Lucene search
K
SecurityvulnsMost viewed

47153 matches found

securityvulns
securityvulns
added 2015/07/20 12:0 a.m.445 views

Apache security vulnerabilities

DoS, few potential vulnerabilities...

5CVSS2.9AI score0.73327EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2012/06/18 12:0 a.m.444 views

Vulnerabilities in JW Player and millions of web sites

Hello 3APA3A! I want to warn you about security vulnerabilities in JW Player. These are Content Spoofing and Cross-Site Scripting vulnerabilities. ------------------------- Affected products: ------------------------- Vulnerable are JW Player 5.9.2156 and 5.9.2206, except one vulnerability and...

6AI score
Exploits0
securityvulns
securityvulns
added 2008/08/01 12:0 a.m.444 views

Pligg <= 9.9.0 Multiple Vulnerabilities

GulfTech Security Research July 30, 2008 Vendor : Pligg LLC URL : http://www.pligg.com/ Version : Pligg = 9.9 Risk : Multiple Vulnerabilities Description: Pligg is a popular open source, full featured, content management system written in php. There are a number of vulnerabilities within Pligg th...

0.4AI score
Exploits0
securityvulns
securityvulns
added 2005/05/28 12:0 a.m.441 views

[Full-disclosure] ClamAV: Local Privilege Escalation Vulnerability On MacOS [SCN Advisory #04]

The full, up-to-date advisory will be maintained here: http://www.sentinelchicken.com/advisories/clamav/ For your convenience, a text version is included below. tim -- CLAMAV: LOCAL PRIVILEGE ESCALATION VULNERABILITY ON MACOS =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= TABLE OF...

0.3AI score
Exploits0
securityvulns
securityvulns
added 2014/04/20 12:0 a.m.440 views

[security bulletin] HPSBGN03010 rev.1 - HP Software Server Automation, "HeartBleed" OpenSSL Vulnerability, Remote Disclosure of Information

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04250814 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04250814 Version: 1 HPSBGN03010 rev....

5CVSS0.4AI score0.99999EPSS
Exploits87
securityvulns
securityvulns
added 2009/11/17 12:0 a.m.439 views

[DSECRG-09-062] Alteon OS BBI (Nortell) - Multiple Vulnerabilities

Digital Security Research Group DSecRG Advisory http://dsecrg.com/pages/vul/show.php?id=161 Various XSS and XSRF vulnerabilities were identified in the Alteon OS Browser-Based Interface BBI. Application: Alteon OS BBI Versions Affected: = 21.0.8.3 and may be higher =25.1.0.0 Vendor URL:...

6.7AI score
Exploits0
securityvulns
securityvulns
added 2008/11/10 12:0 a.m.439 views

hMAilServer 4.4.2 (PHPWebAdmin) local & remote file inclusion

hMAilServer 4.4.2 PHPWebAdmin local & remote file inclusion poc by Nine:Situations:Group::strawdog ------------------------------------------------------------------------ our site: http://retrogod.altervista.org software site: http://www.hmailserver.com/ description:...

Exploits0
securityvulns
securityvulns
added 2007/09/26 12:0 a.m.439 views

PHP disable_functions function aliases protection bypass

Function, disabled with disablefunctions, may be invoked by it's alias...

3AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2007/12/28 12:0 a.m.437 views

[Full-disclosure] OpenBiblio 0.5.2-pre4 and prior multiple vulnerabilities

Security Advisory - - OpenBiblio 0.5.2-pre4 and prior multiple vulnerabilities - ---------------------------------------------------- Product: OpenBiblio Version: Version 0.5.2 Prerelease 4 and prior is affected Url: http://obiblio.sourceforge.net/ Affected by: Full path disclosure, local file...

