Lucene search
+L

1057 matches found

myhack58
myhack58
added 2012/03/01 12:0 a.m.11 views

Document vulnerability ShellCode look-vulnerability warning-the black bar safety net

Inscription: still very much like to put this topic, put so long, also modified several versions, are not satisfied, today was pushed again to write, as much as possible to put themselves know something write it out, learn the need to constantly summary of to accumulate, on a Sunday ride out, see...

0.1AI score
Exploits0
OpenVAS
OpenVAS
added 2012/02/28 12:0 a.m.19 views

Bitweaver 'rankings.php' Local File Include Vulnerability

Bitweaver is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

5CVSS6.4AI score0.0188EPSS
Exploits2References2
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
added 2012/01/07 12:0 a.m.44 views

[20120307] - Core - Information Disclosure

Inadequate permission checking allows unauthorised viewing of some administrative back end information...

6.8AI score
Exploits0Affected Software1
Prion
Prion
added 2011/10/14 10:55 a.m.22 views

Cross site scripting

The "Save for Web" selection in QuickTime Player in Apple Mac OS X through 10.6.8 exports HTML documents that contain an http link to a script file, which allows man-in-the-middle attackers to conduct cross-site scripting XSS attacks by spoofing the http server during local viewing of an exported...

2.6CVSS5.2AI score0.01293EPSS
Exploits0References6Affected Software2
CVE
CVE
added 2011/10/14 10:0 a.m.74 views

CVE-2011-3218

CVE-2011-3218 affects Apple QuickTime (Mac OS X up to 10.6.8). The vulnerability is in QuickTime Player’s Save for Web export, where exported HTML documents can reference an HTTP script file. An attacker controlling a local or networked environment could spoof the HTTP server during local viewing...

2.6CVSS7.2AI score0.01293EPSS
Exploits0References6Affected Software2
Metasploit
Metasploit
added 2011/09/27 3:26 p.m.67 views

Windows Gather Screen Spy

This module will incrementally take desktop screenshots from the host. This allows for screen spying which can be useful to determine if there is an active user on a machine, or to record the screen for later data extraction. Note: As of March, 2014, the VIEWCMD option has been removed in favor o...

Exploits0
Exploit DB
Exploit DB
added 2011/06/15 12:0 a.m.26 views

MyBloggie 2.1.6 - HTML Injection / SQL Injection

source: https://www.securityfocus.com/bid/48317/info myBloggie is prone to a SQL-injection vulnerabilities and an HTML-injection vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker may leverage these issues to compromise the application, access or modify data,...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2011/05/05 12:0 a.m.30 views

BMC Dashboards 7.6.01 - Cross-Site Scripting / Information Disclosure

source: https://www.securityfocus.com/bid/47731/info BMC Dashboards is prone to to multiple information-disclosure and cross-site scripting issues because the application fails to properly sanitize user-supplied input. A remote attacker may leverage the cross-site scripting issues to execute...

7.4AI score
Exploits0
OpenVAS
OpenVAS
added 2011/04/22 12:0 a.m.17 views

Fedora Update for gthumb FEDORA-2011-5200

Check for the Version of gthumb OpenVAS Vulnerability Test Fedora Update for gthumb FEDORA-2011-5200 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the term...

4.3CVSS0.02673EPSS
Exploits2References2
Fedora
Fedora
added 2011/04/21 10:30 p.m.37 views

[SECURITY] Fedora 14 Update: shotwell-0.8.1-3.fc14

Shotwell is a new open source photo organizer designed for the GNOME desktop environment. It allows you to import photos from your camera, view and edit them, and share them with others...

4.3CVSS3.5AI score0.02673EPSS
Exploits2
The Hacker News
The Hacker News
added 2011/01/12 1:33 a.m.13 views

GTVHacker dev team wins cash bounty for first Google TV hack !

The GTVHacker dev team has won a cash bounty for being the first to successfully root and enable third-party application support on a Google TV device before Google – Google will reportedly be bringing support for Android applications to the platform some time later this year. According to...

6.7AI score
Exploits0
NVD
NVD
added 2011/01/07 12:0 p.m.24 views

CVE-2010-4680

The WebVPN implementation on Cisco Adaptive Security Appliances ASA 5500 series devices with software before 8.23 permits the viewing of CIFS shares even when CIFS file browsing has been disabled, which allows remote authenticated users to bypass intended access restrictions via CIFS requests, ak...

9CVSS6.4AI score0.02804EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2010/07/06 12:0 a.m.48 views

D-link Click 'n Connect Daemon Detection

The remote service is the D-link Click 'n Connect Daemon DCCD, a remote networking service provided on some D-link networking devices that allows a remote client to view and configure the D-link device. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid47605;...

5.5AI score
Exploits0References1
Atlassian
Atlassian
added 2010/02/04 9:0 p.m.28 views

Confluence adminsistrators can still view a restricted page if the type in the URL or click on a link in an email

If I set page viewing restrictions on a wki page to one group of which I am a member, other users, including confluence adminsistrators, cannot see the page when navigating within the application. If they type in the URL of the restricted page or click on a link to the restricted page, then can...

2.7AI score
Exploits0Affected Software1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2010/01/14 12:24 p.m.6 views

WebCalenderC3 vulnerable to directory traversal

Overview WebCalenderC3 from C3 Corp. contains a directory traversal vulnerability. WebCalenderC3 from C3 Corp. is a calender software. WebCalenderC3 contains a directory traversal vulnerability. Masako Oono reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under...

5CVSS6.7AI score0.01564EPSS
Exploits0References7
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2010/01/06 7:26 a.m.2 views

Movable Type access restriction bypass vulnerability

Overview Movable Type contains an access restriction bypass vulnerability. Movable Type, a web log system from Six Apart KK, contains a vulnerability that allows a remote attacker to bypass access restrictions. This vulnerability is different from JVN08369659. Impact A remote attacker may view or...

5.5CVSS6.6AI score
Exploits0References4
seebug.org
seebug.org
added 2009/12/18 12:0 a.m.13 views

Microsoft IIS 4.0 showcode.asp例子脚本可查看任意文件内容漏洞

No description provided by source...

7.1AI score
Exploits0
ThreatPost
ThreatPost
added 2009/12/09 4:22 p.m.18 views

World Cup Email Scams on the Rise

Cybercrooks have begun punting World Cup ticket and HD TV viewing scams as a successor to earlier lottery-based cons. Read the full article. The Register...

1.2AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2009/10/22 12:0 a.m.32 views

openSUSE Security Update : seamonkey (seamonkey-1364)

seamonkey was updated to version 1.1.18, fixing various security issues : MFSA 2009-43 / CVE-2009-2404 Moxie Marlinspike reported a heap overflow vulnerability in the code that handles regular expressions in certificate names. This vulnerability could be used to compromise the browser and run...

9.3CVSS8.5AI score0.09282EPSS
Exploits12References14
Tenable Nessus
Tenable Nessus
added 2009/08/24 12:0 a.m.58 views

Ipswitch WS_FTP Server < 6.1.1 Multiple Vulnerabilities

The remote host is running a version of WSFTP earlier than 6.1.1. Such versions are reportedly affected by multiple vulnerabilities : - Improper handling of UDP packets within the FTP log server may allow an attacker to crash the affected service. CVE-2008-0608 - There is a buffer overflow...

9CVSS6AI score0.22169EPSS
Exploits0References7
Rows per page
Query Builder