Lucene search
K
SecurityvulnsMost viewed

47153 matches found

securityvulns
securityvulns
added 2008/06/16 12:0 a.m.90 views

[ECHO_ADV_98$2008] Pre Ads Portal <= 2.0 Sql Injection Vulnerability

ECHOADV98$2008 ----------------------------------------------------------------------------------------- ECHOADV98$2008 Pre Ads Portal = 2.0 Sql Injection Vulnerability ----------------------------------------------------------------------------------------- Author : M.Hasran Addahroni Date : Jun...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2008/05/14 12:0 a.m.90 views

[USN-612-1] OpenSSL vulnerability

=========================================================== Ubuntu Security Notice USN-612-1 May 13, 2008 openssl vulnerability CVE-2008-0166 =========================================================== A weakness has been discovered in the random number generator used by OpenSSL on Debian and...

7.8CVSS0.70721EPSS
Exploits7
securityvulns
securityvulns
added 2008/05/02 12:0 a.m.90 views

[SECURITY] [DSA 1565-1] New Linux 2.6.18 packages fix several vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ---------------------------------------------------------------------- Debian Security Advisory DSA-1565-1 [email protected] http://www.debian.org/security/ dann frazier May 1, 2008 http://www.debian.org/security/faq -...

7.8CVSS0.1AI score0.02589EPSS
Exploits4
securityvulns
securityvulns
added 2008/04/10 12:0 a.m.90 views

ZDI-08-021: Adobe Flash Player DeclareFunction2 Invalid Object Use Vulnerability

ZDI-08-021: Adobe Flash Player DeclareFunction2 Invalid Object Use Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-08-021 April 8, 2008 -- CVE ID: CVE-2007-6019 -- Affected Vendors: Adobe -- Affected Products: Adobe Flash Player -- Vulnerability Details: This vulnerability allows...

9.3CVSS0.7AI score0.5977EPSS
Exploits3
securityvulns
securityvulns
added 2008/02/20 12:0 a.m.90 views

[email protected], [email protected], [email protected]

Digital Security Research Group DSecRG Advisory DSECRG-08-016 Application: Jinzora Media Jukebox Versions Affected: 2.7.5 Vendor URL: http://www.jinzora.com/ Bugs: Multiple XSS Injections Exploits: YES Reported: 04.02.2008 Second report: 12.02.2008 Vendor response: NONE Date of Public Advisory:...

6.2AI score
Exploits0
securityvulns
securityvulns
added 2008/01/12 12:0 a.m.90 views

SecurityReason - Apache2 CSRF, XSS, Memory Corruption and Denial of Service Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Apache2 CSRF, XSS, Memory Corruption and Denial of Service Vulnerability Author: sp3x Date: - - Written: 06.12.2007 - - Public: 09.01.2008 SecurityReason Research SecurityAlert Id: 48 CVE: CVE-2007-6420 CVE-2007-6421 CVE-2007-6422 CVE-2007-6423...

7.8CVSS0.8AI score0.09951EPSS
Exploits1
securityvulns
securityvulns
added 2007/12/13 12:0 a.m.90 views

QK SMTP Server DoS

No description provided...

1AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2007/09/26 12:0 a.m.90 views

PostgreSQL dblink library multiple security vulnerabilities

Privilege escalation...

10CVSS2.8AI score0.2613EPSS
Exploits3References1Affected Software1
securityvulns
securityvulns
added 2007/09/17 12:0 a.m.90 views

Boa (with Intersil Extensions) - HTTP Basic Authentication Bypass

Secure Network - Security Research Advisory Vuln name: HTTP Basic Authentication Bypass Systems affected: Boa/0.93.15 with Intersil Extensions based systems i.e. FreeLan 802.11g Wireless Access Point RO80211G-AP Severity: High Local/Remote: Remote Vendor URL: http://www.boa.org -...

