Lucene search
K
SeebugMost viewed

56796 matches found

seebug.org
seebug.org
added 2008/04/11 12:0 a.m.270 views

HP OpenView网络节点管理器ovspmd远程堆溢出漏洞

BUGTRAQ ID: 28689 HP OpenView网络节点管理器(OV NNM)是HP公司开发和维护的网络管理系统软件,具有强大的网络节点管理功能。 OV NNM的ovspmd服务实现上存在缓冲区溢出漏洞,远程攻击者可能利用此漏洞控制服务器。 OV NNM的ovspmd服务运行在TCP 8886端口上,该服务检查长度值是否低于9216字节(目标缓冲区的大小)以防范缓冲区溢出,但这是一个有符比较,因此使用0x80000000和0x80000003之间的负数值就可以触发堆溢出,导致执行任意指令。 HP OpenView Network Node Manager = 7.53 HP -...

6.9AI score
Exploits0
seebug.org
seebug.org
added 2015/03/20 12:0 a.m.269 views

用友致远A6协同管理高危漏洞二

简要描述: 用友致远A6协同管理高危漏洞二 详细说明: 该漏洞泄露了当前登录用户(所有登录的)的SessionID; 利用泄露的SessionID即可登录该用户,包括管理员,进入后getshell毫无压力 /yyoa/ext/https/getSessionList.jsp 部分代码 \r\n"; outXML += "\r\n"; // outXML += "\r\n"; // outXML += "\r\n"; outXML += "\r\n"; out.printlnoutXML; % 从上面的代码可知,当cmd参数为getAll时,便可获取到所有用户的SessionID 例如:...

7.2AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.269 views

Comersus BackOffice 4.x/5.0/6.0 /comersus/database/comersus.mdb Direct Request Database Disclosure

No description provided by source. source: http://www.securityfocus.com/bid/15251/info Comersus BackOfficePlus and BackOfficeLite are prone to multiple input validation and information disclosure vulnerabilities. The applications are prone to SQL injection attacks, information disclosure and...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.269 views

Mambo com_registration_detailed <= 4.1 - Remote File Include

No description provided by source. Mambo comregistrationdetailed = 4.1 Remote File Inclusion Download Source : http://mamboxchange.com/projects/regdetailed/ Dork = allinur:comextendedregistration Found By: k1tk4t - k1tk4td0th4ck4tgmaild0tcom Location: Indonesia file ; registrationdetailed.inc.php...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.269 views

SSH2 3.0 Short Password Login Vulnerability

source: http://www.securityfocus.com/bid/3078/info An input validation error exists in version 3.0.0 of the SSH daemon sshd running on Unix platforms. It may be possible for remote users to log in to accounts for which there are two or less characters in the password field of the system password...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2006/10/25 12:0 a.m.269 views

SoftBB多个远程代码执行及信息泄露漏洞

SoftBB是一款基于WEB的论坛程序。 SoftBB v0.1中存在多个输入验证错误,如下: 1 在SQL查询时没有正确的验证对/addmembre.php文件中groupe参数及/moveto.php文件中select参数的输入,允许攻击者执行SQL注入攻击。 2 在PHP脚本中存储之前没有正确过滤对admin/saveopt.php中多个参数的输入,允许攻击者执行任意PHP代码。成功攻击可能要求管理员权限。 3 对index.php中page参数的输入没有正确的处理空的或无效的参数,允许攻击者判断安装路径。 SoftBB = 0.1...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2015/09/20 12:0 a.m.268 views

webalizer未授权访问

漏洞详情:Webalizer是一款免费的应用程序,可用于分析网站服务器日志,帮助管理员更清楚地了解你的网站或服务器收到的流量大小。可泄露网站路径,子域名或者关联域名(多为管理后台),站点ip等。漏洞地址:http://localhost/webalizer1、流量分析2、主机地址3、子域名或者关联域名4、网站路径...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2015/09/14 12:0 a.m.268 views

OpenSSH 6.6 以下 SFTP 远程溢出漏洞

Linux用户经常会采用OpenSSH上的SFTP来进行上传和下载的操作。 OpenSSH服务器中如果OpenSSH服务器中没有配置"ChrootDirectory",普通用户就可以访问所有文件系统的资源,包括 /proc,在=2.6.x的Linux内核上,/proc/self/maps会显示你的内存布局,/proc/self/mem可以让你任意在当前进程上下文中读写,而综合两者特性则可以造成远程溢出。 define GNUSOURCE // THIS PROGRAM IS NOT DESIGNED TO BE SAFE AGAINST VICTIM MACHINES THAT // T...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.268 views

