Lucene search
+L

1285 matches found

Prion
Prion
added 2008/11/29 2:30 a.m.12 views

Design/Logic Flaw

Google Hack Honeypot GHH File Upload Manager 1.3 allows remote attackers to delete uploaded files via unknown vectors related to the delall action to index.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. CVE analysis suggests...

6.4CVSS7AI score0.01778EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2008/11/29 2:0 a.m.46 views

CVE-2008-5283

The CVE concerns Google Hack Honeypot (GHH) File Upload Manager 1.3. The vulnerability enables remote attackers to delete uploaded files via unknown vectors related to the delall action to index.php. This is stated in multiple sources, though the exact exploit vectors are not disclosed in the pro...

6.4CVSS6.4AI score0.01778EPSS
Exploits1References1Affected Software1
0day.today
0day.today
added 2008/11/23 12:0 a.m.31 views

Goople Cms 1.7 Remote File Upload Vulnerability

Exploit for unknown platform in category web applications =============================================== Goople Cms 1.7 Remote File Upload Vulnerability =============================================== -============================================- Autore: x0r - Evolution Team Cms: Goople Cms 1.7...

7.1AI score
Exploits0
NVD
NVD
added 2008/11/10 3:23 p.m.40 views

CVE-2008-5026

Microsoft SharePoint uses URLs with the same hostname and port number for a web site's primary files and individual users' uploaded files aka attachments, which allows remote authenticated users to leverage same-origin relationships and conduct cross-site scripting XSS attacks by uploading HTML...

3.5CVSS5.2AI score0.08821EPSS
Exploits2References5
myhack58
myhack58
added 2008/10/26 12:0 a.m.35 views

Webshell under to crack computer administrator password-vulnerability warning-the black bar safety net

Information source: evil octal information security team www.eviloctal.com) This idea derived from previous studies runas command when inspired. Method of use: 1, The your password dictionary was renamed into the psw. txt, upload to the target server is an executable, writable directory. It is...

7.9AI score
Exploits0
exploitpack
exploitpack
added 2008/09/21 12:0 a.m.39 views

PHP iCalendar 2.24 - cookie_language Local File Inclusion Arbitrary File Upload

PHP iCalendar 2.24 - cookielanguage Local File Inclusion Arbitrary File Upload '.$lang'lcalfile'.' '.$filenumber.': '.$lang'lactionsuccess'.''; 84. el...

Exploits0
exploitpack
exploitpack
added 2008/09/12 12:0 a.m.9 views

Sports Clubs Web Panel 0.0.1 - Arbitrary File Upload

Sports Clubs Web Panel 0.0.1 - Arbitrary File Upload --==+============================================================================+==-- --==+ Sports Clubs Web Panel 0.0.1 Remote File upload +==-- --==+============================================================================+==-- Discovered...

0.2AI score
Exploits0
seebug.org
seebug.org
added 2008/06/17 12:0 a.m.20 views

FreeCMS.us 0.2 (fckeditor) Arbitrary File Upload Exploit

No description provided by source. ?php / -------------------------------------------------------------- FreeCMS.us 0.2 fckeditor Arbitrary File Upload Exploit -------------------------------------------------------------- By : Stack Special thnx for : Egix - vulnerable code in...

7.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2008/02/11 12:0 a.m.44 views

Debian DSA-1488-1 : phpbb2 - several vulnerabilities

Several remote vulnerabilities have been discovered in phpBB, a web-based bulletin board. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2008-0471 Private messaging allowed cross site request forgery, making it possible to delete all private messages of...

10CVSS5.3AI score0.01584EPSS
Exploits1References16
Prion
Prion
added 2008/01/22 8:0 p.m.12 views

Cross site scripting

Unspecified vulnerability in Mahara before 0.9.1 has unknown impact and remote attack vectors, probably related to cross-site scripting XSS in uploaded files...

