CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

2179 matches found

Exploit DB•added 2011/03/15 12:0 a.m.•31 views

IF-CMS 2.07 - Local File Inclusion (1)

!/usr/bin/python INFORMATION Exploit Title: If-CMS 2.07 Pre-Auth Local File Inclusion 0day Exploit Author: TecR0c Date: 13/3/2011 Software link: http://bit.ly/hh9ZB4 Tested on: Linux bt Version: 2.07 PHP.ini Settings: gpcmagicquotes = Off import...

7.4AI score

Exploits0

rdot•added 2011/01/19 12:0 a.m.•49 views

PPS 4.0 perl-cgi web shell

PPS 4.0 perl-cgi web shell Данная утилита предназначенна для системных администраторов для удаленного управления своим сервером. Любое незаконное использование скрипта преследуется по закону. SIZE: 55.88 KB last update - 12.07.2013 09:45 Авторизация на cookies SystemInfo - информация о сервере Fi...

7.4AI score

Exploits0

rdot•added 2010/12/31 12:0 a.m.•194 views

WSO 2.5 (web shell)

Данная утилита предоставляет веб-интерфейс для удаленной работы c операционной системой и ее службами/демонами. Описание возможностей / особенности: Авторизация на cookies Информация о сервере Файловый менеджер Копирование, переименование, перемещение, удаление, чмод, тач, создание файлов и папок...

Exploits0

myhack58•added 2010/11/04 12:0 a.m.•15 views

MetInfo 3.0 (fckeditor)upload vulnerability-vulnerability warning-the black bar safety net

MetInfo enterprise website management system using PHP+MYSQL architecture, which uses the FCKeditor online Editor incorrectly configured cause the upload to be utilized, and in some cases upload 1. php. pdf can access to the web shell. Trojan: ? php / MetInfo 3.0 Arbitrary File Upload Exploit...

0.2AI score

Exploits0

rdot•added 2010/08/21 12:0 a.m.•76 views

Как сделать впн из простого вебшелла.

Как сделать впн из вебшелла --- специально для rdot.org --- копирование только со ссылкой на источник Преамбула, или зачем это вообще нужно: Вопрос обеспечения собственной безопасности всегда актуален. Сокс цепочка соксов скрывает от жертвы IP атакующего, но траффик идёт в открытом виде, и может...

7.1AI score

Exploits0

securityvulns•added 2010/08/09 12:0 a.m.•98 views

Nagios XI 2009R1.2B Multiple CSRF

Advisory Information Advisory ID: NGENUITY-2010-006 Date published: Aug. 7, 2010 Class: Cross-Site Request Forgery CSRF Software Description Nagios XI is the commercial / enterprise version of the open source Nagios project. Vulnerability Description Nagios XI 2009R1.2B is vulnerable to multiple...

7.9AI score

Exploits0

Exploit DB•added 2010/08/07 12:0 a.m.•30 views

Nagios XI - Multiple Cross-Site Request Forgery Vulnerabilities

source: https://www.securityfocus.com/bid/42322/info Nagios XI is prone to multiple cross-site request-forgery vulnerabilities because the application fails to properly validate HTTP requests. Successful exploit requires that the 'nagiosadmin' be logged into the web interface. Attackers can explo...

7AI score

Exploits0

exploitpack•added 2010/08/07 12:0 a.m.•14 views

Nagios XI - Multiple Cross-Site Request Forgery Vulnerabilities

Nagios XI - Multiple Cross-Site Request Forgery Vulnerabilities source: https://www.securityfocus.com/bid/42322/info Nagios XI is prone to multiple cross-site request-forgery vulnerabilities because the application fails to properly validate HTTP requests. Successful exploit requires that the...

0.6AI score

Exploits0

seebug.org•added 2010/06/25 12:0 a.m.•103 views

InterScan Web Security Virtual Appliance本地权限提升和任意文件上传/下载漏洞

BUGTRAQ ID: 41072 InterScan Web Security Virtual Appliance是一款能安装在VMware平台上的网页过滤产品。 InterScan Web Security Virtual Appliance没有正确地过滤提交给/servlet/com.trend.iwss.gui.servlet.exportreport的 exportname"参数和提交给/servlet/com.trend.iwss.gui.servlet.ConfigBackup的 pkgname参数，远程攻击者可以通过目录遍历攻击从系统下载任意文件。 InterScan W...

6.9AI score

Exploits0

Exploit DB•added 2010/05/19 12:0 a.m.•34 views

C99Shell 1.0 Pre-Release build 16 (Web Shell) - 'ch99.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/40134/info C99Shell is prone to a cross-site scripting vulnerability because the application fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in...

