CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Check Point Advisories•added 2009/12/09 12:0 a.m.•1 views

Microsoft IIS WebDAV Request Source Code Disclosure

The Internet Information Server IIS is a collection of Internet services packaged with several versions of the Windows operating system. IIS includes a Web server service that is capable of serving static, as well as dynamic content. The Web server is equipped with the Active Server Pages ASP...

6.9AI score

seebug.org•added 2009/11/24 12:0 a.m.•24 views

Xerver服务器HTTP请求源码泄露漏洞

CVE ID: CVE-2009-3544 Xerver是一个免费的包括Web与FTP的服务器。远程攻击者可以通过向Xerver HTTP服务器提交文件名前附加了::$DATA的特制HTTP请求泄露所请求文件的内容。 Xerver 4.32 厂商补丁： Xerver ------ 目前厂商还没有提供补丁或者升级程序，我们建议使用此软件的用户随时关注厂商的主页以获取最新版本： http://www.javascript.nu/xerver/ http://172.16.2.101/index.html::$DATA http://172.16.2.101/default.asp::$DA...

5CVSS6.4AI score0.03844EPSS

Exploits1

Check Point Advisories•added 2009/11/18 12:0 a.m.•9 views

Microsoft IIS ASP Scripts Source Code Disclosure (CVE-2005-2678)

The Internet Information Server IIS is a Web server packaged with several versions of the Windows operating system. The server is capable of serving static, as well as dynamic content. The server is equipped with the Active Server Pages ASP technology which is utilized for dynamic content...

5CVSS6.3AI score0.44457EPSS

securityvulns•added 2009/11/09 12:0 a.m.•188 views

Vulnerabilities in Pigalle

Hello 3APA3A! I want to warn you about multiple security vulnerabilities in Pigalle. These are Information Leakage, Full path disclosure and Cross-Site Scripting vulnerabilities. Information Leakage: http://site/index.php Versions of PHP, MySQL and web server are shown in meta-tags in source of a...

0.3AI score

myhack58•added 2009/10/31 12:0 a.m.•17 views

Pony hide another method-vulnerability warning-the black bar safety net

The following is the source code.. you can set the parameters of the content plus the pony and then encrypted. OK.. html body % if request"dst""dst" then 'determine whether the parameters are correct. Incorrect access a non-existent address response. write"iframe src=dst width='1 0 0%' height='1 ...

1.5AI score

Exploit DB•added 2009/10/30 12:0 a.m.•32 views

CubeCart 4 - Session Management Bypass

CubeCart 4 Session Management Bypass Release Date: 2009/10/29 Author: Bogdan Calin bogdan at acunetix dot com Severity: Critical Vendor Status: Vendor has released an updated version I. Background From Wikipedia: CubeCart is a free-to-use eCommerce software solution, designed to allow individuals...

Packet Storm•added 2009/10/28 12:0 a.m.•25 views

Oscailt 3.3 Local File Inclusion

0 Oscailt 3.3 CMS 0 Download: http://sourceforge.net/projects/oscailt/ 0 Bug: Local File Inclusion in index.php file ! 0 Author: [email protected] 0 Team: Fatal Error 0 Poc: http://www.site.com/index.php?objid=/../../../../../../../../../../proc/self/environ%00 0...

myhack58•added 2009/10/28 12:0 a.m.•15 views

Teach you to quickly locate the target website source code-bug warning-the black bar safety net

First look at an example: The target site is a shopping site, wherein a section of the“My selling”point of the path is: mycsproc. asp-- This page name is very characteristic, Oh To www. seeknot. com the search bar in the input mycsproc. asp, select the default directory to find the way, to submit...

7AI score

seebug.org•added 2009/10/28 12:0 a.m.•21 views

Microsoft SharePoint团队协作服务下载功能源代码信息泄漏漏洞

Bugraq ID: 36817 Microsoft SharePoint Server是一款服务器功能集成套件，提供全面的内容管理和企业搜索、加速共享业务流程并便利跨界限信息共享。 Microsoft SharePoint团队协作服务Team Services的下载功能存在漏洞，可导致泄漏ASP.NET文件源代码。 SharePoint Team Services存储各种文件到它的后端数据库中，这些文件包含站点模板，定制ASP.NET页和用于上传到文档库的应用脚本。...

