Lucene search
K

22 matches found

Exploit DB
Exploit DB
added 2023/06/19 12:0 a.m.325 views

Groomify v1.0 - SQL Injection

Exploit Title: Groomify v1.0 - SQL Injection Date: 2023-06-17 Exploit Author: Ahmet Ümit BAYRAM Vendor: https://codecanyon.net/item/groomify-barbershop-salon-spa-booking-and-ecommerce-platform/45808114 Demo Site: https://script.bugfinder.net/groomify Tested on: Kali Linux CVE: N/A Vulnerable URL...

7.4AI score
Exploits0
CNVD
CNVD
added 2022/07/28 12:0 a.m.40 views

Apple macOS Monterey buffer overflow vulnerability (CNVD-2022-71989)

Apple macOS Monterey is the 18th major release of Apple's macOS for the Macintosh desktop operating system. A buffer overflow vulnerability exists in Apple macOS Monterey versions prior to 12.5, which stems from allowing local users to access potentially sensitive information. Install the update...

5.5CVSS5.4AI score0.00896EPSS
Exploits0References1
0day.today
0day.today
added 2021/12/04 12:0 a.m.1236 views

WordPress DZS Zoomsounds 6.45 Plugin - Arbitrary File Read (Unauthenticated) Vulnerability

Exploit Title: WordPress Plugin DZS Zoomsounds 6.45 - Arbitrary File Read Unauthenticated Google Dork: inurl:/wp-content/plugins/dzs-zoomsounds/ Exploit Author: Uriel Yochpaz Vendor Homepage: https://digitalzoomstudio.net/docs/wpzoomsounds/ Software Link: Version: 1.10, 1.20, 1.30, 1.40, 1.41,...

7.5CVSS7.7AI score0.66543EPSS
Exploits5
seebug.org
seebug.org
added 2012/02/14 12:0 a.m.28 views

PHP "tidy_diagnose()"空指针引用拒绝服务漏洞

BUGTRAQ ID: 51992 CVE ID: CVE-2012-0781 PHP是一种在电脑上运行的脚本语言,主要用途是在于处理动态网页,包含了命令行运行接口或者产生图形用户界面程序。 PHP 5.3.8中的tidydiagnose函数在处理特制输入时,可允许远程攻击者对无效对象执行Tidy::diagnose操作,造成拒绝服务。 0 PHP 5.3.8 厂商补丁: PHP --- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://www.php.net...

5CVSS9.4AI score0.10768EPSS
Exploits4
seebug.org
seebug.org
added 2011/02/18 12:0 a.m.17 views

Google Chrome 9.0.597.94之前的版本多个漏洞

BUGTRAQ ID: 46262 Google Chrome是Google开发网页浏览器。 Google Chrome 9.0.597.94之前版本在实现上存在多个安全漏洞,远程攻击者可利用这些漏洞在浏览器中执行任意代码或造成拒绝服务。 Google Chrome 7.0.548.0 - 9.0.597.84 厂商补丁: Google ------ 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://www.google.com...

6.9AI score
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2011/02/02 12:0 a.m.41 views

JVN#84393059: EC-CUBE vulnerable to cross-site scripting

EC-CUBE from LOCKON CO.,LTD. is an open source system for creating shopping websites. EC-CUBE contains a cross-site scripting vulnerability. This vulnerability is different than the previous vulnerabilities disclosed on JVN. Impact An arbitrary script may be executed on the user's web browser...

4.3CVSS6AI score0.01937EPSS
Exploits0
0day.today
0day.today
added 2010/08/14 12:0 a.m.18 views

ACollab Multiple Vulnerabilities

Exploit for php platform in category web applications ================================ ACollab Multiple Vulnerabilities ================================ www.BugReport.ir AmnPardaz Security Research Team Title: ACollab Multiple Vulnerabilities Vendor: http://www.atutor.ca/acollab Vulnerable Versio...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2008/11/21 12:0 a.m.142 views

MDaemon Server WorldClient脚本注入漏洞

BUGTRAQ ID: 32355 Alt-N MDaemon是一款基于Windows的邮件服务程序,WorldClient是其客户端。 MDaemon的WorldClient客户端没有正确地过滤邮件中的某些HTML标签,如果远程攻击者在邮件中注入了恶意HTML和脚本代码的话,则用户在查看邮件的时候就会在浏览器会话中执行注入的内容。 Alt-N MDaemon 10.0.1 Alt-N ----- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://www.altn.com...

6.9AI score
Exploits0
seebug.org
seebug.org
added 2008/05/17 12:0 a.m.22 views

Symantec Altiris Deployment Solution多个安全漏洞

BUGTRAQ ID: 29198,29199,29194,29218,29196,29197 Symantec Altiris Deployment Solution是自动化的操作系统部署解决方案,用于从统一的位置部署和管理服务器、桌面和笔记本等。 Symantec Altiris Deployment Solution中存在多个安全漏洞,可能允许恶意的本地或远程用户获得权限提升、操控某些数据、泄露敏感信息、执行SQL注入攻击或入侵有漏洞的系统。 1 默认监听于TCP...

