Lucene search
K
SecurityvulnsMost viewed

47153 matches found

securityvulns
securityvulns
added 2015/07/20 12:0 a.m.445 views

Apache security vulnerabilities

DoS, few potential vulnerabilities...

5CVSS2.9AI score0.73327EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2012/06/18 12:0 a.m.443 views

Vulnerabilities in JW Player and millions of web sites

Hello 3APA3A! I want to warn you about security vulnerabilities in JW Player. These are Content Spoofing and Cross-Site Scripting vulnerabilities. ------------------------- Affected products: ------------------------- Vulnerable are JW Player 5.9.2156 and 5.9.2206, except one vulnerability and...

6AI score
Exploits0
securityvulns
securityvulns
added 2008/08/01 12:0 a.m.442 views

Pligg <= 9.9.0 Multiple Vulnerabilities

GulfTech Security Research July 30, 2008 Vendor : Pligg LLC URL : http://www.pligg.com/ Version : Pligg = 9.9 Risk : Multiple Vulnerabilities Description: Pligg is a popular open source, full featured, content management system written in php. There are a number of vulnerabilities within Pligg th...

0.4AI score
Exploits0
securityvulns
securityvulns
added 2014/04/20 12:0 a.m.440 views

[security bulletin] HPSBGN03010 rev.1 - HP Software Server Automation, "HeartBleed" OpenSSL Vulnerability, Remote Disclosure of Information

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04250814 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04250814 Version: 1 HPSBGN03010 rev....

5CVSS0.4AI score0.99999EPSS
Exploits87
securityvulns
securityvulns
added 2005/05/28 12:0 a.m.440 views

[Full-disclosure] ClamAV: Local Privilege Escalation Vulnerability On MacOS [SCN Advisory #04]

The full, up-to-date advisory will be maintained here: http://www.sentinelchicken.com/advisories/clamav/ For your convenience, a text version is included below. tim -- CLAMAV: LOCAL PRIVILEGE ESCALATION VULNERABILITY ON MACOS =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= TABLE OF...

0.3AI score
Exploits0
securityvulns
securityvulns
added 2009/11/17 12:0 a.m.438 views

[DSECRG-09-062] Alteon OS BBI (Nortell) - Multiple Vulnerabilities

Digital Security Research Group DSecRG Advisory http://dsecrg.com/pages/vul/show.php?id=161 Various XSS and XSRF vulnerabilities were identified in the Alteon OS Browser-Based Interface BBI. Application: Alteon OS BBI Versions Affected: = 21.0.8.3 and may be higher =25.1.0.0 Vendor URL:...

6.7AI score
Exploits0
securityvulns
securityvulns
added 2007/09/26 12:0 a.m.438 views

PHP disable_functions function aliases protection bypass

Function, disabled with disablefunctions, may be invoked by it's alias...

3AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2008/11/10 12:0 a.m.437 views

hMAilServer 4.4.2 (PHPWebAdmin) local & remote file inclusion

hMAilServer 4.4.2 PHPWebAdmin local & remote file inclusion poc by Nine:Situations:Group::strawdog ------------------------------------------------------------------------ our site: http://retrogod.altervista.org software site: http://www.hmailserver.com/ description:...

Exploits0
securityvulns
securityvulns
added 2007/12/28 12:0 a.m.437 views

[Full-disclosure] OpenBiblio 0.5.2-pre4 and prior multiple vulnerabilities

Security Advisory - - OpenBiblio 0.5.2-pre4 and prior multiple vulnerabilities - ---------------------------------------------------- Product: OpenBiblio Version: Version 0.5.2 Prerelease 4 and prior is affected Url: http://obiblio.sourceforge.net/ Affected by: Full path disclosure, local file...

