Lucene search
K
SecurityvulnsRecent

47153 matches found

securityvulns
securityvulns
added 2011/04/13 12:0 a.m.44 views

Stack overflow in Microsoft HTML Help 6.1 (CHM files)

Luigi Auriemma Application: Microsoft HTML Help http://www.microsoft.com Versions: = 6.1 Platforms: Windows any version included the latest Windows 7 Bug: stack overflow Date: 12 Apr 2011 found 20 Feb 2011 Author: Luigi Auriemma e-mail: [email protected] web: aluigi.org 1 Introduction 2 Bug 3...

Exploits0
securityvulns
securityvulns
added 2011/04/12 12:0 a.m.38 views

Уязвимости в теме The Gazette Edition для WordPress

Здравствуйте 3APA3A! Сообщаю вам о найденных мною Cross-Site Scripting, Full path disclosure, Abuse of Functionality и Denial of Service уязвимостях в теме The Gazette Edition для WordPress. Это коммерческий шаблон для WP. XSS WASC-08:...

6.2AI score
Exploits0
securityvulns
securityvulns
added 2011/04/12 12:0 a.m.26 views

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

3.5CVSS1.6AI score0.0106EPSS
Exploits1References3Affected Software3
securityvulns
securityvulns
added 2011/04/12 12:0 a.m.58 views

Arbitary File Upload Vulnerability in Elxis CMS component eForum v1.1

========================================================================== Elxis CMS component eForum v1.1 - Arbitary File Upload Vulnerability ========================================================================== Software: eForum v1.1 Elxis CMS component Vendor: http://www.isopensource.com/...

0.3AI score
Exploits0
securityvulns
securityvulns
added 2011/04/12 12:0 a.m.52 views

[SECURITY] [DSA 2214-1] ikiwiki security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2214-1 [email protected] http://www.debian.org/security/ Nico Golde April 8, 2011 http://www.debian.org/security/faq -...

3.5CVSS0.7AI score0.0106EPSS
Exploits1
securityvulns
securityvulns
added 2011/04/12 12:0 a.m.70 views

[SECURITY] [DSA 2216-1] isc-dhcp security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2216-1 [email protected] http://www.debian.org/security/ Nico Golde April 10, 2011 http://www.debian.org/security/faq -...

7.5CVSS1.9AI score0.84292EPSS
Exploits6
securityvulns
securityvulns
added 2011/04/11 12:0 a.m.36 views

libmodplug library buffer overflow

ReadS3M buffer overflow. DoS on ABC files parsing...

6.8CVSS5.2AI score0.42941EPSS
Exploits8References1Affected Software1
securityvulns
securityvulns
added 2011/04/11 12:0 a.m.97 views

phplist: cross site request forgery (CSRF), CVE-2011-0748

phplist: cross site request forgery CSRF, CVE-2011-0748 References https://vulners.com/cve/CVE-2011-2748 http://int21.de/cve/CVE-2011-0748-phplist.html Description phplist is a mailing list software written in PHP. Up to version 2.10.12, it provided no protection against cross site request forger...

7.8CVSS6.5AI score0.38775EPSS
Exploits0
securityvulns
securityvulns
added 2011/04/11 12:0 a.m.105 views

LFI Vulnerability in 024cms Admin Control Panel v1.1.0 Beta (Complete-Modules Package)

============================================================================================================= 1024cms Admin Control Panel v1.1.0 Beta Complete-Modules Package - Local File Include Vulnerability...

1AI score
Exploits0
securityvulns
securityvulns
added 2011/04/11 12:0 a.m.40 views

SEC Consult SA-20110407-0 :: Libmodplug ReadS3M Stack Overflow

SEC Consult Vulnerability Lab Security Advisory 20110407-0 ======================================================================= title: Libmodplug ReadS3M Stack Overflow product: Libmodplug library vulnerable version: 0.8.8.1 fixed version: 0.8.8.2 impact: critical homepage:...

