Lucene search
+L

98 matches found

Tenable Nessus
Tenable Nessus
added 2018/03/19 12:0 a.m.39 views

GLSA-201803-09 : KDE Plasma Workspaces: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201803-09 KDE Plasma Workspaces: Multiple vulnerabilities Multiple vulnerabilities have been discovered in KDE Plasma Workspaces. Please review the referenced CVE identifiers for details. Impact : An attacker could execute arbitra...

7.2CVSS6.3AI score0.02127EPSS
Exploits0References3
Hacker One
Hacker One
added 2017/11/20 1:57 p.m.28 views

WordPress: Arbitrary file deletion in wp-core - guides towards RCE and information disclosure

Vulnerable place 1: wp-admin/post.php $newmeta'thumb' is placed into DB not sanitized directly from user input. case 'editattachment': checkadminreferer'update-post' . $postid; // Don't let these be changed unset$POST'guid'; $POST'posttype' = 'attachment'; // Update the thumbnail filename $newmet...

0.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2016/07/14 12:0 a.m.31 views

Fedora 23 : webkitgtk4 (2016-c1f4334ded)

This update addresses the following vulnerabilities : - CVE-2016-1857, CVE-2016-1856 Additional fixes : - Improved the detection of supported MIME types supported by the media player. - Fix web process crash when playing adaptive streaming media. - Change the volume while thumb slider is dragged,...

8.8CVSS7.7AI score0.02894EPSS
Exploits0References3
Metasploit
Metasploit
added 2016/06/09 6:52 p.m.61 views

Linux ARM Big Endian Command Shell, Bind TCP Inline

Listen for a connection and spawn a command shell This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 118 include Msf::Payload::Single include Msf::Sessions::CommandShellOptions def...

7.5AI score
Exploits0
0day.today
0day.today
added 2015/09/18 12:0 a.m.128 views

Android libstagefright - Integer Overflow Remote Code Execution

Exploit for Android platform in category remote exploits !/usr/bin/python2 import cherrypy import os import pwnlib.asm as asm import pwnlib.elf as elf import sys import struct with open'shellcode.bin', 'rb' as tmp: shellcode = tmp.read while lenshellcode % 4 != 0: shellcode += '\x00' heap groomin...

10CVSS6.5AI score0.87125EPSS
Exploits6
exploitpack
exploitpack
added 2015/09/17 12:0 a.m.33 views

Google Android - libstagefright Integer Overflow Remote Code Execution

Google Android - libstagefright Integer Overflow Remote Code Execution !/usr/bin/python2 import cherrypy import os import pwnlib.asm as asm import pwnlib.elf as elf import sys import struct with open'shellcode.bin', 'rb' as tmp: shellcode = tmp.read while lenshellcode % 4 != 0: shellcode += '\x00...

1.2AI score
Exploits0
CNVD
CNVD
added 2015/09/06 12:0 a.m.6 views

MediaWiki cross-site scripting vulnerability (CNVD-2015-05871)

MediaWiki is a free and free web-based Wiki engine developed and maintained by the Wikimedia Foundation and MediaWiki volunteers, which can be used to deploy in-house knowledge management and content management systems. A cross-site scripting vulnerability exists in MediaWiki's thumb.php script. ...

4.3CVSS5.9AI score0.02009EPSS
Exploits0References1
OSV
OSV
added 2015/09/01 2:59 p.m.2 views

DEBIAN-CVE-2015-6730

Cross-site scripting XSS vulnerability in thumb.php in MediaWiki before 1.23.10, 1.24.x before 1.24.3, and 1.25.x before 1.25.2 allows remote attackers to inject arbitrary web script or HTML via the f parameter, which is not properly handled in an error page, related to "ForeignAPI images."...

4.3CVSS6AI score0.02009EPSS
Exploits0References1
OSV
OSV
added 2015/09/01 2:59 p.m.2 views

UBUNTU-CVE-2015-6730

Cross-site scripting XSS vulnerability in thumb.php in MediaWiki before 1.23.10, 1.24.x before 1.24.3, and 1.25.x before 1.25.2 allows remote attackers to inject arbitrary web script or HTML via the f parameter, which is not properly handled in an error page, related to "ForeignAPI images."...

