Lucene search
K
SecurityvulnsRecent

47153 matches found

securityvulns
securityvulns
added 2011/08/30 12:0 a.m.109 views

phpWebSite (publisher) Remote SQL injection Vulnerability

IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability phpWebSite publisher AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Persian Gulf 4 Ever! Dork : allinurl:"mod.php?mod=publisher" Exploite:...

3.7AI score
Exploits0
securityvulns
securityvulns
added 2011/08/30 12:0 a.m.32 views

Linux kernel DoS

Crash on BeFS filesystem parsing...

4.9CVSS3.2AI score0.00506EPSS
Exploits1References1Affected Software1
securityvulns
securityvulns
added 2011/08/30 12:0 a.m.28 views

EMC RSA enVision security vulnerabilities

Information leakage, unauthorized access...

5CVSS4.4AI score0.01229EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2011/08/30 12:0 a.m.27 views

Cisco Unified Communications Manager / Cisco Unified Presence Server information leakage

OpenQuery information leakage...

10CVSS2.2AI score0.01902EPSS
Exploits0References1Affected Software2
securityvulns
securityvulns
added 2011/08/30 12:0 a.m.64 views

Cross-Site Scripting (XSS) in Microsoft ReportViewer Controls

================================================== Cross-Site Scripting XSS in Microsoft ReportViewer Controls Adam Bixby - Gotham Digital Science [email protected] Public Release Date: 8/9/2011 Confirmed Affected Software: Microsoft Report Viewer Redistributable 2005 SP1 and Microsoft Visual...

4.3CVSS0.3AI score0.20808EPSS
Exploits1
securityvulns
securityvulns
added 2011/08/30 12:0 a.m.54 views

Insomnia : ISVA-110822.1 - Pidgin IM Insecure URL Handling Remote Code Execution

Insomnia Security Vulnerability Advisory: ISVA-110822.1 Name: Pidgin IM Insecure URL Handling Remote Code Execution Reported: 21 July 2011 Vendor Link: http://www.pidgin.im Affected Products: Pidgin Instant Messaging Client = 2.9.0 Original Advisory:...

0.2AI score
Exploits0
securityvulns
securityvulns
added 2011/08/30 12:0 a.m.33 views

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

7.5CVSS1.6AI score0.36116EPSS
Exploits9References12Affected Software4
securityvulns
securityvulns
added 2011/08/30 12:0 a.m.55 views

Apache Tomcat information leakage and unauthorized access

A part of AJP message data may be processed as a new AJP message...

7.5CVSS2.4AI score0.15226EPSS
Exploits1References1
securityvulns
securityvulns
added 2011/08/30 12:0 a.m.94 views

webyuss (prodotto.php?id) (quadri.php?id) Remote SQL injection Vulnerability

IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability webyuss prodotto.php?id quadri.php?id AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.webyuss.com/ Persian Gulf 4 Ever! Dork : "Powered by webyuss" "inurl:prodotto.php?id...

3.8AI score
Exploits0
securityvulns
securityvulns
added 2011/08/30 12:0 a.m.64 views

Fabio Rispoli (prodotto.php?id) Remote SQL injection Vulnerability

IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability Fabio Rispoli prodotto.php?id AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Persian Gulf 4 Ever! Dork : "Powered by Fabio Rispoli" Exploite: www.victim.com/prodotto.php?id=6+union+select...

4.8AI score
Exploits0
securityvulns
securityvulns
added 2011/08/30 12:0 a.m.52 views

DDIVRT-2011-32 Axway SecureTransport '/icons/' Directory Traversal

Title ----- DDIVRT-2011-32 Axway SecureTransport '/icons/' Directory Traversal Severity -------- High Date Discovered --------------- July 15, 2011 Discovered By ------------- Digital Defense, Inc. Vulnerability Research Team Credit: sxkeebler and r@b13$ Vulnerability Description...