PHPBB 2.0.x album_portal.php Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/10177/info It has been reported that phpBB may be prone to a file include vulnerability that may allow remote attackers to include a remote malicious script to be executed on a vulnerable system...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/10/10 12:0 a.m.267 views

IPFire Cgi Web Interface Authenticated Bash Environment Variable Code Injection exploit

No description provided by source. !/usr/bin/env python Exploit Title : IPFire = 2.15 core 82 Authenticated cgi Remote Command Injection ShellShock Exploit Author : Claudio Viviani Vendor Homepage : http://www.ipfire.org Software Link:...

10CVSS9.7AI score0.99999EPSS
Exploits131
seebug.org
seebug.org
added 2014/09/18 12:0 a.m.267 views

用友某处页面泄漏产品ftp大量数据库打包

简要描述: 嘿嘿 详细说明: 问题页面 http://nczx.yonyou.com/tanchu.htm 然后找到几个ftp,就测试下第一个ftp ftp://125.35.5.209/ 账户:ncfw 密码:ncfw0428 还有 ftp://125.35.5.232/ 账户:ism 密码:ism2014 还有几个没有测试 漏洞证明:...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.267 views

SPIP connect Parameter PHP Injection

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2010/04/13 12:0 a.m.267 views

Micropoint Mp110003.sys &lt;= 1.3.10123.0 Local Privilege Escalation Vulnerability

微点主动防御驱动mp110013.sys的允许用户态程序发送PspCreateProcessNotifyRoutineCount和PspCreateProcessNotifyRoutine相对于ntoskrnl的偏移给驱动,驱动定期在系统线程或在调用NtCreateProcessEx时,检查PspCreateProcessNotifyRoutineCount中的值是否小于初始化时从PspCreateProcessNotifyRoutine中计算的值,如果小于,就写回原始的值,从而造成了内核任意地址写入漏洞 mp.100323.1.2.10581.0278.r1 mp110013.sys...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2008/08/14 12:0 a.m.267 views

PHP-Fusion 'readmore.php' SQL注入漏洞

BUGTRAQ ID: 30680 CNCAN ID:CNCAN-2008081406 PHP-Fusion是一款基于PHP的WEB应用程序。 PHP-Fusion不正确处理用户提交的输入,远程攻击者可以利用漏洞进行SQL注入攻击,可能获得敏感信息或操作数据库。 问题由于'readmore.php'脚本对用户提交给'newsid'参数缺少过滤,构建恶意SQL查询作为参数数据,可更改原来的SQL逻辑,获得敏感信息或操作数据库。 PHP-Fusion PHP-Fusion 4.01 目前没有解决方案提供: http://www.php-fusion.co.uk/...

6.9AI score
Exploits0
seebug.org
seebug.org
added 2006/11/29 12:0 a.m.267 views

Apple Mac OS X 2006-007存在多个安全漏洞

Apple Mac OS X是一款基于BSD的操作系统。 Apple Mac OS X存在多个安全问题,远程和本地攻击者可以利用漏洞进行恶意代码执行,拒绝服务攻击,特权提升,覆盖文件,获得敏感信息等攻击。 具体问题如下: AirPort-CVE-ID: CVE-2006-5710: AirPort无线驱动不正确处理应答帧,可导致基于堆的溢出。 ATS-CVE-ID: CVE-2006-4396: Apple Type服务不安全建立错误日至可导致任意文件覆盖。 ATS-CVE-ID: CVE-2006-4398: Apple Type服务存在多个缓冲区溢出,可导致以高权限执行任意代码。...

10CVSS7.1AI score0.48575EPSS
Exploits14
seebug.org
seebug.org
added 2006/10/30 12:0 a.m.267 views

Novell eDirectory iMonitor HTTPSTK Buffer Overflow Vulnerability

Novell网服务器的edirectoryimonitor容易一叠为本缓冲溢出脆弱性,因为它并没有足够的表演式检查客户提供的数据复制到前缓冲.攻杠杆这个问题有可能执行任意代码与行政特权.成功利用可能导致受影响系统的完全妥协. Novell网是FTF的一揽子解决这个问题.请参阅参考资料,以获取关于如何运用这些规定. Novell eDirectory 8.8.1 Novell eDirectory 8.7.3 .8 pre-SP9 Novell eDirectory 8.7.3 .8 Novell eDirectory 8.7.3 Novell eDirectory 8.7.1 SU1...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2015/01/07 12:0 a.m.266 views

