Lucene search
K
SecurityvulnsMost viewed

47153 matches found

securityvulns
securityvulns
added 2007/02/05 12:0 a.m.139 views

Adrenalin's ASP Chat XSS

Adrenalin's ASP Chat XSS By : sn0oPy Risk : high exploit : just inject any script at your psuedo or on chat, to apply it for all the users connected Dork : intitle:"ASP Chat" contact : [email protected] greetz : subzero, http://forums.avenir-geopolitique.net. reference :...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2006/08/31 12:0 a.m.139 views

[SA21672] Sony PSP TIFF Image Viewing Code Execution Vulnerability

TITLE: Sony PSP TIFF Image Viewing Code Execution Vulnerability SECUNIA ADVISORY ID: SA21672 VERIFY ADVISORY: http://secunia.com/advisories/21672/ CRITICAL: Moderately critical IMPACT: System access WHERE: From remote OPERATING SYSTEM: Sony PlayStation Portable PSP 2.x...

0.9AI score
Exploits0
securityvulns
securityvulns
added 2004/11/22 12:0 a.m.139 views

Danware NetOp information leak

System information leak...

1.4AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2002/09/10 12:0 a.m.139 views

sql injection vulnerability in WBB 2.0 RC1 and below

Hi, I discovered a serious vulnerability in Woltlab Burning Board 2.0 RC 1 and below some weeks ago. The latest version WBB 2.0 RC 2 seems not vulnerable, but there are still sites using vulnerable versiones. versions tested vulnerable WBB 2.0 RC 1 WBB 2.0 beta 5 WBB 2.0 beta 4 WBB 2.0 beta 3...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2001/05/16 12:0 a.m.139 views

ISS Alert: IIS URL Decoding Vulnerability

TO UNSUBSCRIBE: email "unsubscribe alert" in the body of your message to [email protected] Contact [email protected] for help with any problems! --------------------------------------------------------------------------- -----BEGIN PGP SIGNED MESSAGE----- Internet Security Systems Security Aler...

7.5CVSS0.7AI score0.9077EPSS
Exploits8
securityvulns
securityvulns
added 2015/02/23 12:0 a.m.138 views

[SECURITY] CVE-2014-0227 Apache Tomcat Request Smuggling

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2014-0227 Request Smuggling Severity: Important Vendor: The Apache Software Foundation Versions Affected: - - Apache Tomcat 8.0.0-RC1 to 8.0.8 - - Apache Tomcat 7.0.0 to 7.0.54 - - Apache Tomcat 6.0.0 to 6.0.41 Description: It was possible to craf...

6.4CVSS6.3AI score0.21045EPSS
Exploits0
securityvulns
securityvulns
added 2015/01/02 12:0 a.m.138 views

[KIS-2014-16] Osclass <= 3.4.2 (contact.php) Unrestricted File Upload Vulnerability

--------------------------------------------------------------------- Osclass = 3.4.2 contact.php Unrestricted File Upload Vulnerability --------------------------------------------------------------------- - Software Link: http://osclass.org/ - Affected Versions: Version 3.4.2 and probably prior...

6.8CVSS0.3AI score0.02514EPSS
Exploits2
securityvulns
securityvulns
added 2014/12/22 12:0 a.m.138 views

E-Journal CMS (ID) - Multiple Web Vulnerabilities

Document Title: =============== E-Journal CMS ID - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1380 Release Date: ============= 2014-12-17 Vulnerability Laboratory ID VL-ID: ==================================== 1380 Commo...

0.8AI score
Exploits0
securityvulns
securityvulns
added 2014/08/26 12:0 a.m.138 views

ntopng 1.2.0 XSS injection using monitored network traffic

ntopng 1.2.0 XSS injection using monitored network traffic ntopng is the next generation version of the original ntop, a network traffic probe and monitor that shows the network usage, similar to what the popular top Unix command does. The web-based frontend of the software is vulnerable to...

7AI score
Exploits0
securityvulns
securityvulns
added 2014/05/30 12:0 a.m.138 views

[security bulletin] HPSBMU03044 rev.1 - HP Business Process Monitor, running OpenSSL, Remote Disclosure of Information

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04307186 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04307186 Version: 1 HPSBMU03044 rev....

