Lucene search
K
SecurityvulnsRecent

47153 matches found

securityvulns
securityvulns
•added 2011/09/09 12:0 a.m.•58 views

Multiple XSS vulnerabilities in LightNEasy 3.2.4

Advisory: Multiple XSS vulnerabilities in LightNEasy Advisory ID: SSCHADV2011-013 Author: Stefan Schurtz Affected Software: 3.2.4 Vendor URL: http://www.lightneasy.org/ Vendor Status: informed CVE-ID: - ========================== Vulnerability Description: ========================== LightNEasy is...

0.1AI score
Exploits0
securityvulns
securityvulns
•added 2011/09/09 12:0 a.m.•51 views

WSTAFF Remote SQL injection Vulnerability

IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability WSTAFF AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.wstaff.it/ Persian Gulf 4 Ever! Dork : "Powered by: WSTAFF srl" Exploite: www.victim.com/prodotti.php?codice=-5 uni...

4.1AI score
Exploits0
securityvulns
securityvulns
•added 2011/09/09 12:0 a.m.•80 views

Pranian Group e107 Cross Site Scripting Vulnerabilities

IRANIAN THE BEST HACKERS IN THE WORLD Cross Site Scripting Vulnerabilities Pranian Group e107 AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Persian Gulf 4 Ever! Dork : "by Pranian Group e107" Exploite:...

2.3AI score
Exploits0
securityvulns
securityvulns
•added 2011/09/09 12:0 a.m.•145 views

Abarkam (detail.php?input) Remote SQL injection Vulnerability

IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability Abarkam detail.php?input AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.abarkam.com/ Persian Gulf 4 Ever! Dork : allinurl:"detail.php?input=" Exploite:...

3AI score
Exploits0
securityvulns
securityvulns
•added 2011/09/09 12:0 a.m.•1073 views

BvCom (dettaglio.php?idnews) Remote SQL injection Vulnerability

IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability BvCom dettaglio.php?idnews AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.bvcom.it/ Persian Gulf 4 Ever! Dork : "Powered by: bvcom.it" "inurl:dettaglio.php?idnews="...

4.1AI score
Exploits0
securityvulns
securityvulns
•added 2011/09/09 12:0 a.m.•30 views

ZDI-11-279: (0day) Witness Systems eQuality Unify Remote Code Execution Vulnerability

ZDI-11-279: 0day Witness Systems eQuality Unify Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-279 September 2, 2011 -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C -- Affected Vendors: Nortel Witness Systems -- Affected Products: Nortel Contact Recording and Quali...

0.5AI score
Exploits0
securityvulns
securityvulns
•added 2011/09/09 12:0 a.m.•68 views

XSS Ebuddy (responsible disclosure)

Early this morning, the security group Virtual Luminous published a vulnerability in 'Ebuddy Web Messenger' and we would like to inform you that this vulnerability had been discovered and reported to the vendor on June 5th, 2011 by DcLabs Security Research Group. In the report below you are going...

7.5AI score
Exploits0
securityvulns
securityvulns
•added 2011/09/09 12:0 a.m.•100 views

Arbitrary File Upload in '1 Flash Gallery' Wordpress Plugin

====Vulnerability==== The '1 Flash Gallery' WordPress plugin http://wordpress.org/extend/plugins/1-flash-gallery/ is vulnerable to an arbitrary file upload vulnerability. This vulnerability is present from version 1.30 until version 1.5.7. The plugin has been downloaded an estimated 460,000 times...

0.3AI score
Exploits0
securityvulns
securityvulns
•added 2011/09/09 12:0 a.m.•71 views

Multiple vulnerabilities in MantisBT

Vulnerability ID: HTB23045 Reference: https://www.htbridge.ch/advisory/multiplevulnerabilitiesinmantisbt.html Product: MantisBT Vendor: www.mantisbt.org http://www.mantisbt.org/ Vulnerable Version: 1.2.7 and probably prior Tested Version: 1.2.7 Vendor Notification: 31 August 2011 Vulnerability...