0.8AI score
Exploits0
securityvulns
securityvulns
added 2011/04/11 12:0 a.m.28 views

XRDB shell characters vulnerability

Shell characters vulnerability via host name...

9.3CVSS3.4AI score0.05781EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2011/04/11 12:0 a.m.57 views

KDE KSSL certificate spoofing

It's possible to spoof certificate issued for IP address...

7.5CVSS1.9AI score0.01257EPSS
Exploits0
securityvulns
securityvulns
added 2011/04/11 12:0 a.m.56 views

XSS Vulnerability in 1024cms Admin Control Panel v1.1.0 Beta (Master-cPanel Package)

============================================================================================================ 1024cms Admin Control Panel v1.1.0 Beta Master-cPanel Package - Cross-Site Scripting Vulnerability...

0.4AI score
Exploits0
securityvulns
securityvulns
added 2011/04/11 12:0 a.m.75 views

HTB22916: XSRF (CSRF) in phpCollab

Vulnerability ID: HTB22916 Reference: http://www.htbridge.ch/advisory/xsrfcsrfinphpcollab.html Product: phpCollab Vendor: phpCollab Team http://www.php-collab.org/ Vulnerable Version: 2.5 and probably prior versions Vendor Notification: 24 March 2011 Vulnerability Type: CSRF Cross-Site Request...

6.6AI score
Exploits0
securityvulns
securityvulns
added 2011/04/11 12:0 a.m.60 views

Directory Traversal Vulnerability in 1024cms Admin Control Panel v1.1.0 Beta (Complete-Modules Package)

============================================================================================================= 1024cms Admin Control Panel v1.1.0 Beta Complete-Modules Package - Directory Traversal Vulnerability...

1.1AI score
Exploits0
securityvulns
securityvulns
added 2011/04/11 12:0 a.m.384 views

XSS Vulnerabilities in 1024cms Admin Control Panel v1.1.0 Beta

================================================================================================================ 1024cms Admin Control Panel v1.1.0 Beta Complete-Modules Package - Cross-Site Scripting Vulnerability...

0.3AI score
Exploits0
securityvulns
securityvulns
added 2011/04/11 12:0 a.m.27 views

tmux privilege escalation

Elevated group privileges are not dropped...

2.9AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2011/04/11 12:0 a.m.43 views

Debian symbolic links vulnerability

/etc/cron.d/php5 cron job allows to delete arbitrary files via symlinks...

6.3CVSS3.7AI score0.00339EPSS
Exploits1References1
securityvulns
securityvulns
added 2011/04/11 12:0 a.m.130 views

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

7.8CVSS1.6AI score0.38775EPSS
Exploits0References17Affected Software5
securityvulns
securityvulns
added 2011/04/11 12:0 a.m.70 views

Sonexis ConferenceManager Multiple Cross-site Scripting (XSS) Vulnerabilities

Vulnerability title: Sonexis ConferenceManager Multiple Cross-site Scripting XSS Vulnerabilities Solutionary ID: SERT-VDN-1005 Solutionary disclosure URL: http://www.solutionary.com/index/SERT/Vuln-Disclosures/Sonexis-XSS-Vulnerabilities.html CVE ID: Pending CVSS risk rating: 3.9 Product: Sonexis...

0.2AI score
Exploits0
securityvulns
securityvulns
added 2011/04/11 12:0 a.m.40 views

[SECURITY] [DSA 2212-1] tmux security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2212-1 [email protected] http://www.debian.org/security/ Nico Golde April 7, 2011 http://www.debian.org/security/faq -...

4.6CVSS1.5AI score0.00952EPSS
Exploits6
securityvulns
securityvulns
added 2011/04/11 12:0 a.m.52 views

Уязвимости в теме Live Wire Edition для WordPress

Здравствуйте 3APA3A! Сообщаю вам о найденных мною Cross-Site Scripting, Full path disclosure, Abuse of Functionality и Denial of Service уязвимостях в теме Live Wire Edition для WordPress. Это коммерческий шаблон для WP. XSS WASC-08:...