5CVSS0.4AI score0.08358EPSS
Exploits2
securityvulns
securityvulns
added 2007/08/17 12:0 a.m.90 views

[SECURITY] [DSA 1356-1] New Linux 2.6.18 packages fix several vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 1356-1 [email protected] http://www.debian.org/security/ Dann Frazier August 15th, 2007 http://www.debian.org/security/faq -...

7.8CVSS0.5AI score0.03872EPSS
Exploits0
securityvulns
securityvulns
added 2007/08/16 12:0 a.m.90 views

Cross Site Request Forgery in 2wire routers

Cross Site Request Forgery in 2wire routers Vulnerable Routers: 1701HG, 2071 Gateway Software: v3.17.5, 5.29.51 Password Not Set default Greetz a la Comunidad Underground de Mйxico, y a los que me ayudaron a probarlo: Preth00nker, nitr0us, ... [email protected] I. Background ------------- This is the...

0.4AI score
Exploits0
securityvulns
securityvulns
added 2007/07/27 12:0 a.m.90 views

Multiple Encase vulnerabilities

Memory corruptions on processing of corrupted files and filesystems...

2AI score
Exploits0References2Affected Software1
securityvulns
securityvulns
added 2007/06/18 12:0 a.m.90 views

[security bulletin] HPSBMA02224 SSRT071334 rev.1 - HP System Management Homepage (SMH) for Linux, Remote Privileged Access

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c01072894 Version: 1 HPSBMA02224 SSRT071334 rev.1 - HP System Management Homepage SMH for Linux, Remote Privileged Access NOTICE: The information in this Security Bulletin should be acted upon as...

0.2AI score
Exploits0
securityvulns
securityvulns
added 2007/04/11 12:0 a.m.90 views

Pathos CMS 0.92-2 (warn.php file) Remote File Inclusion Vulnerability

Pathos Content Management System Found by kezzap66345 Script download:: http://sourceforge.net/projects/pathos/ Direct link : http://sourceforge.net/project/showfiles.php?groupid=103303&packageid=110862&releaseid=243512 ERROR1: File:warn.php includeonce$GET'file' . ".html"; rfi coded RFI1:...

Exploits0
securityvulns
securityvulns
added 2007/02/22 12:0 a.m.90 views

Plantilla PHP Simple

Plantilla PHP Simple local file include vulnerability: /zadminxx/listmainpages.php?nfolder=/etc/ file upoad vulnerability: upload any-script with a double extension .. laurent gaffie...

1.9AI score
Exploits0
securityvulns
securityvulns
added 2007/02/20 12:0 a.m.90 views

MyCalendar multiple XSS

MyCalendar multiple XSS By : sn0oPy Risk : medium site : http://abledesign.com/programs/MyCalendar/ exploit : XSS on the search menu : http://www.target.ma/calendar/index.php?go=search XSS on the url : http://www.target.ma/calendar/index.php?go="scriptalertdocument.cookie/script XSS on the userna...

Exploits0
securityvulns
securityvulns
added 2007/02/05 12:0 a.m.90 views

MysearchEngine XSS

MysearchEngine XSS By : sn0oPy Risk : low site : http://homeproduction.free.fr/ exploit : scriptalert'test'/script Dork : inurl:"MysearchEngine" contact : [email protected] greetz : subzero, http://forums.avenir-geopolitique.net. reference :...

7AI score
Exploits0
securityvulns
securityvulns
added 2007/01/25 12:0 a.m.90 views

[SA23908] Drupal Project Module Script Insertion Vulnerability

TITLE: Drupal Project Module Script Insertion Vulnerability SECUNIA ADVISORY ID: SA23908 VERIFY ADVISORY: http://secunia.com/advisories/23908/ CRITICAL: Less critical IMPACT: Cross Site Scripting WHERE: From remote SOFTWARE: Drupal Project Module 4.x http://secunia.com/product/12912/ DESCRIPTION:...

