Lucene search
K
SecurityvulnsMost viewed

47153 matches found

securityvulns
securityvulns
added 2013/09/09 12:0 a.m.355 views

VoltEdit CMS SQL Injection Admin Login Bypass & Shell Upload Vulnerability

========================================================================================== VoltEdit CMS SQL Injection Admin Login Bypass & Shell Upload Vulnerability ==========================================================================================...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2001/04/19 12:0 a.m.355 views

Innfeed Buffer Overflow

====================================================================== Defcom Labs Advisory def-2001-19 innfeed buffer overflow Author: Enrique A. Sanchez Montellano @defcom.com Author: Alex Hernandez [email protected] Release Date: 2001-04-18...

0.5AI score
Exploits0
securityvulns
securityvulns
added 2007/08/21 12:0 a.m.354 views

Planet VC-200M DSL router DoS

Inaccessible administration interface on HTTP GET request with missed Host: header...

5CVSS1.5AI score0.01653EPSS
Exploits0References1
securityvulns
securityvulns
added 2007/03/29 12:0 a.m.354 views

Microsoft Vista ATI drivers vulnerability

Blue Screen of Death whiel displaying images...

7.1CVSS3.1AI score0.1822EPSS
Exploits0References1
securityvulns
securityvulns
added 2006/09/12 12:0 a.m.353 views

SIPS v 0.2.2 < = Remote File Include Vulnerability

SIPS v 0.2.2 = = = = = = = = = = = = = Remote File Include Vulnerability ; Discovred By : ThELeO ; Software : SIPS v 0.2.2 ; Exploit : http://Www.Example.Com/Script/sipssys/code/box.inc.php?config"sipssys"=U r Evil Script ; Greetz : M.I.D.TDrackanZ, Mr.IlysS, NeThug47, Death & All Moroccan & Arab...

1.2AI score
Exploits0
securityvulns
securityvulns
added 2011/03/31 12:0 a.m.352 views

HTB22908: XSRF (CSRF) in Collabtive

Vulnerability ID: HTB22908 Reference: http://www.htbridge.ch/advisory/xsrfcsrfincollabtive.html Product: Collabtive Vendor: Open Dynamics http://collabtive.o-dyn.de/ Vulnerable Version: 0.6.5 and probably prior versions Vendor Notification: 17 March 2011 Vulnerability Type: CSRF Cross-Site Reques...

7AI score
Exploits0
securityvulns
securityvulns
added 2011/11/27 12:0 a.m.351 views

Wordpress advanced-text-widget Plugin Vulnerabilities

a bug in Wordpress advanced-text-widget Plugin that allows to us to occur a Cross-Site Scripting on a Remote machin. Islamic Republic Of Iran Security Team Www.IrIsT.Ir Wordpress advanced-text-widget Plugin Cross-Site Scripting Vulnerabilities Download......:...

0.4AI score
Exploits0
securityvulns
securityvulns
added 2012/07/16 12:0 a.m.350 views

TP Link Gateway v3.12.4 - Multiple Web Vulnerabilities

Title: ====== TP Link Gateway v3.12.4 - Multiple Web Vulnerabilities Date: ===== 2012-06-15 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=613 VL-ID: ===== 613 Common Vulnerability Scoring System: ==================================== 2.5 Introduction: =============...

7.5AI score
Exploits0
securityvulns
securityvulns
added 2007/09/19 12:0 a.m.350 views

FLEA-2007-0055-1 openssh openssh-client openssh-server gnome-ssh-askpass

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Foresight Linux Essential Advisory: 2007-0055-1 Published: 2007-09-17 Rating: Minor Updated Versions: openssh=/conary.rpath.com@rpl:devel//1//foresight.rpath.org@fl:1-devel//1/4.7p1-0.1.1-1...

7.5CVSS7.6AI score0.02374EPSS
Exploits0
securityvulns
securityvulns
added 2006/07/24 12:0 a.m.350 views

[Kurdish Security # 13] Savant2 Remote File Include Vulnerability [For Mambo, Joomla]

Kurdish Security Savant2 Remote File Include Vulnerability Freedom For Ocalan Contact : irc.gigachat.net kurdhac www.PatrioticHackers.com Rish : High Class : Remote Script : Savant2 Site : www.phpsavant.com Thanx : kurdishsniper,netqurd,flot,azad,darki,B3g0k,jubni,milex,fearless,kha,kca and other...

