28 matches found
EUVD-2012-6607
Malware in sbrugna...
EUVD-2012-4211
Malware in sbrugna...
CVE-2012-10061
Sockso Music Host Server versions = 1.5 are vulnerable to a path traversal flaw that allows unauthenticated remote attackers to read arbitrary files from the server’s filesystem. The vulnerability exists in the HTTP interface on port 4444, where the endpoint /file/ fails to properly sanitize...
CVE-2012-10061
Sockso Music Host Server versions = 1.5 are vulnerable to a path traversal flaw that allows unauthenticated remote attackers to read arbitrary files from the server’s filesystem. The vulnerability exists in the HTTP interface on port 4444, where the endpoint /file/ fails to properly sanitize...
CVE-2012-10061 Sockso Music Host Server <= 1.5 Path Traversal
Sockso Music Host Server versions = 1.5 are vulnerable to a path traversal flaw that allows unauthenticated remote attackers to read arbitrary files from the server’s filesystem. The vulnerability exists in the HTTP interface on port 4444, where the endpoint /file/ fails to properly sanitize...
CVE-2012-10061 Sockso Music Host Server <= 1.5 Path Traversal
Sockso Music Host Server versions = 1.5 are vulnerable to a path traversal flaw that allows unauthenticated remote attackers to read arbitrary files from the server’s filesystem. The vulnerability exists in the HTTP interface on port 4444, where the endpoint /file/ fails to properly sanitize...
CVE-2012-10061
Sockso Music Host Server
CVE-2012-10061
Sockso Music Host Server versions = 1.5 are vulnerable to a path traversal flaw that allows unauthenticated remote attackers to read arbitrary files from the server’s filesystem. The vulnerability exists in the HTTP interface on port 4444, where the endpoint /file/ fails to properly sanitize...
Sockso Music Host Server 安全漏洞
Sockso Music Host Server is a music streaming media player from the individual developer Rhodri Pugh. A security vulnerability exists in Sockso Music Host Server version 1.5 and earlier, which stems from a path traversal vulnerability in the HTTP interface that could lead to reading arbitrary fil...
CVE-2012-4267
Cross-site scripting XSS vulnerability in user/register in Sockso 1.5 and earlier allows remote attackers to inject arbitrary web script or HTML via the name parameter...
Sockso Music Host Server 1.5 Directory Traversal
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Sockso Music Host Server 1.5 Directory Traversal', 'Description' = %q This module exploits a directory traversal bug in Sockso on port 4444. This...
CVE-2012-10061
creationtimestamp| type| source ---|---|--- 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/http/socksotraversal.rb 2025-10-23 21:12:57+00:00| seen| MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7...
Sockso <= 1.51 - Persistent XSS
No description provided by source. Application: Sockso http://sockso.pu-gh.com Versions: = 1.5 Platforms: Windows, Mac, Linux Bug: Persistant XSS Exploitation: remote Date: 11 May 2012. Author: Ciaran McNally Web: http://smwyg.com/blog/sockso-persistant-xss-attack Google Dork: inurl:4444 sockso 1...
sockso <= 1.5 - Directory Traversal
No description provided by source. Luigi Auriemma Application: Sockso http://sockso.pu-gh.com Versions: = 1.5 Platforms: Windows, Mac, Linux Bug: directory traversal Exploitation: remote Date: 14 Mar 2012 Author: Luigi Auriemma e-mail: [email protected] web: aluigi.org 1 Introduction 2 Bug 3 T...
CVE-2012-4267
Cross-site scripting XSS vulnerability in user/register in Sockso 1.5 and earlier allows remote attackers to inject arbitrary web script or HTML via the name parameter...
Cross site scripting
Cross-site scripting XSS vulnerability in user/register in Sockso 1.5 and earlier allows remote attackers to inject arbitrary web script or HTML via the name parameter...
CVE-2012-4267
Cross-site scripting XSS vulnerability in user/register in Sockso 1.5 and earlier allows remote attackers to inject arbitrary web script or HTML via the name parameter...
CVE-2012-4267
CVE-2012-4267 describes a stored/persistent XSS in Sockso’s user/register endpoint for Sockso 1.5 and earlier, where an attacker can inject arbitrary script or HTML via the name parameter. The affected component is the registration flow (user/register) in Sockso prior to version 1.6, with the roo...
Sockso <= 1.51 XSS Vulnerability - Active Check
Sockso is prone to persistent cross-site scripting XSS vulnerability. Copyright C 2012 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...
Sockso <=1.51 Persistent XSS Vulnerability
Exploit for php platform in category web applications Application: Sockso http://sockso.pu-gh.com Versions: alert'xss'; Or the admin cookie session can also be retrieved by using... new Image...