0.2AI score
Exploits0
securityvulns
securityvulns
added 2010/05/28 12:0 a.m.436 views

Web Online Games (game.php) Multiple Vulnerabilities

==================================================== Web Online Games game.php Multiple Vulnerabilities ==================================================== 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' /' / /' 0 0 /, // ,/ / 1 1 // /' / // /' / /' 0 0 / / / / ...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2015/11/02 12:0 a.m.435 views

[USN-2787-1] audiofile vulnerability

========================================================================== Ubuntu Security Notice USN-2787-1 October 28, 2015 audiofile vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

0.6AI score0.08802EPSS
Exploits0
securityvulns
securityvulns
added 2006/07/10 12:0 a.m.432 views

SipXtapi SIP library buffer overflow

Buffer overflow on CSeq field parsing...

4.5AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2006/04/09 12:0 a.m.432 views

Virtual War File İnclusion

Virtual War File nclusion --------------------------------- Site:http://www.vwar.de/ Demo:http://www.vwar.de/demo/ --------------------------------------- File nclusion // get functions $vwarroot = "./"; require $vwarroot . "includes/functionscommon.php"; require $vwarroot...

0.5AI score
Exploits0
securityvulns
securityvulns
added 2000/11/09 12:0 a.m.432 views

Security Bulletin (MS00-087)

Microsoft Security Bulletin MS00-087 - -------------------------------------- Patch Available for "Terminal Server Login Buffer Overflow" Vulnerability Originally posted: November 08, 2000 Summary ======= Microsoft has released a patch that eliminates a security vulnerability in Microsoftr Window...

8.1AI score
Exploits0
securityvulns
securityvulns
added 2015/05/11 12:0 a.m.430 views

CSRF/XSS In Manage Engine Asset Explorer

=============================================================================== CSRF/Stored XSS Vulnerability in Manage Engine Asset Explorer =============================================================================== . contents:: Table Of Content Overview ======== Title :CSRF/Stored XSS...

Exploits0
securityvulns
securityvulns
added 2011/08/27 12:0 a.m.429 views

Foresta Creativa (prodotti.php?idCategoria) Remote SQL injection Vulnerability

IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability Foresta Creativa prodotti.php?idCategoria AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.forestacreativa.com/ Persian Gulf 4 Ever! Dork : "Powered by Foresta Creativa"...

4AI score
Exploits0
securityvulns
securityvulns
added 2007/02/15 12:0 a.m.428 views

nabopoll 1.2 Remote Unprotected Admin Section Vulnerability

By Cr@zyKing [email protected] Thakns : ApAci & Erne & Uyussman & Eno7 & Thehacker & CrackersChild Script : nabopoll 1.1.2 Risk : Remote Add Admin Exploit |High Site : http://nabocorp.com/ Google Dork : inurl:"nabopoll/" Exploit : http://target.com/nabopoll/admin/configedit.php Mysql Config For...

0.7AI score
Exploits0
securityvulns
securityvulns
added 2005/07/06 12:0 a.m.428 views

[badroot security] probe.cgi: Remote Command Execution

BADROOT SECURITY GROUP Security Advisory 2005 - 0x06 http://www.badroot.org irc.us.azzurra.org badroot Authors ....... spher3 spher3 at fatalimpulse dot net Date .......... 04-07-2005 Product ....... probe.cgi Type .......... Remote Command Execution o Info: ================ That script is used t...

1.1AI score
Exploits0
securityvulns
securityvulns
added 2004/08/03 12:0 a.m.428 views

Netscape/Mozilla SOAP integer overflow

Integer overflow in SOAPParameter object constructor...

3.5AI score
Exploits0References1Affected Software2
securityvulns
securityvulns
added 2004/04/05 12:0 a.m.424 views

Remote Exploit for Aborior's Encore Web Forum

================================================================== Product : Abrior's Encore WebForum Versions : Unchecked maybe version I Bug : Remote Command Execution via Display.cgi Impact : Attackers can execute remote command Risk : Medium/High Date : April 3, 2004 Bug found by : k159 from...

0.2AI score
Exploits0
securityvulns
securityvulns
added 2000/05/29 12:0 a.m.423 views

LockDown 2000

Official LockDown Corp. Release Systems Affected: All Windows based machines running LockDown 2000. The Problem: LockDown 2000 main text display limited the amount of text that could be entered in the main display window. If an attacker made over 200 connections to a logged port, error messages o...

