Lucene search
K

2563 matches found

Packet Storm
Packet Storm
added 2010/03/03 12:0 a.m.23 views

osCSS 1.2.1 Backup Disclosure

======================================================================================== | Title : osCSS 1.2.1 Backups Vulnerability | Author : indoushka | email : [email protected] | Home : www.sec-war.com | Web Site :...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2010/03/02 12:0 a.m.29 views

osCSS 1.2.1 - Database Backups Disclosure

======================================================================================== | Title : osCSS 1.2.1 Backups Vulnerability | Author : indoushka | email : [email protected] | Home : www.sec-war.com | Dork : Powered by osCSS | Dork : Index of /osCSS/admin/backups | Tested on: windows...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2009/03/23 12:0 a.m.1173 views

PHPizabi 0.848b C1 HFP1-3 - Remote Command Execution

PHPizabi 0.848b C1 HFP1-3 - Remote Command Execution !/usr/bin/php ?php / Found this after getting my inet back and noticing this http://www.milw0rm.com/exploits/6085 . The only problem with the remote command execution there is that it actually requires registerglobals = on. I saw the GLOBAL...

9.3CVSS6.9AI score0.05165EPSS
Exploits7
0day.today
0day.today
added 2009/03/23 12:0 a.m.4261 views

PHPizabi v0.848b C1 HFP1-3 Remote Command Execution Exploit

Exploit for unknown platform in category web applications =========================================================== PHPizabi v0.848b C1 HFP1-3 Remote Command Execution Exploit =========================================================== !/usr/bin/php ?php / Found this after getting my inet back...

7.1AI score0.05165EPSS
Exploits7
Exploit DB
Exploit DB
added 2009/03/23 12:0 a.m.3977 views

PHPizabi 0.848b C1 HFP1-3 - Remote Command Execution

!/usr/bin/php ?php / Found this after getting my inet back and noticing this http://www.milw0rm.com/exploits/6085 . The only problem with the remote command execution there is that it actually requires registerglobals = on. I saw the GLOBAL keyword, and actually believed this populated those...

9.3CVSS6.6AI score0.05165EPSS
Exploits7
Exploit DB
Exploit DB
added 2008/12/05 12:0 a.m.30 views

ASPTicker 1.0 - Remote Database Disclosure

ASPTicker 1.0 DD Remote Vuln. ---------------------------------------------------------- Discovered By: ZoRLu msn: [email protected] Home: www.z0rlu.blogspot.com N0T: YALNIZLIK, YiTiRDi ANLAMINI YALNIZLIGIMDA : ----------------------------------------------------------- exp for demo: DD...

7.4AI score
Exploits0
myhack58
myhack58
added 2008/08/23 12:0 a.m.11 views

Use download the vulnerability database to initiate network attacks-vulnerability warning-the black bar safety net

As scripting vulnerability the number one killer-and database download vulnerabilities, now has been more and more people to the art. In this information technology update Fast of the era, the vulnerability produced after the attendant is to respond to the tricks, such as change the database...

6.7AI score
Exploits0
Prion
Prion
added 2007/12/20 8:46 p.m.14 views

Stack overflow

Stack-based buffer overflow in Rosoft Media Player 4.1.7, 4.1.8, and possibly earlier versions allows remote attackers to execute arbitrary code or cause a denial of service application crash via a long string in a .M3U file. NOTE: some of these details are obtained from third party information...

6.8CVSS8.9AI score0.05657EPSS
Exploits1References9Affected Software1
exploitpack
exploitpack
added 2006/05/08 12:0 a.m.11 views

Creative Software UK Community Portal 1.1 - EventView.php?event_id SQL Injection

Creative Software UK Community Portal 1.1 - EventView.php?eventid SQL Injection source: https://www.securityfocus.com/bid/17890/info Creative Community Portal is prone to multiple SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplie...

0.2AI score
Exploits0
Prion
Prion
added 2006/02/19 11:2 a.m.11 views

Cross site scripting

Cross-site scripting XSS vulnerability in page.php in in Siteframe Beaumont, possibly 5.0.2 or 5.0.1a, allows remote attackers to inject arbitrary web script or HTML via the commenttext parameter to the user comment page /edit/Comment...

4.3CVSS6.2AI score0.01875EPSS
Exploits1References6Affected Software1
exploitpack
exploitpack
added 2005/11/12 12:0 a.m.15 views

PHPWebThings 1.4 - download.php?File SQL Injection

PHPWebThings 1.4 - download.php?File SQL Injection source: https://www.securityfocus.com/bid/15399/info phpWebThings is prone to an SQL injection vulnerability. This is an input validation issue related to data that will be used in SQL queries, allowing a remote user to influence the structure an...

0.3AI score
Exploits0
FreeBSD
FreeBSD
added 2005/05/06 12:0 a.m.36 views

qmail -- 64 bit integer overflows with possible remote code execution on large SMTP requests

Georgi Guninski writes: There are several issues with qmail on 64 bit platforms - classical integer overflow, pointer with signed index and signedness problem not counting the memory consumtion dos, which just helps. Update: the problem with the signed index is exploitable on Freebsd 5.4 amd64 wi...

9.8CVSS3.7AI score0.10789EPSS
Exploits6References2
NVD
NVD
added 2004/12/31 5:0 a.m.14 views

CVE-2004-2718

PHPMyChat 0.14.5 does not remove or protect setup.php3 after installation, which allows attackers to obtain sensitive information including database passwords via a direct request...

4.3CVSS6AI score0.01657EPSS
Exploits0References2
Cvelist
Cvelist
added 2004/09/01 4:0 a.m.16 views

CVE-2002-1479

Cacti before 0.6.8 stores a MySQL username and password in plaintext in config.php, which has world-readable permissions, which allows local users to modify databases as the Cacti user and possibly gain privileges...

6.6AI score0.00467EPSS
Exploits1References4
Exploit DB
Exploit DB
added 2003/07/05 12:0 a.m.48 views

ProductCart 1.5/1.6/2.0 - File Disclosure

source: https://www.securityfocus.com/bid/8112/info A vulnerability has been reported for ProductCart that may result in an attacker obtaining the contents of the database file. http://victimhost/productcart/database/EIPC.mdb...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2003/04/22 12:0 a.m.16 views

OpenBB 1.01.1 - index.php SQL Injection

OpenBB 1.01.1 - index.php SQL Injection source: https://www.securityfocus.com/bid/7401/info It has been reported that OpenBB does not properly check input passed via the 'index.php' script. Because of this, an attacker may be able to inject arbitrary commands to the database in the context of the...

Exploits0
Cvelist
Cvelist
added 2003/04/02 5:0 a.m.16 views

CVE-2002-0536

PHPGroupware 0.9.12 and earlier, when running with the magicquotesgpc feature disabled, allows remote attackers to compromise the database via a SQL injection attack...

7.5AI score0.02506EPSS
Exploits1References5
Packet Storm
Packet Storm
added 2001/11/22 12:0 a.m.47 views

flickstitan.txt

I originally sent this message to bugtraq, but they did not post it. Instead they stuck it in their vulnerability database and removed all of my comments and example. So much for full disclosure... Flicks Software just released a product named Titan1. It is described as an application firewall...

7.4AI score
Exploits0
Cvelist
Cvelist
added 1976/01/01 12:0 a.m.10 views

CVE-2020-29410

...

Exploits0
CVE
CVE
added 1976/01/01 12:0 a.m.6 views

CVE-2026-3370

CVE-2026-3370 entry is rejected and not used; this CVE ID does not represent an active vulnerability.

Exploits0
Rows per page
Query Builder