4.3CVSS5.9AI score0.02009EPSS
Exploits0References4
0day.today
0day.today
added 2013/07/29 12:0 a.m.28 views

Windows RT ARM Bind Shell (Port 4444)

; Title: Windows RT ARM Bind Shell Port 4444 ; Date: July 28, 2013 ; Author: Matthew Graeber @mattifestation ; Blog post: http://www.exploit-monday.com/2013/07/WinRT-ARM-Shellcode.html ; Tested on: Microsoft Surface RT Tablet w/ Windows RT 6.2.9200 ; License: BSD 3-Clause ; Syntax: MASM ; Notes: ...

0.1AI score
Exploits0
Exploit DB
Exploit DB
added 2013/07/28 12:0 a.m.44 views

Windows RT ARM - Bind Shell Port 4444

Windows RT ARM - Bind Shell Port 4444. Shellcode exploit for arm platform ; Title: Windows RT ARM Bind Shell Port 4444 ; Date: July 28, 2013 ; Author: Matthew Graeber @mattifestation ; Blog post: http://www.exploit-monday.com/2013/07/WinRT-ARM-Shellcode.html ; Tested on: Microsoft Surface RT Tabl...

Exploits0
The Hacker News
The Hacker News
added 2011/07/28 8:19 p.m.10 views

Paypal gives FBI the list of IP Address of 1,000 Anomymous hackers

Paypal gives FBI the list of IP Address of 1,000 Anomymous hackers Paypal collected 1000 IP addresses of those carrying out Anonymous' DDoS attacks against PayPal last December. To be fair the names on the list will probably be the bottom feeding script kiddies rather than the hackers at the top ...

6.8AI score
Exploits0
htbridge
htbridge
added 2011/03/17 12:0 a.m.63 views

Multiple Vulnerabilities in Collabtive

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in Collabtive which could be exploited to perform cross-site scripting and cross-site request forgery attacks and gain access to sensitive information. 1 Cross-site scripting XSS vulnerability in Collabtive 1.1 The...

5.1CVSS6.7AI score
Exploits0Affected Software1
Exploit DB
Exploit DB
added 2010/11/25 12:0 a.m.27 views

Linux/ARM - add root user with password - 151 bytes

Linux/ARM - add root user with password - 151 bytes. Shellcode exploit for arm platform / Title: Linux/ARM - add root user with password - 151 bytes Date: 2010-11-25 Tested on: ARM926EJ-S rev 5 v5l Author: Jonathan Salwan - twitter: @shellstorm http://shell-storm.org Informations: ------------- -...

7.6AI score
Exploits0
OSV
OSV
added 2010/03/31 6:0 p.m.1 views

DEBIAN-CVE-2010-1190

thumb.php in MediaWiki before 1.15.2, when used with access-restriction mechanisms such as imgauth.php, does not check user permissions before providing scaled images, which allows remote attackers to bypass intended access restrictions and read private images via unspecified manipulations...

4.3CVSS6.6AI score0.01429EPSS
Exploits0References1
Exploit DB
Exploit DB
added 2009/01/01 12:0 a.m.39 views

Android/ARM - Reverse TCP (10.0.2.2:0x3412/TCP) Shell (/system/bin/sh) Shellcode (79 bytes)

Android/ARM - Reverse TCP 10.0.2.2:0x3412/TCP Shell /system/bin/sh Shellcode 79 bytes. Shellcode exploit for ARM platform / This ARM Thumb sc connects to a given IP and port with a shell. Intended for use with Android hence /system/bin/sh. Connects to the provided IP and port with a shell no null...

7.1AI score
Exploits0
CVE
CVE
added 2006/12/10 11:0 a.m.50 views

CVE-2006-6441

CVE-2006-6441 affects Xerox WorkCentre/WorkCentre Pro before 12.050.03.000, 13.x before 13.050.03.000, and 14.x before 14.050.03.000. The issue allows local users to bypass security controls and boot into Alchemy via certain alternate boot media, demonstrated by a USB thumb drive. The connected s...

4.6CVSS6.8AI score0.003EPSS
Exploits0References2Affected Software6
NVD
NVD
added 2006/09/13 10:7 p.m.16 views

CVE-2006-4739

Multiple cross-site scripting XSS vulnerabilities in Jetbox CMS allow remote attackers to inject arbitrary web script or HTML, as demonstrated via the OriginalImageData parameter to phpthumb.php...

2.6CVSS5.9AI score0.01122EPSS
Exploits0References4
Rows per page
Query Builder