Lucene search
K
SecurityvulnsMost viewed

47153 matches found

securityvulns
securityvulns
added 2013/10/28 12:0 a.m.157 views

[CVE-2013-2751, CVE-2013-2752] NETGEAR ReadyNAS Remote Root

NETGEAR ReadyNAS with firmware 4.2.x before 4.2.24 and 4.1.x before 4.1.12 is prone to command injection from an unauthenticated HTTP GET request. This vulnerability can lead to complete root access as outlined on the Tripwire blog:...

0.2AI score0.71599EPSS
Exploits5
securityvulns
securityvulns
added 2012/06/25 12:0 a.m.157 views

Squiz CMS Multiple Vulnerabilities - Security Advisory - SOS-12-007

Sense of Security - Security Advisory - SOS-12-007 Release Date. 14-Jun-2012 Last Update. - Vendor Notification Date. 02-Apr-2012 Product. Squiz CMS Platform. Independent Affected versions. Squiz 4.6.3 verified and possibly others Severity Rating. Medium Impact. Exposure of session information...

7.3AI score
Exploits0
securityvulns
securityvulns
added 2011/12/04 12:0 a.m.157 views

[PT-2011-43] Database information disclosure in Kayako Fusion

---------------------------------------------------------------------- PT-2011-43 Positive Technologies Security Advisory Database information disclosure in Kayako Fusion ---------------------------------------------------------------------- --- Vulnerable software Kayako Fusion Link:...

7AI score
Exploits0
securityvulns
securityvulns
added 2011/08/01 12:0 a.m.157 views

Zones Web Solution (status.asp?print) (search_result.php?loc_id) Remote SQL injection Vulnerabilities

IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerabilities Zones Web Solution status.asp?print searchresult.php?locid AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.zones.in/ Persian Gulf 4 Ever! Dork : "Powered by Zones Web...

3.8AI score
Exploits0
securityvulns
securityvulns
added 2011/07/06 12:0 a.m.157 views

SEC Consult SA-20110701-0 :: Multiple SQL injection vulnerabilities in WordPress

SEC Consult Vulnerability Lab Security Advisory 20110701-0 ======================================================================= title: Multiple SQL Injection Vulnerabilities product: WordPress vulnerable version: 3.1.3/3.2-RC1 and probably earlier versions fixed version: 3.1.4/3.2-RC3 impact:...

0.8AI score
Exploits0
securityvulns
securityvulns
added 2011/04/21 12:0 a.m.157 views

HTB22946: Multiple SQL Injection in Ajax Category Dropdown wordpress plugin

Vulnerability ID: HTB22946 Reference: http://www.htbridge.ch/advisory/multiplesqlinjectioninajaxcategorydropdownwordpressplugin.html Product: Ajax Category Dropdown wordpress plugin Vendor: http://www.dyasonhat.com/ http://www.dyasonhat.com/ Vulnerable Version: 0.1.5 Vendor Notification: 07 April...

0.9AI score
Exploits0
securityvulns
securityvulns
added 2010/01/23 12:0 a.m.157 views

iBoutique v4.0

x Author: Andrea Bocchetti x Contact: [email protected] x Homepage : www.geekit.it // Software Info x Name : iBoutique v.4.0 x Vendor : http://www.wscreator.com/iboutique/ x Version : v.4.0 ------------------------------------------------------------------------------------------- x Exploi...

0.9AI score
Exploits0
securityvulns
securityvulns
added 2009/12/29 12:0 a.m.157 views

Microsoft IIS 0Day Vulnerability in Parsing Files (semi-colon bug)

Microsoft IIS 0Day Vulnerability in Parsing Files semi-colon bug Application: Microsoft Internet Information Services - IIS All versions Impact: Highly Critical for Web Applications Finding Date: April 2007 Report Date: Dec. 2009 Found by: Soroush Dalili Irsdl 4t yahoo d0t com Website:...

0.3AI score
Exploits0
securityvulns
securityvulns
added 2009/10/28 12:0 a.m.157 views

CUPS / poppler / xpdf / Adobe Reader multipls security vulnerabilities

Integer overflows, race condiotions...