0.6AI score
Exploits0
securityvulns
securityvulns
added 2011/08/30 12:0 a.m.92 views

Multimedia Creative (prodotto.php?id) Remote SQL injection Vulnerability

IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability Multimedia Creative prodotto.php?id AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.multimediacreative.it/ Persian Gulf 4 Ever! Dork : "Powered by Multimedia Creative"...

3.4AI score
Exploits0
securityvulns
securityvulns
added 2011/08/30 12:0 a.m.281 views

Datriks Solutions (prodotto.php?id) (dettaglio_socio.php?id) Remote SQL injection Vulnerability

IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability Datriks Solutions prodotto.php?id dettagliosocio.php?id AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.datriks.net/ Persian Gulf 4 Ever! Dork : "Powered by Datriks...

3.8AI score
Exploits0
securityvulns
securityvulns
added 2011/08/30 12:0 a.m.57 views

ESA-2011-030: RSA, The Security Division of EMC, announces security fixes for RSA enVision

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2011-030: RSA, The Security Division of EMC, announces security fixes for RSA enVision Advisories Updated August 22, 2011 Summary: RSA, The Security Division of EMC, announces security fixes to address two security vulnerabilities in RSA enVision®...

5CVSS0.4AI score0.01229EPSS
Exploits0
securityvulns
securityvulns
added 2011/08/30 12:0 a.m.64 views

XSS in IBM Open Admin Tool

“XSS in IBM Open Admin Tool OAT2.27installwindows.exe” Product version tested : OAT v2.27 Vendore has been informed : July 27, 2010 They fix the vulnerability on : March 2011 Fixed version: OAT v2.72 Credit : sumit kumar soni [email protected] Product Link:...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2011/08/30 12:0 a.m.50 views

Cisco Security Advisory: Open Query Interface in Cisco Unified Communications Manager and Cisco Unified Presence Server

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Cisco Security Advisory: Open Query Interface in Cisco Unified Communications Manager and Cisco Unified Presence Server Advisory ID: cisco-sa-20110824-cucm-cups Revision 1.0 For Public Release 2011 August 24 1600 UTC GMT...

10CVSS0.5AI score0.01902EPSS
Exploits0
securityvulns
securityvulns
added 2011/08/30 12:0 a.m.50 views

NetSaro Enterprise Messenger Server Administration Console Source Code Disclosure

Vulnerability title: NetSaro Enterprise Messenger Server Administration Console Null Byte Request Source Code Disclosure CVSS Risk Rating: 5 Medium Product: NetSaro Enterprise Messenger Server Application Vendor: SEM Software Vendor URL: http://www.netsaro.com/ Public disclosure date: 8/22/2011...

0.5AI score
Exploits0
securityvulns
securityvulns
added 2011/08/30 12:0 a.m.64 views

[Foreground Security 2011-001]: Casper Suite (JSS 8.1) Cross-Site Scripting

============================================================ FOREGROUND SECURITY, SECURITY ADVISORY 2011-001 - Original release date: August 27, 2011 - Discovered by: Jose Carlos de Arriba - Contact: jcarriba at foregroundsecurity dot com, dade at painsec dot com - Severity: 4.3/10 Base CVSS Scor...

0.9AI score
Exploits0
securityvulns
securityvulns
added 2011/08/30 12:0 a.m.141 views

Cisco Security Advisory: Apache HTTPd Range Header Denial of Service Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Cisco Security Advisory: Apache HTTPd Range Header Denial of Service Vulnerability Advisory ID: cisco-sa-20110830-apache Revision 1.0 For Public Release 2011 August 30 1600 UTC GMT Summary ======= The Apache HTTPd server contains a denial of service...

7.8CVSS0.6AI score0.98945EPSS
Exploits17
securityvulns
securityvulns
added 2011/08/30 12:0 a.m.48 views

LifeSize Room Vulnerabilities

Discovered: 07-13-11 By: Spencer McIntyre zeroSteiner SecureState R&D Team www.securestate.com Background: ----------- Multiple vulnerabilities within the LifeSize Room appliance. Vulnerability Summaries: ------------------------ Login page can be bypassed, granting administrative access to the w...