6.9AI score
Exploits0
seebug.org
seebug.org
added 2008/04/09 12:0 a.m.57 views

Apple QuickTime多个远程安全漏洞

BUGTRAQ ID: 28583 CVECAN ID: CVE-2008-1013,CVE-2008-1014,CVE-2008-1015,CVE-2008-1016,CVE-2008-1017,CVE-2008-1018,CVE-2008-1019,CVE-2008-1020,CVE-2008-1021,CVE-2008-1022,CVE-2008-1023 Apple QuickTime是一款非常流行的多媒体播放器。 QuickTime的7.4.5之前版本存在多个安全漏洞,允许用户通过畸形的媒体文件获得敏感信息或完全入侵用户系统。 CVE-2008-1013...

6.8CVSS6.4AI score0.07163EPSS
Exploits1
securityvulns
securityvulns
added 2007/11/08 12:0 a.m.40 views

Aria-Security.Net Research: Request For Travel Sql Injection

Aria-Security Team, http://Aria-Security.net ------------------------------- Rapid Classfield SQL Injection Shout Outs: AurA, imm02tal Vendor: http://www.lotfian.com/UK/PORTALS.asp http://target/agencyCatResult.asp?cmbCat='20UPDATE20rftCategory20set20Category20=20'Aria-Security Team';-- The...

1.2AI score
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2007/09/06 12:0 a.m.14 views

JVN#01913089 Fuktommy.com httpd.pl including HTML preprocessor vulnerable to directory traversal

httpd.pl, an open source web server application program from Fuktommy.com including an HTML preprocessor, contains a directory traversal vulnerability. Impact A remote attacker could, without authentication, view files on the server where httpd.pl is installed. This could lead to unintentional...

6.9AI score
Exploits0
Packet Storm
Packet Storm
added 2007/08/08 12:0 a.m.41 views

lfs2-overflow.txt

/ 0day Live for speed patch x s2 /s1 and demo local .Spr File buffer over flow Spr file's are also exploitable although i had to go about it a different Way,At first it wasn't possible to do a jmp esp,But with a little more buffer i Managed to get it to point to our shell code,The .spr file's are...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2007/08/08 12:0 a.m.28 views

lfs3-overflow.txt

/ 0day Live for speed patch x s2 /s1 and demo local .ply File buffer over flow Live for speed .ply file is a set up file,This file is shared amongst user's Who want stylish number plate's on there car's the buffer over flow happened with An overly long number plate string inside the .ply file.So ...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2007/08/06 12:0 a.m.35 views

Live for Speed S1S2Demo - .ply Local Buffer Overflow

Live for Speed S1S2Demo - .ply Local Buffer Overflow / 0day Live for speed patch x s2 /s1 and demo local .ply File buffer over flow Live for speed .ply file is a set up file,This file is shared amongst user's Who want stylish number plate's on there car's the buffer over flow happened with An...

0.1AI score
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2007/07/20 12:0 a.m.14 views

JVN#34058672 Nessus report function vulnerable to arbitrary script execution

Nessus, a vulnerability scanner from Tenable Network Security, Inc., is capable of providing test reports in HTML format. The report in HTML format contains the target server's responses against Nessus scanning. Nessus fails to properly handle the responses. This may cause a script to be executed...

6.9AI score
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2007/03/19 12:0 a.m.13 views

JVN#83832818: Interstage Application Server cross-site scripting vulnerability

Impact An arbitrary script may be executed on the user's web browser. Solution Products Affected A wide range of products is affected. For more information, refer to the vendor's website...

7AI score
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2007/01/25 12:0 a.m.14 views

JVN#05123538 CGI RESCUE WebFORM vulnerable to cross-site scripting

Impact An abitrary script may be executed on the user's web browser. Solution Products Affected WebFORM 4.3 and earlier According to the vendor's website, another product Web Mailer also contains a similar vulnerability. We have confirmed that the fixed version of the Web Mailer is also released...

7AI score
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2006/12/05 12:0 a.m.19 views

JVN#47272891 Hanako buffer overflow vulnerability

Impact An arbitrary code could be executed on the PCs of Hanako user, if the user opens a specially crafted Hanako file sent by a remote attacker. Solution Products Affected Hanako 2004 Hanako 2005 Hanako 2006 Hanako Viewer 1.0 For more information, refer to the vendor's website...

7.6AI score
Exploits0
seebug.org
seebug.org
added 2006/11/21 12:0 a.m.131 views

Kerio WebStar本地权限提升漏洞

Kerio WebSTAR是运行在Mac OS X平台上的WEB服务器。 Kerio WebSTAR在不安全的权限安装程序文件,本地攻击者可能利用此提升自己的权限。 在安装Kerio WebSTAR时/Applications中继承了两个setuid二进制程序: kevin-finisterres-computer:/Desktop kf$ find /Applications/Kerio\ WebSTAR -perm -4000 -ls 978790 3016 -rwsrwx--x 1 root admin 1542556 Apr 10 2006 /Applications/Kerio...

7AI score
Exploits0
Rows per page
Query Builder