Lucene search
K
SecurityvulnsRecent

47153 matches found

securityvulns
securityvulns
added 2011/08/27 12:0 a.m.199 views

Nafis Group (review.php?ID) Remote SQL injection Vulnerability

IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability Nafis Group review.php?ID AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Persian Gulf 4 Ever! Dork : "Powered by : Nafis Group" Exploite: www.victim.com/review.php?ID=SQL SpeCial TanX To :...

4.6AI score
Exploits0
securityvulns
securityvulns
added 2011/08/27 12:0 a.m.80 views

LAB GRAPHIC DESIGN (index.php?categoria_id) Remote SQL injection Vulnerability

IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability LAB GRAPHIC DESIGN index.php?categoriaid AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Persian Gulf 4 Ever! Dork : "Powered by LAB GRAPHIC DESIGN " Exploite:...

4.4AI score
Exploits0
securityvulns
securityvulns
added 2011/08/27 12:0 a.m.110 views

Jcow CMS 4.x:4.2 <= , 5.x:5.2 <= | Arbitrary Code Execution

Jcow CMS 4.x:4.2 = , 5.x:5.2 = | Arbitrary Code Execution 1. OVERVIEW Jcow CMS versions 4.x: 4.2 and lower, 5.x: 5.2 and lower are vulnerable to Arbitrary Code Execution. 2. BACKGROUND Jcow is a flexible Social Networking software written in PHP. It can help you to build a social network for your...

2.5AI score
Exploits0
securityvulns
securityvulns
added 2011/08/27 12:0 a.m.215 views

TconZERO (prodotto.php?idprodotto) Remote SQL injection Vulnerability

IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability TconZERO prodotto.php?idprodotto AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.tconzero.net/ Persian Gulf 4 Ever! Dork : "Design By TconZERO"...

3.2AI score
Exploits0
securityvulns
securityvulns
added 2011/08/27 12:0 a.m.40 views

Adobe Flash Player multiple security vulnerabilities

Memory corruptions, buffer overflows, integer overflows, crossite scripting...

10CVSS2.7AI score0.82258EPSS
Exploits18References5Affected Software2
securityvulns
securityvulns
added 2011/08/27 12:0 a.m.51 views

Security advisory: SQL Injection in LedgerSMB 1.2.24 and lower

Hi all; The LedgerSMB development team has found an SQL injection issue in LedgerSMB 1.2.24. Because this issue stems from our common SQL-Ledger heritage, it affects all versions of LedgerSMB and has been confirmed in SQL-Ledger 2.8.33. We contacted Dieter when we initially discovered this and no...

0.5AI score
Exploits0
securityvulns
securityvulns
added 2011/08/27 12:0 a.m.206 views

B-Keen communication (dettaglio_news.php&id) Remote SQL injection Vulnerability

IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability B-Keen communication dettaglionews.php&id AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.b-keen.it/ Persian Gulf 4 Ever! Dork : "Powered by B-Keen communication"...

2.6AI score
Exploits0
securityvulns
securityvulns
added 2011/08/27 12:0 a.m.30 views

[PT-2011-23] Database information disclosure in GLPI

---------------------------------------------------------------------- PT-2011-23 Positive Technologies Security Advisory Database information disclosure in GLPI ---------------------------------------------------------------------- --- Vulnerable software GLPI Version 0.80.1 and earlier...

6.8AI score
Exploits0
securityvulns
securityvulns
added 2011/08/27 12:0 a.m.92 views

ZDI-11-273: EMC Autostart Domain Name Logging Remote Code Execution Vulnerability

ZDI-11-273: EMC Autostart Domain Name Logging Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-273 August 23, 2011 -- CVE ID: CVE-2011-2735 -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C -- Affected Vendors: EMC -- Affected Products: EMC AutoStart -- TippingPointTM...