0.8AI score
Exploits0
securityvulns
securityvulns
•added 2011/09/09 12:0 a.m.•75 views

TTW (ricetta.php?id) Remote SQL injection Vulnerability

IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability TTW ricetta.php?id AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.tamtamsrl.it/ Persian Gulf 4 Ever! Dork : "credits ttw" "inurl:ricetta.php?id=" Exploite:...

2.5AI score
Exploits0
securityvulns
securityvulns
•added 2011/09/09 12:0 a.m.•345 views

Witness Systems eQuality Unify buffer overflow

Buffer overflow on TCP/6821 packet parsing...

5.2AI score
Exploits0References1
securityvulns
securityvulns
•added 2011/09/09 12:0 a.m.•45 views

ZDI-11-278: Novell Cloud Manager Insufficient Framework User Validation Vulnerability

ZDI-11-278: Novell Cloud Manager Insufficient Framework User Validation Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-278 September 2, 2011 -- CVE ID: CVE-2011-2654 -- CVSS: 9.3, AV:N/AC:M/Au:N/C:C/I:C/A:C -- Affected Vendors: Novell -- Affected Products: Novell eDirectory --...

9.3CVSS0.9AI score0.03634EPSS
Exploits0
securityvulns
securityvulns
•added 2011/09/09 12:0 a.m.•48 views

Pranian Group e107 Cross Site Scripting Vulnerabilities

IRANIAN THE BEST HACKERS IN THE WORLD Cross Site Scripting Vulnerabilities Pranian Group e107 AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Persian Gulf 4 Ever! Dork : "by Pranian Group e107" Exploite:...

2.3AI score
Exploits0
securityvulns
securityvulns
•added 2011/09/09 12:0 a.m.•79 views

Manifattura Web (prodotto.php?id) Remote SQL injection Vulnerability

IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability Manifattura Web prodotto.php?id AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.manifatturaweb.it/ Persian Gulf 4 Ever! Dork : "Manifattura Web" "inurl:prodotto.php?id="...

3AI score
Exploits0
securityvulns
securityvulns
•added 2011/09/09 12:0 a.m.•63 views

Virtualismi (prodotto.php?id) Cross Site Scripting Vulnerabilities

IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability Loop ricetta.php?id AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.loopmm.com/ Persian Gulf 4 Ever! Dork : "Loop - creazioni multimediali" "inurl:ricetta.php?id="...

2AI score
Exploits0
securityvulns
securityvulns
•added 2011/09/09 12:0 a.m.•76 views

[SECURITY] [DSA 2301-1] rails security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2301-1 [email protected] http://www.debian.org/security/ Luciano Bello September 5, 2011 http://www.debian.org/security/faq -...

7.5CVSS1.8AI score0.03022EPSS
Exploits0
securityvulns
securityvulns
•added 2011/09/09 12:0 a.m.•55 views

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

7.5CVSS1.6AI score0.03022EPSS
Exploits0References18Affected Software6
securityvulns
securityvulns
•added 2011/09/09 12:0 a.m.•100 views

Security bypass vulnerability in MyBB

Hello 3APA3A! I want to warn you about security bypass vulnerability in MyBB, which allows to bypass protection against Brute Force and conduct Brute Force attacks. In August in my article Bypassing captchas and blocking at web sites http://websecurity.com.ua/5334/ I wrote about vulnerability in...

Exploits0
securityvulns
securityvulns
•added 2011/09/07 12:0 a.m.•20 views

openvas race conditions

Race conditions for symbolic link attack...

1.8AI score
Exploits0References1
securityvulns
securityvulns
•added 2011/09/07 12:0 a.m.•29 views

openvas 2.x race condition

openvas-server/openvas/ovalplugins.c ... resultsfilename = "/tmp/results.xml"; if gfiletest resultsfilename, GFILETESTEXISTS logwrite "Found existing results file in s, deleting it to avoid conflicts.", resultsfilename; it unlink /tmp/results.xml avoid symlink attack then spawn process that write...