Exploits0
securityvulns
securityvulns
added 2013/09/09 12:0 a.m.422 views

Struts2 Prefixed Parameters OGNL Injection Vulnerability

CVE Number: CVE-2013-2251 Title: Struts2 Prefixed Parameters OGNL Injection Vulnerability Affected Software: Apache Struts v2.0.0 - 2.3.15 Credit: Takeshi Terada of Mitsui Bussan Secure Directions, Inc. Issue Status: v2.3.15.1 was released which fixes this vulnerability Issue ID by Vender: S2-016...

9.3CVSS0.6AI score0.99998EPSS
Exploits20
securityvulns
securityvulns
added 2012/09/03 12:0 a.m.422 views

Temenos T24 security vulnerabilities

Authentication bypass, crossite scripting...

2AI score
Exploits0References2
securityvulns
securityvulns
added 2006/10/09 12:0 a.m.421 views

[ECHO_ADV_51$2006] docmint <= 2.0 (MY_ENV[BASE_ENGINE_LOC]) Remote File Inclusion Vulnerability

ECHOADV51$2006 ----------------------------------------------------------------------------------------- ECHOADV51$2006 docmint = 2.0 MYENVBASEENGINELOC Remote File Inclusion Vulnerability ----------------------------------------------------------------------------------------- Author : M.Hasran...

7.8AI score
Exploits0
securityvulns
securityvulns
added 2008/06/26 12:0 a.m.419 views

IdeBox (include) Remote File Inclusion Vulnerability

IdeBox include Remote File Inclusion Vulnerability Found : Ghost Hacker Home page : www.Real-Hack.net Email : [email protected] Script : IdeBox Download Script : http://ideabox.phpoutsourcing.com/ideabox11.tgz =========================== Viva IslaM ========================== Error include.ph...

0.8AI score
Exploits0
securityvulns
securityvulns
added 2007/03/16 12:0 a.m.418 views

Absolute Image Gallery Gallery.ASP (categoryid) MSSQL Injection Exploit

Absolute Image Gallery Gallery.ASP categoryid MSSQL Injection Exploit Type : SQL Injection Release Date : 2007-03-15 Product / Vendor : Absolute Image Gallery http://www.xigla.com/absoluteig/ Bug : http://localhost/script/gallery.asp?action=viewimage&categoryid=-SQL Inj-...

7.7AI score
Exploits0
securityvulns
securityvulns
added 2005/05/10 12:0 a.m.417 views

[Full-disclosure] Easy Message Board Directory Traversal and Remote Command

============================================================ ============================================================ Title: Easy Message Board Directory Traversal and Remote Command Execution Vulnerability discovery: SoulBlack - Security Research - http://soulblack.com.ar Date: 08/05/2005...

1.8AI score
Exploits0
securityvulns
securityvulns
added 2015/03/22 12:0 a.m.415 views

Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities

Restrictions bypass, information spoofing, information leakage, buffer overflows, memory corruptions, DoS, code execution...

7.5CVSS3.6AI score0.06029EPSS
Exploits0Affected Software3
securityvulns
securityvulns
added 2006/04/28 12:0 a.m.414 views

[SA19843] Jax Guestbook "page" Cross-Site Scripting Vulnerability

TITLE: Jax Guestbook "page" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA19843 VERIFY ADVISORY: http://secunia.com/advisories/19843/ CRITICAL: Less critical IMPACT: Cross Site Scripting WHERE: From remote SOFTWARE: Jax Guestbook 3.x http://secunia.com/product/5494/ DESCRIPTION:...

0.4AI score
Exploits0
securityvulns
securityvulns
added 2005/04/07 12:0 a.m.413 views

[SA14701] XMB Script Insertion Vulnerabilities

---------------------------------------------------------------------- Want a new IT Security job? Vacant positions at Secunia: http://secunia.com/secuniavacancies/ ---------------------------------------------------------------------- TITLE: XMB Script Insertion Vulnerabilities SECUNIA ADVISORY...

