Lucene search
K

75 matches found

Packet Storm
Packet Storm
added 2011/10/04 12:0 a.m.35 views

CA Total Defense Suite reGenerateReports Stored Procedure SQL Injection

$Id: catotaldefenseregeneratereports.rb 13810 2011-10-02 17:03:23Z swtornio $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

10CVSS0.2AI score0.88655EPSS
Exploits12
securityvulns
securityvulns
added 2011/09/20 12:0 a.m.139 views

Nortel Contact Recording Centralized Archive 6.5.1 EyrAPIConfiguration getSubKeys() Remote SQL Injection Exploit

?php / Nortel Contact Recording Centralized Archive 6.5.1 EyrAPIConfiguration Web Service getSubKeys Remote SQL Injection Exploit tested against: Microsoft Windows Server 2003 r2 sp2 Microsoft SQL Server 2005 Express download uri:...

8.8AI score
Exploits0
exploitpack
exploitpack
added 2011/09/15 12:0 a.m.16 views

Nortel Contact Recording Centralized Archive 6.5.1 - SQL Injection

Nortel Contact Recording Centralized Archive 6.5.1 - SQL Injection EyrAPIConfiguration /EyrAPIConfiguration/ ... at the following url: http://host:8080/EyrAPI/EyrAPIConfiguration/EyrAPIConfigurationIf Vulnerability: without prior authentication, you can reach a web service with various methods...

8.6AI score
Exploits0
Packet Storm
Packet Storm
added 2011/09/15 12:0 a.m.29 views

Nortel Contact Recording Centralized Archive 6.5.1 SQL Injection

EyrAPIConfiguration /EyrAPIConfiguration/ .. at the following url: http://host:8080/EyrAPI/EyrAPIConfiguration/EyrAPIConfigurationIf Vulnerability: without prior authentication, you can reach a web service with various methods availiable, as described inside the associated wsdl, see file:...

7.4AI score
Exploits0
0day.today
0day.today
added 2011/09/14 12:0 a.m.22 views

Nortel Contact Recording Centralized Archive 6.5.1 SQL Injection Exploit

Exploit for jsp platform in category web applications EyrAPIConfiguration /EyrAPIConfiguration/ ... at the following url: http://host:8080/EyrAPI/EyrAPIConfiguration/EyrAPIConfigurationIf Vulnerability: without prior authentication, you can reach a web service with various methods availiable, as...

7.1AI score
Exploits0
OpenVAS
OpenVAS
added 2011/06/21 12:0 a.m.129 views

Microsoft XML Editor Information Disclosure Vulnerability (2543893)

This host is missing an important security update according to Microsoft Bulletin MS11-049. OpenVAS Vulnerability Test $Id: secpodms11-049.nasl 5362 2017-02-20 12:46:39Z cfi $ Microsoft XML Editor Information Disclosure Vulnerability 2543893 Authors: Antu Sanadi Copyright: Copyright c 2011 SecPod...

4.3CVSS6.4AI score0.15254EPSS
Exploits1References2
Cvelist
Cvelist
added 2011/06/16 8:21 p.m.29 views

CVE-2011-1280

The XML Editor in Microsoft InfoPath 2007 SP2 and 2010; SQL Server 2005 SP3 and SP4 and 2008 SP1, SP2, and R2; SQL Server Management Studio Express SSMSE 2005; and Visual Studio 2005 SP1, 2008 SP1, and 2010 does not properly handle external entities, which allows remote attackers to read arbitrar...

6.9AI score0.15254EPSS
Exploits1References7
Tenable Nessus
Tenable Nessus
added 2011/02/14 12:0 a.m.104 views

VMSA-2011-0003 : Third-party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX

a. vCenter Server and vCenter Update Manager update Microsoft SQL Server 2005 Express Edition to Service Pack 3 Microsoft SQL Server 2005 Express Edition SQL Express distributed with vCenter Server 4.1 Update 1 and vCenter Update Manager 4.1 Update 1 is upgraded from SQL Express Service Pack 2 to...

10CVSS7.9AI score0.96166EPSS
Exploits122References99
Exploit DB
Exploit DB
added 2010/09/20 12:0 a.m.31 views

Lyris ListManager - MSDE Weak sa Password (Metasploit)

$Id: lyrislistmanagerweakpass.rb 10394 2010-09-20 08:06:27Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

6.5CVSS7.1AI score0.43919EPSS
Exploits3
myhack58
myhack58
added 2010/02/23 12:0 a.m.17 views

Database Password Hashes Cracking-vulnerability warning-the black bar safety net

SQL Server 2 0 0 0:- SELECT password from master. dbo. sysxlogins where name='sa' 0×010034767D5C0CFA5FDCA28C4A56085E65E882E71CB0ED250341 2FD54D6119FFF04129A1D72E7C3194F7284A7F3A 0×0 1 0 0 - constant header 34767D5C - salt 0CFA5FDCA28C4A56085E65E882E71CB0ED250341 - case senstive hash...