5CVSS0.7AI score0.99999EPSS
Exploits87
securityvulns
securityvulns
added 2014/05/05 12:0 a.m.138 views

ESA-2014-019: RSA BSAFE® Micro Edition Suite Certificate Chain Processing Vulnerability

ESA-2014-019.txt -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2014-019: RSA BSAFE® Micro Edition Suite Certificate Chain Processing Vulnerability EMC Identifier: ESA-2014-019 CVE Identifier: CVE-2014-0636 Severity Rating: CVSS v2 Base Score: 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C Affected Products:...

5.8CVSS0.2AI score0.00669EPSS
Exploits0
securityvulns
securityvulns
added 2014/05/05 12:0 a.m.138 views

[CVE-2014-2531] SQL injection in InterWorx Web Control Panel <= 5.0.13

================================================= Title: SQL injection in InterWorx Control Panel Product: InterWorx Web Control Panel Vendor: InterWorx LLC Tested Version: 5.0.13 build 574 Vulnerability Type: SQL Injection CWE-89 CVE Reference: CVE-2014-2531 Solution Status: Fixed in Version...

6.5CVSS7.5AI score0.01123EPSS
Exploits6
securityvulns
securityvulns
added 2013/02/18 12:0 a.m.138 views

Multiple Vulnerabilities in TP-Link TL-WA701N / TL-WA701ND

Device Name: TL-WA701N / TL-WA701ND Vendor: TP-Link ============ Vulnerable Firmware Releases: ============ Firmware Version: 3.12.6 Build 110210 Rel.37112n Firmware Version: 3.12.16 Build 120228 Rel.37317n - Published Date 2/28/2012 Hardware Version: WA701N v1 00000000 Model No.: TL-WA701N /...

5.9AI score
Exploits0
securityvulns
securityvulns
added 2012/06/03 12:0 a.m.138 views

DDIVRT-2012-43 SCLIntra Enterprise SQL Injection and Authentication Bypass

Title ----- DDIVRT-2012-43 SCLIntra Enterprise SQL Injection and Authentication Bypass Severity -------- High Date Discovered --------------- April 2, 2012 Discovered By ------------- Digital Defense, Inc. Vulnerability Research Team Credit: r@b13$ Vulnerability Description...

0.6AI score
Exploits0
securityvulns
securityvulns
added 2011/12/19 12:0 a.m.138 views

0A29-11-3 : Cross-Site Scripting vulnerabilities in Nagios XI < 2011R1.9

================ Cross-Site Scripting vulnerabilities in Nagios XI 2011R1.9 Author: 0a29406d9794e4f9b30b3c5d6702c708 twitter.com/0a29 - 0a29.blogspot.com - GMail 0a2940 ================ Description: ================ Multiple XSS vulnerabilities exist within Nagios XI. It is entirely likely this...

6.1AI score
Exploits0
securityvulns
securityvulns
added 2011/12/04 12:0 a.m.138 views

Ariadne 2.7.6 Multiple XSS vulnerabilities

Advisory: Ariadne 2.7.6 Multiple XSS vulnerabilities Advisory ID: SSCHADV2011-038 Author: Stefan Schurtz Affected Software: Successfully tested on Ariadne 2.7.6 Vendor URL: http://www.ariadne-cms.org/ Vendor Status: informed ========================== Vulnerability Description...

0.5AI score
Exploits0
securityvulns
securityvulns
added 2011/11/06 12:0 a.m.138 views

Serendipity Plugin 'Karma Ranking' Multiple Cross-Site Scripting

Advisory: Serendipity Plugin 'Karma Ranking' Multiple Cross-Site Scripting vulnerabilities Advisory ID: SSCHADV2011-017 Author: Stefan Schurtz Affected Software: Successfully tested on Serendipity 1.5.5 with Karma Ranking Plugin version 1.1 Vendor URL: http://www.s9y.org Vendor Status: fixed...