实战绕过云锁1.3.145进行XSS测试

简要描述: 这次出现在XSS防护上遗漏 详细说明: 正常的脚本alert1云锁可以有效防护,如下: 漏洞证明: 通过使用下面这个脚本: 成功绕过并弹cookie...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/05/30 12:0 a.m.266 views

Discuz UC_Server 本地文件包含漏洞(有条件限制)

简要描述: 怀着忐忑的心情提交了这个漏洞,依旧相信wooyun是一个良好的平台 赌上了作为一个白帽子的节操,不要在让他碎一地 详细说明: 条件一: 需要UC管理员权限。 条件二: 前台可上传带有PHP代码的可控文件。 漏洞函数onping在文件ucserver\control\admin\app.php function onping $ip = getgpc'ip'; $url = getgpc'url'; $appid = intvalgetgpc'appid'; $app = $ENV'app'-getappbyappid$appid; $status = '';...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/02/26 12:0 a.m.265 views

Apache Tomcat 安全限制绕过漏洞

BUGTRAQ ID: 65773 CVECAN ID: CVE-2013-4286 Apache Tomcat是一个流行的开源JSP应用服务器程序。 Tomcat 8.0.0-RC1 - 8.0.0-RC5、7.0.0 - 7.0.47、6.0.0 - 6.0.37版本存在漏洞CVE-2005-2090修复不完整问题,远程攻击者可利用此漏洞对Web缓存投毒、逃避IDS签名、启动跨站脚本、HTML注入、会话劫持攻击等。 0 Apache Group Tomcat 8.0.0-RC1 - 8.0.0-RC5 Apache Group Tomcat 7.0.0 - 7.0.47 Apache...

5.8CVSS6.8AI score0.29784EPSS
Exploits4
seebug.org
seebug.org
added 2010/05/25 12:0 a.m.265 views

Rumba FTP客户端FTPSFtp.dll ActiveX控件缓冲区溢出漏洞

BUGTRAQ ID: 40309 Rumba FTP是一款图形化的FTP客户端。 Rumba FTP客户端所安装的FTPSFtp.dll ActiveX控件没有正确地过滤提交给OpenSession方式的字符串参数,用户受骗访问了恶意网页并向该方式传送了超长参数就可以触发缓冲区溢出,导致执行任意指令。 NetManage Rumba FTP 4.2 临时解决方法: 为clsid 677A6F83-52A0-4931-8E62-EC713EE9B949设置kill bit。 厂商补丁: NetManage --------- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下...

6.9AI score
Exploits0
seebug.org
seebug.org
added 2021/07/21 12:0 a.m.264 views

Dell OpenManage Enterprise docker实例预认证RCE认证绕过漏洞(CVE-2021-21596)

Details - Remote Auth Bypass with 2 pre-auth RCEs in docker instances There is a chain of pre-auth vulnerabilities allowing to: get a shell on the redis container, as redis get a shell on the postgres container, as postgres get a full access to the postgres database bypass authentication on the w...

0.0075EPSS
Exploits1
seebug.org
seebug.org
added 2016/05/04 12:0 a.m.264 views

OpenSSL Memory corruption in the ASN.1 encoder (CVE-2016-2108)

No description provided by source...

10CVSS9.6AI score0.77906EPSS
Exploits1
seebug.org
seebug.org
added 2013/11/25 12:0 a.m.264 views

AnyMacro Mail安宁邮件系统存在SQL注入漏洞

简要描述: 给客户做测评发现的.因为需要登录所以定义为中级别. 详细说明: 这是附件的下载选项.由于对mid参数没有做验证,导致出现SQL注入漏洞 漏洞证明: 这是附件的下载选项.由于对midmailid参数没有做验证,导致出现SQL注入漏洞...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2006/09/20 12:0 a.m.264 views

AllMyGuests &lt;= 0.4.1 (cfg_serverpath) Remote File Include Vulnerability

No description provided by source. ============================================================================ AllMyGuests = ?AMGconfigcfgserverpath Remote File Inclusion Exploit ============================================================================ Scirpt Infected signin.php Critical leve...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2017/12/04 12:0 a.m.263 views

