Lucene search
K
SecurityvulnsMost viewed

47153 matches found

securityvulns
securityvulns
added 2005/11/01 12:0 a.m.1474 views

Critical Security Advisory #005: ioFTPd User account enumeration vulnerability

Inicom networks ioFTPd 0.5.84u User account enumeration vulnerability Critical Security research: http://www.critical.lt Original Advisory may be found: http://www.critical.lt/?vulnerabilities/119 Vulnerable product: ioFTPd 0.5.84u maybe prior versions affected too Vulnerability type: User accoun...

7.3AI score
Exploits0
securityvulns
securityvulns
added 2005/11/04 12:0 a.m.1451 views

JPORTAL Multiple SQL Injection

DATE: ========= 3/11/2005 AFFECTED PRODUCTS ================= JPORTAL all version OVERVIEW ======== JpoRtaL is a simple portal system written in PHP using MySQL on backend. It includes article posting with comments, topics, links manager with section, download manager with section, short news...

0.3AI score
Exploits0
securityvulns
securityvulns
added 2003/06/09 12:0 a.m.1424 views

[SmartFTP] Two Buffer Overflow Vulnerabilities

---------------------------------------------------------------------- SUMMARY : SmartFTP Two Buffer Overflow Vulnerabilities PRODUCT : SmartFTP VERSIONS : 1.0.973 VENDOR : SmartFTP http://www.smartftp.com/ SEVERITY : Critical. Code Execution. DISCOVERED BY : nesumin AUTHOR : :: Operash :: REPORT...

0.5AI score
Exploits0
securityvulns
securityvulns
added 2000/05/26 12:0 a.m.1422 views

Windows DoS code (jolt2.c) (fwd)

This is code for the new DoS discovered by Razor a few days ago. It forces cpu utilization to 100, making everything move really really slow. Tested against Win98, WinNT4/sp5,6, Win2K. An interesting side note is that minor changes to this packet cause NT4/Win2k maybe others, not tested memory us...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2007/04/11 12:0 a.m.1413 views

Microsoft Windows memory corruption

CSRSS memory corruption on MessageBox with MBSERVICENOTIFICATION beginning with "??"...

7.2CVSS4.1AI score0.06786EPSS
Exploits1References5
securityvulns
securityvulns
added 2004/08/19 12:0 a.m.1410 views

Ошибка переполнения буффера в aGsm версии 2.35c и в последней developer-версии (beta)...

Доброго времени суток! Мною обнаружена ошибка переполнения буффера и вероятно возможность удалённого исполнения вредоносного кода в последних версиях aGsm. Заключается она в следующем: При обработке ответа от Half-Life серверов, aGsm, как выяснилось, не проверяет длинну строки hostname, а копируе...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2006/06/09 12:0 a.m.1402 views

Mathcad Area Lock Vulnerability

Description of Vulnerability ============================ One of the features of Mathcad www.mathsoft.com is allowing the user to define ‘Areas’. Mathsoft say that ‘You can use areas to protect, lock, or hide information or equations in your worksheets’ and that ‘You can also protect the contents...

0.8AI score
Exploits0
securityvulns
securityvulns
added 2013/11/18 12:0 a.m.1386 views

XSS on Juniper JUNOS 11.4 Embedthis Appweb 3.2.3

Vulnerability Type: XSS Cross-Site Scripting - Original release date: November 11th, 2013 - Last revised: November 11th, 2013 - Discovered by: Andrea Bodei - A2SECURE - Severity: 4.3/10 CVSSv2 Base Scored Products and affected versions: JUNOS up to 11.4 probably 12.1 and 12.3 vulnerable...

0.4AI score
Exploits0
securityvulns
securityvulns
added 2010/04/30 12:0 a.m.1382 views

Cross-Site Scripting vulnerability in Mango

Здравствуйте 3APA3A! Сообщаю вам о найденной мною Cross-Site Scripting уязвимости в Mango. XSS: http://site/archives.cfm/search/?term=3Cbody20onload=alertdocument.cookie3E Уязвимы Mango 1.4.1 и предыдущие версии. Дополнительная информация о данной уязвимости у меня на сайте:...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2011/06/11 12:0 a.m.1355 views

VMWare Tools privilege escalations

Privilege escalation via mount.vmhgfs and vmware-user-suid-wrapper suid utilities...