0.2AI score
Exploits0
securityvulns
securityvulns
added 2010/05/28 12:0 a.m.436 views

Web Online Games (game.php) Multiple Vulnerabilities

==================================================== Web Online Games game.php Multiple Vulnerabilities ==================================================== 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' /' / /' 0 0 /, // ,/ / 1 1 // /' / // /' / /' 0 0 / / / / ...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2015/11/02 12:0 a.m.433 views

[USN-2787-1] audiofile vulnerability

========================================================================== Ubuntu Security Notice USN-2787-1 October 28, 2015 audiofile vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

0.6AI score0.08802EPSS
Exploits0
securityvulns
securityvulns
added 2006/07/10 12:0 a.m.432 views

SipXtapi SIP library buffer overflow

Buffer overflow on CSeq field parsing...

4.5AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2000/11/09 12:0 a.m.432 views

Security Bulletin (MS00-087)

Microsoft Security Bulletin MS00-087 - -------------------------------------- Patch Available for "Terminal Server Login Buffer Overflow" Vulnerability Originally posted: November 08, 2000 Summary ======= Microsoft has released a patch that eliminates a security vulnerability in Microsoftr Window...

8.1AI score
Exploits0
securityvulns
securityvulns
added 2006/04/09 12:0 a.m.431 views

Virtual War File İnclusion

Virtual War File nclusion --------------------------------- Site:http://www.vwar.de/ Demo:http://www.vwar.de/demo/ --------------------------------------- File nclusion // get functions $vwarroot = "./"; require $vwarroot . "includes/functionscommon.php"; require $vwarroot...

0.5AI score
Exploits0
securityvulns
securityvulns
added 2015/05/11 12:0 a.m.428 views

CSRF/XSS In Manage Engine Asset Explorer

=============================================================================== CSRF/Stored XSS Vulnerability in Manage Engine Asset Explorer =============================================================================== . contents:: Table Of Content Overview ======== Title :CSRF/Stored XSS...

Exploits0
securityvulns
securityvulns
added 2011/08/27 12:0 a.m.428 views

Foresta Creativa (prodotti.php?idCategoria) Remote SQL injection Vulnerability

IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability Foresta Creativa prodotti.php?idCategoria AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.forestacreativa.com/ Persian Gulf 4 Ever! Dork : "Powered by Foresta Creativa"...

4AI score
Exploits0
securityvulns
securityvulns
added 2005/07/06 12:0 a.m.428 views

[badroot security] probe.cgi: Remote Command Execution

BADROOT SECURITY GROUP Security Advisory 2005 - 0x06 http://www.badroot.org irc.us.azzurra.org badroot Authors ....... spher3 spher3 at fatalimpulse dot net Date .......... 04-07-2005 Product ....... probe.cgi Type .......... Remote Command Execution o Info: ================ That script is used t...

1.1AI score
Exploits0
securityvulns
securityvulns
added 2007/02/15 12:0 a.m.425 views

nabopoll 1.2 Remote Unprotected Admin Section Vulnerability

By Cr@zyKing [email protected] Thakns : ApAci & Erne & Uyussman & Eno7 & Thehacker & CrackersChild Script : nabopoll 1.1.2 Risk : Remote Add Admin Exploit |High Site : http://nabocorp.com/ Google Dork : inurl:"nabopoll/" Exploit : http://target.com/nabopoll/admin/configedit.php Mysql Config For...

0.7AI score
Exploits0
securityvulns
securityvulns
added 2004/08/03 12:0 a.m.425 views

Netscape/Mozilla SOAP integer overflow

Integer overflow in SOAPParameter object constructor...

3.5AI score
Exploits0References1Affected Software2
securityvulns
securityvulns
added 2012/09/03 12:0 a.m.422 views

Temenos T24 security vulnerabilities

Authentication bypass, crossite scripting...

2AI score
Exploits0References2
securityvulns
securityvulns
added 2004/04/05 12:0 a.m.422 views

Remote Exploit for Aborior's Encore Web Forum

================================================================== Product : Abrior's Encore WebForum Versions : Unchecked maybe version I Bug : Remote Command Execution via Display.cgi Impact : Attackers can execute remote command Risk : Medium/High Date : April 3, 2004 Bug found by : k159 from...

0.2AI score
Exploits0
securityvulns
securityvulns
added 2000/05/29 12:0 a.m.422 views

LockDown 2000

Official LockDown Corp. Release Systems Affected: All Windows based machines running LockDown 2000. The Problem: LockDown 2000 main text display limited the amount of text that could be entered in the main display window. If an attacker made over 200 connections to a logged port, error messages o...