7.2AI score
Exploits0
securityvulns
securityvulns
added 2003/05/11 12:0 a.m.350 views

II-Labs Advisory: Remote code execution in YaBBse 1.5.2 (php version)

Illegal Instruction Labs Advisory ------------------------------------------------------------------------ Advisory name: Remote code execution in YaBBse 1.5.2 php version Advisory number: 13 Application: Yet another Bulletin Board 1.5.2 Vendor: www.yabbse.org Date: 06.05.2003 Impact: Attacker ca...

1.2AI score
Exploits0
securityvulns
securityvulns
added 2015/11/02 12:0 a.m.348 views

Secunia Research: Oracle Outside In Two Buffer Overflow Vulnerabilities

====================================================================== Secunia Research now part of Flexera Software 26/10/2015 Oracle Outside In Two Buffer Overflow Vulnerabilities ====================================================================== Table of Contents Affected...

1.5CVSS0.5AI score0.00927EPSS
Exploits4
securityvulns
securityvulns
added 2000/05/18 12:0 a.m.348 views

RFP2K04: Mining BlackICE with RFPickAxe

---/ RFP2K04 /----------------------------/ rfp.labs / wiretrip /--------- Mining BlackICE with RFPickAxe Remote command execution on BlackICE ICECap stations ------------------------------------/ rain forest puppy / [email protected] Table of contents: -/ 1 / For the Black Hats -/ 2 / For the Whi...

7.2CVSS7AI score0.0787EPSS
Exploits1
securityvulns
securityvulns
added 2013/03/19 12:0 a.m.347 views

Skype privilege escalation

Skype Click to Call Update Service weak executable files permission...

3.4AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2010/12/28 12:0 a.m.347 views

Social Engine 4.x (Music Plugin) Arbitrary File Upload Vulnerability

Exploit Title: Social Engine 4.x Music Plugin Arbitrary File Upload Google Dork: inurl:"user/auth/forgot" Date: 22/12/2010 Author: MyDoom Moroccan Hacker Contact: [email protected] Software Link: http://http://www.socialengine.net Version: Social Engine 4.x should work on previous versions but...

0.5AI score
Exploits0
securityvulns
securityvulns
added 2001/03/29 12:0 a.m.347 views

Security bugs in interactions between IE 5.x, IIS 5.0 and Exchange 2000

Georgi Guninski security advisory 40, 2001 Security bugs in interactions between IE 5.x, IIS 5.0 and Exchange 2000 Systems affected: The bug is in IE 5.x Win2K, probably others but interaction with IIS 5.0 or Exchange web storage is required Risk: High Date: 28 March 2001 Legal Notice: This...

6.5AI score
Exploits0
securityvulns
securityvulns
added 2013/05/06 12:0 a.m.346 views

Site by Webrevelation SQL Injection Vulnerability

=========================================================== Site by Webrevelation SQL Injection Vulnerability =========================================================== :-----------------------------------------------------------------------------------------------------------------------: :...

0.3AI score
Exploits0
securityvulns
securityvulns
added 2011/09/09 12:0 a.m.345 views

Witness Systems eQuality Unify buffer overflow

Buffer overflow on TCP/6821 packet parsing...

5.2AI score
Exploits0References1
securityvulns
securityvulns
added 2006/06/25 12:0 a.m.345 views

BotDetect ASP.NET CAPTCHA security protection bypass

It's possible to bypass protection by using replay attacks...

2AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2012/08/13 12:0 a.m.344 views

ESA-2012-031: Iomega StorCenter/EMC Lifeline Remote Access Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2012-031: Iomega StorCenter/EMC Lifeline Remote Access Vulnerability EMC Identifier: ESA-2012-031 CVE Identifier: CVE-2012-2283 Severity Rating: CVSS v2 Base Score: 9.3 AV:N/AC:L/Au:S/C:C/I:C/A:C Affected products: Iomega network storage devices...

5.5CVSS1.9AI score0.0094EPSS
Exploits0
securityvulns
securityvulns
added 2006/10/23 12:0 a.m.344 views

kawf (config) Remote File Include

kawf config Remote File Include --------------------------------------------------------------------------------------------- Kawf is a web forum written in PHP4 using MySQL v. 1.0 and all below -------------------------------------------------------------------------------------------- download ...