7.9CVSS0.4AI score0.02335EPSS
Exploits4
securityvulns
securityvulns
added 2011/08/27 12:0 a.m.62 views

HTTPKiller - (Global HTTP DoS)

Connection Keep-Alive + Pipelining + Close the connection before the response + Something... = DoS Apache, IIS, Squid, NetCache, What else?...

0.3AI score
Exploits0
securityvulns
securityvulns
added 2011/08/27 12:0 a.m.20 views

Lumension Device Control memory corruption

Memory corruption on TCP/65129 traffic parsing...

4.5AI score
Exploits0References2Affected Software1
securityvulns
securityvulns
added 2011/08/27 12:0 a.m.108 views

PHP 5.3.6 multiple null pointer dereference

PHP 5.3.6 multiple null pointer dereference Author: Maksymilian Arciemowicz http://securityreason.com/ http://securityreason.net/ http://cxib.net/ Date: - Dis.: 20.07.2011 - Pub.: 19.08.2011 Affected Software verified: PHP 5.3.6 and prior Fixed: PHP 5.3.7 Original URL:...

7.5AI score
Exploits0
securityvulns
securityvulns
added 2011/08/27 12:0 a.m.72 views

################################ IRANIAN THE BEST HACKERS IN THE WORLD ################## #################### #################### ## ## Remote SQL injection Vulnerability ## ## Dataminas (noticias.php?categoria_id) (galeria.php?galeria

IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability Simply Media Web archivio.asp?categoriaid AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.simplymediaweb.it/ Persian Gulf 4 Ever! Dork : "Powered by Simply Media Web"...

3.3AI score
Exploits0
securityvulns
securityvulns
added 2011/08/27 12:0 a.m.128 views

OMNITEC (prodotto.php?id_prodotto) Remote SQL injection Vulnerability

IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability OMNITEC prodotto.php?idprodotto AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Persian Gulf 4 Ever! Dork : "design e realizzazione by OMNITEC" Exploite:...

4.2AI score
Exploits0
securityvulns
securityvulns
added 2011/08/27 12:0 a.m.88 views

ZDI-11-276: Adobe Flash Player MP4 sequenceParameterSetNALUnit Remote Code Execution Vulnerability

ZDI-11-276: Adobe Flash Player MP4 sequenceParameterSetNALUnit Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-276 August 23, 2011 -- CVE ID: CVE-2011-2140 -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P -- Affected Vendors: Adobe -- Affected Products: Adobe Flash...

10CVSS0.7AI score0.82258EPSS
Exploits15
securityvulns
securityvulns
added 2011/08/27 12:0 a.m.55 views

ZDI-11-275: EMC Autostart ftAgent Opcode 0x11 Parsing Remote Code Execution Vulnerability

ZDI-11-275: EMC Autostart ftAgent Opcode 0x11 Parsing Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-275 August 23, 2011 -- CVE ID: CVE-2011-2735 -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C -- Affected Vendors: EMC -- Affected Products: EMC AutoStart --...

7.9CVSS1.3AI score0.02335EPSS
Exploits4
securityvulns
securityvulns
added 2011/08/27 12:0 a.m.39 views

NGS00054 Technical Advisory: : Lumension Device Control (formerly Sanctuary) remote memory corruption

======= Summary ======= Name: Lumension Device Control formerly Sanctuary remote memory corruption Release Date: 24 August 2011 Reference: NGS00054 Discoverer: Andy Davis [email protected] Vendor: Lumension Vendor Reference: Systems Affected: Lumension Device Control v4.4 SR6 Risk: High...

0.3AI score
Exploits0
securityvulns
securityvulns
added 2011/08/27 12:0 a.m.152 views

Advisory: Range header DoS vulnerability Apache HTTPD 1.3/2.x (CVE-2011-3192)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Apache HTTPD Security ADVISORY ============================== UPDATE 2 Title: Range header DoS vulnerability Apache HTTPD 1.3/2.x CVE: CVE-2011-3192 Last Change: 20110826 1030Z Date: 20110824 1600Z Product: Apache HTTPD Web Server Versions: Apache 1.3...