1.5AI score
Exploits0
securityvulns
securityvulns
added 2007/01/10 12:0 a.m.90 views

iDefense Security Advisory 01.09.07: Adobe Macromedia ColdFusion Source Code Disclosure Vulnerability

Adobe Macromedia ColdFusion Source Code Disclosure Vulnerability iDefense Security Advisory 01.09.07 http://labs.idefense.com/intelligence/vulnerabilities/ Jan 09, 2007 I. BACKGROUND Adobe Macromedia ColdFusion is an application server and development framework for websites. More information is...

5CVSS0.2AI score0.12908EPSS
Exploits0
securityvulns
securityvulns
added 2007/01/05 12:0 a.m.90 views

Wordpress <= 2.x dictionnary & Bruteforce attack

Source code !usr/bin/python Flaw found on Wordpress that allow Dictionnary & Bruteforce attack Greetz goes to : NeoMorphS, Tiky Vendor : http://wordpress.org/ Found by : Kad [email protected] / [email protected] import urllib , urllib2, sys, string tab = "sss" string.asciiletters,...

Exploits0
securityvulns
securityvulns
added 2006/11/28 12:0 a.m.90 views

CVE-2006-5815: remote code execution in ProFTPD

======= Summary ======= On 6 November 2006, Evgeny Legerov [email protected] posted to BUGTRAQ1, announcing his commercial VulnDisco Pack for Metasploit 2.72. One of the included exploits, vdproftpd.pm, takes advantage of an off-by-one string manipulation flaw in ProFTPD's sreplace function to allow...

10CVSS9.6AI score0.74254EPSS
Exploits4
securityvulns
securityvulns
added 2006/11/22 12:0 a.m.90 views

enomphp => 4.0 Remote Traversal Directory

""""""""""""""""""""""""""""""""""""""""""""""" """ :: :: ::::: :::: """ """ :: :: :: : :: """ """ :::: :: :: ::::: ::::: :::: """ """ :: :: ::: ::: :: :: :: :: :: """ """ :: :: :: : : ::::: :: :: :::: """ """ """ """"""""""""""""""""""""""""""""""""""""""""""" Xmor$ DigitaL Hacking TeaM enomphp ...

1.7AI score
Exploits0
securityvulns
securityvulns
added 2006/11/22 12:0 a.m.90 views

Pearl Forums 2.4 Multiple Remote File Include Vulnerabilities

| | / | / | | | | | / | / / | | | | '| | |/| |/ / / / / | | '| | | / | | || | | | | | | | | / | | | | || |/|| || ||,// / ||| ,|/ ///////////////////////////////////////////////////////////////////////////////////////////////////////////// //Script:Pearl Forums //Author: Dr Max Virus...

0.3AI score
Exploits0
securityvulns
securityvulns
added 2006/11/14 12:0 a.m.90 views

UPublisher 1.0 (viewarticle.asp) Remote SQL Injection Vulnerability

Title : UPublisher 1.0 viewarticle.asp Remote SQL Injection Vulnerability Author : ajann Dork : UPublisher http://target/path//viewarticle.asp?ID=SQL Example: //viewarticle.asp?ID=-120union20select200,password,username,0,0,0,020from20tblusers OR ---...

0.8AI score
Exploits0
securityvulns
securityvulns
added 2006/08/09 12:0 a.m.90 views

[SA21432] Comet WebFileManager "Language" File Inclusion Vulnerability

---------------------------------------------------------------------- Hardcore Disassembler / Reverse Engineer Wanted! Want to work with IDA and BinDiff? Want to write PoC's and Exploits? Your nationality is not important. We will get you a work permit, find an apartment, and offer a relocation...

0.4AI score
Exploits0
securityvulns
securityvulns
added 2006/07/24 12:0 a.m.90 views

VBZooM <=V1.11 " reply.php" SQL Injection

=========================================== Discovered By: C.B.B.L CrAzY CrAcKeR ,Breeeeh ,BoNy-m ,LiNuXrOOt =========================================== Search:- POWERED BY: VBZooM V1.11 Example:- /reply.php?UserID=SQL njection...