0.4AI score
Exploits0
securityvulns
securityvulns
added 2006/02/22 12:0 a.m.343 views

PnuPG gpgv / gpg invalid return code

Utility returns 0 status code if no signature found...

1.6AI score
Exploits0References3Affected Software1
securityvulns
securityvulns
added 2003/03/22 12:0 a.m.343 views

Edonkey DoS

Resources consumption through multiple message dialogs...

2.6AI score
Exploits0References1Affected Software2
securityvulns
securityvulns
added 2000/09/05 12:0 a.m.342 views

Blue Panda Vulnerability Announcement: WFTPD/WFTPD Pro 2.41 RC12

================================================================= Blue Panda Vulnerability Announcement: WFTPD/WFTPD Pro 2.41 RC12 05/09/2000 dd/mm/yyyy [email protected] http://bluepanda.box.sk/ ================================================================= Problem: WFTPD will crash if a...

0.2AI score
Exploits0
securityvulns
securityvulns
added 2011/08/10 12:0 a.m.341 views

EasyContent CMS (participant.php?id) Remote SQL injection Vulnerability

IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability EasyContent CMS participant.php?id AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.emmattweb.com/ Persian Gulf 4 Ever! Dork : "Powered by EasyContent CMS"...

3AI score
Exploits0
securityvulns
securityvulns
added 2006/05/02 12:0 a.m.341 views

4images<-- 1.7.1 SQL Injection

--------------- foud by CrAzY CrAcKeR Site:http://www.alshmokh.com --------------- Bug is found in this script 4images 1.7.1 DB Error: Bad SQL Query: SELECT catid, catname, catdescription, catparentid, cathits, catorder, authviewcat, authviewimage, authdownload, authupload, authdirectupload,...

7.7AI score
Exploits0
securityvulns
securityvulns
added 2000/05/07 12:0 a.m.341 views

Re: Alert: DNewsWeb buffer overflow

This vulnerability was noticed some time ago by plaguez and the attached code was written as "proof-of-concept". greetz !ADM Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com...

1.1AI score
Exploits0
securityvulns
securityvulns
added 2012/07/09 12:0 a.m.340 views

IIS Short File/Folder Name Disclosure by using tilde ~ character

Link: http://soroush.secproject.com/downloadable/iistildeshortnamedisclosure.txt Exploit-db link: www.exploit-db.com/exploits/19525/ ---------------------------- Security Research - IIS Short File/Folder Name Disclosure Website : http://soroush.secproject.com/blog/ I. BACKGROUND...

Exploits0
securityvulns
securityvulns
added 2007/07/15 12:0 a.m.339 views

AzDG Dating Gold v3.0.5 ===> Remote File Include Vulnerability

+0+N0Te:-I am N0t HaCkEr I aM ScRipTs ExplOit FiNder++ ---------------------------------------------------------------------- ScRipT NamE:-AzDG Dating Gold v3.0.5 --------------------------------------- Download...

0.4AI score
Exploits0
securityvulns
securityvulns
added 2013/10/27 12:0 a.m.338 views

WebTester 5.x Multiple Vulnerabilities

========================================================================================== WebTester 5.x Multiple Vulnerabilities ==========================================================================================...

Exploits0
securityvulns
securityvulns
added 2013/08/05 12:0 a.m.337 views

HP LaserJet Pro printers remote admin password extraction

Some of the networked HP LaserJet printers have hidden URLs hardcoded in the firmware. The URLs are not authenticated and can be used to extract admin password in plaintext v among other information like WiFi settings including WPS PIN. Models affected: HP LaserJet Pro P1102w, HP LaserJet Pro...

Exploits0
securityvulns
securityvulns
added 2012/06/03 12:0 a.m.337 views

Mapserver for Windows (MS4W) Remote Code Execution

------------------- 1 Overview Title: Mapserver for Windows MS4W Remote Code Execution Product: Mapserver for Windows MS4W Product URL: http://maptools.org/ms4w/ Vendor: Gateway Geomatics Affected Versions: =3.0.4 through 2.0 Unaffected Versions: 2.0 CVE-ID: CVE-2012-2950 Vendor notified:...