6.5AI score
Exploits0
securityvulns
securityvulns
added 2011/08/01 12:0 a.m.138 views

Agent Image (news_details.php?news_ID) Remote SQL injection Vulnerability

IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability Agent Image newsdetails.php?newsID AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.agentimage.com/ Persian Gulf 4 Ever! Dork : "Design by Agent Image"...

2.6AI score
Exploits0
securityvulns
securityvulns
added 2011/04/26 12:0 a.m.138 views

HTB22955: Path disclosure in BuddyPress WordPress plugin

Vulnerability ID: HTB22955 Reference: http://www.htbridge.ch/advisory/pathdisclosureinbuddypresswordpressplugin.html Product: BuddyPress Vendor: BuddyPress http://buddypress.org/ Vulnerable Version: 1.2.8 Vendor Notification: 12 April 2011 Vulnerability Type: Path disclosure Risk level: Low Credi...

7AI score
Exploits0
securityvulns
securityvulns
added 2011/02/08 12:0 a.m.138 views

HTB22818: Stored XSS vulnerability in WebAsyst Shop-Script

Vulnerability ID: HTB22818 Reference: http://www.htbridge.ch/advisory/storedxssvulnerabilityinwebasystshopscript.html Product: WebAsyst Shop-Script Vendor: WebAsyst, LLC http://www.shop-script.ru/ Vulnerable Version: Current version 2011.01.23 shop-script.ru/demo/ Vendor Notification: 25 January...

0.4AI score
Exploits0
securityvulns
securityvulns
added 2010/04/22 12:0 a.m.138 views

CSRF in e107

Vulnerability ID: HTB22344 Reference: http://www.htbridge.ch/advisory/xsrfcsrfine107.html Product: e107 Website System Vendor: e107 Vulnerable Version: 0.7.19 and Probably Prior Versions Vendor Notification: 05 April 2010 Vulnerability Type: CSRF Cross-Site Request Forgery Status: Not Fixed, Vend...

0.5AI score
Exploits0
securityvulns
securityvulns
added 2010/04/06 12:0 a.m.138 views

ZDI-10-060: Sun Java Runtime Environment MixerSequencer Invalid Array Index Remote Code Execution Vulnerability

ZDI-10-060: Sun Java Runtime Environment MixerSequencer Invalid Array Index Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-10-060 April 5, 2010 -- CVE ID: CVE-2010-0842 -- Affected Vendors: Sun Microsystems -- Affected Products: Sun Microsystems Java Runtime -...

7.5CVSS0.5AI score0.77721EPSS
Exploits9
securityvulns
securityvulns
added 2009/09/10 12:0 a.m.138 views

Arbitrary File Upload vulnerability in TinyBrowser

Здравствуйте 3APA3A! Сообщаю вам о найденной мною Arbitrary File Upload уязвимости в TinyBrowser - файл менеджере для редактора TinyMCE. Arbitrary File Upload: http://site/path/tinybrowser.php?type=file При доступе к TinyBrowser, доступ к которому не ограничивается, можно загрузить через встроенн...

7.2AI score
Exploits0
securityvulns
securityvulns
added 2009/07/24 12:0 a.m.138 views

[ISecAuditors Security Advisories] Joomla! < 1.5.12 Multiple Full Path Disclosure vulnerabilities

============================================= INTERNET SECURITY AUDITORS ALERT 2009-009 - Original release date: July 21st, 2009 - Last revised: July 23rd, 2009 - Discovered by: Juan Galiana Lara - Severity: 5/10 CVSS Base Score ============================================= I. VULNERABILITY...

6.7AI score
Exploits0
securityvulns
securityvulns
added 2009/06/10 12:0 a.m.138 views

Microsoft Security Bulletin MS09-022 - Critical Vulnerabilities in Windows Print Spooler Could Allow Remote Code Execution (961501)

Microsoft Security Bulletin MS09-022 - Critical Vulnerabilities in Windows Print Spooler Could Allow Remote Code Execution 961501 Published: June 9, 2009 Version: 1.0 General Information Executive Summary This security update resolves three privately reported vulnerabilities in Windows Print...