7.8CVSS0.1AI score0.98945EPSS
Exploits17
securityvulns
securityvulns
added 2011/08/24 12:0 a.m.19 views

FLV Player flash application multiple security vulnerabilities

Content spoofing, crossite scripting...

1.2AI score
Exploits0References1
securityvulns
securityvulns
added 2011/08/24 12:0 a.m.240 views

Уязвимости в FLV Player

Здравствуйте 3APA3A! Сообщаю вам о найденных мною Content Spoofing и Cross-Site Scripting уязвимостях в флеш видео плеере FLV Player. Content Spoofing WASC-12: Флешки плеера FLV Player принимают произвольные адреса в параметре configxml, что позволяет подделать содержимое флешки - например, указа...

6.6AI score
Exploits0
securityvulns
securityvulns
added 2011/08/24 12:0 a.m.58 views

[USN-1196-1] eCryptfs vulnerability

========================================================================== Ubuntu Security Notice USN-1196-1 August 23, 2011 ecryptfs-utils vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivative...

0.5AI score0.0098EPSS
Exploits0
securityvulns
securityvulns
added 2011/08/24 12:0 a.m.73 views

eCryptfs multiple security vulnerabilities

Privilege escalation, information leakage...

4.6CVSS2.3AI score0.0098EPSS
Exploits2References2
securityvulns
securityvulns
added 2011/08/19 12:0 a.m.55 views

ALTOGRADO (catalogo.php?id_categoria) Remote SQL injection Vulnerability

IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability ALTOGRADO catalogo.php?idcategoria AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.altogrado.com.ar/ Persian Gulf 4 Ever! Dork : "Powered by ALTOGRADO"...

4.2AI score
Exploits0
securityvulns
securityvulns
added 2011/08/19 12:0 a.m.67 views

ASPR #2011-08-18-1: Remote Binary Planting in Mozilla Firefox

=====BEGIN-ACROS-REPORT===== PUBLIC ========================================================================= ACROS Security Problem Report 2011-08-18-1 ------------------------------------------------------------------------- ASPR 2011-08-18-1: Remote Binary Planting in Mozilla Firefox...

7.2CVSS9.4AI score0.00294EPSS
Exploits5
securityvulns
securityvulns
added 2011/08/19 12:0 a.m.20 views

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

1.6AI score
Exploits0References3Affected Software1
securityvulns
securityvulns
added 2011/08/19 12:0 a.m.89 views

Grupo Argentina Web Remote SQL injection Vulnerability

IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability Grupo Argentina Web AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://grupoargentinaweb.com/ Persian Gulf 4 Ever! Dork : "Designed & powered by GAW GrupoArgentinaWeb"...

4AI score
Exploits0
securityvulns
securityvulns
added 2011/08/19 12:0 a.m.60 views

ESA-2011-025: Multiple buffer overflow vulnerabilities in EMC AutoStart

ESA-2011-025.txt -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2011-025: Multiple buffer overflow vulnerabilities in EMC AutoStart EMC Identifier: ESA-2011-025 CVE Identifier: CVE-2011-2735 Severity Rating: CVSS v2 Base Score: 7.9 AV:A/AC:M/Au:N/C:C/I:C/A:C Affected products: EMC AutoStart...

7.9CVSS1.6AI score0.02335EPSS
Exploits4
securityvulns
securityvulns
added 2011/08/19 12:0 a.m.39 views

Mozilla Fireox / Seamonkey / Thunderbird multiple security vulnerabilities

Multiple memory corruptions, crossite access, information leak, restriction bypass...