2.2AI score
Exploits0
securityvulns
securityvulns
•added 2011/09/05 12:0 a.m.•105 views

Studio Linea (prodotto.php?id) Remote SQL injection Vulnerability

IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability Studio Linea prodotto.php?id AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.studiolinea.com/ Persian Gulf 4 Ever! Dork : "Designed by Studio Linea srl" Exploite:...

2.8AI score
Exploits0
securityvulns
securityvulns
•added 2011/09/05 12:0 a.m.•58 views

Cisco Security Advisory: Denial of Service Vulnerability in Cisco TelePresence Codecs

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Cisco Security Advisory: Denial of Service Vulnerability in Cisco TelePresence Codecs Advisory ID: cisco-sa-20110831-tandberg Revision 1.0 For Public Release 2011 August 31 1600 UTC GMT...

7.8CVSS0.5AI score0.12714EPSS
Exploits5
securityvulns
securityvulns
•added 2011/09/05 12:0 a.m.•69 views

ITTWeb Remote SQL injection Vulnerability

IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability ITTWeb AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.ittweb.net/ Persian Gulf 4 Ever! Dork : "Web Design By I.T.&T" "inurl:?id=" Exploite:...

2.6AI score
Exploits0
securityvulns
securityvulns
•added 2011/09/05 12:0 a.m.•170 views

CWM (dettaglio-prodotto.asp?id) Remote SQL injection Vulnerability

IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability CWM dettaglio-prodotto.asp?id AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.cynaskyweb.it/ Persian Gulf 4 Ever! Dork : "Powered by CWM" "inurl:dettaglio-prodotto.asp?id...

3.8AI score
Exploits0
securityvulns
securityvulns
•added 2011/09/05 12:0 a.m.•48 views

Apple QuickTime multiple security vulnerabilities

Memory corruptions in PICT, JPEG2000, WAV, JPEG, GIF and different movie formats parsing, crossite scripting...

9.3CVSS3.2AI score0.60106EPSS
Exploits17References11Affected Software1
securityvulns
securityvulns
•added 2011/09/05 12:0 a.m.•54 views

Mediagrafic (prodotto.asp?id) (records.asp?id_p) Remote SQL injection Vulnerability

IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability Mediagrafic prodotto.asp?id records.asp?idp AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.mediagrafic.eu/ Persian Gulf 4 Ever! Dork : "Powered by Mediagrafic.it"...

3.9AI score
Exploits0
securityvulns
securityvulns
•added 2011/09/05 12:0 a.m.•238 views

Pc Web Agency (prodotto.php?id) Remote SQL injection Vulnerability

IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability Pc Web Agency prodotto.php?id AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.pcwebagency.it/ Persian Gulf 4 Ever! Dork : "Powered by Pc Web Agency"...

2.9AI score
Exploits0
securityvulns
securityvulns
•added 2011/09/05 12:0 a.m.•27 views

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

1.6AI score
Exploits0References14Affected Software4
securityvulns
securityvulns
•added 2011/09/05 12:0 a.m.•42 views

Symantec Veritas Backup Exec code execution

It's possible to execute privileged command remotely...

6.5CVSS4.2AI score0.01605EPSS
Exploits3References1Affected Software2
securityvulns
securityvulns
•added 2011/09/05 12:0 a.m.•32 views

Vulnerabilities in BroadWin WebAccess Client 1.0.0.10

Luigi Auriemma Application: BroadWin WebAccess Client http://broadwin.com/Client.htm Versions: bwocxrun.ocx = 1.0.0.10 aka version 7.0 Platforms: Windows Bugs: A format string B arbitrary memory corruption Exploitation: remote Date: 02 Sep 2011 Author: Luigi Auriemma e-mail: [email protected]...