6.2AI score
Exploits0
securityvulns
securityvulns
added 2011/04/11 12:0 a.m.92 views

joomlacontenteditor (com_jce) BLIND sql injection vulnerability

=================================================================== joomlacontenteditor comjce BLIND sql injection vulnerability =================================================================== Software: joomlacontenteditor comjce Vendor: www.joomlacontenteditor.net Vuln Type: BLind SQL...

8AI score
Exploits0
securityvulns
securityvulns
added 2011/04/11 12:0 a.m.56 views

HTB22921: SQL Injection in Viscacha

Vulnerability ID: HTB22921 Reference: http://www.htbridge.ch/advisory/sqlinjectioninviscacha.html Product: Viscacha Vendor: MaMo Net http://www.viscacha.org Vulnerable Version: 0.8.1 Vendor Notification: 24 March 2011 Vulnerability Type: SQL Injection Risk level: High Credit: High-Tech Bridge SA ...

1AI score
Exploits0
securityvulns
securityvulns
added 2011/04/11 12:0 a.m.56 views

LFI Vulnerability in 1024cms Admin Control Panel v1.1.0 Beta (Master-cPanel Package)

========================================================================================================== 1024cms Admin Control Panel v1.1.0 Beta Master-cPanel Package - Local File Include Vulnerability...

1AI score
Exploits0
securityvulns
securityvulns
added 2011/04/11 12:0 a.m.93 views

HTB22917: XSS vulnerabilities in phpCollab

Vulnerability ID: HTB22917 Reference: http://www.htbridge.ch/advisory/xssvulnerabilitiesinphpcollab.html Product: phpCollab Vendor: phpCollab Team http://www.php-collab.org/ Vulnerable Version: 2.5 and probably prior versions Vendor Notification: 24 March 2011 Vulnerability Type: Stored XSS Cross...

0.4AI score
Exploits0
securityvulns
securityvulns
added 2011/04/11 12:0 a.m.92 views

HTB22918: Path disclosure in phpCollab

Vulnerability ID: HTB22918 Reference: http://www.htbridge.ch/advisory/pathdisclosureinphpcollab.html Product: phpCollab Vendor: phpCollab Team http://www.php-collab.org/ Vulnerable Version: 2.5 and probably prior versions Vendor Notification: 24 March 2011 Vulnerability Type: Path disclosure Risk...

Exploits0
securityvulns
securityvulns
added 2011/04/11 12:0 a.m.90 views

HTB22919: Multiple XSS in Viscacha

Vulnerability ID: HTB22919 Reference: http://www.htbridge.ch/advisory/multiplexssinviscacha.html Product: Viscacha Vendor: MaMo Net http://www.viscacha.org Vulnerable Version: 0.8.1 Vendor Notification: 24 March 2011 Vulnerability Type: XSS Cross Site Scripting Risk level: Medium Credit: High-Tec...

0.3AI score
Exploits0
securityvulns
securityvulns
added 2011/04/11 12:0 a.m.58 views

HTB22915: Path disclosure in Joomla

Vulnerability ID: HTB22915 Reference: http://www.htbridge.ch/advisory/pathdisclosureinjoomla.html Product: Joomla Vendor: http://www.joomla.org/ http://www.joomla.org/ Vulnerable Version: 1.6.1 Vendor Notification: 24 March 2011 Vulnerability Type: Path disclosure Risk level: Low Credit: High-Tec...

6.6AI score
Exploits0
securityvulns
securityvulns
added 2011/04/11 12:0 a.m.127 views

HTB22920: Path disclosure in Viscacha

Vulnerability ID: HTB22920 Reference: http://www.htbridge.ch/advisory/pathdisclosureinviscacha.html Product: Viscacha Vendor: MaMo Net http://www.viscacha.org Vulnerable Version: 0.8.1 Vendor Notification: 24 March 2011 Vulnerability Type: Path disclosure Risk level: Low Credit: High-Tech Bridge ...

