,@http output ;EXE...

0.1AI score
Exploits0
myhack58
myhack58
added 2009/06/10 12:0 a.m.20 views

php version ewebeditor 3.8. vulnerability-vulnerability warning-the black bar safety net

php 版本 后台 是 调用 ../ewebeditor/admin/config.php,we went to look at the source code will know, here I talk about using the method: 1 First of course to find a landing back,默认 是 ../eWebEditor/admin/login.php,into the background after casually enter a user and password,of course,will prompt an error,...

0.2AI score
Exploits0
myhack58
myhack58
added 2008/09/29 12:0 a.m.19 views

iShowMusic V1. 2 direct write shell vulnerability-vulnerability warning-the black bar safety net

By qiur3n http://www.wolvez.org/ 2008-06-17 iShow Music is a basic set in the PHP+TXT online music player. The program uses text data stored in a way, without MYSQL database support, and the program code and interface templates separated, and easy to your music website interface to modify. Offici...

7AI score
Exploits0
seebug.org
seebug.org
added 2008/07/12 12:0 a.m.33 views

iShowMusic V1.2 写入shell漏洞

iShow Music 是一套基本于PHP+TXT的在线音乐播放程序。程序采用文本数据存储方式,无需MYSQL数据库支持,同时程序代码与界面模板分离,方便你的音乐网站界面修改。 在error.php 12-26行 elseif $POST'action'=="save" $cknumon && GdConfirm$gdcode; ifempty$id Showmsg"no","你还未选择歌曲呢!","返回重新填写","javascript:history.back-1"; exit; elseifempty$POST'user'...

7.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2008/07/08 12:0 a.m.31 views

MS08-038: Vulnerability in Windows Explorer Could Allow Remote Code Execution (950582)

The remote version of Windows contains a version of the Windows Shell that contains a vulnerability in the way it handles saved searches. An attacker might use this flaw to trick an administrator to execute a saved search and therefore execute arbitrary commands on his behalf. C Tenable Network...

9.3CVSS6AI score0.28561EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2007/02/13 12:0 a.m.22 views

MS07-006: Vulnerability in Windows Shell Could Allow Elevation of Privilege (928255)

The remote version of Windows contains a version of the Windows Shell that contains a vulnerability in the way it performs detection and registration of new hardware. An authenticated user may exploit this vulnerability to elevate his privileges. Tenable Network Security, Inc. include"compat.inc"...

7.2CVSS5.6AI score0.02571EPSS
Exploits0References2
Packet Storm
Packet Storm
added 2007/01/13 12:0 a.m.43 views

mpsw-rfi.txt

magic photo storage website -- Remote File Inclusion Vendor : http://www.scriptaty.net/magic-photo-storage-website.html Demo Site : http://www.turnkeydemos.info/demo/picstorage/ Found By : k1tk4t - k1tk4t4tnewhack.org Location : Indonesia -- newhackdotorg @irc.dal.net file; commonfunction.php bug...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2006/06/13 12:0 a.m.47 views

Flog 1.1.2 Version - Remote File Include Vulnerabilities

SaVSaK.CoM | SpC-x - The-BeKiR | Flog 1.1.2 Version - Remote File Include Vulnerabilities Risk : High Class: Remote Script : Flog Credits : SpC-x Thanks : The-BeKiR - Ejder - FasTBoY - ERNE - RMx - Nukedx - Str0ke Code : ?php $FLogdirplugins = 'plugins/'; $FLogdirdata = 'data/'; $FLogdirthemes =...

1.1AI score
Exploits0
CVE
CVE
added 2006/04/12 12:0 a.m.69 views

CVE-2006-0012

CVE-2006-0012 is a Windows Shell vulnerability in which Windows Explorer could incorrectly handle COM objects, enabling remote code execution if a user visits a malicious Web site or opens crafted files/directories. Affected products include Windows 2000 SP4, XP SP1/SP2, and Windows Server 2003 S...

5.1CVSS7.5AI score0.24069EPSS
Exploits0References14Affected Software6
CERT
CERT
added 2005/10/11 12:0 a.m.31 views

Microsoft Windows Shell fails to handle shortcut files properly

Overview Microsoft Windows Shell does not properly handle some shortcut files and may permit arbitrary code execution when a specially-crafted file is opened. Description Microsoft Windows supports files that point to another file, called "shortcut" files. These files have the .lnk extension, and...

10CVSS7.2AI score0.42749EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2005/04/12 12:0 a.m.28 views

MS05-016: Vulnerability in Windows Shell (893086)

The remote version of Windows contains a flaw in the Windows Shell that could allow an attacker to elevate his privileges and/or execute arbitrary code on the remote host. To exploit this flaw, an attacker would need to lure a victim into visiting a malicious website or into opening a malicious...

7.5CVSS5.8AI score0.51684EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2005/02/08 12:0 a.m.27 views

MS05-008: Vulnerability in Windows Shell (890047)

The remote version of Windows contains a flaw in the Windows Shell that could allow an attacker to elevate his privileges and/or execute arbitrary code on the remote host. To exploit this flaw, an attacker would need to lure a victim into visiting a malicious website or opening a malicious file...

7.5CVSS5.8AI score0.6349EPSS
Exploits1References2
securityvulns
securityvulns
added 2004/10/13 12:0 a.m.21 views

Windows Shell buffer overflow

No description provided...

2.8AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2004/09/29 12:0 a.m.23 views

Debian DSA-018-1 : tinyproxy - remote nobody exploit

PkC have found a heap overflow in tinyproxy that could be remotely exploited. An attacker could gain a shell user nobody remotely. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-018. The...

10CVSS5.5AI score0.13898EPSS
Exploits1References2
securityvulns
securityvulns
added 2004/07/14 12:0 a.m.79 views

Microsoft Security Bulletin MS04-024

Microsoft Security Bulletin MS04-024 Vulnerability in Windows Shell Could Allow Remote Code Execution 839645 Issued: July 13, 2004 Version: 1.2 Summary Who should read this document: Customers who use Microsoft® Windows® Impact of Vulnerability: Remote Code Execution Maximum Severity Rating:...

10CVSS0.2AI score0.46012EPSS
Exploits1
securityvulns
securityvulns
added 2004/07/14 12:0 a.m.31 views

Windows Shell file type spoofing

By using class id in content-disposition it's possible ti spoof file type. Content-Disposition: attachment; filename=malware.3050f4d8-98B5- 11CF-BB82-00AA00BDCE0Bfunballgitespiethrow2Empeg"...

1.9AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2004/07/13 12:0 a.m.39 views

MS04-024: Buffer overrun in Windows Shell (839645)

The remote host is running a version of Windows that has a flaw in its shell. An attacker could persuade a user on the remote host to execute a rogue program by using a CLSID instead of a file type, thus fooling the user into thinking that he will not execute an application but simply open a...

10CVSS5.7AI score0.46012EPSS
Exploits1References2
Rows per page
Query Builder