Lucene search
K

98 matches found

CVE
CVE
added 2016/04/12 3:0 p.m.97 views

CVE-2016-3168

The CVE-2016-3168 issue affects Drupal: System module in Drupal 6.x prior to 6.38 and 7.x prior to 7.43 is vulnerable to a reflected file download that can allow remote attackers to hijack the authentication of site administrators when downloading and executing files containing arbitrary JSON-enc...

8.5CVSS6.6AI score0.02483EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2016/04/12 3:0 p.m.27 views

CVE-2016-3168

The System module in Drupal 6.x before 6.38 and 7.x before 7.43 might allow remote attackers to hijack the authentication of site administrators for requests that download and run files with arbitrary JSON-encoded content, aka a "reflected file download vulnerability."...

7.1AI score0.02483EPSS
Exploits0References4
Exploit DB
Exploit DB
added 2015/08/07 12:0 a.m.83 views

Microsoft Windows XP SP3 (x86) / 2003 SP2 (x86) - 'NDProxy' Local Privilege Escalation (MS14-002)

/ Exploit Title: Windows NDProxy Privilege Escalation MS14-002 Date: 2015-08-03 Exploit Author: Tomislav Paskalev Vulnerable Software: Windows XP SP3 x86 Windows XP SP2 x86-64 Windows 2003 SP2 x86 Windows 2003 SP2 x86-64 Windows 2003 SP2 IA-64 Supported vulnerable software: Windows XP SP3 x86...

7.8CVSS8AI score0.34893EPSS
Exploits16
CNVD
CNVD
added 2015/05/26 12:0 a.m.28 views

Huawei Mate 7 Local Elevation of Privilege Vulnerability

Huawei Mate 7 is a smartphone developed by the domestic company Huawei. A security vulnerability exists on the Huawei Mate 7 TEEOS module that allows local attackers to exploit the vulnerability to elevate privileges...

7.6CVSS6.5AI score0.0092EPSS
Exploits0References1
exploitpack
exploitpack
added 2015/05/25 12:0 a.m.43 views

Microsoft Windows - Local Privilege Escalation (MS15-010)

Microsoft Windows - Local Privilege Escalation MS15-010 // ex.cpp / Windows XP/2K3/VISTA/2K8/7 WMSYSTIMER Kernel EoP CVE-2015-0003 March 2015 Public Release: May 24, 2015 Tested on: x86: Win 7 SP1 | Win 2k3 SP2 | Win XP SP3 x64: Win 2k8 SP1 | Win 2k8 R2 SP1 Author: Skylake - skylake mail com /...

6.9CVSS0.2AI score0.04536EPSS
Exploits3
exploitpack
exploitpack
added 2015/02/04 12:0 a.m.60 views

BullGuard (Multiple Products) - Arbitrary Write Privilege Escalation

BullGuard Multiple Products - Arbitrary Write Privilege Escalation / Exploit Title - BullGuard Multiple Products Arbitrary Write Privilege Escalation Date - 04th February 2015 Discovered by - Parvez Anwar @parvezghh Vendor Homepage - http://www.bullguard.com/ Tested Version - 14.1.285.4 Driver...

7.2CVSS0.2AI score0.01085EPSS
Exploits5
Exploit DB
Exploit DB
added 2015/02/04 12:0 a.m.35 views

BullGuard (Multiple Products) - Arbitrary Write Privilege Escalation

/ Exploit Title - BullGuard Multiple Products Arbitrary Write Privilege Escalation Date - 04th February 2015 Discovered by - Parvez Anwar @parvezghh Vendor Homepage - http://www.bullguard.com/ Tested Version - 14.1.285.4 Driver Version - 1.0.0.6 - BdAgent.sys Tested on OS - 32bit Windows XP SP3...

7.2CVSS6.5AI score0.01085EPSS
Exploits5
exploitpack
exploitpack
added 2015/02/01 12:0 a.m.26 views

Symantec Altiris Agent 6.9 (Build 648) - Local Privilege Escalation

Symantec Altiris Agent 6.9 Build 648 - Local Privilege Escalation / Exploit Title - Symantec Altiris Agent Arbitrary Write Privilege Escalation Date - 01st February 2015 Discovered by - Parvez Anwar @parvezghh Vendor Homepage - http://www.symantec.com Tested Version - 6.9 Build 648 Driver Version...

7.2CVSS0.3AI score0.01189EPSS
Exploits3
0day.today
0day.today
added 2015/01/31 12:0 a.m.49 views

Trend Micro Multiple Products 8.0.1133 - Privilege Escalation Exploit

Exploit for windows platform in category local exploits / Exploit Title - Trend Micro Multiple Products Arbitrary Write Privilege Escalation Date - 31st January 2015 Discovered by - Parvez Anwar @parvezghh Vendor Homepage - http://www.trendmicro.co.uk/ Tested Version - 8.0.1133 Driver Version -...