7.5CVSS2.1AI score0.36116EPSS
Exploits9
securityvulns
securityvulns
added 2011/08/30 12:0 a.m.52 views

[PRE-SA-2011-06] Linux kernel: ZERO_SIZE_PTR dereference for long symlinks in Be FS

PRE-CERT Security Advisory ========================== Advisory: PRE-SA-2011-06 Released on: 19 August 2011 Last updated on: 19 August 2011 Affected product: Linux Kernel 2.4, 2.6, and 3.0 Impact: denial-of-service Origin: Be file system Credit: Timo Warns PRESENSE Technologies GmbH CVE Identifier...

4.9CVSS8AI score0.00506EPSS
Exploits1
securityvulns
securityvulns
added 2011/08/30 12:0 a.m.51 views

Cisco Security Advisory: Denial of Service Vulnerabilities in Cisco Intercompany Media Engine

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Cisco Security Advisory: Denial of Service Vulnerabilities in Cisco Intercompany Media Engine Advisory ID: cisco-sa-20110824-ime Revision 1.0 For Public Release 2011 August 24 1600 UTC GMT...

7.8CVSS0.6AI score0.01633EPSS
Exploits0
securityvulns
securityvulns
added 2011/08/30 12:0 a.m.151 views

[SECURITY] CVE-2011-3190 Apache Tomcat Authentication bypass and information disclosure

CVE-2011-3190 Apache Tomcat Authentication bypass and information disclosure Severity: Important Vendor: The Apache Software Foundation Versions Affected: - Tomcat 7.0.0 to 7.0.20 - Tomcat 6.0.0 to 6.0.33 - Tomcat 5.5.0 to 5.5.33 - Earlier, unsupported versions may also be affected Description:...

7.5CVSS0.3AI score0.15226EPSS
Exploits1
securityvulns
securityvulns
added 2011/08/30 12:0 a.m.21 views

NetSaro information leakage

Source code leakage via administration web interface...

3.1AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2011/08/27 12:0 a.m.49 views

Concrete CMS 5.4.1.1 <= Cross Site Scripting

Concrete CMS 5.4.1.1 = Cross Site Scripting 1. OVERVIEW Concrete CMS 5.4.1.1 and lower versions are vulnerable to Cross Site Scripting. 2. BACKGROUND Concrete5 makes running a website easy. Go to any page in your site, and a editing toolbar gives you all the controls you need to update your...

0.3AI score
Exploits0
securityvulns
securityvulns
added 2011/08/27 12:0 a.m.77 views

Marinet Remote SQL injection Vulnerability

IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability Marinet AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.marinet.gr/ Persian Gulf 4 Ever! Dork : "Powered by Marinet" "inurl:products.php?categoryid=" Exploite :...

3.8AI score
Exploits0
securityvulns
securityvulns
added 2011/08/27 12:0 a.m.50 views

ZDI-11-274: EMC Autostart ftAgent Opcode 0x140 Parsing Remote Code Execution Vulnerability

ZDI-11-274: EMC Autostart ftAgent Opcode 0x140 Parsing Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-274 August 23, 2011 -- CVE ID: CVE-2011-2735 -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C -- Affected Vendors: EMC -- Affected Products: EMC AutoStart --...

7.9CVSS1.3AI score0.02335EPSS
Exploits4
securityvulns
securityvulns
added 2011/08/27 12:0 a.m.40 views

Jcow CMS 4.2 <= | Cross Site Scripting

Jcow CMS 4.2 = | Cross Site Scripting 1. OVERVIEW Jcow CMS 4.2 and lower versions are vulnerable to Cross Site Scripting. 2. BACKGROUND Jcow is a flexible Social Networking software written in PHP. It can help you to build a social network for your interests and passions, a member community for...

1.1AI score
Exploits0
securityvulns
securityvulns
added 2011/08/27 12:0 a.m.52 views

Dataminas (noticias.php?categoria_id) (galeria.php?galeria_id) Remote SQL injection Vulnerability

IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability Dataminas noticias.php?categoriaid galeria.php?galeriaid AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.dataminas.com.br/ Persian Gulf 4 Ever! Dork : "Powered by...