TPshop 前台无限制Getshell #2

0x01 说明 TPshop开源商城系统 Thinkphp shop的简称 ,是深圳搜豹网络有限公司开发的一套多商家模式的商城系统。适合企业及个人快速构建个性化网上商城。包含PC+IOS客户端+Adroid客户端+微商城,系统PC+后台是基于ThinkPHP5 MVC构架开发的跨平台开源软件,设计得非常灵活,具有模块化架构体系和丰富的功能,易于与第三方应用系统无缝集成,在设计上,包含相当全面,以模块化架构体系,让应用组合变得相当灵活,功能也相当丰富。 下载地址:http://www.tp-shop.cn/Index/Index/download.html 目录大概结构 ├─index.p...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/12/15 12:0 a.m.263 views

Joomla! Core Remote Privilege Escalation Vulnerability (CVE-2016-9838)

Author: p0wd3r know Chong Yu 404 security lab Date: 2016-12-21 0x00 vulnerability overview 1. Vulnerability description Joomla to 12, on 13, released 3. 6. 5 of the upgrade announcement, the upgrade fixes three security vulnerabilities, wherein the CVE-2016-9838 been officially designated as high...

5CVSS8.7AI score0.14099EPSS
Exploits6
seebug.org
seebug.org
added 2016/01/14 12:0 a.m.263 views

eyou反垃圾邮件网关系统在/php/admin_login.php处存在SQL注入漏洞

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.262 views

Adobe Acrobat Reader - ASLR/DEP Bypass Exploit with SANDBOX BYPASS

No description provided by source. CVE-2013-0640/1 Somehow, our script got on to the Russian forums :/ @w3bd3vil and @abh1sek Exploit-DB mirror: http://www.exploit-db.com/sploits/29881.tar.gz Adobe Acrobat Reader ASLR/DEP bypass Exploit with SANDBOX BYPASS...

9.3CVSS6.5AI score0.86979EPSS
Exploits4
seebug.org
seebug.org
added 2016/09/02 12:0 a.m.261 views

HelpDeskZ 1.0.2 unauthorized Shell upload

No description provided by source. ''' Exploit Title: HelpDeskZ /submitticketcontroller.php - Line 141 $filename = md5$FILES'attachment''name'.time.".".$ext; So by guessing the time the file was uploaded, we can get RCE. Steps to reproduce:...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.261 views

SPIP 1.8.3 Spip_login.PHP Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/17423/info SPIP is prone to a remote file-include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remot...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.261 views

Splunk Remote Root Exploit

No description provided by source. from sec1httplib.requestbuilder import Requestobj from sec1httplib.threaddispatcher import import threading import re import urlparse import sys import urllib import base64 from optparse import OptionParser import sys Source: http://www.sec-1.com/blog/?p=233...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/06/06 12:0 a.m.261 views

TRSWCM 后台权限绕过以及GETSHELL漏洞

简要描述: TRS WCM大于v6版本中存在此漏洞,v5.X版本不存在。无需登录。 详细说明: 注:该漏洞目前影响大量站点,担心厂商忽略导致漏洞细节提前曝光,请管理员同学转至cncert国家互联网应急中心进行处理,多谢。 在/WEB-INF/web.xml中代码如下: govcontroller com.trs.webframework.controler.servlet.NoLoginServiceControler AllowIP 127.0.0.1 CurrUser admin RedirectURI /center.do govcontroller /govcenter.do...

7AI score
Exploits0
seebug.org
seebug.org
added 2007/07/10 12:0 a.m.261 views

Avaya CMS / IR Solaris scp命令行shell命令注入漏洞

CVE ID:CVE-2006-0225 CNCVE ID:CNCVE-20060225 Avaya Call Management System是一款Avaya的运营效率解决方案,提供集成的分析与报告。 运行在Sun Solaris上的CMS和IR应用程序处理scp命令存在输入验证问题,本地攻击者可以利用漏洞以用户特权执行任意命令。 目前没有详细漏洞细节提供。 0 Avaya Call Management System CMS 可参考如下安全公告获得补丁信息: a...

4.6CVSS0.1AI score0.00474EPSS
Exploits1
seebug.org
seebug.org
added 2007/05/11 12:0 a.m.261 views

Microsoft Outlook Web Access远程脚本注入漏洞(MS07-026)

Outlook Web Access是Microsoft Exchange中用于通过Web浏览器读取和发送邮件的工具。 Outlook Web Access在处理特定的数据编码时存在漏洞,远程攻击者可能利用此漏洞控制用户机器。 Outlook Web Access没有正确地处理某些UTF字符集标签,因此可能未经正确地过滤便显示了基于脚本的附件。如果攻击者发送了带有特制UTF编码邮件附件的话,就可能导致在用户浏览器环境中执行任意代码或读取敏感信息。 Microsoft Exchange Server 2003 SP2 Microsoft Exchange Server 2003 SP1...

