Lucene search
K

56 matches found

CNVD
CNVD
added 2016/12/02 12:0 a.m.2 views

File Upload Vulnerability in NetSense SecSSL VPN

Netnifty SecSSL VPN provides 2-in-1 VPN service and network firewall service based on SSL protocol + IPsec protocol, which provides security for data interaction. A file upload vulnerability exists in NetShen SecSSL VPN. An attacker can utilize the vulnerability to upload malicious script files o...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2010/01/20 12:0 a.m.51 views

Internet Explorer 6 Web Server Exploit

Author : Ahmed Obied [email protected] Modify by: syniack [email protected] This program acts as a web server that generates an exploit to target a vulnerability CVE-2010-0249 in Internet Explorer. The exploit was tested using Internet Explorer 6 on Windows XP SP3. The exploit's payload...

9.3CVSS8.7AI score0.91885EPSS
Exploits16
exploitpack
exploitpack
added 2008/09/15 12:0 a.m.16 views

Accellion File Transfer Appliance Error Report Message - Open Email Relay

Accellion File Transfer Appliance Error Report Message - Open Email Relay source: https://www.securityfocus.com/bid/31178/info Accellion File Transfer Appliance is prone to an open-email-relay vulnerability. An attacker could exploit this issue by constructing a script that would send unsolicited...

0.2AI score
Exploits0
Exploit DB
Exploit DB
added 2006/01/16 12:0 a.m.20 views

PHPXplorer 0.9.33 - 'action.php' Directory Traversal

source: https://www.securityfocus.com/bid/16292/info phpXplorer is prone to a directory traversal vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this vulnerability to retrieve arbitrary files from the vulnerable...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2004/11/17 12:0 a.m.34 views

phpBB 2.0.x - 'admin_cash.php' PHP Remote File Inclusion

source: https://www.securityfocus.com/bid/11701/info A vulnerability is reported to exist in the phpBB CashMod module that may allow an attacker to include malicious PHP files containing arbitrary code to be executed on a vulnerable system. Remote attackers could potentially exploit this issue vi...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2004/04/12 12:0 a.m.38 views

SurgeLDAP 1.0 - 'User.cgi' Directory Traversal

source: https://www.securityfocus.com/bid/10103/info SurgeLDAP is prone to a directory traversal vulnerability in one of the scripts included with the built-in web administrative server, potentially resulting in disclosure of files. A remote attacker could exploit this issue to gain access to...

7AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2004/02/03 12:0 a.m.21 views

Qualiteam X-Cart Multiple Script perl_binary Parameter Arbitrary Command Execution

The remote host is running Qualiteam X-Cart - a shopping cart software written in PHP. There is a bug in this software that could allow an attacker to execute arbitrary commands on the remote web server with the privileges of the web user. In addition to this, there are some flaws that could allo...

10CVSS5.6AI score0.06028EPSS
Exploits1References1
Exploit DB
Exploit DB
added 2004/01/31 12:0 a.m.24 views

Leif M. Wright Web Blog 1.1 - Remote Command Execution

source: https://www.securityfocus.com/bid/9539/info Web Blog has been reported to be prone to a vulnerability that may permit remote attackers to execute arbitrary commands in the context of the hosting web server. This is due to insufficient sanitization of shell metacharacters from variables...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2004/01/23 12:0 a.m.33 views

Reptile Web Server Reptile Web Server 20020105 - Denial of Service

source: https://www.securityfocus.com/bid/9482/info Reptile has been reported prone to a remote denial of service vulnerability. It has been reported that this issue exists because the affected server does not time out on incomplete requests. A remote attacker may exploit this vulnerability to de...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2004/01/05 12:0 a.m.20 views

HotNews 0.x - 'config[incdir]' Remote File Inclusion

source: https://www.securityfocus.com/bid/9357/info HotNews is prone to multiple file include vulnerabilities. This will permit remote attackers to cause malicious PHP scripts from attacker-controlled servers to be included and subsequently executed in the context of the web server hosting the...