Exploits0
securityvulns
securityvulns
added 2013/09/09 12:0 a.m.421 views

Struts2 Prefixed Parameters OGNL Injection Vulnerability

CVE Number: CVE-2013-2251 Title: Struts2 Prefixed Parameters OGNL Injection Vulnerability Affected Software: Apache Struts v2.0.0 - 2.3.15 Credit: Takeshi Terada of Mitsui Bussan Secure Directions, Inc. Issue Status: v2.3.15.1 was released which fixes this vulnerability Issue ID by Vender: S2-016...

9.3CVSS0.6AI score0.99998EPSS
Exploits20
securityvulns
securityvulns
added 2006/10/09 12:0 a.m.420 views

[ECHO_ADV_51$2006] docmint <= 2.0 (MY_ENV[BASE_ENGINE_LOC]) Remote File Inclusion Vulnerability

ECHOADV51$2006 ----------------------------------------------------------------------------------------- ECHOADV51$2006 docmint = 2.0 MYENVBASEENGINELOC Remote File Inclusion Vulnerability ----------------------------------------------------------------------------------------- Author : M.Hasran...

7.8AI score
Exploits0
securityvulns
securityvulns
added 2005/05/10 12:0 a.m.417 views

[Full-disclosure] Easy Message Board Directory Traversal and Remote Command

============================================================ ============================================================ Title: Easy Message Board Directory Traversal and Remote Command Execution Vulnerability discovery: SoulBlack - Security Research - http://soulblack.com.ar Date: 08/05/2005...

1.8AI score
Exploits0
securityvulns
securityvulns
added 2008/06/26 12:0 a.m.416 views

IdeBox (include) Remote File Inclusion Vulnerability

IdeBox include Remote File Inclusion Vulnerability Found : Ghost Hacker Home page : www.Real-Hack.net Email : [email protected] Script : IdeBox Download Script : http://ideabox.phpoutsourcing.com/ideabox11.tgz =========================== Viva IslaM ========================== Error include.ph...

0.8AI score
Exploits0
securityvulns
securityvulns
added 2007/03/16 12:0 a.m.415 views

Absolute Image Gallery Gallery.ASP (categoryid) MSSQL Injection Exploit

Absolute Image Gallery Gallery.ASP categoryid MSSQL Injection Exploit Type : SQL Injection Release Date : 2007-03-15 Product / Vendor : Absolute Image Gallery http://www.xigla.com/absoluteig/ Bug : http://localhost/script/gallery.asp?action=viewimage&categoryid=-SQL Inj-...

7.7AI score
Exploits0
securityvulns
securityvulns
added 2015/03/22 12:0 a.m.413 views

Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities

Restrictions bypass, information spoofing, information leakage, buffer overflows, memory corruptions, DoS, code execution...

7.5CVSS3.6AI score0.06029EPSS
Exploits0Affected Software3
securityvulns
securityvulns
added 2006/04/28 12:0 a.m.413 views

[SA19843] Jax Guestbook "page" Cross-Site Scripting Vulnerability

TITLE: Jax Guestbook "page" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA19843 VERIFY ADVISORY: http://secunia.com/advisories/19843/ CRITICAL: Less critical IMPACT: Cross Site Scripting WHERE: From remote SOFTWARE: Jax Guestbook 3.x http://secunia.com/product/5494/ DESCRIPTION:...

0.4AI score
Exploits0
securityvulns
securityvulns
added 2013/03/03 12:0 a.m.412 views

[waraxe-2013-SA#097] - Multiple Vulnerabilities in PHP-Fusion 7.02.05

waraxe-2013-SA097 - Multiple Vulnerabilities in PHP-Fusion 7.02.05 =============================================================================== Author: Janek Vind "waraxe" Date: 27. February 2013 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-97.html Description of vulnerable...

