Lucene search
K
SeebugMost viewed

56796 matches found

seebug.org
seebug.org
added 2007/03/26 12:0 a.m.243 views

DVBBS <= 7.1.0 sp1 (BokeManage.asp) Remote SQL Injection

DVBBS是由海口动网先锋网络科技有限公司开发的网络社区软件。因为在论坛附带的博客模块当中存在着远程注入漏洞,导致恶意用户借此入侵网站 因博客模块当中的关键词处没有进行严格的处理导致注入漏洞的产生 DVBBS 7.1.0 SP1 关闭博客功能或安装的补丁 http://www.cnbct.org/BokeManage.rar...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2017/02/28 12:0 a.m.242 views

Remote Code Execution as Root via ESET Endpoint Antivirus 6(CVE-2016-9892)

Introduction ============ Per ESET's online material, "ESET Endpoint Antivirus for OS X delivers award- winning cross-platform protection for multi-platform environments. It protects against malware and spyware and shields end users from fake websites phishing for sensitive information such as...

7.5CVSS9AI score0.13335EPSS
Exploits4
seebug.org
seebug.org
added 2016/01/13 12:0 a.m.242 views

Discuz X3.2的milu_seotool插件存在本地文件包涵漏洞

0x01漏洞简介 Discuz X3.2的miluseotool插件存在本地文件包涵漏洞。 看见木有有个微信登陆功能,漏洞也出现在这里。无截断所以不鸡肋。 0x02漏洞分析 接下来看代码,文件在source\plugin\wechat\wechat.class.php: static public function redirect$type global $G; $hook = unserialize$G'setting''wechatredirect'; if !$hook || !inarray$hook'plugin', $G'setting''plugins''availabl...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2011/05/13 12:0 a.m.242 views

Apache APR 'apr_fnmatch()'拒绝服务漏洞

gtraq ID: 47820 CVE ID:CVE-2011-0419 Apache APR-util是一款可移植运行库,全名为Apache Portable Runtime。 当处理某些模式时"aprfnmatch"函数存在循环递归错误,通过提交包含通配符如""的特制请求时可触发基于栈的溢出 Apache APR 1.x 厂商解决方案 Apache Software Foundation APR 1.4.4 已经修复此漏洞,建议用户下载使用: http://www.apache.org/dist/apr/CHANGES-APR-1.4...

4.3CVSS0.2AI score0.30406EPSS
Exploits5
seebug.org
seebug.org
added 2018/04/26 12:0 a.m.241 views

Drupal core Remote Code Execution(CVE-2018-7602)

A remote code execution vulnerability exists within multiple subsystems of Drupal 7.x and 8.x. This potentially allows attackers to exploit multiple attack vectors on a Drupal site, which could result in the site being compromised. This vulnerability is related to Drupal core - Highly critical -...

4AI score0.99236EPSS
Exploits14
seebug.org
seebug.org
added 2017/06/14 12:0 a.m.241 views

A Look at --- SharePoint's Follow Feature XSS(CVE-2017-8514 )

A Look at CVE-2017-8514 --- SharePoint's Follow Feature XSS TL;DR: All your SharePoint installations are belong to us. The XSS worth $2500 affecting both on-premises and online version looks like ... http|https://?FollowSite=0&SiteName='-confirmdocument.domain-' SharePoint needs no more marketing...

4.3CVSS6.2AI score0.03263EPSS
Exploits1
seebug.org
seebug.org
added 2016/01/18 12:0 a.m.241 views

e-cology 泛微协同商务系统在/weaver/weaver.email.FileDownloadLocation存在盲注漏洞

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2015/10/09 12:0 a.m.241 views

金龙卡金融化一卡通校园卡查询系统任意文件上传漏洞

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2015/09/08 12:0 a.m.241 views

用友致远A6协同系统 /isNotInTable.jsp SQL 注入漏洞

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.241 views

PmWiki 2.1 - Multiple Input Validation Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/16421/info PmWiki is prone to multiple input-validation vulnerabilities. These issues are due to failures in the application to properly sanitize user-supplied input. - Arbitrary remote file-include vulnerability...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/10/28 12:0 a.m.240 views

Netease open source Pomelo game server framework is not authorized to access leads to remote command execution

Pomelo is a piece of Netease open source based on Node.js the game server framework, which is based on Node.js high-performance, distributed game server framework. It includes the basis of the development framework and the associated expansion components, libraries and tools packages, can help sa...