10CVSS1.4AI score0.34878EPSS
Exploits10
securityvulns
securityvulns
added 2009/06/05 12:0 a.m.138 views

[SECURITY] CVE-2009-0580 Apache Tomcat User enumeration vulnerability with FORM authentication

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2009-0580: Tomcat information disclosure vulnerability Severity: Low Vendor: The Apache Software Foundation Versions Affected: Tomcat 4.1.0 to 4.1.39 Tomcat 5.5.0 to 5.5.27 Tomcat 6.0.0 to 6.0.18 The unsupported Tomcat 3.x, 4.0.x and 5.0.x version...

4.3CVSS4.9AI score0.9444EPSS
Exploits4
securityvulns
securityvulns
added 2008/12/10 12:0 a.m.138 views

XSS in PHPepperShop v 1.4

Vulnerable Version:PHPepperShop v 1.4 Homepage:http://www.phpeppershop.com This is 4 reflective XSS flaws in the URI. Trust no one not even your $SERVERPHPSELF http://10.1.1.10/shop/kontakt.php/'scriptalert1/script http://10.1.1.10/index.php/223Cscript3Ealert13C/script3E...

6.2AI score
Exploits0
securityvulns
securityvulns
added 2008/04/05 12:0 a.m.138 views

Cisco Security Advisory: Cisco Unified Communications Disaster Recovery Framework Command Execution Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Cisco Unified Communications Disaster Recovery Framework Command Execution Vulnerability Advisory ID: cisco-sa-20080403-drf http://www.cisco.com/warp/public/707/cisco-sa-20080403-drf.shtml Revision 1.0 For Public Release 2008...

10CVSS0.3AI score0.05139EPSS
Exploits1
securityvulns
securityvulns
added 2007/12/26 12:0 a.m.138 views

[CVE-2007-5342] Apache Tomcat's default security policy is too open

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2007-5342: Tomcat's default security policy is too open Severity: Low Vendor: The Apache Software Foundation Versions Affected: Tomcat 5.5.9 to 5.5.25 Tomcat 6.0.0 to 6.0.15 Description: The JULI logging component allows web applications to provid...

6.4CVSS7.2AI score0.05156EPSS
Exploits1
securityvulns
securityvulns
added 2007/06/26 12:0 a.m.138 views

Ingres wakeup setuid(ingres) file truncation

======= Summary ======= Name: wakeup setuidingres file truncation Release Date: 25 June 2007 Reference: NGS00390 Discover: Chris Anley [email protected] Vendor: Ingres Vendor Reference: Ingres bug 115913, CVE-2007-3337, CAID 35451 Systems Affected: Ingres 2006 9.0.4 and prior Risk: Medium...

2.1CVSS0.2AI score0.00355EPSS
Exploits5
securityvulns
securityvulns
added 2007/04/19 12:0 a.m.138 views

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

9.3CVSS1.5AI score0.09691EPSS
Exploits4References32Affected Software34
securityvulns
securityvulns
added 2005/09/14 12:0 a.m.138 views

Mozilla / Mozilla Firefox authentication weakness

Dear bugTraq, I have reported this issue some time ago: http://www.security.nnov.ru/Fnews19.html but it looks like it was ignored, and not fixed in latest mozilla and firefox releases, so I decided to send "formal" advisory Issue: Mozilla browsers authentication weakness Author: 3APA3A...

1.5AI score
Exploits0
securityvulns
securityvulns
added 2015/11/01 12:0 a.m.137 views

[USN-2788-1] unzip vulnerabilities

========================================================================== Ubuntu Security Notice USN-2788-1 October 29, 2015 unzip vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

6.8CVSS1AI score0.07184EPSS
Exploits0
securityvulns
securityvulns
added 2015/10/25 12:0 a.m.137 views

APPLE-SA-2015-10-21-4 OS X El Capitan 10.11.1 and Security Update 2015-007

APPLE-SA-2015-10-21-4 OS X El Capitan 10.11.1 and Security Update 2015-007 OS X El Capitan 10.11.1 and Security Update 2015-007 are now available and address the following: Accelerate Framework Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan 10.11 Impact: Visiti...