7.5AI score
Exploits0
securityvulns
securityvulns
added 2005/04/07 12:0 a.m.412 views

[SA14701] XMB Script Insertion Vulnerabilities

---------------------------------------------------------------------- Want a new IT Security job? Vacant positions at Secunia: http://secunia.com/secuniavacancies/ ---------------------------------------------------------------------- TITLE: XMB Script Insertion Vulnerabilities SECUNIA ADVISORY...

0.6AI score
Exploits0
securityvulns
securityvulns
added 2007/04/05 12:0 a.m.411 views

CWB PRO Version 1.5(INCLUDE_PATH)Remote File Include Vulnerabilites

CWB PRO Version 1.5INCLUDEPATHRemote File Include Vulnerabilites D.Script: http://codewalkers.com/codefiles/373cwbs1.5demo.zip Discovered by: GloDM = Mahmoodali Homepage: http://www.Tryag.cc Exploit:Path/include/clsheadlineprod.php?INCLUDEPATH=Shell...

1.1AI score
Exploits0
securityvulns
securityvulns
added 2006/12/08 12:0 a.m.408 views

DUdirectory Admin Panel SQL Injection

DUdirectory Admin Panel SQL Injection Download: http://www.duware.com/zips/productsnew/DUdirectory31.zip Search:"DUdrirectory" DUdirectory/admin/default.asp User:'or' Pass:'or' Testing; http://www.euconvention.be/DUdirectory/admin/default.asp...

0.8AI score
Exploits0
securityvulns
securityvulns
added 2005/07/23 12:0 a.m.407 views

ICMP-based blind connection-reset attack

Folks, Here's the packet trace and the explanation of an ICMP-based blind connection-reset attack. In our sample scenario, a web-client 10.0.0.1, TCP port 3270 is downloading a file from a web-server 192.168.0.1, TCP port 80. If the TCP/IP implementations of both end-points are vulnerable,you can...

Exploits0
securityvulns
securityvulns
added 2011/08/17 12:0 a.m.406 views

lab382 (dettaglio.php?id) Remote SQL injection Vulnerability

IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability lab382 dettaglio.php?id AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.lab382.com/ Persian Gulf 4 Ever! Dork : "Web site by: lab382.com" "inurl:dettaglio.php?id="...

2.8AI score
Exploits0
securityvulns
securityvulns
added 2007/01/24 12:0 a.m.406 views

PHP Link Directory XSS Vulnerability version <= 3.0.6

Smilehouse Oy -= Security Advisory =- Advisory: PHP Link Directory XSS Vulnerability Release Date: 2007/01/21 Last Modified: 2007/01/21 Authors: Jussi Vuokko, CISSP [email protected] Henri Lindberg, Associate of ISCІ [email protected] Application: PHP Link Directory = 3.0.6...

Exploits0
securityvulns
securityvulns
added 2012/02/15 12:0 a.m.405 views

Skype information leakage

Locally deleted messages are only marked as deleted without wipeing or squeezing the database...

2.3AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2007/06/24 12:0 a.m.404 views

All Of the Mambo & Joomla Script Remote File Inclussion Bugs..

Hi every body... There are some Remote File Inclussion bugs on Mamabo & Joomla Script... You can search ; ex: inurl:Dork , dork, allinurl:dork on google or the other search sites.. Dork: comcomprofiler Expl: administrator/components/comcomprofiler/plugin.class.php?mosConfigabsolutepath=Shell Dork...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2012/02/22 12:0 a.m.403 views

Skype memory corruption

Memory corruption on file transfer...

1.8AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2008/11/24 12:0 a.m.403 views

OpenSSH cryptographic weakness

With low probability it's possible to recover few bits of plaintext...

2.3AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2006/09/21 12:0 a.m.402 views

AllMyGuests => ?_AMGconfig[cfg_serverpath] Remote File Inclusion Exploit

============================================================================ AllMyGuests = ?AMGconfigcfgserverpath Remote File Inclusion Exploit ============================================================================ Scirpt Infected signin.php Critical level : Dangerous...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2004/12/30 12:0 a.m.399 views

[Full-Disclosure] QNX crrtrap arbitrary file read/write vulnerability [RLSA_06-2004]

rfdslabs security advisory Title: QNX crrtrap arbitrary file read/write vulnerability RLSA06-2004 Versions: QNX RTOS 2.4, 4.25, 6.1.0, 6.2.0 + Update Patch A Vendor: http://www.qnx.com Date: Dec 11 2004 Author: Julio Cesar Fort julio NOSPAM rfdslabs com br 1. Introduction crrtrap is a tool to...