9.3CVSS3.4AI score0.10228EPSS
Exploits5References4Affected Software3
securityvulns
securityvulns
added 2009/10/23 12:0 a.m.157 views

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

10CVSS1.6AI score0.09011EPSS
Exploits5References3Affected Software2
securityvulns
securityvulns
added 2009/04/03 12:0 a.m.157 views

Asbru Web Content Management Vulnerabilities

aushack.com - Vulnerability Advisory ----------------------------------------------- Release Date: 02-Apr-2009 Software: Asbru Software - Asbru Web Content Management http://www.asbrusoft.com/ "Ready to use, full-featured, database-driven web content management system CMS with integrated communit...

0.2AI score
Exploits0
securityvulns
securityvulns
added 2007/03/02 12:0 a.m.157 views

Mani Admin Plugin Stats Reader V1.2 rfi :)

Mani Admin Plugin Stats Reader V1.2 rfi : dork:"2006 by www.mani-stats-reader.de.vu" "allinurl:.php?ipath= inurl:"css"" vuln:index.php?ipath=evilshit greetz:RST, LinuxPakistan phpfreaks [email protected]...

2.6AI score
Exploits0
securityvulns
securityvulns
added 2007/02/13 12:0 a.m.157 views

XSS in lighttpd

hey guys .. check out this new xss i just found ;P Vulnerable : lighttpd web : http://www.lighttpd.net XSS : http://127.0.0.1/path/search?q=223E3Cscript3Ealert2827bl4ck27293C2Fscript3E Discovered By BLacK ZeRo [email protected] Best regards ,,...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2006/06/10 12:0 a.m.157 views

P.A.I.D v2.2

P.A.I.D v2.2 Homepage: http://www.webexceluk.net Effected files: faq.php input form of logging in. index.php The input forms of logging into My Account do not sanatize user input. For PoC of a XSS attack simply put in: "IMG SRC=javascript:alert'XSS'" It also seems when logging in, even if your...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2015/08/31 12:0 a.m.156 views

[SECURITY] [DSA 3344-1] php5 security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3344-1 [email protected] https://www.debian.org/security/ Sebastien Delafond August 27, 2015 https://www.debian.org/security/faq -...

10CVSS1.8AI score0.16948EPSS
Exploits2
securityvulns
securityvulns
added 2015/04/08 12:0 a.m.156 views

Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities

Certificate check bypass, code execution, restrictions bypass, memory corruptions...

7.5CVSS3.2AI score0.67465EPSS
Exploits4Affected Software3
securityvulns
securityvulns
added 2013/10/28 12:0 a.m.156 views

[USN-2002-1] Keystone vulnerabilities

========================================================================== Ubuntu Security Notice USN-2002-1 October 23, 2013 keystone vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: ...

6.5CVSS0.1AI score0.02342EPSS
Exploits0
securityvulns
securityvulns
added 2011/03/03 12:0 a.m.156 views

CubeCart 2.0.6 SQL injection / Cross Site Scripting

Exploit Title: CubeCart 2.0.6 SQL injection / Cross Site Scripting Google Dork: "Powered by CubeCart 2.0.6" home : http://www.D99Y.com Date: 2/3/2011 Author: NassRawI Software Link: http://www.cubecart.com Version: 2.0.6 1 SQL injection file : index.php exploit : http://localhost/index.php?catid=...

0.5AI score
Exploits0
securityvulns
securityvulns
added 2010/02/09 12:0 a.m.156 views

[CORE-2010-0121] Multiple Vulnerabilities with 8.3 Filename Pseudonyms in Web Servers

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ Multiple Vulnerabilities with 8.3 Filename Pseudonyms in Web Servers 1. Advisory Information Title: Multiple Vulnerabilities with 8.3 Filename Pseudonyms in Web Serve...

8AI score
Exploits0
securityvulns
securityvulns
added 2009/11/11 12:0 a.m.156 views

ZDI-09-083: Microsoft Excel Shared Feature Header Pointer Offset Memory Corruption Vulnerability

ZDI-09-083: Microsoft Excel Shared Feature Header Pointer Offset Memory Corruption Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-09-083 November 10, 2009 -- CVE ID: CVE-2009-3129 -- Affected Vendors: Microsoft -- Affected Products: Microsoft Office Excel -- TippingPointTM IPS...

9.3CVSS0.4AI score0.85731EPSS
Exploits10
securityvulns
securityvulns
added 2009/05/18 12:0 a.m.156 views

Oracle multiple security vulnerabilities

Quarterly update fixes nearly 50 different security vulnerabilities...