6.9CVSS4.4AI score0.0032EPSS
Exploits0References1Affected Software5
securityvulns
securityvulns
added 2008/03/13 12:0 a.m.1325 views

Powered by phpBB 2001, 2006 (SQL)

Powered by phpBB © 2001, 2006 phpBB Group Modified by Fully Modded phpBB © 2002, 2006 AUTHOR : TurkishWarriorr HOME : http://www.1923turk.org DORKS 1 : allinurl :kb.php?mode=article&k DORKS 2 : article&k= DORKS 3 : "Powered by phpBB © 2001, 2006 phpBB Group" "Modified by Fully Modded phpBB © 2002...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2007/04/11 12:0 a.m.1319 views

HIOX GUEST BOOK (HGB) 4.0 Remote Code Execution Vulnerability

+========================I=R=A=N============================+ HGB Version 4.0 =========================I=R=A=N============================= +========================I=R=A=N============================+ Author : Dj7xpl / Dj7xplatYahoodotcom...

1.3AI score
Exploits0
securityvulns
securityvulns
added 2013/07/15 12:0 a.m.1298 views

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

10CVSS1.6AI score0.10692EPSS
Exploits36References27Affected Software22
securityvulns
securityvulns
added 2006/07/28 12:0 a.m.1290 views

Yahoo Messenger instant messenger agent DoS

Application crashes on message with malformed link. Vulnerability is known to be used in-the-wild...

2AI score
Exploits0References3Affected Software1
securityvulns
securityvulns
added 2007/01/24 12:0 a.m.1274 views

Advanced Guestbook <=- 2.4.2 (include_path) Remote File Include Vulnerability

Advanced Guestbook =- 2.4.2 includepath Remote File Include Vulnerability Script: Advanced Guestbook Version: 2.4.2 URL: http://proxy2.de/js/dl86d7a2.php Found By : BorN To K!LL Bug in : index.php , addentry.php , picture.php code :. requireonce $includepath."/admin/config.inc.php"; requireonce...

0.7AI score
Exploits0
securityvulns
securityvulns
added 2010/11/18 12:0 a.m.1243 views

XSS in CLANSPHERE

Vulnerability ID: HTB22693 Reference: http://www.htbridge.ch/advisory/xssinclansphere.html Product: CLANSPHERE Vendor: csphere.eu http://www.csphere.eu/ Vulnerable Version: 2010.0 Final Vendor Notification: 02 November 2010 Vulnerability Type: XSS Cross Site Scripting Status: Fixed by Vendor Risk...

0.4AI score
Exploits0
securityvulns
securityvulns
added 2011/08/10 12:0 a.m.1239 views

Synchrony Infotech (product_details.php?id) Remote SQL injection Vulnerability

IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability Synchrony Infotech productdetails.php?id AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.synchrony.co.in/ Persian Gulf 4 Ever! Dork : "Designed by synchrony infotech."...

2.5AI score
Exploits0
securityvulns
securityvulns
added 2011/07/13 12:0 a.m.1234 views

ZDI-11-233: Symantec Web Gateway forget.php SQL Injection Vulnerability

ZDI-11-233: Symantec Web Gateway forget.php SQL Injection Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-233 July 7, 2011 -- CVE ID: CVE-2011-0549 -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P -- Affected Vendors: Symantec -- Affected Products: Symantec Web Gateway -- TippingPointTM...

7.5CVSS0.4AI score0.02237EPSS
Exploits1
securityvulns
securityvulns
added 2002/06/04 12:0 a.m.1217 views

Unauthorized access to PowerChute shared folder

During programm installation Program FilesPwrchute shared with full access allowing to trojan program executables...