0.6AI score
Exploits0
securityvulns
securityvulns
added 2013/03/03 12:0 a.m.412 views

[waraxe-2013-SA#097] - Multiple Vulnerabilities in PHP-Fusion 7.02.05

waraxe-2013-SA097 - Multiple Vulnerabilities in PHP-Fusion 7.02.05 =============================================================================== Author: Janek Vind "waraxe" Date: 27. February 2013 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-97.html Description of vulnerable...

7.5AI score
Exploits0
securityvulns
securityvulns
added 2007/04/05 12:0 a.m.412 views

CWB PRO Version 1.5(INCLUDE_PATH)Remote File Include Vulnerabilites

CWB PRO Version 1.5INCLUDEPATHRemote File Include Vulnerabilites D.Script: http://codewalkers.com/codefiles/373cwbs1.5demo.zip Discovered by: GloDM = Mahmoodali Homepage: http://www.Tryag.cc Exploit:Path/include/clsheadlineprod.php?INCLUDEPATH=Shell...

1.1AI score
Exploits0
securityvulns
securityvulns
added 2007/01/24 12:0 a.m.408 views

PHP Link Directory XSS Vulnerability version <= 3.0.6

Smilehouse Oy -= Security Advisory =- Advisory: PHP Link Directory XSS Vulnerability Release Date: 2007/01/21 Last Modified: 2007/01/21 Authors: Jussi Vuokko, CISSP [email protected] Henri Lindberg, Associate of ISCІ [email protected] Application: PHP Link Directory = 3.0.6...

Exploits0
securityvulns
securityvulns
added 2006/12/08 12:0 a.m.408 views

DUdirectory Admin Panel SQL Injection

DUdirectory Admin Panel SQL Injection Download: http://www.duware.com/zips/productsnew/DUdirectory31.zip Search:"DUdrirectory" DUdirectory/admin/default.asp User:'or' Pass:'or' Testing; http://www.euconvention.be/DUdirectory/admin/default.asp...

0.8AI score
Exploits0
securityvulns
securityvulns
added 2005/07/23 12:0 a.m.407 views

ICMP-based blind connection-reset attack

Folks, Here's the packet trace and the explanation of an ICMP-based blind connection-reset attack. In our sample scenario, a web-client 10.0.0.1, TCP port 3270 is downloading a file from a web-server 192.168.0.1, TCP port 80. If the TCP/IP implementations of both end-points are vulnerable,you can...

Exploits0
securityvulns
securityvulns
added 2011/08/17 12:0 a.m.406 views

lab382 (dettaglio.php?id) Remote SQL injection Vulnerability

IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability lab382 dettaglio.php?id AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.lab382.com/ Persian Gulf 4 Ever! Dork : "Web site by: lab382.com" "inurl:dettaglio.php?id="...

2.8AI score
Exploits0
securityvulns
securityvulns
added 2007/06/24 12:0 a.m.406 views

All Of the Mambo & Joomla Script Remote File Inclussion Bugs..

Hi every body... There are some Remote File Inclussion bugs on Mamabo & Joomla Script... You can search ; ex: inurl:Dork , dork, allinurl:dork on google or the other search sites.. Dork: comcomprofiler Expl: administrator/components/comcomprofiler/plugin.class.php?mosConfigabsolutepath=Shell Dork...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2012/02/15 12:0 a.m.405 views

Skype information leakage

Locally deleted messages are only marked as deleted without wipeing or squeezing the database...

2.3AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2012/02/22 12:0 a.m.403 views

Skype memory corruption

Memory corruption on file transfer...

1.8AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2008/11/24 12:0 a.m.403 views

OpenSSH cryptographic weakness

With low probability it's possible to recover few bits of plaintext...

2.3AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2006/09/21 12:0 a.m.403 views

AllMyGuests => ?_AMGconfig[cfg_serverpath] Remote File Inclusion Exploit

============================================================================ AllMyGuests = ?AMGconfigcfgserverpath Remote File Inclusion Exploit ============================================================================ Scirpt Infected signin.php Critical level : Dangerous...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2009/07/29 12:0 a.m.400 views

Microsoft Security Bulletin MS09-035 - Moderate Vulnerabilities in Visual Studio Active Template Library Could Allow Remote Code Execution (969706)

Microsoft Security Bulletin MS09-035 - Moderate Vulnerabilities in Visual Studio Active Template Library Could Allow Remote Code Execution 969706 Published: July 28, 2009 Version: 1.0 General Information Executive Summary This security update addresses several privately reported vulnerabilities i...