10CVSS2.2AI score0.17865EPSS
Exploits15References11Affected Software10
securityvulns
securityvulns
added 2008/09/07 12:0 a.m.156 views

dnsmasq multiple security vulnerabilities

DNS records spoofing, DoS...

5CVSS1.5AI score0.95182EPSS
Exploits21References1Affected Software1
securityvulns
securityvulns
added 2007/04/19 12:0 a.m.156 views

mxBB Module MX Smartor FAP 2.0 RC1 Remote File Inclusion Vulnerability

mxBB Module MX Smartor FAP 2.0 RC1 Remote File Inclusion Vulnerability Class: Remote Vendor: http://www.mx-system.com/modules/mxpafiledb/dload.php?action=download&fileid=364 Founder: bd0rk Contact: bd0rkathackermail.com Vulnerable Code in /admin/adminalbumotf.php...

7.3AI score
Exploits0
securityvulns
securityvulns
added 2007/04/11 12:0 a.m.156 views

PcP-Guestbook 3.0 (lang) Local File Inclusion Vulnerabilities

.-""""""""-. / Dj7xpl | | |, .-. .-. ,| | o/ o | |/ / | @ ^^ |IIIIII|/ @8@8|-IIIIII/-| / / @ +Iranian Are The Best In World+ Portal.......: PcP-Book 3.0 Site.........: http://www.pcp-system.at Down.........: http://www.ectona.org/download/?id=621&amp...

0.3AI score
Exploits0
securityvulns
securityvulns
added 2007/03/29 12:0 a.m.156 views

MOPB-35-2007:PHP 4 zip_entry_read() Integer Overflow Vulnerability

Summary The zipreadentry function that is used to read the content of a file stored inside a .ZIP archive is vulnerable to an integer overflow in memory allocation that leads to an exploitable bufferoverflow. Affected versions Affected are PHP 4 4.4.5 Detailed information The zipreadentry functio...

1.2AI score
Exploits0
securityvulns
securityvulns
added 2007/01/30 12:0 a.m.156 views

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

9.3CVSS1.5AI score0.69951EPSS
Exploits12References12Affected Software18
securityvulns
securityvulns
added 2006/09/18 12:0 a.m.156 views

Signkorn Guestbook <= v1.3 Multiple Remote File Include Vulnerabilities

Signkorn Guestbook = v1.3 Multiple Remote File Include Vulnerabilities Discovred By : ThELeO ; Software : Signkorn Guestbook v 1.3 ; Dork : "Signkorn Guestbook 1.3" & "Signkorn Guestbook 1.1 " Signkorn Guestbook 1.2" Exploit : http://Www.Example.Com/Script/index.php?dirpath=U r Evil Script ;...

7.3AI score
Exploits0
securityvulns
securityvulns
added 2005/07/27 12:0 a.m.156 views

[SA16192] phpBook "admin" Cross-Site Scripting Vulnerability

---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secuniavacancies/...

0.2AI score
Exploits0
securityvulns
securityvulns
added 2000/08/24 12:0 a.m.156 views

Subscribe Me Vulnerability

Product: Subscribe Me Versions: ALL version numbers LITE only OS: Unix and Winnt Vendor: Notified, http://www.cgiscriptcenter.com/ The Problem: Yet again the script allows a remote user to overwrite the Admin Passwd file with any password they see fit. Therefore giving them Admin access to the...

0.4AI score
Exploits0
securityvulns
securityvulns
added 2015/08/24 12:0 a.m.155 views

[SYSS-2015-027] Cross-Site Scripting (CWE-79) in Page2Flip Premium App 2.5

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2015-027 Product: Page2Flip Vendor: w!ssenswerft GmbH Affected Versions: Premium App 2.5, probably also in Business App and Basic App, and in lower versions Tested Versions: Premium App 2.5 Vulnerability Type: Cross-Site Scripting...

6.3AI score
Exploits0
securityvulns
securityvulns
added 2014/01/19 12:0 a.m.155 views

[ MDVSA-2014:004 ] nagios

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2014:004 http://www.mandriva.com/en/support/security/ Package : nagios Date : January 16, 2014 Affected: Business Server 1.0, Enterprise Server 5.0 Problem Description: Multiple vulnerabilities has been discovere...