2.5AI score
Exploits0
securityvulns
securityvulns
added 2006/07/11 12:0 a.m.90 views

Microsoft Security Bulletin MS06-035 Vulnerability in Server Service Could Allow Remote Code Execution (917159)

Microsoft Security Bulletin MS06-035 Vulnerability in Server Service Could Allow Remote Code Execution 917159 Published: July 11, 2006 Version: 1.0 Summary Who Should Read this Document: Customers who use Microsoft Windows Impact of Vulnerability: Remote Code Execution Maximum Severity Rating:...

7.5CVSS0.3AI score0.64231EPSS
Exploits0
securityvulns
securityvulns
added 2006/06/03 12:0 a.m.90 views

VMSA-2006-0002 - VMware Server sensitive information lifetime issue

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------- VMware Security Advisory Advisory ID: VMSA-2006-0002 Synopsis: VMware Server sensitive information lifetime issue Advisory URL:...

4.6CVSS0.1AI score0.00338EPSS
Exploits0
securityvulns
securityvulns
added 2006/06/02 12:0 a.m.90 views

ishopcart cgi 0day and multiple vulnerabilities

Vendor: ishopcart inc Vendor Site: ishopcart.com Vendor Status: notified via telephone While spending a night auditing I have found 2 buffer overflows and 1 directory traversal in the ishopcart cgi, which is written in C. The directory traversal is caused by how the cgi chooses to show pages. If,...

1.5AI score
Exploits0
securityvulns
securityvulns
added 2006/05/20 12:0 a.m.90 views

Newswriter v1.0 Remote XSS Exploit

------------------------------------------------------------------ - Newswriter v1.0 Remote XSS Exploit - -= http://colander.altervista.org/advisory/Newswriter.txt =- ------------------------------------------------------------------ -= Newswriter v1.0 =- Omnipresent May 20, 2006 Vunerabilitys:...

Exploits0
securityvulns
securityvulns
added 2006/05/03 12:0 a.m.90 views

Invision Gallery 2.0.6 ( SQL Injection )

left Invision Gallery 2.0.6 SQL Injection File :- modules/gallery/post.php Line :- 943 Bug By :- Devil-00 Welcome Back Security4arab Arabian Security WebSites www.s4a.cc www.securitygurus.net php $this-ipsclass-DB-simpleconstruct array 'select' = 'COUNT AS total', 'from' = 'galleryimages', 'where...

0.5AI score
Exploits0
securityvulns
securityvulns
added 2006/03/25 12:0 a.m.90 views

[security bulletin] HPSBUX02105 SSRT061134 rev.1 - HP-UX Running swagentd Remote Denial of Service (DoS)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c00622788 Version: 1 HPSBUX02105 SSRT061134 rev.1 - HP-UX Running swagentd Remote Denial of Service DoS NOTICE: The information in this Security Bulletin should be acted upon as soon as possible...

0.4AI score
Exploits0
securityvulns
securityvulns
added 2006/03/10 12:0 a.m.90 views

[Full-disclosure] Advisory: Jiros Banner Experience Pro Remote Privilege Escalation.

--Security Report-- Advisory: Jiros Banner Experience Pro Remote Privilege Escalation. --- Author: Mustafa Can Bjorn "nukedx a.k.a nuker" IPEKCI --- Date: 07/03/06 04:52 AM --- Contacts: ICQ: 10072 MSN/Email: [email protected] Web: http://www.nukedx.com --- Vendor: Jiros http://www.jiros.net...

1.5AI score
Exploits0
securityvulns
securityvulns
added 2006/02/08 12:0 a.m.90 views

[Full-disclosure] iDefense Security Advisory 02.07.06: QNX Neutrino RTOS fontsleuth Command Format String Vulnerability

QNX Neutrino RTOS fontsleuth Command Format String Vulnerability iDefense Security Advisory 02.07.06 http://www.idefense.com/intelligence/vulnerabilities/display.php?id=380 February 7, 2006 I. BACKGROUND QNX Software Systems Ltd.'s Neutrino RTOS QNX is a real-time operating system designed for us...