10CVSS0.9AI score0.94859EPSS
Exploits57
securityvulns
securityvulns
added 2015/10/05 12:0 a.m.137 views

APPLE-SA-2015-09-21-1 watchOS 2

APPLE-SA-2015-09-21-1 watchOS 2 watchOS 2 is now available and addresses the following: Apple Pay Available for: Apple Watch Sport, Apple Watch, and Apple Watch Edition Impact: Some cards may allow a terminal to retrieve limited recent transaction information when making a payment Description: Th...

10CVSS0.6AI score0.2447EPSS
Exploits6
securityvulns
securityvulns
added 2015/04/16 12:0 a.m.137 views

[SYSS-2015-014] Panda Global Protection 2015 - Authentication Bypass

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2015-014 Product: Panda Global Protection 2015 Vendor: Panda Security Affected Versions: 15.1.0 Tested Versions: 15.1.0 Vulnerability Type: Authentication Bypass Using an Alternate Path or Channel CWE-288 Risk Level: Medium Solutio...

0.2AI score
Exploits0
securityvulns
securityvulns
added 2014/10/18 12:0 a.m.137 views

APPLE-SA-2014-10-16-5 OS X Server v2.2.5

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2014-10-16-5 OS X Server v2.2.5 OS X Server v2.2.5 is now available and addresses the following: Server Available for: OS X Mountain Lion v10.8.5 Impact: An attacker may be able to decrypt data protected by SSL Description: There are known...

4.3CVSS4.5AI score0.99999EPSS
Exploits7
securityvulns
securityvulns
added 2014/06/14 12:0 a.m.137 views

[ MDVSA-2014:116 ] file

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2014:116 http://www.mandriva.com/en/support/security/ Package : file Date : June 10, 2014 Affected: Business Server 1.0 Problem Description: Updated file packages fix security vulnerabilities: A flaw was found in...

5CVSS6.7AI score0.20805EPSS
Exploits0
securityvulns
securityvulns
added 2014/05/05 12:0 a.m.137 views

[SWRX-2014-001] Open Web Analytics Pre-Auth SQL Injection

Dell SecureWorks Security Advisory SWRX-2014-001 Open Web Analytics Pre-Auth SQL Injection Advisory Information Title: Open Web Analytics Pre-Auth SQL Injection Advisory ID: SWRX-2014-001 Advisory URL: http://www.secureworks.com/cyber-threat-intelligence/advisories/SWRX-2014-001/ Date published:...

7.5CVSS0.3AI score0.02495EPSS
Exploits7
securityvulns
securityvulns
added 2014/02/10 12:0 a.m.137 views

Inteno DG301 Command Injection

Background According to the vendor, Inteno DG301 is a high-end Multi-WAN residential gateway with advanced router and bridge functions. 2. Summary Inteno DG301 Powered by LuCI Trunk inteno-1.0.34 and OpenWrt Backfire 10.03.1-RC6 is vulnerable to command injection, which can be exploited directly...

1AI score
Exploits0
securityvulns
securityvulns
added 2013/07/29 12:0 a.m.137 views

Xymon Systems and Network Monitor - remote file deletion vulnerability

Advisory ID: HTB23163 Product: Magnolia CMS Vendor: Magnolia International Ltd Vulnerable Versions: 4.5.7, 4.5.8, 4.5.9, 5.0 and 5.0.1 Community Edition Tested Version: 5.0 Community Edition Vendor Notification: July 3, 2013 Vendor Patch: July 18, 2013 Public Disclosure: July 24, 2013 Vulnerabili...

4.3CVSS0.8AI score0.0353EPSS
Exploits3
securityvulns
securityvulns
added 2013/07/29 12:0 a.m.137 views

Cross-Site Scripting (XSS) in Magnolia CMS

Advisory ID: HTB23163 Product: Magnolia CMS Vendor: Magnolia International Ltd Vulnerable Versions: 4.5.7, 4.5.8, 4.5.9, 5.0 and 5.0.1 Community Edition Tested Version: 5.0 Community Edition Vendor Notification: July 3, 2013 Vendor Patch: July 18, 2013 Public Disclosure: July 24, 2013 Vulnerabili...