3.9AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2003/04/12 12:0 a.m.1203 views

Brocade Firmware SNMP Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- SGI Security Advisory Title : Brocade Firmware SNMP Vulnerability Number : 20030405-01-I Date : April 11, 2003 Reference: SGI BUG 876762 Reference: CERT CA-2002-03 Reference: CVE CAN-2002-0013 Reference: CVE CAN-2002-0017 Fixed in : Brocade Firmware v2.6.0d or...

10CVSS6.3AI score0.50845EPSS
Exploits0
securityvulns
securityvulns
added 2011/08/17 12:0 a.m.1154 views

Neox (categoria.php?id) Remote SQL injection Vulnerability

IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability Neox categoria.php?id AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.neox.es/ Persian Gulf 4 Ever! Dork : "inurl:categoria.php?id=" "Diseсo web - Mбlaga" Exploite:...

2.7AI score
Exploits0
securityvulns
securityvulns
added 2010/06/15 12:0 a.m.1128 views

IS-2010-002 - Linksys WAP54Gv3 Remote Debug Root Shell

Security Advisory IS-2010-002 - Linksys WAP54Gv3 Remote Debug Root Shell Advisory Information -------------------- Published: 2010-06-08 Updated: 2010-06-08 Manufacturer: Linksys Model: WAP54G Hardware version: v3.x Firmware version: ver.3.05.03 Europe ver.3.04.03 Vulnerability Details...

0.9AI score
Exploits0
securityvulns
securityvulns
added 2006/12/02 12:0 a.m.1094 views

[Aria-Security Team] DuWare DuClassMate SQL Injection Vuln

Aria-Security Team Advisory www.Aria-security.Com For English www.Aria-Security.net For Persian Original Advisory: http://www.aria-security.com/forum/showthread.php?t=59 ----------------------------------------------------------- Software: DuClassmate Method: SQL Injection Vendor:...

2.3AI score
Exploits0
securityvulns
securityvulns
added 2003/02/25 12:0 a.m.1094 views

Terminal Emulator Security Issues

TERMINAL EMULATOR SECURITY ISSUES Copyright © 2003 Digital Defense Incorporated All Rights Reserved Table of Contents -- Summary -- Disclaimer -- Escape Sequences -- Remote Exploitation -- Screen Dumping -- Window Title Reporting -- Miscellaneous Issues -- Terminal Defense -- Tested Emulator...

7.5CVSS7.9AI score0.13718EPSS
Exploits7
securityvulns
securityvulns
added 2015/08/17 12:0 a.m.1093 views

APPLE-SA-2015-08-13-2 OS X Yosemite v10.10.5 and Security Update 2015-006

APPLE-SA-2015-08-13-2 OS X Yosemite v10.10.5 and Security Update 2015-006 OS X Yosemite v10.10.5 and Security Update 2015-006 is now available and addresses the following: apache Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4 Impact: Multiple vulnerabilities existed in...

9.3CVSS0.7AI score0.74483EPSS
Exploits53
securityvulns
securityvulns
added 2009/07/24 12:0 a.m.1089 views

Security advisory for Adobe Reader, Acrobat and Flash Player

Security advisory for Adobe Reader, Acrobat and Flash Player Release date: July 22, 2009 Last Updated: July 23, 2009 Vulnerability identifier: APSA09-03 CVE number: CVE-2009-1862 Platform: All Platforms Summary A critical vulnerability exists in the current versions of Flash Player v9.0.159.0 and...

9.3CVSS0.1AI score0.25006EPSS
Exploits5
securityvulns
securityvulns
added 2014/12/01 12:0 a.m.1088 views

Slider Revolution/Showbiz Pro shell upload exploit

!/usr/bin/perl Title: Slider Revolution/Showbiz Pro shell upload exploit Author: Simo Ben youssef Contact: SimoatMorxploitcom Discovered: 15 October 2014 Coded: 15 October 2014 Updated: 25 November 2014 Published: 25 November 2014 MorXploit Research http://www.MorXploit.com Vendor: ThemePunch...