6.9AI score
Exploits0
seebug.org
seebug.org
added 2015/09/06 12:0 a.m.240 views

SiteFactory CMS 5.5.9 任意文件下载漏洞

漏洞详情:SiteFactory CMS 5.5.9 存在任意文件下载漏洞。问题链接:sitefactory/assets/download.aspx?file=测试链接:/sitefactory/assets/download.aspx?file=c%3a\windows\win.ini影响版本:SiteFactory CMS 5.5.9...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2010/03/23 12:0 a.m.240 views

PostgreSQL哈希表大小计算整数溢出漏洞

CVECAN ID: CVE-2010-0733 PostgreSQL是一款高级对象-关系型数据库管理系统,支持扩展的SQL标准子集。 PostgreSQL的src/backend/executor/nodeHash.c文件在计算哈希表大小时存在整数溢出漏洞,通过认证的用户可以通过发送包含有大量LEFT JOIN子句的SELECT语句触发这个溢出,导致服务崩溃。 PostgreSQL PostgreSQL 8.5 - 8.5 alpha2 PostgreSQL PostgreSQL 8.4.1 厂商补丁: PostgreSQL ----------...

3.5CVSS6.2AI score0.06902EPSS
Exploits2
seebug.org
seebug.org
added 2008/04/23 12:0 a.m.240 views

PHP-Fusion submit.php文件SQL注入漏洞

BUGTRAQ ID: 28855 PHP-Fusion是一款基于PHP的内容管理系统。 PHP-Fusion的submit.php文件没有正确地过滤对submitinfo参数的输入便在SQL查询中使用,远程攻击者可能利用此漏洞执行SQL注入攻击。 相关代码: 1. if $stype == "l" 2. 3. if isset$POST'submitlink' 4. 5. if $POST'linkname' != "" && $POST'linkurl' != "" && $POST'linkdescription' != "" 6. $submitinfo'linkcategory...

6.9AI score
Exploits0
seebug.org
seebug.org
added 2014/11/10 12:0 a.m.239 views

phpems在线考试模拟系统sql注入

简要描述: 擦 详细说明: 没学过面向对象,看不懂代码,完全黑盒出来的 漏洞证明: demo测试...

7.9AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.239 views

Multiple Vendors libc:fts_*() - Local Denial of Service Exploit

No description provided by source. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 libc:fts:multiple vendors, Denial-of-service Author: Maksymilian Arciemowicz SecurityReason.com Date: - - Dis.: 21.10.2008 - - Pub.: 04.03.2009 CVE: CVE-2009-0537 We are going informing all vendors, about this proble...

4.9CVSS6.4AI score0.03592EPSS
Exploits6
seebug.org
seebug.org
added 2014/05/20 12:0 a.m.239 views

强智教务系统延时注入一枚

简要描述: 好多sa啊 详细说明: 看了一下乌云好像没人提交这个页面的注入,我就来提交一下吧详细如下 1、建站程序类型:ASP+MsSql 2、漏洞类型:SQL注入 3、缺陷文件:/Loginxsmm.asp 4、注入参数:XH 5.涉及版本:未知,求厂商明细 7、危害程度:高危 8、涉及厂商:湖南强智科技发展有限责任公司 9、厂商网站:http://www.qzdatasoft.com/ 10、安装量:非常大,案例页面:http://www.qzdatasoft.com/cgal.html 11、是否拥有源代码分析:暂无...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2013/10/06 12:0 a.m.239 views

泛微E-office OA管理系统存在任意文件下载及文件上传导致任意代码执行(已getshell)

简要描述: 继续 applychen 的脚步,因为之前我遇到过这个系统,最新官方demo中也确实存在问题。 感谢 applychen 提供的测试账号。 @cncert国家互联网应急中心 有什么问题,可以私信我。 详细说明: 继续 WooYun: 泛微E-office OA管理系统存在SQL注射漏洞可查库 的挖掘 官方demo http://eoffice8.weaver.cn:8028/login.php 测试账号还是那个 xj 存在两个问题: 0x01:任意文件下载漏洞 测试链接...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2009/06/25 12:0 a.m.239 views