3.5AI score0.02395EPSS
Exploits0
securityvulns
securityvulns
added 2010/08/11 12:0 a.m.337 views

Microsoft Security Bulletin MS10-049 - Critical Vulnerabilities in SChannel could allow Remote Code Execution (980436)

Microsoft Security Bulletin MS10-049 - Critical Vulnerabilities in SChannel could allow Remote Code Execution 980436 Published: August 10, 2010 Version: 1.0 General Information Executive Summary This security update resolves one publicly disclosed vulnerability and one privately reported...

9.3CVSS0.8AI score0.87264EPSS
Exploits14
securityvulns
securityvulns
added 2007/04/25 12:0 a.m.337 views

HYIP Manager Pro Script >> Remote file Include

vendor : www.goldcoders.com BY : www.hackerz.ir userz,ali filez ---- inc/libs/Smarty.class.php inc/libs/SmartyCompiler.class.php inc/libs/core/core.displaydebugconsole.php inc/libs/core/core.loadplugins.php inc/libs/core/core.loadresourceplugin.php inc/libs/core/core.processcachedinserts.php...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2004/07/08 12:0 a.m.337 views

Comersus Cart Cross-Site Scripting Vulnerability

Comersus Cart Cross-Site Scripting Vulnerability Release Date: July 6, 2004 Severity: High Vendor: Comersus Open Technologies Software: Tested on Comersus Cart 5.09 Previous versions may also be affected. Remote: Remotely executed from any web browser Technical Details: The malicious user is able...

6.9AI score
Exploits0
securityvulns
securityvulns
added 2005/06/20 12:0 a.m.335 views

[NT] Deep Freeze Unfreezer - Bypassing Deep Freeze Authentication

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion The SecuriTeam alerts list - Free, Accurate, Independent. Get your security news from a reliable source...

7.5AI score
Exploits0
securityvulns
securityvulns
added 2010/11/24 12:0 a.m.334 views

[eVuln.com] URL and Title XSS in AxsLinks

New eVuln Advisory: URL and Title XSS in AxsLinks http://evuln.com/vulns/139/summary.html -----------Summary----------- eVuln ID: EV0139 Software: AxsLinks Vendor: AXScripts Version: 0.3 Critical Level: medium Type: Cross Site Scripting Status: Unpatched. No reply from developers PoC: Not availab...

0.4AI score
Exploits0
securityvulns
securityvulns
added 2006/08/28 12:0 a.m.334 views

Mambo/Joomla com_comprofiler Components <== v1.0 RC 2 Multiple Remote File Include Vulnerabilities

--------------------------------------------------------------------------- Mambo/Joomla comcomprofiler Components == v1.0 RC 2 Multiple Remote File Include Vulnerabilities --------------------------------------------------------------------------- Author : Matdhule Date : August, 25th 2006...

0.7AI score
Exploits0
securityvulns
securityvulns
added 2010/12/28 12:0 a.m.333 views

MyBB 1.6 <= SQL Injection Vulnerability

================================= MyBB 1.6 = SQL Injection Vulnerability ================================= 1. OVERVIEW Potential SQL Injection vulnerability was detected in MyBB. 2. APPLICATION DESCRIPTION MyBB is a free bulletin board system software package developed by the MyBB Group. It's...

Exploits0
securityvulns
securityvulns
added 2000/12/16 12:0 a.m.332 views

SafeWord e.Id Trivial PIN Brute-Force Vulnerability

Subject: SafeWord e.Id Trivial PIN Brute-Force Vulnerability BUGTRAQ ID: 2105 Published: December 14, 2000 Updated: December 14, 2000 Remote: No Local: Yes Vulnerable Systems: Secure Computing e.iD Authenticator for Palm 2.0 - Palm Palm OS 3.5.2 - Palm Palm OS 3.3 Non-Vulnerable Systems: Summary:...

6.8AI score
Exploits0
securityvulns
securityvulns
added 2000/05/25 12:0 a.m.332 views

Filesystem vulnerability in AIX

---EXTERNAL RELEASE---EXTERNAL RELEASE---EXTERNAL RELEASE---EXTERNAL RELEASE--- IBM EMERGENCY RESPONSE SERVICE OUTSIDE ADVISORY REDISTRIBUTION 19 May 2000 14:30 GMT Number: ERS-OAR-E01-2000:087.1 =============================================================================== The ERS Outside...