10CVSS2.2AI score0.05556EPSS
Exploits5References4Affected Software3
securityvulns
securityvulns
added 2011/08/19 12:0 a.m.74 views

ASPR #2011-08-18-2: Remote Binary Planting in Mozilla Thunderbird

=====BEGIN-ACROS-REPORT===== PUBLIC ========================================================================= ACROS Security Problem Report 2011-08-18-2 ------------------------------------------------------------------------- ASPR 2011-08-18-2: Remote Binary Planting in Mozilla Thunderbird...

7.2CVSS0.1AI score0.00294EPSS
Exploits5
securityvulns
securityvulns
added 2011/08/19 12:0 a.m.224 views

Elgg 1.7.10 <= | Multiple Vulnerabilities

OVERVIEW The Elgg 1.7.10 and lower versions are vulnerable to Cross Site Scripting and SQL Injection. 2. BACKGROUND Elgg is an award-winning social networking engine, delivering the building blocks that enable businesses, schools, universities and associations to create their own fully-featured...

1.5AI score
Exploits0
securityvulns
securityvulns
added 2011/08/18 12:0 a.m.69 views

ZDI-11-270: Mozilla Firefox SVGTextElement.getCharNumAtPosition Remote Code Execution Vulnerability

ZDI-11-270: Mozilla Firefox SVGTextElement.getCharNumAtPosition Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-270 August 17, 2011 -- CVE ID: CVE-2011-0084 -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P -- Affected Vendors: Mozilla -- Affected Products: Mozilla...

10CVSS0.2AI score0.04766EPSS
Exploits1
securityvulns
securityvulns
added 2011/08/18 12:0 a.m.66 views

ZDI-11-271: Mozilla Firefox appendChild DOM Tree Inconsistency Remote Code Execution Vulnerability

ZDI-11-271: Mozilla Firefox appendChild DOM Tree Inconsistency Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-271 August 17, 2011 -- CVE ID: CVE-2011-2378 -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P -- Affected Vendors: Mozilla -- Affected Products: Mozilla...

10CVSS0.5AI score0.05556EPSS
Exploits0
securityvulns
securityvulns
added 2011/08/17 12:0 a.m.23 views

CheckPoint Security Management products symbolic links vulnerability

Symbolic links vulnerability during installation...

3.6CVSS2.6AI score0.00302EPSS
Exploits1References1
securityvulns
securityvulns
added 2011/08/17 12:0 a.m.19 views

StudioLine Photo Basic ActiveX code execution

Unsafe EnableLog method...

3AI score
Exploits0References1
securityvulns
securityvulns
added 2011/08/17 12:0 a.m.32 views

Symantec Veritas Storage Foundation multiple security vulnerabilities

Multiple vulnerabilities on TCP/2148 request parsing...

10CVSS3AI score0.06646EPSS
Exploits0References3
securityvulns
securityvulns
added 2011/08/17 12:0 a.m.28 views

Adobe Shockwave Player multiple security vulnerabilities

Multiple memory corruptions...

10CVSS2.4AI score0.06488EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2011/08/17 12:0 a.m.19 views

Nortel / Avaya Media Application Server buffer overflow

Buffer overflow on TCP/52005 request parsing...

5.5AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2011/08/17 12:0 a.m.50 views

The LAD Melbourne Cms Sql Injection Vulnerability

. . || | | | | | | | | / | | | / | |/ // | | || Y Y | / Y / | /| | / ||/|| //|| / | | / / / / / / .org Archieve an Resource About Hacking Exploit Title: The LAD Melbourne Cms Sql Injection Vulnerability Author: Netrondoank Aka netron home Page: http://www.ilmuhacker.org Forum :...

0.3AI score
Exploits0
securityvulns
securityvulns
added 2011/08/17 12:0 a.m.78 views

ECHO Creative Company (dettaglio.php?id) Remote SQL injection Vulnerability

IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability ECHO Creative Company dettaglio.php?id AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.echocreative.it/index.htm Persian Gulf 4 Ever! Dork : "Powered by ECHO Creative...