7.2AI score
Exploits0
securityvulns
securityvulns
added 2001/01/26 12:0 a.m.397 views

Security Bulletin (MS01-003)

---------------------------------------------------------------------- Title: Patch Available for Winsock Mutex Vulnerability Date: 24 January 2001 Software: Microsoft Windows NT 4.0 and Windows NT 4.0 TSE Impact: Denial of Service Bulletin: MS01-003 Microsoft encourages customers to review the...

0.6AI score
Exploits0
securityvulns
securityvulns
added 2014/10/15 12:0 a.m.395 views

Aerohive Hive Manager and Hive OS Multiple Vulnerabilities

, , . '.' '. ', . , '. , .', , / / / ==/ / / / / / / | Y Y / /| / /||| / / /.-. / /:wq x.0 '=.|w|.=' =''"''=. presents.. Aerohive Hive Manager and Hive OS Multiple Vulnerabilities Affected Versions: Aerohive Hive Manager Stand-alone and Cloud = 6.1R3 and HiveOS 6.1R3 PDF:...

0.5AI score
Exploits0
securityvulns
securityvulns
added 2009/07/29 12:0 a.m.395 views

Microsoft Security Bulletin MS09-035 - Moderate Vulnerabilities in Visual Studio Active Template Library Could Allow Remote Code Execution (969706)

Microsoft Security Bulletin MS09-035 - Moderate Vulnerabilities in Visual Studio Active Template Library Could Allow Remote Code Execution 969706 Published: July 28, 2009 Version: 1.0 General Information Executive Summary This security update addresses several privately reported vulnerabilities i...

9.3CVSS1.4AI score0.43389EPSS
Exploits7
securityvulns
securityvulns
added 2003/10/10 12:0 a.m.395 views

Planet WGSD-1020

Добрый день! Не знаю, может кто уже присылал... В свитчах Planet WGSD-1020 есть закладка. Пользователь superuser с паролем planet. В пользовательском интерфейсе он нигде не упоминается, но его видно в файле конфигурации кстати, несмотря на то, что файл конфигурации бинарный, имена и пароли там...

0.6AI score
Exploits0
securityvulns
securityvulns
added 2012/11/06 12:0 a.m.393 views

AwAuctionScript (Aw Auction Script - Market Place for WebMasters) Multiple Vulnerabilities

========================================================================================== AwAuctionScript Aw Auction Script - Market Place for WebMasters Multiple Vulnerabilities ==========================================================================================...

8.4AI score
Exploits0
securityvulns
securityvulns
added 2008/06/14 12:0 a.m.393 views

ASPPortal Free Version (Topic_Id) Remote SQL Injection Vulnerability

Info: Bug found by Jose Luis Gуngora Fernбndez JosS sys-projectathotmail.com http://www.spanish-hackers.com Spanish Hackers Team - SHT EspSeC & Hack0wn!. Software: ASPPortal Free Version HomePage: http://www.aspportal.net/ Exploit: Remote SQL Injection Vulnerability High Dork: "Powered by...

0.6AI score
Exploits0
securityvulns
securityvulns
added 2014/07/28 12:0 a.m.392 views

Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities

Multiple memory corruptions and buffer overflows...

10CVSS3.1AI score0.05811EPSS
Exploits0Affected Software3
securityvulns
securityvulns
added 2001/03/07 12:0 a.m.391 views

Security Bulletin MS01-015

The following is a Security Bulletin from the Microsoft Product Security Notification Service. Please do not reply to this message, as it was sent from an unattended mailbox. -----BEGIN PGP SIGNED MESSAGE----- - ---------------------------------------------------------------------- Title: IE can...

6.2AI score
Exploits0
Total number of security vulnerabilities5000