7AI score
Exploits0
securityvulns
securityvulns
added 2003/12/27 12:0 a.m.24 views

directory traversal bug in Pserv 3.0b2

Donato Ferrante Application: PSERV - the small web server http://sourceforge.net/projects/pserv Version: 3.0 beta 2 Bug: directory traversal bug Author: Donato Ferrante e-mail: [email protected] web: www.autistici.org/fdonato...

Exploits0
securityvulns
securityvulns
added 2003/11/27 12:0 a.m.55 views

Remote execution in My_eGallery

Product: MyeGallery Versions affected: all 3.1.1.g Website: http://lottasophie.sourceforge.net/index.php 1. Introduction --------------- MyeGallery is a very nice PostNuke module, which allows users to create and manipulate their own galleries on the web, plus offers various additional features...

0.5AI score
Exploits0
Exploit DB
Exploit DB
added 2003/11/10 12:0 a.m.25 views

OnlineArts DailyDose 1.1 - 'dose.pl' Remote Command Execution

source: https://www.securityfocus.com/bid/9000/info It has been reported that DailyDose may be prone to a remote command execution vulnerability due to insufficient sanitization of $temp variable in dose.pl script. An attacker may submit arbitrary commands that will be executed in the context of...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2003/10/04 12:0 a.m.12 views

EternalMart Mailing List Manager 1.32 - Remote File Inclusion

EternalMart Mailing List Manager 1.32 - Remote File Inclusion source: https://www.securityfocus.com/bid/8767/info EternalMart Mailing List Manager and Guestbook are prone to remote file-include vulnerabilities. Remote attackers may cause malicious PHP code to run on the webserver...

0.5AI score
Exploits0
exploitpack
exploitpack
added 2003/08/14 12:0 a.m.13 views

Microsoft URLScan 2.5RSA Security SecurID 5.0 - Configuration Enumeration

Microsoft URLScan 2.5RSA Security SecurID 5.0 - Configuration Enumeration source: https://www.securityfocus.com/bid/8419/info A weakness has been discovered in Microsoft URLScan and RSA Security SecurID when used in conjunction on a web server. The problem is said to occur due to the order in whi...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2003/07/14 12:0 a.m.10 views

Asus AAM6330BIAAM6000EV ADSL Router - Information Disclosure

Asus AAM6330BIAAM6000EV ADSL Router - Information Disclosure source: https://www.securityfocus.com/bid/8183/info It has been reported that remote users may be able to obtain sensitive information from Asus ADSL routers. It is possible to request files from the built-in Web server that contain...

7.2AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2003/06/16 12:0 a.m.14 views

LedNews News Post XSS

The remote web server is running LedNews, a set of scripts designed to help maintain a news-based website. There is a flaw in some versions of LedNews that could allow an attacker to include rogue HTML code in the news, which may in turn be used to steal the cookies of people visiting this site, ...

4.3CVSS5.6AI score0.03797EPSS
Exploits0References2
Exploit DB
Exploit DB
added 2003/05/24 12:0 a.m.19 views

BLNews 2.1.3 - Remote File Inclusion

source: https://www.securityfocus.com/bid/7677/info It has been reported that BLNews is prone to a remote file include vulnerability. This is due to the incorrection initilization of some PHP headers within the application. As a result, an attacker may be capable of executing arbitrary PHP comman...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2003/03/05 12:0 a.m.16 views

3Com SuperStack 3 Firewall - Content Filter Bypassing

3Com SuperStack 3 Firewall - Content Filter Bypassing source: https://www.securityfocus.com/bid/7021/info A vulnerability has been reported in the 3Com Superstack 3 Firewall. HTTP content filters put in place by the device fail to assemble fragmented data, potentially allowing an attacker to acce...

Exploits0
Exploit DB
Exploit DB
added 2003/02/19 12:0 a.m.537 views

cPanel 5.0 - 'Guestbook.cgi' Remote Command Execution (2)

source: https://www.securityfocus.com/bid/6882/info A remote command execution vulnerability has been discovered in the cPanel CGI Application. This issue occurs due to insufficient sanitization of externally supplied data to the 'guestbook.cgi' script. An attacker may exploit this vulnerability ...

7.4AI score
Exploits0
Rows per page
Query Builder