7.4AI score

Exploits0

seebug.org•added 2010/03/21 12:0 a.m.•14 views

OSSIM repository_attachment.php页面任意文件上传漏洞

BUGTRAQ ID: 37377 OSSIM即开源安全信息管理（Open Source Security Information Management），是一个非常流行和完整的开源安全管理系统。 OSSIM的ossiminstall/repository/repositoryattachment.php脚本没有正确地执行安全检查，用户可以向Webroot中的文件夹上传带有任意扩展名的文件。如果用户上传了包含有某些Web Shell的PHP脚本，就会导致执行任意PHP代码。 AlienVault OSSIM 2.2 AlienVault OSSIM 2.1.5 厂商补丁：...

6.9AI score

Exploits0

0day.today•added 2010/03/17 12:0 a.m.•21 views

OSSIM v2.2 Multiple Vulnerabilities

Exploit for unknown platform in category web applications =================================== OSSIM v2.2 Multiple Vulnerabilities =================================== Advisory Name: Arbitrary File Download in OSSIM Vulnerability Class: Arbitrary File Download Release Date: 03-16-2010 Affected...

7.1AI score

Exploits0

exploitpack•added 2010/02/14 12:0 a.m.•15 views

File Upload Manager 1.3 - Web Shell File Upload

File Upload Manager 1.3 - Web Shell File Upload Version: v1.3 ============================================================ www.sec-war.com ============================================================ 1- upload shell with: shell.php.jpg shell.php.gif shell.php.htm shell.htm shell.php.jpeg...

7.4AI score

Exploits0

Exploit DB•added 2010/02/14 12:0 a.m.•88 views

File Upload Manager 1.3 - Web Shell File Upload

Version: v1.3 ============================================================ www.sec-war.com ============================================================ 1- upload shell with: shell.php.jpg shell.php.gif shell.php.htm shell.htm shell.php.jpeg shell.php.bmp 2- Go to shell link : Example :...

7.4AI score

Exploits0

Packet Storm•added 2009/12/16 12:0 a.m.•23 views

OSSIM 2.1.5 File Upload

Advisory Name: Arbitrary File Upload in OSSIM Vulnerability Class: Arbitrary File Upload Release Date: 12-16-2009 Affected Applications: Confirmed in OSSIM 2.1.5. Other versions may also be affected. Affected Platforms: Multiple Local / Remote: Remote Severity: High – CVSS: 9...

7.4AI score

Exploits0

seebug.org•added 2009/12/16 12:0 a.m.•22 views

OSSIM v2.1.5 Arbitrary File Upload

No description provided by source. Advisory Name: Arbitrary File Upload in OSSIM Vulnerability Class: Arbitrary File Upload Release Date: 12-16-2009 Affected Applications: Confirmed in OSSIM 2.1.5. Other versions may also be affected. Affected Platforms: Multiple Local / Remote: Remote Severity:...

7.1AI score

Exploits0

Exploit DB•added 2009/12/16 12:0 a.m.•37 views

OSSIM 2.1.5 - Arbitrary File Upload

7.4AI score

Exploits0

Exploit DB•added 2009/12/04 12:0 a.m.•39 views

Achievo 1.4.2 - Arbitrary File Upload

Affected Applications: Confirmed in Achievo 1.4.2. Other versions may also be affected. Severity: Medium – CVSS: 6.8 AV:L/AC:L/Au:S/C:C/I:C/A:C Vendor Status: New release available Achievo 1.4.3 Reference to Vulnerability Disclosure Policy: http://www.cybsec.com/vulnerabilitypolicy.pdf...

7.4AI score

Exploits0

seebug.org•added 2009/12/04 12:0 a.m.•9 views

Achievo 1.4.2 Arbitrary File Upload

No description provided by source. Affected Applications: Confirmed in Achievo 1.4.2. Other versions may also be affected. Severity: Medium – CVSS: 6.8 AV:L/AC:L/Au:S/C:C/I:C/A:C Vendor Status: New release available Achievo 1.4.3 Reference to Vulnerability Disclosure Policy:...

7.1AI score

Exploits0

0day.today•added 2009/12/04 12:0 a.m.•13 views

Achievo 1.4.2 Arbitrary File Upload

Exploit for unknown platform in category web applications =================================== Achievo 1.4.2 Arbitrary File Upload =================================== Affected Applications: Confirmed in Achievo 1.4.2. Other versions may also be affected. Severity: Medium â€“ CVSS: 6.8...

7.1AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by