7AI score
Exploits0
securityvulns
securityvulns
added 2011/04/11 12:0 a.m.78 views

O2 classic router: persistent cross site scripting (XSS) and cross site request forgery (CSRF)

O2 classic router: persistent cross site scripting XSS and cross site request forgery CSRF References https://vulners.com/cve/CVE-2010-1482 http://int21.de/cve/CVE-2011-0746-o2-router.html Description The default DSL router shipped by the german company O2 is completely vulnerable to persistent...

4.3CVSS5.7AI score0.01085EPSS
Exploits4
securityvulns
securityvulns
added 2011/04/11 12:0 a.m.41 views

[ MDVSA-2011:069 ] php

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2011:069 http://www.mandriva.com/security/ Package : php Date : April 8, 2011 Affected: 2009.0, 2010.0, 2010.1, Corporate 4.0, Enterprise Server 5.0 Problem Description: It was discovered that the /etc/cron.d/php...

6.3CVSS6AI score0.00339EPSS
Exploits1
securityvulns
securityvulns
added 2011/04/11 12:0 a.m.128 views

Sonexis ConferenceManager SQL Injection

Vulnerability title: Sonexis ConferenceManager SQL Injection Solutionary ID: SERT-VDN-1006 Solutionary disclosure URL: http://www.solutionary.com/index/SERT/Vuln-Disclosures/Sonexis-SQL-Injection.html CVE ID: Pending CVSS risk rating: 8 Product: Sonexis ConferenceManager Application Vendor: Sonex...

0.5AI score
Exploits0
securityvulns
securityvulns
added 2011/04/11 12:0 a.m.57 views

[USN-1107-1] x11-xserver-utils vulnerability

=========================================================== Ubuntu Security Notice USN-1107-1 April 06, 2011 x11-xserver-utils vulnerability CVE-2011-0465 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 8.04 LTS Ubuntu 9.1...

9.3CVSS0.7AI score0.05781EPSS
Exploits0
securityvulns
securityvulns
added 2011/04/11 12:0 a.m.47 views

O2 DSL Router Classic router crossite scripting

Crossite scripting in administration interface...

4.3CVSS1.5AI score0.00539EPSS
Exploits2References1
securityvulns
securityvulns
added 2011/04/06 12:0 a.m.143 views

XSS Vulnerability in Redmine 1.0.1 to 1.1.1

Information -------------------- Name : XSS vulnerability in Redmine Software : all Redmine versions from 1.0.1 to 1.1.1 Vendor Homepage : http://www.redmine.org Vulnerability Type : Cross-Site Scripting Severity : High Researcher : Mesut Timur mesut at mavitunasecurity dot com Advisory Reference...

Exploits0
securityvulns
securityvulns
added 2011/04/06 12:0 a.m.25 views

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

1.6AI score
Exploits0References2Affected Software1
securityvulns
securityvulns
added 2011/04/06 12:0 a.m.57 views

[ MDVSA-2011:065 ] logrotate

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2011:065 http://www.mandriva.com/security/ Package : logrotate Date : April 5, 2011 Affected: 2009.0, 2010.0, 2010.1, Corporate 4.0, Enterprise Server 5.0 Problem Description: Multiple vulnerabilities were...

6.9CVSS7AI score0.00412EPSS
Exploits1
securityvulns
securityvulns
added 2011/04/06 12:0 a.m.113 views

StartSite.ir Cross-site Scripting Vulnerability

------------In The Name Of God------------ StartSite.ir Cross-site Scripting Vulnerability AUTHOR: md.r00t Mail: [email protected] Website: www.r00t.gigfa.com Forum: http://ajaxtm.com/forum Google D0rk: "Powered by StartSite.ir" xss EXPLOIT: scriptalert/0//script script...

1.1AI score
Exploits0
securityvulns
securityvulns
added 2011/04/06 12:0 a.m.75 views

[security bulletin] HPSBMA02652 SSRT100432 rev.2 - HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows, Remote Information Disclosure

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c02776387 Version: 2 HPSBMA02652 SSRT100432 rev.2 - HP Network Node Manager i NNMi for HP-UX, Linux, Solaris, and Windows, Remote Information Disclosure NOTICE: The information in this Security...