1.3AI score
Exploits0
securityvulns
securityvulns
•added 2011/09/05 12:0 a.m.•73 views

XSS in Redirection wordpress plugin

Vulnerability ID: HTB23038 Reference: https://www.htbridge.ch/advisory/xssinredirectionwordpressplugin.html Product: Redirection wordpress plugin Vendor: John Godley http://urbangiraffe.com Vulnerable Version: 2.2.8 and probably prior Tested Version: 2.2.8 Vendor Notification: 10 August 2011...

0.4AI score
Exploits0
securityvulns
securityvulns
•added 2011/09/05 12:0 a.m.•96 views

Dexanet Remote SQL injection Vulnerability

IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability Dexanet AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.dexanet.com/ Persian Gulf 4 Ever! Dork : "inurl:competenzeprodotti.asp?id=" Exploite:...

2.7AI score
Exploits0
securityvulns
securityvulns
•added 2011/09/05 12:0 a.m.•69 views

[PT-2011-19] SQL injection vulnerability in Help Request System

---------------------------------------------------------------------- PT-2011-19 Positive Technologies Security Advisory SQL injection vulnerability in Help Request System ---------------------------------------------------------------------- --- Vulnerable software Help Request System Version...

0.5AI score
Exploits0
securityvulns
securityvulns
•added 2011/09/05 12:0 a.m.•1860 views

Sana Net (viewnews.php?id) Remote SQL injection Vulnerability

IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability Sana Net viewnews.php?id AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.sana-net.com/ Persian Gulf 4 Ever! Dork : "inurl:viewnews.php?id=" " " Exploite:...

2.9AI score
Exploits0
securityvulns
securityvulns
•added 2011/09/05 12:0 a.m.•71 views

[security bulletin] HPSBUX02700 SSRT100506 rev.1 - HP-UX running VEA, Remote Denial of Service (DoS), Execution of Arbitrary Code

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c02962262 Version: 1 HPSBUX02700 SSRT100506 rev.1 - HP-UX running VEA, Remote Denial of Service DoS, Execution of Arbitrary Code NOTICE: The information in this Security Bulletin should be acted...

6.5CVSS1AI score0.01605EPSS
Exploits3
securityvulns
securityvulns
•added 2011/09/05 12:0 a.m.•34 views

BroadWin WebAccess Client ActiveX security vulnerabilities

Format string vulnerability, memory corruption...

2.6AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
•added 2011/09/05 12:0 a.m.•45 views

KnFTPd v1.0.0 Multiple Command Remote Buffer Overflow

KnFTPd FTP Server v1.0.0 is vulnerable to a buffer overflow caused by improper bounds checking. By sending an overly long request to Multpile FTP commandUSER,PASS,REIN,QUIT,PORT,PASV,TYPE,STRU,MODE,RETR,STOR,...

0.1AI score
Exploits0
securityvulns
securityvulns
•added 2011/09/05 12:0 a.m.•63 views

ZDI-11-277: Apple QuickTime 3g2 'mp4v' atom size Remote Code Execution Vulnerability

ZDI-11-277: Apple QuickTime 3g2 'mp4v' atom size Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-277 August 31, 2011 -- CVE ID: CVE-2011-0258 -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P -- Affected Vendors: Apple -- Affected Products: Apple QuickTime --...

9.3CVSS1.2AI score0.04783EPSS
Exploits0
securityvulns
securityvulns
•added 2011/09/05 12:0 a.m.•58 views

Full disclosure for SA45649, SQL Injection in LedgerSMB and SQL-Ledger

Affects versions: SQL-Ledger 2.8.33 and lower LedgerSMB 1.2.24 and lower. Both programs have vendor fixes available in the form of new, patched versions. These have been out for over a week with appropriate advisories, with users having time to upgrade. Files affected: LedgerSMB/RP.pm for LedgerS...