0.3AI score
Exploits0
securityvulns
securityvulns
added 2006/02/03 12:0 a.m.90 views

Bug for libs in php link directory 2.0

Program: PHPLD Php link directory Homepage: http://www.phplinkdirectory.com/ Language: PHP Version: 2.0 Php link directory use lib's how adodb, smarthy, phpmailer, etc., etc. but this lib's have bug's. Bugs: ADOdb PostgreSQL SQL Injection Vulnerability http://www.securityfocus.com/bid/16364...

0.3AI score
Exploits0
securityvulns
securityvulns
added 2005/12/04 12:0 a.m.90 views

eXtreme Styles mod <= 2.2.1 Multiple Vulnerabilities

Site: http://www.phpbbstyles.com/ 1. Remote File Content Disclosure http://forum/admin/xsedit.php?edit=../../../../etc/passwd 2. Full Path Disclosure http://forum/admin/xsedit.php?edit=&viewbackup=1 http://wtf.bz/...

0.3AI score
Exploits0
securityvulns
securityvulns
added 2005/08/09 12:0 a.m.90 views

FunkBoard V0.66CF (possibly prior versions) cross site scripting, possible database username/password disclosure & board takeover,possible remote code execution

FunkBoard V0.66CF possibly prior versions cross site scripting, possible database username/password disclosure & board takeover, possible remote code execution software: author site: http://www.pathtofunkboard.co.uk/ xss:...

7.5AI score
Exploits0
securityvulns
securityvulns
added 2005/08/09 12:0 a.m.90 views

Microsoft Security Bulletin MS05-038 Cumulative Security Update for Internet Explorer (896727)

Microsoft Security Bulletin MS05-038 Cumulative Security Update for Internet Explorer 896727 Issued: August 9, 2005 Version: 1.0 Summary Who should read this document: Customers who use Microsoft Windows Impact of Vulnerability: Remote Code Execution Maximum Severity Rating: Critical...

7.5CVSS0.9AI score0.48513EPSS
Exploits4
securityvulns
securityvulns
added 2003/11/14 12:0 a.m.90 views

Web Wiz Forums ver. 7.01

Informations : °°°°°°°°°°°° Language : ASP Bugged Version : Web Wiz Forums ver. 7.01 and less ? Website : http://www.webwizforums.com Problems : Permanent XSS Objects : °°°°°°° - registernewuser.asp - register.asp The values variable are not filtered: strLocation = Request.Form"location" strMessa...

0.2AI score
Exploits0
securityvulns
securityvulns
added 2003/05/08 12:0 a.m.90 views

Microsoft Security Bulletin MS03-017: Flaw in Windows Media Player Skins Downloading could allow Code Execution (817787)

-----BEGIN PGP SIGNED MESSAGE----- - -------------------------------------------------------------------- Title: Flaw in Windows Media Player Skins Downloading could allow Code Execution 817787 Date: 07 May 2003 Software: Microsoft Windows Media Player 7.1 Microsoft Windows Media Player for Windo...

0.3AI score
Exploits0
securityvulns
securityvulns
added 2002/11/21 12:0 a.m.90 views

Microsoft Security Bulletin MS02-065: Buffer Overrun in Microsoft Data Access Components Could Lead to Code Execution (Q329414)

-----BEGIN PGP SIGNED MESSAGE----- - ---------------------------------------------------------------------- Title: Buffer Overrun in Microsoft Data Access Components Could Lead to Code Execution Q329414 Date: 20 November, 2002 Software: Microsoft Data Access Components MDAC 2.1 Microsoft Data...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2002/10/03 12:0 a.m.90 views

Multiple Web Security Holes

I sent this three times to webappsec but without resultats. I try so on bugtraq, although that is less appropriate. ----------------------------------------------------- Five products in PHP are vulnerable to various holes. 1 TightAuction Website : http://www.tightprices.com Tested Version : 3.0...