4.1AI score
Exploits0
securityvulns
securityvulns
added 2011/08/27 12:0 a.m.75 views

JagoanStore CMS Arbitary file upload vulnerability

Software: JagoanStore CMS Vendor: www.jagoanstore.com Price: Rp.900.000 IDR Vuln Type: Arbitary file upload Author: eidelweiss contact: eidelweissatwindowslivedotcom Home: www.eidelweiss-advisories.blogspot.com Gratz: Devilzc0de, YOGYACARDERLINK, and YOU !!! References:...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2011/08/27 12:0 a.m.200 views

[slackware-security] php (SSA:2011-237-01)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 slackware-security php SSA:2011-237-01 New php packages are available for Slackware 11.0, 12.0, 12.1, 12.2, 13.0, 13.1, 13.37, and -current to fix security issues. Here are the details from the Slackware 13.37 ChangeLog: +--------------------------+...

7.5CVSS9AI score0.22724EPSS
Exploits15
securityvulns
securityvulns
added 2011/08/27 12:0 a.m.135 views

Warah Agencia (productos.php?categoria_id) Remote SQL injection Vulnerability

IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability Warah Agencia productos.php?categoriaid AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.warah.com.ar/ Persian Gulf 4 Ever! Dork : "DESIGN BY WARAH AGENCIA CREATIVA"...

3.3AI score
Exploits0
securityvulns
securityvulns
added 2011/08/27 12:0 a.m.43 views

Marinet Remote SQL injection Vulnerability

IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability Marinet AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.marinet.gr/ Persian Gulf 4 Ever! Dork : "Powered by Marinet" "inurl:products.php?categoryid=" Exploite :...

3.9AI score
Exploits0
securityvulns
securityvulns
added 2011/08/27 12:0 a.m.429 views

Foresta Creativa (prodotti.php?idCategoria) Remote SQL injection Vulnerability

IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability Foresta Creativa prodotti.php?idCategoria AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.forestacreativa.com/ Persian Gulf 4 Ever! Dork : "Powered by Foresta Creativa"...

4AI score
Exploits0
securityvulns
securityvulns
added 2011/08/27 12:0 a.m.357 views

Alfazeta (list-prodotti.php?idcategoria) Remote SQL injection Vulnerability

IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability Alfazeta list-prodotti.php?idcategoria AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.alfazeta.net/ Persian Gulf 4 Ever! Dork : inurl:list-prodotti.php?idcategoria=...

3.5AI score
Exploits0
securityvulns
securityvulns
added 2011/08/27 12:0 a.m.48 views

[PT-2011-23] Database information disclosure in GLPI

---------------------------------------------------------------------- PT-2011-23 Positive Technologies Security Advisory Database information disclosure in GLPI ---------------------------------------------------------------------- --- Vulnerable software GLPI Version 0.80.1 and earlier...

6.8AI score
Exploits0
securityvulns
securityvulns
added 2011/08/27 12:0 a.m.33 views

EMC AutoStart multiple buffer overflows

Multiple buffer overflows on network requests parsing...

7.9CVSS4.3AI score0.02335EPSS
Exploits4References4Affected Software1
securityvulns
securityvulns
added 2011/08/27 12:0 a.m.25 views

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

1.6AI score
Exploits0References30Affected Software6
securityvulns
securityvulns
added 2011/08/27 12:0 a.m.81 views

Web Art Studio (prodotto.php?lang) Remote SQL injection Vulnerability

IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability Web Art Studio prodotto.php?lang AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.was.it/ Persian Gulf 4 Ever! Dork : "Web Art Studio Web Agency" "inurl:prodotto.php?lang=...

2.4AI score
Exploits0
securityvulns
securityvulns
added 2011/08/27 12:0 a.m.122 views

Spherica Remote SQL injection Vulnerability

IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability Spherica AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.spherica.it/ Persian Gulf 4 Ever! Dork : "powered by spherica" "inurl:prodotto.php?idcatalogo=" Exploite:...