Samba格式串和安全绕过漏洞

Bugraq ID: 35472 CVE ID:CVE-2009-1888 CVE-2009-1886 CNCVE ID:CNCVE-20091888 CNCVE-20091886 Samba是一款实现SMB协议、跨平台进行文件共享和打印共享服务的程序。 Samba存在格式串和安全绕过问题,远程攻击者可以利用漏洞以应用程序权限执行任意指令。 -Samba 3.0.31 - 3.3.5中的smbd守护程序包含一个未初始化数据值读取问题,可影响访问控制。如果用户尝试修改访问拒绝权限的控制列表时,如果在smb.conf中设置"dos...

9.3CVSS0.1AI score0.12222EPSS
Exploits2
seebug.org
seebug.org
added 2021/06/10 12:0 a.m.238 views

Atlassian Jira 信息泄露漏洞(CVE-2020-36289)

...

5CVSS2.3AI score0.99209EPSS
Exploits1
seebug.org
seebug.org
added 2018/06/08 12:0 a.m.238 views

Skia and Firefox: Integer overflow in SkTDArray leading to out-of-bounds write(CVE-2018-5159)

Skia bug report: https://bugs.chromium.org/p/skia/issues/detail?id=7674 Mozilla bug report: https://bugzilla.mozilla.org/showbug.cgi?id=1441941 In Skia, SkTDArray stores length fCount and capacity fReserve as 32-bit ints and does not perform any integer overflow checks. There are a couple of plac...

0.3AI score0.21288EPSS
Exploits3
seebug.org
seebug.org
added 2016/03/23 12:0 a.m.238 views

java代码审计基础教程之V2会议系统多个漏洞集合/无需登录

简要描述: 包括 sql注入 任意文件下载 越权 getshell xml实体注入 感谢@loopx9大牛帮助 详细说明: 因为学习java并不是很长时间,也没有做深入的研究。但是在学习之后,发现可以审计出一些简单的javaweb漏洞,所以想这这里和大家分享一下。 0x01审计之初 首先,我拿到了源码之后,大概看了一下这个系统的架构,发现是通过Struts写的。在具体看代码之前,我们先看一下这个会议系统有什么功能,在代码审计的时候,不能一股脑的先跑过去就看代码,我们要学会通过功能去找问题的缺陷。现在以...:8288/Conf/jsp/main/mainAction.do...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2015/12/22 12:0 a.m.238 views

Redmine跨站脚本漏洞

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.238 views

RedCMS 0.1 login.php Multiple Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/17336/info RedCMS is prone to multiple input-validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. The application is prone to HTML-injection and...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.238 views

Dragon Internet Events Listing 2.0.01 admin_login.asp Multiple Field SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/21098/info Dragon Event Listing is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow a...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2011/12/26 12:0 a.m.238 views

FreeBSD 'telnetd'守护进程远程缓冲区溢出漏洞

Bugtraq ID: 51182 CVE ID:CVE-2011-4862 FreeBSD是一款基于BSD的操作系统。 FreeBSD Telnet协议有一个对数据流进行加密的机制但其加密性不强,不能在任何关键性安全应用上使用 当通过TELNET协议提供加密密钥时,在拷贝密钥到固定缓冲区时没有对其长度进行校验,可触发缓冲区溢出。能连接telnetd守护程序的攻击者可以以守护进程上下文执行任意代码 0 Freebsd 9.0-STABLE Freebsd 9.0-RELEASE Freebsd 9.0-RC3 Freebsd 9.0-RC1 Freebsd 8.2-STABLE...

10CVSS6.7AI score0.95104EPSS
Exploits19
seebug.org
seebug.org
added 2003/08/22 12:0 a.m.238 views

Gopherd <= 3.0.5 FTP Gateway Remote Overflow Exploit

No description provided by source. / UMN gopherd2.x.x/3.x.x: remote "ftp gateway" buffer overflow. by: vade79/v9 v9 at fakehalo.deadpig.org fakehalo/realhalo three years since last audit, code is a little more secure. but, still found a few potentially exploitable situations. this exploits the "f...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2018/05/04 12:0 a.m.237 views

Exim < 4.90.1 - base64d Remote Code Execution(CVE-2018-6789)

An issue was discovered in the base64d function in the SMTP listener in Exim before 4.90.1. By sending a handcrafted message, a buffer overflow may happen. This can be used to execute code remotely. !/usr/bin/python import time import socket import struct s = None f = None def logo: print print "...