4CVSS0.3AI score0.01942EPSS
Exploits0
securityvulns
securityvulns
added 2011/04/06 12:0 a.m.63 views

[ MDVSA-2011:066 ] rsync

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2011:066 http://www.mandriva.com/security/ Package : rsync Date : April 5, 2011 Affected: 2009.0, 2010.0, 2010.1, Enterprise Server 5.0 Problem Description: A vulnerability wase discovered and corrected in rsync:...

5.1CVSS9.8AI score0.03163EPSS
Exploits0
securityvulns
securityvulns
added 2011/04/05 12:0 a.m.111 views

Stored and Reflective XSS in Yaws-Wiki 1.88-1 (Erlang)

Software: yaws-wiki version affected: 1.88-1 platform: Erlang homepage:http://yaws.hyber.org/ Researcher: Michael Brooks Original Advisory:https://sitewat.ch/en/Advisory/4 Install instructions for Ubuntu: sudo apt-get install yaws-wiki Edit:/etc/yaws/conf.d/yaws-wiki.conf add this: server wiki po...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2011/04/05 12:0 a.m.26 views

THOMSON TG585 routers crossite scripting

Crossite scripting in Web interface...

1.9AI score
Exploits0References1
securityvulns
securityvulns
added 2011/04/05 12:0 a.m.117 views

ZDI-11-115: IBM solidDB solid.exe Authentication Bypass Remote Code Execution Vulnerability

ZDI-11-115: IBM solidDB solid.exe Authentication Bypass Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-115 April 1, 2011 -- CVSS: 9.3, AV:N/AC:M/Au:N/C:C/I:C/A:C -- Affected Vendors: IBM -- Affected Products: IBM solidDB -- TippingPointTM IPS Customer...

0.6AI score
Exploits0
securityvulns
securityvulns
added 2011/04/05 12:0 a.m.149 views

HTB22913: Multiple CSRF (Cross-Site Request Forgery) in UseBB

Vulnerability ID: HTB22913 Reference: http://www.htbridge.ch/advisory/multiplecsrfcrosssiterequestforgeryinusebb.html Product: UseBB Vendor: UseBB http://www.usebb.net/ Vulnerable Version: 1.0.11 Vendor Notification: 22 March 2011 Vulnerability Type: CSRF Cross-Site Request Forgery Risk level: Lo...

0.2AI score
Exploits0
securityvulns
securityvulns
added 2011/04/05 12:0 a.m.64 views

[USN-1104-1] FFmpeg vulnerabilities

=========================================================== Ubuntu Security Notice USN-1104-1 April 04, 2011 ffmpeg vulnerabilities CVE-2010-3429, CVE-2010-3908, CVE-2010-4704, CVE-2011-0480, CVE-2011-0722, CVE-2011-0723 =========================================================== A security issue...

9.3CVSS1.4AI score0.04433EPSS
Exploits6
securityvulns
securityvulns
added 2011/04/05 12:0 a.m.33 views

iSCSI target user-space tools double free

Double free in tgt...

5CVSS0.9AI score0.05108EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2011/04/05 12:0 a.m.37 views

[SECURITY] [DSA 2209-1] tgt security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2209-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff April 02, 2011 http://www.debian.org/security/faq -...

5CVSS1.7AI score0.05108EPSS
Exploits0
securityvulns
securityvulns
added 2011/04/05 12:0 a.m.31 views

xmlsec library unauthorized access

It's possible to access files via ds:Transform...

5.1CVSS4.3AI score0.08057EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2011/04/05 12:0 a.m.35 views

Novell File Reporter Agent buffer overflow

NFRAgent.exe TCP/3037 buffer overflow...

10CVSS3.2AI score0.17936EPSS
Exploits6References1
Total number of security vulnerabilities47153