Lucene search
K

326 matches found

Prion
Prion
added 2013/09/25 10:31 a.m.18 views

Design/Logic Flaw

A certain configuration of Android 2.3.7 on the Motorola Defy XT phone for Republic Wireless uses init to create a /dev/socket/initrunit socket that listens for shell commands, which allows local users to gain privileges by interacting with a LocalSocket object...

6.9CVSS7.1AI score0.00211EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2013/09/25 10:0 a.m.27 views

CVE-2013-5933

Stack-based buffer overflow in the subE110 function in init in a certain configuration of Android 2.3.7 on the Motorola Defy XT phone for Republic Wireless allows local users to gain privileges or cause a denial of service memory corruption by writing a long string to the /dev/socket/initrunit...

7AI score0.00178EPSS
Exploits0References2
Cvelist
Cvelist
added 2013/09/25 10:0 a.m.30 views

CVE-2013-4777

A certain configuration of Android 2.3.7 on the Motorola Defy XT phone for Republic Wireless uses init to create a /dev/socket/initrunit socket that listens for shell commands, which allows local users to gain privileges by interacting with a LocalSocket object...

6.5AI score0.00211EPSS
Exploits1References1
CVE
CVE
added 2013/09/25 10:0 a.m.77 views

CVE-2013-5933

The CVE-2013-5933 entry describes a stack-based buffer overflow in the sub_E110 function of init on Android 2.3.7 running on the Motorola Defy XT (Republic Wireless configuration). The vulnerability arises when a long string is written to the /dev/socket/init_runit LocalSocket, in a way inconsist...

6.9CVSS7.2AI score0.00178EPSS
Exploits0References2Affected Software2
CVE
CVE
added 2013/09/25 10:0 a.m.75 views

CVE-2013-4777

Summary of CVE-2013-4777 (Android 2.3.7, Motorola Defy XT, Republic Wireless) The advisory describes an exploit path where the device’s init process creates a /dev/socket/init_runit LocalSocket to accept shell commands. The underlying issue is a stack-based buffer overflow in the sub_E110 functio...

6.9CVSS6.7AI score0.00211EPSS
Exploits1References1Affected Software2
android
android
added 2013/09/24 12:0 a.m.50 views

Defy republic init_runit

A certain configuration of Android 2.3.7 on the Motorola Defy XT phone for Republic Wireless uses init to create a /dev/socket/initrunit socket that listens for shell commands, which allows local users to gain privileges by interacting with a LocalSocket object. Stack-based buffer overflow in the...

6.9CVSS5.7AI score0.00211EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2013/09/12 6:0 p.m.25 views

CVE-2013-2601

The NDVM in Citrix XenClient XT before 2.1.3 and 3.x before 3.1.4 allows remote attackers to execute arbitrary commands by using the UIVM to create a network connection...

7.6AI score0.02119EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2011/12/25 12:0 a.m.6 views

PT-2011-5166 · Xt:Commerce · Xt:Commerce

Name of the Vulnerable Software and Affected Versions: xt:Commerce versions 3.0.4 SP2.1 and earlier Description: The issue allows remote attackers to hijack the authentication of admins for specific requests. This can be achieved through cross-site request forgery CSRF vulnerabilities. The...

6.8CVSS7.3AI score0.03389EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2011/10/09 10:55 a.m.2 views

CVE-2010-4954

SQL injection vulnerability in productreviewsinfo.php in xt:Commerce Gambio 2008 allows remote attackers to execute arbitrary SQL commands via the productsid parameter...

7.5CVSS6.4AI score0.0101EPSS
Exploits1References5
0day.today
0day.today
added 2010/07/26 12:0 a.m.31 views

XT-Commerce Version 3.0.4 SQL Injection Exploit

Exploit for php platform in category web applications =============================================== XT-Commerce Version 3.0.4 SQL Injection Exploit =============================================== ?php print"\n"; print" Exploit coded by 5ev3n \n"; print" \n"; print" Exploit for XT-Commerce Versi...