4.3CVSS0.6AI score0.0353EPSS
Exploits3
securityvulns
securityvulns
added 2013/07/15 12:0 a.m.137 views

Linksys X3000 - Multiple Vulnerabilities

Device: X3000 Vendor: Linksys ============ Vulnerable Firmware Releases: ============ Firmware Version: v1.0.03 build 001 Jun 11,2012 ============ Vulnerability Overview: ============ OS Command Injection The vulnerability is caused by missing input validation in the pingip parameter and can be...

8AI score
Exploits0
securityvulns
securityvulns
added 2012/07/16 12:0 a.m.137 views

Phonalisa v5.0 VoiP - Multiple Web Vulnerabilities

Title: ====== Phonalisa v5.0 VoiP - Multiple Web Vulnerabilities Date: ===== 2012-06-16 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=526 VL-ID: ===== 526 Common Vulnerability Scoring System: ==================================== 6.5 Introduction: ============= Die...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2012/02/08 12:0 a.m.137 views

ESA-2012-010: EMC Documentum xPlore information disclosure vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2012-010: EMC Documentum xPlore information disclosure vulnerability. EMC Identifier: ESA-2012-010 EMC Identifier: SRCH-7949 CVE Identifier: CVE-2012-0396 Severity Rating: CVSS v2 Base Score: 4.0 AV:N/AC:L/Au:S/C:P/I:N/A:N Affected products: EMC S...

4CVSS0.7AI score0.01081EPSS
Exploits0
securityvulns
securityvulns
added 2011/08/17 12:0 a.m.137 views

SAY Comunicacion (producto.php?id) Remote SQL injection Vulnerability

IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability SAY Comunicacion producto.php?id AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.saycomunicacion.com/ Persian Gulf 4 Ever! Dork : "Diseno Web:SAY Comunicacion"...

3AI score
Exploits0
securityvulns
securityvulns
added 2011/08/03 12:0 a.m.137 views

ZDI-11-245: Sybase Adaptive Server Backup and Monitor Server Translation Array Remote Code Execution Vulnerability

ZDI-11-245: Sybase Adaptive Server Backup and Monitor Server Translation Array Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-245 July 29, 2011 -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C -- Affected Vendors: Sybase -- Affected Products: Sybase Adaptive Server ...

0.6AI score
Exploits0
securityvulns
securityvulns
added 2011/07/26 12:0 a.m.137 views

Funnel Web (directory.php?cid) Remote SQL injection Vulnerability

IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability Funnel Web directory.php?cid AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.funnel-web.com.au/ Persian Gulf 4 Ever! Dork : "Web site design by Funnel Web"...

2.8AI score
Exploits0
securityvulns
securityvulns
added 2011/06/10 12:0 a.m.137 views

ZDI-11-184: Oracle Java ICC Profile Sequence Description 'pseq' Tag Parsing Remote Code Execution Vulnerability

ZDI-11-184: Oracle Java ICC Profile Sequence Description 'pseq' Tag Parsing Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-184 June 8, 2011 -- CVE ID: CVE-2011-0862 -- CVSS: 9, AV:N/AC:L/Au:N/C:P/I:P/A:C -- Affected Vendors: Oracle -- Affected Products:...

10CVSS0.6AI score0.06277EPSS
Exploits0
securityvulns
securityvulns
added 2010/06/25 12:0 a.m.137 views

Mozilla Foundation Security Advisory 2010-29

Mozilla Foundation Security Advisory 2010-29 Title: Heap buffer overflow in nsGenericDOMDataNode::SetTextInternal Impact: Critical Announced: June 22, 2010 Reporter: Nils MWR InfoSecurity Products: Firefox, Thunderbird, SeaMonkey Fixed in: Firefox 3.6.4 Firefox 3.5.10 Thunderbird 3.0.5 SeaMonkey...

9.3CVSS0.4AI score0.04879EPSS
Exploits0
Total number of security vulnerabilities5000