7.5AI score
Exploits0
seebug.org
seebug.org
added 2017/02/17 12:0 a.m.260 views

SSL 3.0 POODLE(CVE-2014-3566)

SSL 3.0 POODLE attack information disclosure VulnerabilityCVE-2014-3566 Release date: 2014-10-14 Update date: 2014-10-16 Affected system: Netscape ssl 3.0 Netscape tls Not affected system: Netscape tls 1.2 Netscape tls 1.1 Netscape tls 1.0 Description: CVECAN ID: CVE-2014-3566 SSL3. 0 is an...

4.3CVSS5.3AI score0.99999EPSS
Exploits7
seebug.org
seebug.org
added 2015/03/10 12:0 a.m.260 views

doyoCMS注入漏洞1处

简要描述: doyoCMS注入漏洞1处 详细说明: 注入漏洞一枚: 存在注入的代码位置/source/pay.php 具体代码: function order if$this-syArgs'oid'||$this-syArgs'orderid',1!='' if$this-syArgs'oid'$r=array'id'=$this-syArgs'oid',1;else$r=array'orderid'=$this-syArgs'orderid',1; $order=$this-c-find$r;...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2012/04/12 12:0 a.m.260 views

PHP空字符安全限制绕过漏洞(CVE-2006-7243)

BUGTRAQ ID: 44951 CVE ID: CVE-2006-7243 PHP是一种HTML内嵌式的语言,PHP与微软的ASP颇有几分相似,都是一种在服务器端执行的嵌入HTML文档的脚本语言,语言的风格有类似于C语言,现在被很多的网站编程人员广泛的运用。 PHP 5.3.4之前版本路径名中接受\0字符,通过在此字符后放置安全的文件扩展名,攻击者可绕过目标访问限制。 0 PHP 5.3.x 厂商补丁: PHP --- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://www.php.net...

5CVSS8.3AI score0.05363EPSS
Exploits2
seebug.org
seebug.org
added 2012/02/01 12:0 a.m.259 views

Apache httpOnly Cookie Disclosure(CVE-2012-0053)

No description provided by source. // Source: https://gist.github.com/1955a1c28324d4724b7b/7fe51f2a66c1d4a40a736540b3ad3fde02b7fb08 // Most browsers limit cookies to 4k characters, so we need multiple function setCookies good // Construct string for cookie value var str = ""; for var i=0; i 819;...

4.3CVSS8.8AI score0.82756EPSS
Exploits4
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.258 views

MWChat 6.7 Start_Lobby.PHP Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/13849/info MWChat is affected by a remote file include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2008/09/20 12:0 a.m.258 views

jPORTAL 2 (humor.php id) Remote SQL Injection Vulnerability

No description provided by source. . . | / | | \ \ | / / |\ \ \ |/ // / /\ \ / |/ \ / // | / | | / \ \ / / // \ / \ |/| || \\ /|\ / / / / \ / \ / / / \ | | /\ /\ / \ | \ // est.2007 / / forum.darkc0de.com --d3hydr8 -rsauron-baltazar -sinner01 -C1c4Tr1Z - beenu...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2008/01/03 12:0 a.m.258 views

Joomla Component PU Arcade &lt;= 2.1.3 SQL Injection Vulnerability

No description provided by source. Joomla Component PU Arcade Remote SQL Injection Exploit AUTHOR : HouSSamix of H-T TeaM We are HouSSamix ToXiC350 CoNaN HOME : http://no-hack.net Script : PU Arcade Joomla Component Tested in version 2.0.3 & 2.1.3 Beta Download : http://www.pragmaticutopia.com/...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/01/21 12:0 a.m.257 views

用友GRP系统sql 注入漏洞

用友GRP系统sql注射 /R9iPortal/cm/cminfocontent.jsp 参数 infoid http://221.2.68.102:8888/R9iPortal/cm/cminfocontent.jsp?infoid=-8431%20UNION%20ALL%20SELECT%2067,67,user,67,67,67,67,67,67,67,67,67,67,67--...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/04/25 12:0 a.m.257 views