6.4CVSS7.9AI score0.59546EPSS
Exploits0
securityvulns
securityvulns
added 2012/10/22 12:0 a.m.155 views

Omnistar Document Manager v8.0 - Multiple Vulnerabilities

Title: ====== Omnistar Document Manager v8.0 - Multiple Vulnerabilities Date: ===== 2012-10-03 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=712 VL-ID: ===== 712 Common Vulnerability Scoring System: ==================================== 8.3 Introduction: =============...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2012/10/04 12:0 a.m.155 views

CVE-2012-4415: guacamole local root vulnerability

Overview ======== "Guacamole is an HTML5 web application that provides access to desktop environments using remote desktop protocols such as VNC or RDP. A centralized server acts as a tunnel and proxy, allowing access to multiple desktops through a web browser. No plugins are needed: the client...

7.5CVSS2.2AI score0.13581EPSS
Exploits5
securityvulns
securityvulns
added 2011/06/10 12:0 a.m.155 views

ZDI-11-190: Oracle Java ICC Profile 'crdi' Tag Parsing Remote Code Execution Vulnerability

ZDI-11-190: Oracle Java ICC Profile 'crdi' Tag Parsing Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-190 June 8, 2011 -- CVE ID: CVE-2011-0862 -- CVSS: 9, AV:N/AC:L/Au:N/C:P/I:P/A:C -- Affected Vendors: Oracle -- Affected Products: Oracle Java Runtime --...

10CVSS0.6AI score0.06277EPSS
Exploits0
securityvulns
securityvulns
added 2011/01/07 12:0 a.m.155 views

www.eVuln.com : SQL Injection in WikLink

www.eVuln.com advisory: SQL Injection in WikLink Summary: http://evuln.com/vulns/170/summary.html Details: http://evuln.com/vulns/170/description.html -----------Summary----------- eVuln ID: EV0170 Software: WikLink Vendor: n/a Version: 0.1.3 Critical Level: medium Type: SQL Injection Status:...

0.3AI score
Exploits0
securityvulns
securityvulns
added 2009/03/12 12:0 a.m.155 views

Belkin BullDog Plus UPS-Service Buffer Overflow Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Who: Belkin International, Inc. http://www.belkin.com What: Belkin BullDog Plus UPS Management Software v4.0.2 Build 1219 UPS-Service.exe v1.0.0.1 dated 12/19/2006 How: The UPS management software contains a built-in web server which allows for remote...

0.9AI score
Exploits0
securityvulns
securityvulns
added 2009/02/10 12:0 a.m.155 views

ZeroShell <= 1.0beta11 Remote Code Execution

======================================================================== ZeroShell = 1.0beta11 Remote Code Execution ======================================================================== Affected Software: ZeroShell = 1.0beta11 Severity: High Local/Remote: Remote Author: Luca Carettoni -...

0.2AI score
Exploits0
securityvulns
securityvulns
added 2007/07/22 12:0 a.m.155 views

Elite Forum Full HTML ENject versin 1.0.0.0

c0ded: St@rExT From : Turkey exploit: titleElite Forum FULL HTML ENjocter-By St@rEXT/title style bodybackground:urlhttp://img523.imageshack.us/img523/7704/turkeyflag0xuhz9zc7uf0.jpg; color:FFFFFF; font-weight:bold; input background-color:darkred; color:FFFFFF; font-weight:bold; /style form...

Exploits0
securityvulns
securityvulns
added 2007/03/28 12:0 a.m.155 views

Yahoo! Messenger Auth Bypass Vulnerability

This advisory is being provided to you under the policy documented at http://www.wiretrip.net/rfp/policy.html. You are encouraged to read this policy; however, in the interim, you have approximately 5 days to respond to this initial email. This policy encourages open communication, and I look...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2007/02/03 12:0 a.m.155 views

CoD2: DreamStats <= 4.2 (index.php) Remote File Include Vulnerability

ConTact Me:-wWw.Asb-May.Net ScRiPt:-http://callofduty.filefront.com/file/DreamStatsSystem;54520 Discovered By:- ThE dE@Th AsB-MaY DiScOvEr ExPlIoTs TeAm index.php:- if !$slots include$rootpath . 'html/serveroffline.php';exit; ExPlOiT:-http://www.Site.com/PaTh/index.php?rootpath=Shell milw0rm.com...

1.5AI score
Exploits0
securityvulns
securityvulns
added 2004/04/21 12:0 a.m.155 views

US-CERT Technical Cyber Security Alert TA04-111A -- Vulnerabilities in TCP

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Technical Cyber Security Alert TA04-111A archive Vulnerabilities in TCP Original release date: April 20, 2004 Last revised: -- Source: US-CERT Systems Affected Systems that rely on persistent TCP connections, for example routers supporting BGP Overvie...