0.9AI score
Exploits0
Packet Storm
Packet Storm
added 2010/01/05 12:0 a.m.73 views

Microsoft SQL Server sp_replwritetovarbin Memory Corruption

$Id: ms09004spreplwritetovarbin.rb 8068 2010-01-05 00:02:15Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

9CVSS0.4AI score0.87036EPSS
Exploits12
Metasploit
Metasploit
added 2010/01/03 8:10 a.m.39 views

MS09-004 Microsoft SQL Server sp_replwritetovarbin Memory Corruption

A heap-based buffer overflow can occur when calling the undocumented "spreplwritetovarbin" extended stored procedure. This vulnerability affects all versions of Microsoft SQL Server 2000 and 2005, Windows Internal Database, and Microsoft Desktop Engine MSDE without the updates supplied in MS09-00...

9CVSS0.2AI score0.87036EPSS
Exploits12
OpenVAS
OpenVAS
added 2009/10/21 12:0 a.m.41 views

Microsoft Products GDI Plus Code Execution Vulnerabilities (957488)

This host is missing a critical security update according to Microsoft Bulletin MS09-062. OpenVAS Vulnerability Test $Id: secpodms09-062.nasl 5363 2017-02-20 13:07:22Z cfi $ Microsoft Products GDI Plus Code Execution Vulnerabilities 957488 Authors: Sharath S Updated to Check Visio Viewer 2007 - B...

9.3CVSS0.1AI score0.26824EPSS
Exploits6References3
Metasploit
Metasploit
added 2009/10/18 9:46 p.m.27 views

Lyris ListManager MSDE Weak sa Password

This module exploits a weak password vulnerability in the Lyris ListManager MSDE install. During installation, the 'sa' account password is set to 'lminstall'. Once the install completes, it is set to 'lyris' followed by the process ID of the installer. This module brute forces all possible proce...

6.5CVSS7.3AI score0.43919EPSS
Exploits3
Prion
Prion
added 2009/10/14 10:30 a.m.20 views

Integer overflow

Integer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Offic...

9.3CVSS8.7AI score0.23647EPSS
Exploits1References3Affected Software19
Prion
Prion
added 2009/10/14 10:30 a.m.22 views

Heap overflow

Heap-based buffer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and...

9.3CVSS8.8AI score0.26824EPSS
Exploits1References3Affected Software19
Positive Technologies
Positive Technologies
added 2009/10/14 12:0 a.m.6 views

PT-2009-4908 · Microsoft · Works +26

Name of the Vulnerable Software and Affected Versions: Microsoft Internet Explorer version 6 SP1 Windows XP versions SP2 and SP3 Office XP version SP3 Office 2003 version SP3 2007 Microsoft Office System versions SP1 and SP2 Office Project 2002 version SP1 Visio 2002 version SP2 Office Word Viewe...

9.3CVSS9.7AI score0.26824EPSS
Exploits1References7
Symantec
Symantec
added 2009/10/13 12:0 a.m.24 views

Microsoft GDI+ PNG File Integer Overflow Remote Code Execution Vulnerability

Description Microsoft GDI+ is prone to a remote code-execution vulnerability because the vector graphics link library improperly processes PNG image files. An attacker could exploit this issue to execute arbitrary code with the privileges of the currently logged-in user. Failed exploit attempts m...

8.5AI score
Exploits0Affected Software20
Symantec
Symantec
added 2009/10/13 12:0 a.m.43 views

Microsoft GDI+ CCITT G4 TIFF File Processing Memory Corruption Remote Code Execution Vulnerability

Description Microsoft GDI+ is prone to a remote code-execution vulnerability because the vector graphics link library improperly processes TIFF image files. This issue occurs when CCITT G4 compressed TIFF images are decompressed. An attacker could exploit this issue to execute arbitrary code with...

0.1AI score
Exploits0Affected Software27
OpenVAS
OpenVAS
added 2008/12/16 12:0 a.m.27 views

Microsoft SQL Server sp_replwritetovarbin() BOF Vulnerability

This host is missing a critical security update according to Microsoft Bulletin MS09-004. SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

9CVSS5AI score0.87036EPSS
Exploits12References6
Rows per page
Query Builder