7.5CVSS0.7AI score0.82238EPSS
Exploits19
seebug.org
seebug.org
added 2017/12/26 12:0 a.m.237 views

Tplink Diagnostic Authenticated RCE

Vulnerability: Command Injection in diagnostic.lua ------------------------------------------ Exploitation: Can remote command execution on the root shell. ------------------------------------------ Vendor of Product: Tp-Link router ------------------------------------------ Affected Products and...

8.2AI score
Exploits0
seebug.org
seebug.org
added 2014/11/19 12:0 a.m.237 views

用友NC-IUFO报表系统部分安全问题(影响多个大客户)

简要描述: 用友NC-IUFO报表系统存在用户信息泄漏,存在暴力破解的风险,另登录的验证码形同虚设,弱口令,登录之后利用系统功能获取webshell; 详细说明: 我们这里以wooyun厂商的忽略大王,中粮集团的报表平台为例; link: http://iufo.cofco.com/service/iufo/com.ufida.web.action.ActionServlet?action=nc.ui.iufo.login.LoginAction 1. 用户信息泄漏 link:...

7AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.237 views

CubeCart <= 3.0.6 - Remote Command Execution Exploit

No description provided by source. !/usr/bin/perl cijfer-ccxpl - CubeCart =3.0.6 Remote Command Execution Exploit Copyright c 2005 cijfer [email protected] All rights reserved. 1. example cijfer@kalma:/research$ perl ./cijfer-ccxpl.pl -h www.xxx.com -d [email protected] /$ id;uname -a uid=48apache...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.237 views

Whale Communications e-Gap Security Appliance 2.5 Login Page Source Code Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/9431/info The e-GAP appliance has been reported prone to a source code disclosure vulnerability. It has been reported that, when the affected appliance handles unexpected HTTP requests it may divulge the source code of th...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2009/11/24 12:0 a.m.237 views

PEAR Mail软件包Sendmail Mail::Send()方式参数注入漏洞

BUGTRAQ ID: 37081 PEAR是“PHP扩展和应用库”的缩写,用于为PHP用户提供结构化的开源代码库。 PEAR的Mail软件包中sendmail实现没有正确地过滤对Mail::Send方式所提交的from参数,远程攻击者可以向sendmail命令传送任意参数,绕过安全限制获取任意文件的内容。 PEAR Mail 1.1.4 厂商补丁: PEAR ---- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...

6.9AI score
Exploits0
seebug.org
seebug.org
added 2017/07/04 12:0 a.m.236 views

Apache ActiveMQ Fileserver remote code execution vulnerability(CVE-2016-3088)

Author: The know Chong Yu 404 laboratory 1. Background overview ActiveMQ is an Apache Software Foundation under an open source message-driven middleware software. Jetty is an open source servlet container, it is based on Java web container such as JSP and servlet to provide the running...

7.5CVSS10AI score0.98518EPSS
Exploits19
seebug.org
seebug.org
added 2016/06/18 12:0 a.m.236 views

金蝶K3财务软件系统 kdfile文件 任意文件上传漏洞

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2015/04/02 12:0 a.m.236 views

强智教务系统,可以重置任意用户密码

简要描述: 可以重置任意用户密码 详细说明: WooYun: 某教务系统组合漏洞可直接重置任意用户密码 在@sdc1992 提交该漏洞之后,官方在身份证号的地方加了个判定,不能够为空,但是由于是js判定的,所以和没加一样 该问题发现于 http://xxjw.hnust.cn/xxjw/framework/enteraccount.jsp 漏洞证明: 添加了一个js判定 function toSub ifdocument.getElementById"sfzjh" var sfzjh = trimdocument.getElementById"sfzjh".value;...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2012/06/03 12:0 a.m.235 views

aspcms任意用户密码重置

简要描述: aspcms会员中心的某些页面,对用户的验证存在缺陷,修改cookie后提交即可重置任意用户的帐号信息。 详细说明: 'member/reg.asp dim action : action=getform"action","get" if action = "reg" then addUser elseif action = "editpass" then editUser else echoContent end if '第3-10行 接受一个get请求,如果action为editpass时候执行editUser过程 Sub editUser dim...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2008/11/21 12:0 a.m.235 views