7.2AI score
Exploits0
securityvulns
securityvulns
added 2004/07/06 12:0 a.m.1079 views

[Full-Disclosure] Multiples vulnerabilities in JAWS

check this... ///////////////////////////////////////////////////// //// Vulnerable Program: JAWS //// //// Version : 0.3 ; it's BETA probably ; //// //// Url: http://www.jaws.com.mx //// //// The Bug: Multiples vulnerabilities //// //// Date: Today, July 5 off 2004 //// //// Author: Fernando...

0.4AI score
Exploits0
securityvulns
securityvulns
added 2011/09/09 12:0 a.m.1072 views

BvCom (dettaglio.php?idnews) Remote SQL injection Vulnerability

IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability BvCom dettaglio.php?idnews AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.bvcom.it/ Persian Gulf 4 Ever! Dork : "Powered by: bvcom.it" "inurl:dettaglio.php?idnews="...

4.1AI score
Exploits0
securityvulns
securityvulns
added 2015/08/17 12:0 a.m.1070 views

Apple Mac OS X / OS X Server multiple security vulnerabilities

Over 150 different vulnerabilities in system components and libraries...

9.3CVSS2.4AI score0.91284EPSS
Exploits65References2Affected Software2
securityvulns
securityvulns
added 2010/11/04 12:0 a.m.1070 views

BBcode XSS in MiniBB

Vulnerability ID: HTB22670 Reference: http://www.htbridge.ch/advisory/bbcodexssinminibb.html Product: MiniBB Vendor: MiniBB.com http://www.minibb.com/ Vulnerable Version: 2.5 Vendor Notification: 21 October 2010 Vulnerability Type: XSS Cross Site Scripting Status: Not Fixed, Vendor Alerted,...

0.6AI score
Exploits0
securityvulns
securityvulns
added 2007/05/08 12:0 a.m.1066 views

Advanced Guestbook version 2.4.2 Multiple Error Information Leak Vulnerabilities

netVigilance Security Advisory 11 Advanced Guestbook version 2.4.2 Multiple Error Information Leak Vulnerabilities Description: Advanced Guestbook is a PHP-based guestbook script. It includes many useful features such as preview, templates, e-mail notification, picture upload, page spanning , htm...

7.1CVSS6.4AI score0.01828EPSS
Exploits0
securityvulns
securityvulns
added 2014/07/28 12:0 a.m.1052 views

Videolan vlc multiple security vulnerabilities

Buffer overflows on different video formats parsing...

9.3CVSS4AI score0.10978EPSS
Exploits1References1Affected Software1
securityvulns
securityvulns
added 2004/08/19 12:0 a.m.1045 views

[UNIX] YaPiG add_comment.php PHP Code Injection

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion The SecuriTeam alerts list - Free, Accurate, Independent. Get your security news from a reliable source...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2015/04/19 12:0 a.m.1039 views

112 ipTIME Routers/WiFi APs/Modems/Firewalls models vulnerable with RCE with root privileges

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory Information Title: 112 ipTIME Routers/WiFi APs/Modems/Firewalls models vulnerable with RCE with root privileges Advisory URL: https://pierrekim.github.io/advisories/2015-iptime-0x00.txt.asc Date published: 2015-04-17 Vendors contacted:...

Exploits0
securityvulns
securityvulns
added 2014/10/05 12:0 a.m.1035 views

[security bulletin] HPSBHF03124 rev.1 - HP Thin Clients running Bash, Remote Execution of Code

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04471546 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04471546 Version: 1 HPSBHF03124 rev....

10CVSS10AI score0.99999EPSS
Exploits139
securityvulns
securityvulns
added 2000/05/16 12:0 a.m.1025 views

Vulnerability in EMURL-based e-mail providers

Affected Product: Emurl 2.0 For Windows NT 4.0 possibly others Product information: Emurl is web-based email host developped by SeattleLab. http://www1.seattlelab.com/emurl/ Impact: Users can access the mailbox's content of anybody on the system. They can also steal their POP passwords since Emur...

Exploits0
securityvulns
securityvulns
added 2015/10/25 12:0 a.m.1017 views

Apple Keynote, Pages, Numbers, iWork multiple security vulnerabilities

Restrictions bypass, memory corruptions...