0.3AI score
Exploits0
securityvulns
securityvulns
•added 2011/09/05 12:0 a.m.•199 views

Olonet (prodotto.php?idproduct) Remote SQL injection Vulnerability

IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability Olonet prodotto.php?idproduct AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.olonet.net/ Persian Gulf 4 Ever! Dork : "Powered & designed by Olonet.net" Exploite:...

3.8AI score
Exploits0
securityvulns
securityvulns
•added 2011/09/05 12:0 a.m.•50 views

Fulci (prodotto.php?id) Remote SQL injection Vulnerability

IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability fulci prodotto.php?id AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.fulci.it/ Persian Gulf 4 Ever! Dork : "designed by fulci.it" "prodotto.php?id=" Exploite:...

2.8AI score
Exploits0
securityvulns
securityvulns
•added 2011/09/05 12:0 a.m.•41 views

Secunia Research: InduSoft ISSymbol ActiveX Control Buffer Overflow Vulnerabilities

====================================================================== Secunia Research 01/09/2011 - InduSoft ISSymbol ActiveX Control Buffer Overflows - ====================================================================== Table of Contents Affected...

10CVSS0.7AI score0.05922EPSS
Exploits0
securityvulns
securityvulns
•added 2011/09/05 12:0 a.m.•32 views

KnFTPd FTP Server buffer overflows

Buffer overflows in different FTP commands...

2.8AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
•added 2011/09/05 12:0 a.m.•90 views

ph5gruppo (prodotto.php?id) Remote SQL injection Vulnerability

IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability ph5gruppo prodotto.php?id AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.ph5gruppo.it/ Persian Gulf 4 Ever! Dork : "Sito realizzato da ph5 gruppo" Exploite:...

2.9AI score
Exploits0
securityvulns
securityvulns
•added 2011/09/05 12:0 a.m.•116 views

Sana Net (viewpages.php?id) Remote SQL injection Vulnerability

IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability Sana Net viewpages.php?id AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.sana-net.com/ Persian Gulf 4 Ever! Dork : inurl:"viewpages.php?id=" " " Exploite:...

2.8AI score
Exploits0
securityvulns
securityvulns
•added 2011/08/30 12:0 a.m.•40 views

Pidgin code execution

It's possible to execute code via file:// URL...

9.3CVSS3.5AI score0.04794EPSS
Exploits1References1Affected Software1
securityvulns
securityvulns
•added 2011/08/30 12:0 a.m.•277 views

JCE Joomla Extension <=2.0.10 Multiple Vulnerabilities

www.BugReport.ir AmnPardaz Security Research Team Title: JCE Joomla Extension =2.0.10 Multiple Vulnerabilities Vendor: www.joomlacontenteditor.net Exploit: Available Vulnerable Version: 2.0.10 Image Manager 1.5.7.13, Media Manager 1.5.6.3, Template Manager 1.5.5, File Manager 1.5.4.1 & prior...

0.2AI score
Exploits0
securityvulns
securityvulns
•added 2011/08/30 12:0 a.m.•51 views

Marketing & Development (prodotto.php?cat) Remote SQL injection Vulnerability

IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability Marketing & Development prodotto.php?cat AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.marketingdev.com Persian Gulf 4 Ever! Dork : "powered by Marketing & Development"...

3AI score
Exploits0
securityvulns
securityvulns
•added 2011/08/30 12:0 a.m.•32 views

Microsoft Report Viewer crossite scripting

ActiveX crossite scripting...

4.3CVSS1.3AI score0.20808EPSS
Exploits1References1Affected Software2
securityvulns
securityvulns
•added 2011/08/30 12:0 a.m.•118 views

bizConsulting (prodotto.php?id) Remote SQL injection Vulnerability

IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability bizConsulting prodotto.php?id AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.bizconsulting.it/ Persian Gulf 4 Ever! Dork : "Powered by: bizConsulting"...

3.3AI score
Exploits0
Total number of security vulnerabilities47153