PHP error_log绕过安全模式限制漏洞

BUGTRAQ ID: 32383 PHP是广泛使用的通用目的脚本语言,特别适合于Web开发,可嵌入到HTML中。 在以全局模式使用safemode时: php.ini: safemode = On 并通过phpadminflag声明: Directory "/www" ... phpadminflag safemode On /Directory 当在/www/中创建一些php脚本并试图调用: iniset"errorlog", "/hack/"; 或在/www/.htaccess中 phpvalue errorlog "/hack/bleh.php" 结果是: Warning:...

6.8AI score
Exploits0
seebug.org
seebug.org
added 2021/08/10 12:0 a.m.234 views

exchange proxyshell 远程代码执行利用链

...

1AI score
Exploits0
seebug.org
seebug.org
added 2014/03/19 12:0 a.m.234 views

Linux Kernel DCCP报文处理内存破坏漏洞

BUGTRAQ ID: 66279 CVE ID: CVE-2014-2523 Linux Kernel是Linux操作系统的内核。 Linux Kernel 2.6.32.61, 3.2.55, 3.4.83, 3.10.33, 3.12.14, 3.13.6版本在 "dccpnew", "dccppacket", , "dccperror"函数net/netfilter/nfconntrackprotodccp.c的实现上存在安全漏洞,恶意用户通过特制的DCCP数据包,利用此漏洞可破坏内核栈,然后以内核权限执行任意代码。 0 Linux kernel 3.4.x Linux kern...

10CVSS0.3AI score0.10385EPSS
Exploits1
seebug.org
seebug.org
added 2017/12/11 12:0 a.m.233 views

华天动力OA系统登陆表单某参数可导致xss漏洞

0x00 首先随便找一个,OA系统, 可以去官网 http://www.oa8000.com/ 在线试用demo 或者 Google:inurl:"oaapp/webobjects/oaapp.woa/wo" 找一个 0x01 到登陆页面 /OAapp/WebObjects/OAapp.woa 表单随便填,然后抓包 11.16 和 11.18 两个参数均可利用 修改post数据: 0x02 不仅可POST提交这些参数,GET也同样可以...

7.3AI score
Exploits0
seebug.org
seebug.org
added 2017/05/19 12:0 a.m.233 views

Win32k Elevation of Privilege Vulnerability(CVE-2017-0263)

May has been a busy month for vulnerabilities in the world's most popular desktop operating system. Hackers have made headlines with massive infections by WannaCry ransomware, which exploits an SMB security flaw and the ETERNALBLUE tool. Shortly prior, on May 9, Microsoft fixed CVE-2017-0263, whi...

9.3CVSS8.6AI score0.80734EPSS
Exploits4
seebug.org
seebug.org
added 2014/02/25 12:0 a.m.233 views

HP Service Manager多个安全漏洞

CVE ID:CVE-2013-1493、CVE-2013-2067、CVE-2013-6202 HP Service Manager是一款软件即服务可以帮助您迅速部署一个全面的IT 服务管理解决方案。 HP Service Manager存在多个安全漏洞: 1,不正确过滤返回给用户的输入,允许远程攻击者利用漏洞构建恶意URI,诱使用户解析,当恶意数据被查看时,可获取敏感信息或劫持用户会话。 2,应用程序存在跨站请求伪造漏洞,允许远程攻击者构建恶意URI,诱使用户解析,可以目标用户上下文执行恶意操作。 3,存在未明错误,允许攻击者利用漏洞执行任意代码,目前没有详细漏洞细节提供。...