9.3CVSS1.4AI score0.43389EPSS
Exploits7
securityvulns
securityvulns
added 2004/12/30 12:0 a.m.399 views

[Full-Disclosure] QNX crrtrap arbitrary file read/write vulnerability [RLSA_06-2004]

rfdslabs security advisory Title: QNX crrtrap arbitrary file read/write vulnerability RLSA06-2004 Versions: QNX RTOS 2.4, 4.25, 6.1.0, 6.2.0 + Update Patch A Vendor: http://www.qnx.com Date: Dec 11 2004 Author: Julio Cesar Fort julio NOSPAM rfdslabs com br 1. Introduction crrtrap is a tool to...

7.2AI score
Exploits0
securityvulns
securityvulns
added 2001/01/26 12:0 a.m.398 views

Security Bulletin (MS01-003)

---------------------------------------------------------------------- Title: Patch Available for Winsock Mutex Vulnerability Date: 24 January 2001 Software: Microsoft Windows NT 4.0 and Windows NT 4.0 TSE Impact: Denial of Service Bulletin: MS01-003 Microsoft encourages customers to review the...

0.6AI score
Exploits0
securityvulns
securityvulns
added 2003/10/10 12:0 a.m.397 views

Planet WGSD-1020

Добрый день! Не знаю, может кто уже присылал... В свитчах Planet WGSD-1020 есть закладка. Пользователь superuser с паролем planet. В пользовательском интерфейсе он нигде не упоминается, но его видно в файле конфигурации кстати, несмотря на то, что файл конфигурации бинарный, имена и пароли там...

0.6AI score
Exploits0
securityvulns
securityvulns
added 2014/10/15 12:0 a.m.396 views

Aerohive Hive Manager and Hive OS Multiple Vulnerabilities

, , . '.' '. ', . , '. , .', , / / / ==/ / / / / / / | Y Y / /| / /||| / / /.-. / /:wq x.0 '=.|w|.=' =''"''=. presents.. Aerohive Hive Manager and Hive OS Multiple Vulnerabilities Affected Versions: Aerohive Hive Manager Stand-alone and Cloud = 6.1R3 and HiveOS 6.1R3 PDF:...

0.5AI score
Exploits0
securityvulns
securityvulns
added 2013/12/09 12:0 a.m.395 views

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

8.5CVSS1.6AI score0.23322EPSS
Exploits78References50Affected Software39
securityvulns
securityvulns
added 2008/06/14 12:0 a.m.395 views

ASPPortal Free Version (Topic_Id) Remote SQL Injection Vulnerability

Info: Bug found by Jose Luis Gуngora Fernбndez JosS sys-projectathotmail.com http://www.spanish-hackers.com Spanish Hackers Team - SHT EspSeC & Hack0wn!. Software: ASPPortal Free Version HomePage: http://www.aspportal.net/ Exploit: Remote SQL Injection Vulnerability High Dork: "Powered by...

0.6AI score
Exploits0
securityvulns
securityvulns
added 2012/11/06 12:0 a.m.394 views

AwAuctionScript (Aw Auction Script - Market Place for WebMasters) Multiple Vulnerabilities

========================================================================================== AwAuctionScript Aw Auction Script - Market Place for WebMasters Multiple Vulnerabilities ==========================================================================================...

8.4AI score
Exploits0
securityvulns
securityvulns
added 2001/03/07 12:0 a.m.393 views

Security Bulletin MS01-015

The following is a Security Bulletin from the Microsoft Product Security Notification Service. Please do not reply to this message, as it was sent from an unattended mailbox. -----BEGIN PGP SIGNED MESSAGE----- - ---------------------------------------------------------------------- Title: IE can...

6.2AI score
Exploits0
Total number of security vulnerabilities5000