2.8AI score
Exploits0
securityvulns
securityvulns
added 2011/08/17 12:0 a.m.168 views

Muzedon (dettaglio.php?id) Remote SQL injection Vulnerability

IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability Muzedon dettaglio.php?id AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Persian Gulf 4 Ever! Dork : "Powered By Muzedon.com" "inurl:dettaglio.php?id=" Exploite:...

4.5AI score
Exploits0
securityvulns
securityvulns
added 2011/08/17 12:0 a.m.406 views

lab382 (dettaglio.php?id) Remote SQL injection Vulnerability

IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability lab382 dettaglio.php?id AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.lab382.com/ Persian Gulf 4 Ever! Dork : "Web site by: lab382.com" "inurl:dettaglio.php?id="...

2.8AI score
Exploits0
securityvulns
securityvulns
added 2011/08/17 12:0 a.m.55 views

ZDI-11-264: Symantec Veritas Storage Foundation vxsvc.exe Value Unpacking Integer Overflow Remote Code Execution Vulnerability

ZDI-11-264: Symantec Veritas Storage Foundation vxsvc.exe Value Unpacking Integer Overflow Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-264 August 16, 2011 -- CVE ID: CVE-2011-0547 -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C -- Affected Vendors: Symantec --...

10CVSS1.5AI score0.06646EPSS
Exploits0
securityvulns
securityvulns
added 2011/08/17 12:0 a.m.74 views

InYourLife (dettaglio.php?id) (dettaglio_immobile.php?id) (notizia.php?id) Remote SQL injection Vulnerability

IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability InYourLife dettaglio.php?id dettaglioimmobile.php?id notizia.php?id AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.inyourlife.info/ Persian Gulf 4 Ever! Dork : "Powered ...

3.5AI score
Exploits0
securityvulns
securityvulns
added 2011/08/17 12:0 a.m.22 views

VMware vFabric tc Server weak encryption

Server accepts cleartext password even if it's not allowed for user...

5CVSS2.4AI score0.01561EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2011/08/17 12:0 a.m.84 views

dpconsulenze (dettaglio.php?id) Remote SQL injection Vulnerability

IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability dpconsulenze dettaglio.php?id AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.dpconsulenze.eu/ Persian Gulf 4 Ever! Dork : "powered by dpconsulenze"...

4AI score
Exploits0
securityvulns
securityvulns
added 2011/08/17 12:0 a.m.383 views

PCVmedia (free_gallery.php?cat_id) Remote SQL injection Vulnerability

IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability PCVmedia freegallery.php?catid AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.pcvmedia.com/ Persian Gulf 4 Ever! Dork : "Website designed & developed by PCVmedia.com"...

3.1AI score
Exploits0
securityvulns
securityvulns
added 2011/08/17 12:0 a.m.41 views

VUPEN Security Research - Adobe Shockwave rcsL Record Array Indexing Vulnerability (APSB11-19)

VUPEN Security Research - Adobe Shockwave rcsL Record Array Indexing Vulnerability APSB11-19 Website : http://www.vupen.com/english/research.php Twitter : http://twitter.com/vupen I. BACKGROUND --------------------- "Over 450 million Internet-enabled desktops have installed Adobe Shockwave Player...

7.9AI score
Exploits0
securityvulns
securityvulns
added 2011/08/17 12:0 a.m.55 views

Oracle Sun Java multiple security vulnerabilities

No description provided...

10CVSS2.1AI score0.06277EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2011/08/17 12:0 a.m.18 views

NetSaro Enterprise Messenger Server weak encryption

Passwords are stored in cleartext or in reverible form...

2AI score
Exploits0References2Affected Software1
securityvulns
securityvulns
added 2011/08/17 12:0 a.m.42 views

ISC DHCPD DoS

Crash on BOOTP packet parsing...

7.8CVSS2.4AI score0.38775EPSS
Exploits0References1
Total number of security vulnerabilities47153