10CVSS0.2AI score0.85882EPSS
Exploits11
seebug.org
seebug.org
added 2006/12/11 12:0 a.m.233 views

Mambo CropImage mosConfig_absolute_path远程文件包含漏洞

Mambo CropImage是一款基于PHP的WEB应用程序。 Mambo CropImage不正确过滤用户提交的URI数据,远程攻击者可以利用漏洞以WEB进程权限执行任意命令。 问题是'admin.cropcanvas.php'脚本对用户提交的'cropimagedir'参数缺少过滤,提交恶意的远程服务器作为包含对象,可导致以WEB进程权限执行任意PHP代码。 CropImage CropImage 1.0 beta [email protected]...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2006/12/10 12:0 a.m.233 views

WEBInsta Mailing List Manager InitDB.PHP远程文件包含漏洞

WEBinsta Mailing List Manager是一款基于PHP的邮件列表程序。 WEBinsta Mailing List Manager不正确过滤用户提交的URI数据,远程攻击者可以利用漏洞以WEB进程权限执行任意命令。 问题是'InitDB.PHP'脚本对用户提交的'absolutepath'参数缺少过滤,提交恶意的远程服务器作为包含对象,可导致以WEB进程权限执行任意PHP代码。 WEBInsta WEBInsta Mailing Manager 1.3 d WEBInsta WEBinsta Mailing List Manager 1.3.e...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2006/11/28 12:0 a.m.233 views

GNU Radius远程格式串处理漏洞

GNU Radius是一款开放源代码远程用户验证和审计服务器。 GNU Radius在处理用户请求时存在漏洞,远程攻击者可能利用此漏洞在服务器上以radius守护程序权限执行任意指令。 GNU Radius的SQL计费代码中使用用户提供的数据构建格式串,然后不安全地传送给了变量参数函数sqllog。这可能允许未经认证的远程攻击者以radius守护程序(radiusd)的权限通常为root用户执行任意指令。 GNU RADIUS 1.3 GNU RADIUS 1.2 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/04/21 12:0 a.m.232 views

PostgreSQL OpenSSL TLS心跳信息泄漏漏洞

CVE ID:CVE-2014-0160 PostgreSQL是一款对象关系型数据库管理系统,支持扩展的SQL标准子集。 PostgreSQL所绑定的OpenSSL存在安全漏洞,OpenSSL处理TLS”心跳“扩展存在一个边界错误,允许攻击者利用漏洞获取64k大小的已链接客户端或服务器的内存内容。内存信息可包括私钥,用户名密码等。 0 PostgreSQL 8.x PostgreSQL 9.x PostgreSQL 9.3.4-3, 9.2.8-3, 9.1.13-3, 9.0.17-3和8.4.21-3版本已经修复该漏洞,建议用户下载使用:...

5CVSS8.2AI score0.99999EPSS
Exploits87
seebug.org
seebug.org
added 2013/06/13 12:0 a.m.232 views

KindEditor 4.1.7 /php/file_manager_json.php 路径泄漏

/php/filemanagerjson.php文件代码第48行打印出了绝对路径,导致路径泄漏漏洞产生。 KindEditor 4.1.7...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2006/11/26 12:0 a.m.232 views

MyAlbum Language.Inc.PHP远程文件包含漏洞

MyAlbum是一款基于php的WEB应用程序。 MyAlbum不正确过滤用户提交的URI数据,远程攻击者可以利用漏洞以WEB进程权限执行任意命令。 问题是由于'Language.Inc.php'脚本对用户提交的'langsdir'参数缺少过滤,提交恶意的远程服务器作为包含对象,可导致以WEB进程权限执行任意PHP代码。 远程攻击者可以利用漏洞以WEB进程权限执行任意命令。 攻击所需条件 攻击者必须访问MyAlbum。 MyAlbum MyAlbum 3.02 http://www.comscripts.com/scripts/php.myalbum.1731.html...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2006/10/28 12:0 a.m.232 views

Tru64 UNIX 4.0g /usr/bin/at Local Root Exploit

No description provided by source. / Tru64 UNIX 4.0g JAVA /usr/bin/at local root exploit. ALPHA Author: Cody Tubbs loophole of hhp. Site: www.hhp-programming.net Email: [email protected] Date: 2/1/2000. I made this without access to gdb, It's untested... may require modification, may require...

7.1AI score
Exploits0
Total number of security vulnerabilities5000