6.8AI score

0day.today•added 2009/10/28 12:0 a.m.•32 views

Oscailt CMS 3.3 Local File Inclusion

Exploit for unknown platform in category web applications ==================================== Oscailt CMS 3.3 Local File Inclusion ==================================== 0 Oscailt 3.3 CMS 0 Download: http://sourceforge.net/projects/oscailt/ 0 Bug: Local File Inclusion in index.php file ! 0 Poc:...

securityvulns•added 2009/10/26 12:0 a.m.•44 views

SharePoint 2007 ASP.NET Source Code Disclosure

======= Summary ======= Name: SharePoint Team Services source code disclosure through download facility Release Date: 21 October 2009 Reference: NGS00532 Discover: Daniel Martin [email protected] Vendor: Microsoft Systems Affected: SharePoint 2007 12.0.0.6219, 12.0.0.4518 and possibly others...

6.5AI score

Packet Storm•added 2009/10/26 12:0 a.m.•60 views

SharePoint Source Code Disclosure

======= Summary ======= Name: SharePoint Team Services source code disclosure through download facility Release Date: 21 October 2009 Reference: NGS00532 Discover: Daniel Martin Vendor: Microsoft Systems Affected: SharePoint 2007 12.0.0.6219, 12.0.0.4518 and possibly others Risk: Medium Status:...

0day.today•added 2009/10/26 12:0 a.m.•33 views

SharePoint 2007 Team Services source code disclosure

Exploit for unknown platform in category web applications ==================================================== SharePoint 2007 Team Services source code disclosure ==================================================== ======= Summary ======= Name: SharePoint Team Services source code disclosure...

seebug.org•added 2009/10/26 12:0 a.m.•43 views

SharePoint 2007 Team Services source code disclosure

No description provided by source. ======= Summary ======= Name: SharePoint Team Services source code disclosure through download facility Release Date: 21 October 2009 Reference: NGS00532 Discover: Daniel Martin [email protected] Vendor: Microsoft Systems Affected: SharePoint 2007...

exploitpack•added 2009/10/26 12:0 a.m.•38 views

SharePoint 2007 - Team Services Source Code Disclosure

SharePoint 2007 - Team Services Source Code Disclosure ======= Summary ======= Name: SharePoint Team Services source code disclosure through download facility Release Date: 21 October 2009 Reference: NGS00532 Discover: Daniel Martin Vendor: Microsoft Systems Affected: SharePoint 2007 12.0.0.6219,...

7.6AI score

Exploit DB•added 2009/10/26 12:0 a.m.•41 views

SharePoint 2007 - Team Services Source Code Disclosure

======= Summary ======= Name: SharePoint Team Services source code disclosure through download facility Release Date: 21 October 2009 Reference: NGS00532 Discover: Daniel Martin Vendor: Microsoft Systems Affected: SharePoint 2007 12.0.0.6219, 12.0.0.4518 and possibly others Risk: Medium Status:...

Packet Storm•added 2009/10/23 12:0 a.m.•19 views

Mongoose Web Server 2.8.0 Source Disclosure

Mongoose Web Server = 2.8.0 Remote Source Disclosure Found By: DrIDE Tested On: Windows XPSP3 Download: http://code.google.com/p/mongoose/ - Description - Mongoose Web Server = 2.8.0 is a Windows based HTTP server. This is the latest version of the application available. Mongoose is vulnerable to...

seebug.org•added 2009/10/23 12:0 a.m.•12 views

Mongoose Web Server 2.8.0 Source Disclosure

No description provided by source. Mongoose Web Server = 2.8.0 Remote Source Disclosure Found By: DrIDE Tested On: Windows XPSP3 Download: http://code.google.com/p/mongoose/ - Description - Mongoose Web Server = 2.8.0 is a Windows based HTTP server. This is the latest version of the application...

Exploit DB•added 2009/10/23 12:0 a.m.•35 views

Mongoose Web Server 2.8 - Source Disclosure