7.1AI score
Exploits0
0day.today
0day.today
added 2010/07/13 12:0 a.m.20 views

BigThink XT (index.php) SQL Injection Vulnerability

Exploit for php platform in category web applications =================================================== BigThink XT index.php SQL Injection Vulnerability =================================================== /\ \ /\ \ /\ \ /'\ /\ /\ /\ \ /\ \ /\ \ \ ,\L\//\ / \ \ \ /\L\ \ \ \ \ \ /\//\ /...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2010/06/26 12:0 a.m.29 views

XT-Commerce 3.0.4 SQL Injection

?php print"\n"; print" Exploit coded by 5ev3n \n"; print" \n"; print" Exploit for XT-Commerce Version 3.0.4 \n"; print" \n"; print" usage: \n"; print" php -f exploit.php http://site.de/ \n"; print" \n"; print" greetz to NEAVORC & http://core.am \n"; print"\n\n"; $checkvuln =...

Exploits0
myhack58
myhack58
added 2010/05/02 12:0 a.m.22 views

XT-Commerce v1 Beta 1 permission to bypass the Modify download backup vulnerability-vulnerability warning-the black bar safety net

Premiere: the Red section of the network security Author: Amxking Submitted to: indoushka Vulnerability program: XT-Commerce v1 Beta 1 Affected version: v1 Beta 1 Risk level: medium Vulnerability description: Amxking:the vulnerability is I and the foreign Avengers team communication time obtained...

0.6AI score
Exploits0
exploitpack
exploitpack
added 2010/04/29 12:0 a.m.21 views

XT-Commerce 1.0 Beta 1 - Pass Create and Download Backup

XT-Commerce 1.0 Beta 1 - Pass Create and Download Backup ======================================================================================== | Title : XT-Commerce v1 Beta 1 = by Pass / Creat and Download Backup Vulnerability | Author : indoushka | email : [email protected] | Dork : Power...

0.1AI score
Exploits0
0day.today
0day.today
added 2010/04/29 12:0 a.m.22 views

XT-Commerce v1 Beta 1 => by Pass / Creat + Download Backup Vuln

Exploit for php platform in category web applications ========================================================================== XT-Commerce v1 Beta 1 = by Pass / Creat and Download Backup Vulnerability ==========================================================================...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2010/04/29 12:0 a.m.25 views

XT-Commerce 1.0 Beta 1 - Pass / Create and Download Backup

======================================================================================== | Title : XT-Commerce v1 Beta 1 = by Pass / Creat and Download Backup Vulnerability | Author : indoushka | email : [email protected] | Dork : Powered by XT-Commerce | Tested on: windows SP2 Français V.Pnx...

7.4AI score
Exploits0
Positive Technologies
Positive Technologies
added 2010/04/13 12:0 a.m.6 views

PT-2010-3056 · Xt:Commerce · Xt:Commerce

Name of the Vulnerable Software and Affected Versions: xt:Commerce affected versions not specified Description: The issue allows remote attackers to execute arbitrary SQL commands via the coID parameter in the Direct URL module, specifically in the bluegate seo.inc.php file, when magic quotes gpc...

6.8CVSS7.7AI score0.01109EPSS
Exploits0References5
Packet Storm
Packet Storm
added 2010/04/01 12:0 a.m.34 views

XT-Commerce 1 Beta 1 Create / Download Backup

======================================================================================== | Title : XT-Commerce v1 Beta 1 = by Pass / Creat and Download Backup Vulnerability | Author : indoushka | email : [email protected] | Dork : Powered by XT-Commerce | Tested on: windows SP2 Français V.Pnx...

7.4AI score
Exploits0
Positive Technologies
Positive Technologies
added 2009/02/26 12:0 a.m.5 views

PT-2009-1778 · Xt · Xt:Commerce

Name of the Vulnerable Software and Affected Versions: xt:Commerce versions prior to 3.0.4 Sp2.1 Description: The issue allows remote attackers to execute arbitrary SQL commands via unspecified vectors when magic quotes gpc is enabled and the SEO URLs are activated. Recommendations: For versions...

6.8CVSS8AI score0.01255EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2009/02/03 12:0 a.m.7 views

PT-2009-1519 · Xt · Xt:Commerce

Name of the Vulnerable Software and Affected Versions: xt:Commerce versions 3.0.4 and earlier Description: The issue is related to a cross-site scripting XSS vulnerability. This vulnerability allows remote attackers to inject arbitrary web script or HTML via the keywords parameter in the advanced...

4.3CVSS5.5AI score0.01829EPSS
Exploits1References8
Rows per page
Query Builder