4AI score
Exploits0
securityvulns
securityvulns
added 2011/08/27 12:0 a.m.56 views

Nativedreams (Fabarth_gallery.php?categoria_id) Remote SQL injection Vulnerability

IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability Nativedreams Fabarthgallery.php?categoriaid AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.nativedreams.com/ Persian Gulf 4 Ever! Dork :...

2.7AI score
Exploits0
securityvulns
securityvulns
added 2011/08/27 12:0 a.m.68 views

SQL-Ledger patch update for SQL injection

Hi all; We have been informed that SQL-Ledger 2.8.34 has in fact been released patching the security hole previously reported in LedgerSMB 1.2.24 and Lower. This is an SQL injection issue. I haven't been been able to find a CVE listing for this yet. Secunia has assigned this the id of SA45649 for...

1.4AI score
Exploits0
securityvulns
securityvulns
added 2011/08/27 12:0 a.m.43 views

CreatiWeb Remote SQL injection Vulnerability

IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability CreatiWeb AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.crweb.it/ Persian Gulf 4 Ever! Dork : "Powered by CreatiWeb" "inurl:dettaglionews.php?id=" Exploite:...

3.9AI score
Exploits0
securityvulns
securityvulns
added 2011/08/27 12:0 a.m.68 views

PHP multiple security vulnerabilities

NULL pointer dereference, ZipArchive mmemroy corruptions...

7.5CVSS1.9AI score0.22724EPSS
Exploits16References2Affected Software1
securityvulns
securityvulns
added 2011/08/27 12:0 a.m.96 views

Listendifferent (prodotto.php?IDprodotto) Remote SQL injection Vulnerability

IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability Listendifferent prodotto.php?IDprodotto AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.listendifferent.com/ Persian Gulf 4 Ever! Dork : "Concept and Designed by...

3.3AI score
Exploits0
securityvulns
securityvulns
added 2011/08/27 12:0 a.m.75 views

Web Progetto (prodotti.php?idcategoria) Remote SQL injection Vulnerability

IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability Web Progetto prodotti.php?idcategoria AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.webprogetto.it/ Persian Gulf 4 Ever! Dork : "by Web Progetto"...

3.2AI score
Exploits0
securityvulns
securityvulns
added 2011/08/27 12:0 a.m.45 views

ValtNet (photogallery.html?id_categoria) Remote SQL injection Vulnerability

IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability ValtNet photogallery.html?idcategoria AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.valtnet.com/ Persian Gulf 4 Ever! Dork : allinurl:"photogallery.html?idcategoria="...

2.7AI score
Exploits0
securityvulns
securityvulns
added 2011/08/27 12:0 a.m.53 views

Data Center Foz (product_cat.php?CATEGORIA_ID) Remote SQL injection Vulnerability

IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability Data Center Foz productcat.php?CATEGORIAID AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Persian Gulf 4 Ever! Dork : "Powered by DataCenterFoz" Exploite:...

5.3AI score
Exploits0
securityvulns
securityvulns
added 2011/08/27 12:0 a.m.89 views

BUZLAB (prodotti.php?idCategoria) Remote SQL injection Vulnerability

IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability BUZLAB prodotti.php?idCategoria AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.buzlab.com/ Persian Gulf 4 Ever! Dork : "Produced by BUZLAB"...

3AI score
Exploits0
securityvulns
securityvulns
added 2011/08/27 12:0 a.m.78 views

[CVE-2011-2712] Apache Wicket XSS vulnerability

Severity: Important Vendor: The Apache Software Foundation Versions Affected: Apache Wicket 1.4.x Apache Wicket 1.3.x and 1.5-RCx are not affected Description: With multi window support application configuration and special query parameters it is possible to execute any kind of JavaScript on a si...

3.3AI score0.0328EPSS
Exploits0
Total number of security vulnerabilities47153