FineCMS存储型xss可盲打后台管理员

简要描述: 某处没有过滤导致可xss 详细说明: FineCMS v2(简称v2)是Php+Mysql开发的一款开源的跨平台网站内容管理系统,以“实用+好用”为基本产品理念。 但是良好的设计不等于良好的实现,该cms在会员中心处对于xss代码完全没有进行过滤。导致只要开启了会员功能即可盲打管理员: 有如下几个输出点: 0x01:设置空间名称处,该处允许超长的字符,设置"alert1试试 保存之后,刷新页面: 也许这样就过去了,但是当管理员访问此人空间的时候,xss代码又再一次被触发(因此可用来打管理员): 0x02:除此之外,日志功能的标题处也存在跨站:...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2012/07/04 12:0 a.m.257 views

Microsoft IIS 短文件名/目录名 枚举漏洞

No description provided by source. encoding=gbk An IIS shortname scanner myatlijiejie.com http://www.lijiejie.com import sys import httplib import urlparse import string import threading import Queue import time import string class Scanner: def initself, target: self.target = target self.scheme,...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2007/03/12 12:0 a.m.257 views

mod_security &lt;= 2.1.0 (ASCIIZ byte) POST Rules Bypass Vulnerability

No description provided by source. modsecurity = 2.1.0 ASCIIZ byte POST Rules Bypass Vulnerability http://www.php-security.org/MOPB/BONUS-12-2007.html Affected is modsecurity = 2.1.0 Detailed information Detailed information When modsecurity receives a request it parses it into web application...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.256 views

ClipShare 2.6 - Remote User Password Change Exploit

No description provided by source. !/usr/bin/perl -w priv8 Pr0metheuS Exploit Name: Clipshare Remote User Password Change Exploit Version Script: Clipshare 2.6 Dork: Powered by Clipshare EnjoY print -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-; print \nClipshare 2.6 Remote User Passord Change...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2015/08/31 12:0 a.m.255 views

Werkzeug 调试模式 命令执行

No description provided by source. This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'rex' class Metasploit4 'Werkzeug Debug Shell Command Execution', 'Description' = %q This module will exploi...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/01/03 12:0 a.m.255 views

LimeSurvey ‘/admin/templates.php’脚本任意文件上传漏洞

LimeSurvey(前称PHPSurveyor)是LimeSurvey团队开发的一套开源的在线问卷调查程序,它支持调查程序开发、调查问卷发布以及数据收集等功能。 LimeSurvey中存在任意文件上传漏洞,该漏洞源于程序没有成充分过滤用户提交的输入。攻击者可利用该漏洞上传任意文件到受影响计算机,导致在受影响应用程序上下文中执行任意代码。 0 LimeSurvey 目前厂商还没有提供此漏洞的相关补丁或者升级程序,建议使用此软件的用户随时关注厂商的主页以获取最新版本: http://www.limesurvey.org/...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2009/10/14 12:0 a.m.255 views

Microsoft Windows SMB2命令值远程代码执行漏洞(MS09-050)

Bugraq ID: 36594 CVE ID:CVE-2009-2532 Microsoft windows是一款流行的操作系统。 Microsoft windows SMB2是新版windows捆绑的SMB协议实现,Microsoft Server Message Block SMB协议软件处理特殊构建的SMB报文存在漏洞,攻击者可以提交恶意请求报文对系统进行拒绝服务攻击。 利用此漏洞无需验证,允许攻击者发送特殊构建的网络消息给运行server服务的计算机,成功利用漏洞可导致计算机停止响应,直至重新启动。 目前没有详细漏洞细节提供。 Microsoft Windows Vista x...

10CVSS6.4AI score0.62171EPSS
Exploits2
seebug.org
seebug.org
added 2007/12/04 12:0 a.m.255 views

wpQuiz Viewimage.PHP SQL注入漏洞

wpQuiz是一款基于PHP的WEB应用程序。 wpQuiz不正确过滤用户提交的URI数据,远程攻击者可以利用漏洞进行SQL注入攻击,可获得敏感信息或操作数据库。 问题是由于'Viewimage.PHP'脚本对用户提交的'id'参数缺少过滤,提交恶意SQL查询作为参数数据,可更改原来的SQL逻辑,获得敏感信息或可能操作数据库。 Wire Plastik Design wpQuiz 2.7 目前没有解决方案提供: http://www.wireplastik.com/projects.php http://www.sebug.net/exploit/2622.html...

7.1AI score
Exploits0
Total number of security vulnerabilities5000