7.2CVSS6.3AI score0.00958EPSS
Exploits4
myhack58
myhack58
added 2014/10/03 12:0 a.m.21 views

Cicada-known Enterprise Portal system v2. 5 sql injection to admin-vulnerability warning-the black bar safety net

The problem is when the user modifies the information of the place /system/module/user/control.php public function edit$account = " if!$ account or RUNMODE == 'front' $account = $this-app-user-account; if$this-app-user-account == 'guest' $this-locateinlink'login'; if! empty$POST...

1.5AI score
Exploits0
NVD
NVD
added 2014/07/09 2:55 p.m.14 views

CVE-2014-4742

Cross-site scripting XSS vulnerability in system/classlink.php in the System module modulesystem in Kajona before 4.5 allows remote attackers to inject arbitrary web script or HTML via the systemid parameter in a mediaFolder action to index.php...

4.3CVSS5.7AI score0.01914EPSS
Exploits1References4
Prion
Prion
added 2014/07/09 2:55 p.m.12 views

Cross site scripting

Cross-site scripting XSS vulnerability in system/classlink.php in the System module modulesystem in Kajona before 4.5 allows remote attackers to inject arbitrary web script or HTML via the systemid parameter in a mediaFolder action to index.php...

4.3CVSS6.1AI score0.01914EPSS
Exploits1References4Affected Software1
Exploit DB
Exploit DB
added 2012/04/19 12:0 a.m.77 views

Microsoft Windows - 'afd.sys' Local Kernel (PoC) (MS11-046)

/ MS11-046 Was a Zero day found in the wild , reported to MS by Steven Adair from the Shadowserver Foundation and Chris S . Ronnie Johndas wrote the writeup dissecting a malware with this exploit . I Rahul Sasifb1h2s just made the POC exploit available . Reference: ms8-66, ms6-49 Too lazy to add...

7AI score
Exploits0
RedHat Linux
RedHat Linux
added 2011/05/10 6:7 p.m.10 views

kernel: CAP_SYS_MODULE bypass via CAP_NET_ADMIN

The devload function in net/core/dev.c in the Linux kernel before 2.6.38 allows local users to bypass an intended CAPSYSMODULE capability requirement and load arbitrary modules by leveraging the CAPNETADMIN capability...

1.9CVSS5.9AI score0.00443EPSS
Exploits3References4
exploitpack
exploitpack
added 2011/02/09 12:0 a.m.12 views

DESlock+ 4.1.10 - vdlptokn.sys Local Kernel Ring0 SYSTEM

DESlock+ 4.1.10 - vdlptokn.sys Local Kernel Ring0 SYSTEM / deslock-vdlptokn.c Copyright c 2009 by DESlock+ include include include define VDLPTOKNIOCTL 0x00222010 define DLKFDISKRIOCTL 0x80002008 define DLKFDISKSLOT 0x00000CF8 define ARGSIZEa a/sizeof void / Win2k3 SP1/2 - kernel EPROCESS token...

0.2AI score
Exploits0
Exploit DB
Exploit DB
added 2010/12/17 12:0 a.m.29 views

ESTsoft ALYac Anti-Virus 1.5 < 5.0.1.2 - Local Privilege Escalation

ESTsoft ALYac Anti-Virus 1.5 with AYDrvNT.sys = 5.0.1.2 Local Kernel Mode Privilege Escalation Vulnerability AUTHOR MJ0011 EMAIL thdecoder$126.com VULNERABLE PRODUCTS ALYac Anti-Virus 1.5 DETAILS: AYDrvNT.sys create a device called "AYDrvNTALYAC" , and handles the device io control code = 0x223e2...

7.4AI score
Exploits0
seebug.org
seebug.org
added 2010/05/23 12:0 a.m.16 views

Kingsoft WebShield KAVSafe.sys <= 2010.4.14.609(2010.5.23) Kernel Mode Local Privilege Escalation Vulnerability

Kavsafe.sys create a device called DeviceKAVSafe , and handles DeviceIoControl request IoControlCode = 0x830020d4 , which can overwrite arbitrary kernel module data Kingsoft WebShield = 3.5.1.2 2010.5.23 Signature Date: 2010-5-23 2:33:54 And KAVSafe.sys = 2010.4.14.609 Signature Date:2010-4-14...

7AI score
Exploits0
NVD
NVD
added 2007/01/09 11:28 a.m.17 views

CVE-2007-0136

Multiple cross-site scripting XSS vulnerabilities in Drupal before 4.6.11, and 4.7 before 4.7.5, allow remote attackers to inject arbitrary web script or HTML via unspecified parameters in the 1 filter and 2 system modules. NOTE: some of these details are obtained from third party information...

4.3CVSS5.8AI score0.02103EPSS
Exploits0References8
Rows per page
Query Builder