6.8CVSS4AI score0.02918EPSS
Exploits0References1Affected Software4
securityvulns
securityvulns
added 2007/02/23 12:0 a.m.1004 views

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

10CVSS1.5AI score0.09234EPSS
Exploits9References9Affected Software10
securityvulns
securityvulns
added 2002/02/13 12:0 a.m.993 views

CERT Advisory CA-2002-03 Multiple Vulnerabilities in Many Implementations

-----BEGIN PGP SIGNED MESSAGE----- CERT Advisory CA-2002-03: Multiple Vulnerabilities in Many Implementations of the Simple Network Management Protocol SNMP Original release date: February 12, 2002 Last revised: -- Source: CERT/CC A complete revision history can be found at the end of this file...

10CVSS0.2AI score0.50845EPSS
Exploits0
securityvulns
securityvulns
added 2010/12/28 12:0 a.m.985 views

Pligg XSS and SQL Injection

Credit: Michael Brooks Bug Fix in 1.1.2: http://www.pligg.com/blog/1174/pligg-cms-1-1-2-release/ Special thanks to Eric Heikkinen for patching these quickly. Blind SQL Injection http://host/pligg1.1.2/search.php?adv=1&status= 'and+sleep9or+sleep9or+13D' &search=on&advancesearch= Search...

0.3AI score
Exploits0
securityvulns
securityvulns
added 2005/07/13 12:0 a.m.978 views

[Full-disclosure] ICMP Security Vulnerabilities - NEW (cough)

I know this is now even older news than it was when the recent flurry of discussion started last week, but I'm just getting around to sharing a bit of additional information on the subject. Regarding those three 3 "vulnerabilities" discussed by Fernando can't recall his last name, no offense mean...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2010/03/15 12:0 a.m.971 views

deV!L`z Clanportal 1.5.2 Remote File Include Vulnerability

========================================================== deV!Lz Clanportal 1.5.2 Remote File Include Vulnerability ========================================================== + deV!Lz Clanportal 1.5.2 Remote File Include Vulnerability...

Exploits0
securityvulns
securityvulns
added 2001/07/24 12:0 a.m.963 views

[SEC] Hole in PHPLib 7.2 prepend.php3

The PHPLib Team announces phplib-7.2d, availible now. This release fixes the recently discovered hole in prepend.php3 that can allow a remote attacker to inject non-local code into any phplib based script. Please note that this affects all applications that depend on PHPLib. Some apps have decide...

0.3AI score
Exploits0
securityvulns
securityvulns
added 2008/11/11 12:0 a.m.945 views

smcFanControl for Mac OS X buffer overflow

Stack buffer overflow on -k command line option parsing...

5.3AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2014/05/01 12:0 a.m.921 views

[security bulletin] HPSBMU02994 rev.3 - HP BladeSystem c-Class Onboard Administrator (OA) running OpenSSL, Remote Disclosure of Information

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04236062 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04236062 Version: 3 HPSBMU02994 rev....

5CVSS0.4AI score0.99999EPSS
Exploits87
securityvulns
securityvulns
added 2008/10/03 12:0 a.m.918 views

Multiple OpenSSH security vulnerabilities

Multiple different DoS conditions...

9.3CVSS1.8AI score0.44963EPSS
Exploits7References3Affected Software1
securityvulns
securityvulns
added 2013/10/27 12:0 a.m.915 views

Zikula CMS v1.3.5 - Multiple Web Vulnerabilities

Document Title: =============== Zikula CMS v1.3.5 - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1114 Release Date: ============= 2013-10-16 Vulnerability Laboratory ID VL-ID: ==================================== 1114 Comm...

Exploits0
securityvulns
securityvulns
added 2015/06/02 12:0 a.m.908 views

Skype DoS

Crash on parsing message with http://: URL from older application version...

0.7AI score
Exploits0Affected Software1
securityvulns
securityvulns
added 2005/08/06 12:0 a.m.905 views

[SA16337] Jax Guestbook Cross-Site Scripting and Information Disclosure

---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secuniavacancies/...

0.6AI score
Exploits0
Total number of security vulnerabilities5000