7AI score
Exploits0
securityvulns
securityvulns
added 2002/08/20 12:0 a.m.90 views

[Mantis Advisory/2002-04] Arbitrary code execution vulnerability in Mantis

Mantis Advisory/2002-04 Arbitrary code execution vulnerability in Mantis 0. Table of Contents 1. Introduction 2. Summary / Impact analysis 3. Affected versions 4. Workaround / Solution 5. Detailed explanation 6. Credit 7. Contact details 1. Introduction Mantis is an Open Source web-based...

0.5AI score
Exploits0
securityvulns
securityvulns
added 2002/08/08 12:0 a.m.90 views

Security Advisory: Cisco VPN 5000 Series Concentrator RADIUS PAP Authentication Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Cisco VPN 5000 Series Concentrator RADIUS PAP Authentication Vulnerability Revision 1.0 For Public Release 2002 August 07 UTC 1500 Contents Summary Affected Products Details Impact Software Versions and Fixes Obtaining Fixed...

0.2AI score
Exploits0
securityvulns
securityvulns
added 2002/01/31 12:0 a.m.90 views

[ WWWThreads, UBBThreads ] Security Hole in upload system

WWWThreads, UBBThreads Security Hole in upload system Author: RootExtractor, CompuMe [email protected], [email protected] I. Details II. Vulnerable ver's III. Example, Xploit IV. Solution Details : ..: config.inc.php :.. ------------------------- snip ------------------------------ //...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2001/05/16 12:0 a.m.90 views

3COM OfficeConnect DSL router vulneratibilities

Yesterday night I discovered a vulnerabilty. The router is a 3COM OfficeConnect 812 and the vulnerability is on the HTTP server, on port 80. When you enter with a browser on one of this router, you are asked for user/password, if you fail, you can see a web page telling you that is a protected...

7AI score
Exploits0
securityvulns
securityvulns
added 2001/05/15 12:0 a.m.90 views

NSFOCUS SA2001-02 : Microsoft IIS CGI Filename Decode Error Vulnerability

NSFBUGTRAQOCUS Security AdvisorySA2001-02 Topic: Microsoft IIS CGI Filename Decode Error Vulnerability Release DateЈє 2001-5-15 CVE Candidate Numbers: CAN-2001-0333 BUGTRAQ ID : 2708 Affected system: ================ - Microsoft IIS 4.0 - Microsoft IIS 5.0 Not affected system: ===================...

7.5CVSS6.2AI score0.9077EPSS
Exploits8
securityvulns
securityvulns
added 2001/04/18 12:0 a.m.90 views

[SX-20010320-2b] - Followup re. Microsoft ISA Server Denial of Service

FSC Internet Corp. / SecureXpert Labs Advisory SX-20010320-2b This is a follow-up to: SX-20010320-2 Denial of Service in Microsoft ISA server v1.0 Several individuals have pointed out an easier exploit scenario for this vulnerability, which additionally does NOT require the Web Publishing feature...

6.9AI score
Exploits0
securityvulns
securityvulns
added 2000/09/14 12:0 a.m.90 views

Win2k Telnet.exe malicious server vulnerability

Microsoft was informed of this problem with exploit over a month ago. I received some token responses right after emailing them, but have heard nothing since. If they have released an advisory of their own yet, I have not seen it. I informed them up-front that I would release a full-disclosure...

7.2AI score
Exploits0
securityvulns
securityvulns
added 2015/10/26 12:0 a.m.89 views

Multiple Path/Directory Traversal and/or Local File Inclusion in Easy2Map version 1.2.9 WordPress plugin

Vulnerability title: Multiple Path/Directory Traversal and/or Local File Inclusion in Easy2Map version 1.2.9 WordPress plugin CVE: CVE-2015-7669 Vendor: Steven Ellis Product: Easy2Map Affected version: 1.2.9 Fixed version: 1.3.0 Reported by: Iberia Medeiros Vulnerability Details:...

7.5CVSS1.2AI score0.07055EPSS
Exploits2
Total number of security vulnerabilities5000