Lucene search
K

161 matches found

Positive Technologies
Positive Technologies
added 2020/07/15 12:0 a.m.4 views

PT-2020-9930 · Eclipse · Eclipse Web Tools Platform

Name of the Vulnerable Software and Affected Versions: Eclipse Web Tools Platform versions prior to 3.18 2020-06 Description: The issue allows XML and DTD files referring to external entities to be exploited, sending the contents of local files to a remote server when edited or validated. This ca...

7.1CVSS6.6AI score0.00879EPSS
Exploits1References14
OSV
OSV
added 2018/07/22 6:29 p.m.1 views

DEBIAN-CVE-2018-14505

mitmweb in mitmproxy v4.0.3 allows DNS Rebinding attacks, related to tools/web/app.py...

8.8CVSS6.9AI score0.03348EPSS
Exploits1References1
CVE
CVE
added 2017/03/23 6:36 a.m.47 views

CVE-2016-5756

NetIQ Access Manager is affected by CVE-2016-5756: multiple web tools components are vulnerable to Reflected Cross-Site Scripting, enabling potential session hijack. Vulnerable in NAM 4.1 before 4.1.2 Hot Fix 1 and 4.2 before 4.2.2; affected endpoints include nps/servlet/frameservice, nps/servlet...

6.1CVSS6.1AI score0.00635EPSS
Exploits0References1Affected Software1
Check Point Advisories
Check Point Advisories
added 2015/08/11 12:0 a.m.10 views

Turnkey Web Tools PHP Live Helper 1.8 Remote File Inclusion (CVE-2006-1477)

A file inclusion vulnerability has been reported in Turnkey Web Tools PHP Live Helper. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.5CVSS3.3AI score0.04696EPSS
Exploits1
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.26 views

SunShop <= 4.1.4 (id) Remote SQL Injection Vulnerability

No description provided by source. GulfTech Security Research August 18, 2008 Vendor : Turnkey Web Tools, Inc URL : http://www.turnkeywebtools.com Version : SunShop = 4.1.4 Risk : SQL Injection Description: SunShop shopping cart is a full featured ecommerce solution written in php that allows for...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.19 views

php live helper <= 2.0.1 - Multiple Vulnerabilities

No description provided by source. GulfTech Security Research August 16, 2008 Vendor : Turnkey Web Tools, Inc URL : http://www.turnkeywebtools.com Version : PHP Live Helper = 2.0.1 Risk : Multiple Vulnerabilities Description: PHP Live Helper is an online support system written in php that allows...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.11 views

Academic Web Tools CMS <= 1.4.2.8 - Multiple Vulnerabilities

No description provided by source. www.BugReport.ir AmnPardaz Security Research Team Title: Academic Web Tools CMS Multiple Vulnerabilities Vendor: www.yektaweb.com Vulnerable Version: 1.4.2.8 and prior versions Exploit: Available Impact: Medium Fix: N/A Original Advisory: www.bugreport.ir/?/44 1...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.13 views

Yektaweb Academic Web Tools CMS 1.4.2.8/1.5.7 Multiple Cross Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/33944/info Yektaweb Academic Web Tools CMS is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input. Attacker-supplied HTML and script code would execute in t...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.28 views

PHP Simple Shop <= 2.0 (abs_path) Remote File Inclusion Vulnerability

No description provided by source. \ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /\ / / / / / .OR.ID ECHOADV44$2006 ------------------------------------------------------------------------------ ECHOADV44$2006 PHP Simple Shop = 2.0 abspath Remote File Inclusion...