6.3AI score
Exploits0
securityvulns
securityvulns
added 2006/06/08 12:0 a.m.331 views

Xtreme/Ditto News <= v.1.0 Remote File Include Vulnerability

$$$$$$$$$$$$$$$ DEVIL TEAM THE BEST POLISH TEAM $$$$$$$$$$$$$$$ $$ $$ Xtreme/Ditto News = v.1.0 Remote File Include Vulnerability $$ Script site: http://www.xtremescripts.com/ $$ Script site: http://www.dittoscripts.com/ $$ Dork: "News Managed by Ditto News" $$...

0.3AI score
Exploits0
securityvulns
securityvulns
added 2010/06/03 12:0 a.m.330 views

SFCB vulnerabilities

= Product overview SBLIM SFCB is an Open Source implementation of a WBEM CIM broker. WBEM is a set of technologies aimed to monitor and administer larges pools of computing ressources, applications, hardware. It's used by computers management tools like HP Systems Insight Manager, VMware vSphere ...

10CVSS0.8AI score0.05818EPSS
Exploits0
securityvulns
securityvulns
added 2007/06/04 12:0 a.m.330 views

Portcullis Security Advisory 06-038

Portcullis Security Advisory 06-038 Vulnerable System: Movable Type Vulnerability Title: Username enumeration is possible via the password reset mechanism. Vulnerability Discovery And Development: Portcullis Security Testing Services. Credit For Discovery: Tim Brown - Porcullis Computer Security...

7.2AI score
Exploits0
securityvulns
securityvulns
added 2003/12/15 12:0 a.m.329 views

Cisco Security Advisory: Cisco PIX Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Cisco PIX Vulnerabilities Revision 1.0 For Public Release 2003 December 15 at 1600 UTC GMT ---------------------------------------------------------------------- Contents Summary Affected Products Details Impact Software...

Exploits0
securityvulns
securityvulns
added 2000/11/12 12:0 a.m.329 views

Update to Microsoft Security Bulletin MS00-086

-----BEGIN PGP SIGNED MESSAGE----- Hi All - We have updated Microsoft Security Bulletin MS00-086 http://www.microsoft.com/technet/security/bulletin/MS00-086.asp, to provide the following additional information: There is an additional restriction on the vulnerability. As originally reported, the...

0.9AI score
Exploits0
securityvulns
securityvulns
added 2004/11/06 12:0 a.m.328 views

In-game format string bug in the Lithtech engine

Luigi Auriemma Application: Lithtech engine http://www.lithtech.com Games: Alien vs Predator 2 = 1.0.9.6 Blood 2 = 2.1 Contract Jack = 1.1 Global Operations = 2.0/2.1 Kiss Psycho Circus = 1.13 Legends of Might and Magic = 1.1 No one lives forever = 1.004 No one lives forever 2 = 1.3 Purge Jihad =...

0.5AI score
Exploits0
securityvulns
securityvulns
added 2007/11/18 12:0 a.m.327 views

ESA Software S.p.a. Asp/Portal www/archivio.asp Sql injection

ESA Software S.p.a. Asp/Portal www/archivio.asp Sql injection Credit : CodeXpLoder'tq Mail : codexploderathotmaildotcom Site : codexploder.biyosecurity.net,biyofrm.com Sourge : http://www.esasoftware.com ЈЈЈЈЈЈЈЈЈЈЈЈЈЈЈЈЈЈЈЈЈЈЈЈЈЈЈЈЈЈЈЈЈЈЈЈЈЈЈЈЈЈЈЈЈЈЈЈЈЈЈЈЈЈЈЈЈЈЈЈЈЈЈЈЈЈЈЈЈЈЈЈЈЈЈЈЈЈЈЈЈЈЈЈ Thnx :...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2007/05/28 12:0 a.m.327 views

Inout Meta Searh engine Remote Code Execution

!/usr/bin/php -q -d shortopentag=on ? echo " Inout Search Engine all version Remote Code Execution Exploit by BlackHawk [email protected] http://itablackhawk.altervista.org Thanks to rgod for the php code and Marty for the Love "; if $argc3 echo "Usage: php ".$argv0." Host Path cmd Host: targe...

Exploits0
securityvulns
securityvulns
added 2015/05/11 12:0 a.m.326 views

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

10CVSS1.6AI score0.65927EPSS
Exploits39References44Affected Software32
Total number of security vulnerabilities5000