4.3CVSS6.2AI score0.00856EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2008/01/22 7:0 p.m.46 views

CVE-2008-0381

Technical details for CVE-2008-0381 are not publicly available in the provided documents. No concrete affected versions, root cause, or fixes are specified beyond generic cross-site scripting in uploaded Mahara files. Monitor for updates.

4.3CVSS5.8AI score0.00856EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2008/01/22 7:0 p.m.24 views

CVE-2008-0381

Unspecified vulnerability in Mahara before 0.9.1 has unknown impact and remote attack vectors, probably related to cross-site scripting XSS in uploaded files...

5.8AI score0.00856EPSS
Exploits0References3
Prion
Prion
added 2007/10/08 11:17 p.m.13 views

Design/Logic Flaw

Zomplog 3.8.1 and earlier stores potentially sensitive information under the web root with insufficient access control, which allows remote attackers to download files that were uploaded by users, as demonstrated by obtaining a directory listing via a direct request to /upload and then retrieving...

4.3CVSS6.9AI score0.02017EPSS
Exploits1References2Affected Software1
NVD
NVD
added 2007/07/17 1:30 a.m.19 views

CVE-2007-3822

Multiple cross-site scripting XSS vulnerabilities in Webcit before 7.11 allow remote attackers to inject arbitrary web script or HTML via 1 the who parameter to showuser; and other vectors involving 2 calendar mode, 3 bulletin board mode, 4 room names, and 5 uploaded file names...

2.6CVSS5.7AI score0.02478EPSS
Exploits1References10
Prion
Prion
added 2007/07/17 1:30 a.m.13 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Webcit before 7.11 allow remote attackers to inject arbitrary web script or HTML via 1 the who parameter to showuser; and other vectors involving 2 calendar mode, 3 bulletin board mode, 4 room names, and 5 uploaded file names...

2.6CVSS6.1AI score0.02478EPSS
Exploits1References10Affected Software1
Cvelist
Cvelist
added 2007/07/17 1:0 a.m.21 views

CVE-2007-3822

Multiple cross-site scripting XSS vulnerabilities in Webcit before 7.11 allow remote attackers to inject arbitrary web script or HTML via 1 the who parameter to showuser; and other vectors involving 2 calendar mode, 3 bulletin board mode, 4 room names, and 5 uploaded file names...

5.7AI score0.02478EPSS
Exploits1References10
Prion
Prion
added 2007/06/27 6:30 p.m.15 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Xythos Enterprise Document Manager XEDM before 5.0.25.8, and 6.x before 6.0.46.1, allow remote authenticated users to inject arbitrary web script or HTML via 1 a saved Workflow name; 2 a Workflow name, related to deletion of a Workflow template...

3.5CVSS5.6AI score0.01774EPSS
Exploits0References12Affected Software1
Cvelist
Cvelist
added 2007/06/27 6:0 p.m.20 views

CVE-2007-3254

Multiple cross-site scripting XSS vulnerabilities in Xythos Enterprise Document Manager XEDM before 5.0.25.8, and 6.x before 6.0.46.1, allow remote authenticated users to inject arbitrary web script or HTML via 1 a saved Workflow name; 2 a Workflow name, related to deletion of a Workflow template...

5.3AI score0.01774EPSS
Exploits0References12
Tenable Nessus
Tenable Nessus
added 2007/05/25 12:0 a.m.13 views

FTP Server Zipped .ost File Uploaded

Binary data 4066.prm...

7.3AI score
Exploits0
Prion
Prion
added 2007/03/28 10:19 a.m.15 views

Sql injection

SQL injection vulnerability in index.php in IceBB 1.0-rc5 allows remote authenticated users to execute arbitrary SQL commands via the filename of an uploaded file to the avatar function, as demonstrated by setting admin privileges...

9.3CVSS8.5AI score0.01801EPSS
Exploits0References7Affected Software1
Rows per page
Query Builder