7.1AI score
Exploits0
Check Point Advisories
Check Point Advisories
added 2014/01/28 12:0 a.m.84 views

Turnkey Web Tools PHP Simple Shop abs-path Parameter PHP Code Execution - Ver2 (CVE-2006-4052)

A file inclusion vulnerability has been reported in Turnkey Web Tools PHP Simple Shop. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.4AI score0.16119EPSS
Exploits1
Check Point Advisories
Check Point Advisories
added 2014/01/07 12:0 a.m.10 views

PHPLiveHelper global.php abs_path Parameter PHP Code Execution - Ver2 (CVE-2006-4051)

A code execution vulnerability has been reported in Turnkey Web Tools PHP Live Helper. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.5CVSS7.6AI score0.08144EPSS
Exploits1
The Hacker News
The Hacker News
added 2013/02/23 4:38 p.m.13 views

Pwn Pad Android device, Network hacking machine launched

Security tools company Pwnie Express is making a network hacking focused Android device called the Pwn Pad. The device is based on the Google Nexus 7 specs, with USB-based Bluetooth, Ethernet and WiFi to gauge the security of a network beyond what Google's tablet can manage on its own. Pwn Pad wi...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2013/02/23 5:38 a.m.26 views

Pwn Pad Android device, Network hacking machine launched

Security tools company Pwnie Express is making a network hacking focused Android device called the Pwn Pad. The device is based on the Google Nexus 7 specs, with USB-based Bluetooth, Ethernet and WiFi to gauge the security of a network beyond what Google's tablet can manage on its own. Pwn Pad wi...

6.9AI score
Exploits0
Packet Storm
Packet Storm
added 2012/04/12 12:0 a.m.24 views

SchoolCenter Web Tools 11.0.27 Cross Site Scripting

Exploit Title: SchoolCenter Web Tools Version 11.0.27 Cross Site Scripting Date: 11.04.2012 Author: Sony and Flexxpoint Software Link: www.thinqed.com Google Dorks: inurl:/education/components/calendar/ site:edu Web Browser : Mozilla Firefox Site : http://insecurity.ro PoC:...

0.1AI score
Exploits0
Packet Storm
Packet Storm
added 2010/12/29 12:0 a.m.26 views

Yektaweb CMS Cross Site Scripting

================= IUT-CERT ================= Title: YEKTAWEB CMS XSS Vulnerability Vendor: www.yektaweb.com Dork: Powered by Academic Web Tools AWT - Yektaweb Collection Type: Input.Validation.Vulnerability cross-Site scripting Fix: N/A ================== nsec.ir ================= Description:...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2010/06/20 12:0 a.m.41 views

TEHTRI-Security released 13 0days against web tools used by evil attackers

Gents, As announced in recent emails here, we have just released 13 0days and new offensive concepts against most of the tools currently used by web attackers, like web shells, exploit packs, etc, during our new talk at SyScan Singapore 2010 : http://www.syscan.org/Sg/speakers.html012 We have giv...

0.2AI score
Exploits0
exploitpack
exploitpack
added 2009/03/02 12:0 a.m.14 views

Yektaweb Academic Web Tools CMS 1.4.2.81.5.7 - Multiple Cross-Site Scripting Vulnerabilities

Yektaweb Academic Web Tools CMS 1.4.2.81.5.7 - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/33944/info Yektaweb Academic Web Tools CMS is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input...

Exploits0
Packet Storm
Packet Storm
added 2009/03/02 12:0 a.m.25 views

Academic Web Tools CMS Cross Site Scripting

============================================ IUT-CERT ============================================ Title: Academic Web Tools CMS Multiple XSS Vendor: www.yektaweb.com Vulnerable Version: 1.5.7 and priors Type: XSS Fix: N/A Dork: AWT YEKTA ============================================ nsec.ir...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2009/03/02 12:0 a.m.65 views

YEKTA WEB Academic Web Tools CMS Multiple XSS

============================================ IUT-CERT ============================================ Title: Academic Web Tools CMS Multiple XSS Vendor: www.yektaweb.com Vulnerable Version: 1.5.7 and priors Type: XSS Fix: N/A Dork: AWT YEKTA ============================================ nsec.ir...

0.1AI score
Exploits0
Exploit DB
Exploit DB
added 2009/03/02 12:0 a.m.28 views

Yektaweb Academic Web Tools CMS 1.4.2.8/1.5.7 - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/33944/info Yektaweb Academic Web Tools CMS is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input. Attacker-supplied HTML and script code would execute in the context of the affected site,...

7.4AI score
Exploits0
Rows per page
Query Builder