5CVSS0.1AI score0.80855EPSS
Exploits3
securityvulns
securityvulns
added 2014/12/22 12:0 a.m.154 views

SEC Consult SA-20141218-2 :: Multiple high risk vulnerabilities in NetIQ Access Manager

SEC Consult Vulnerability Lab Security Advisory 20141218-2 ======================================================================= title: Multiple high risk vulnerabilities product: NetIQ Access Manager vulnerable version: 4.0 SP1 fixed version: 4.0 SP1 Hot Fix 3 CVE number: CVE-2014-5214,...

6.8CVSS0.4AI score0.03236EPSS
Exploits8
securityvulns
securityvulns
added 2014/05/15 12:0 a.m.154 views

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

8.5CVSS1.6AI score0.34012EPSS
Exploits25References9Affected Software7
securityvulns
securityvulns
added 2014/04/20 12:0 a.m.154 views

FreeBSD Security Advisory FreeBSD-SA-14:06.openssl [REVISED]

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-14:06.openssl Security Advisory The FreeBSD Project Topic: OpenSSL multiple vulnerabilities Category: contrib Module: openssl Announced: 2014-04-08 Affects: All...

5CVSS6.8AI score0.99999EPSS
Exploits88
securityvulns
securityvulns
added 2012/05/01 12:0 a.m.154 views

C4B XPhone UC Web 4.1.890S R1 - Cross Site Vulnerability

Title: ====== C4B XPhone UC Web 4.1.890S R1 - Cross Site Vulnerability Date: ===== 2012-04-24 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=484 VL-ID: ===== 484 Introduction: ============= XPhone Unified Communications 2011 ist die leistungsstarkste Telefonie- und...

Exploits0
securityvulns
securityvulns
added 2012/04/09 12:0 a.m.154 views

ME Firewall Analyzer v7.2 - Cross Site Vulnerabilities

Title: ====== ME Firewall Analyzer v7.2 - Cross Site Vulnerabilities Date: ===== 2012-04-01 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=437 VL-ID: ===== 437 Introduction: ============= ManageEngine® Firewall Analyzer is a web based tool for change management,...

0.8AI score
Exploits0
securityvulns
securityvulns
added 2011/10/26 12:0 a.m.154 views

zFtp Server <= 2011-04-13 | "STAT,CWD" Remote Denial of Service Vulnerability

zFtp Server = 2011-04-13 | "STAT,CWD" Remote Denial of Service Vulnerability 1. OVERVIEW The zFTP server is found to be vulnerable to denial of service in handling multiple STAT and CWD command requests. 2. BACKGROUND The zFTP server is a Windows based FTP server with focus on clever Active...

1.6AI score
Exploits0
securityvulns
securityvulns
added 2010/05/27 12:0 a.m.154 views

[ MDVSA-2010:107 ] mysql

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2010:107 http://www.mandriva.com/security/ Package : mysql Date : May 25, 2010 Affected: 2008.0, 2009.0, 2009.1, 2010.0, Corporate 4.0, Enterprise Server 5.0 Problem Description: Multiple vulnerabilities has been...

6.5CVSS8.3AI score0.21789EPSS
Exploits3
securityvulns
securityvulns
added 2009/09/28 12:0 a.m.154 views

[ONSEC-09-016] Blogolet XSS

ONSEC-09-016 Blogolet XSS Цель: Blogolet CMS Тип: Межсайтовый скриптинг Угроза: Средняя Дата обнаружения: 21.09.2009 Дата оповещения разработчика: 21.09.2009 Дата выхода исправления: 21.09.2009 Автор: Vladimir Vorontsov OnSec Russian Security Group onsec dot ru Описание: Уязвимости существуют из-...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2009/05/29 12:0 a.m.154 views

[InterN0T] AdPeeps 8.5d1 - XSS and HTML Injection Vulnerabilities

AdPeeps Ad Rotator - XSS and HTML Injection Vulnerabilities Version Affected: 8.5d1 3-18-09 newest Info: Ad Peeps is a banner rotator and text ad rotator - all in one that allows you to track, sell and manage banner ads, rich-media/flash ads and text ads on your website. Built using PHP/MYSQL, Ad...

6.7AI score
Exploits0
Total number of security vulnerabilities5000