Lucene search
K
SeebugMost viewed

56796 matches found

seebug.org
seebug.org
added 2007/09/20 12:0 a.m.167 views

VMware Workstation 6.0多个安全漏洞

BUGTRAQ ID: 25728,25729,25731,25732 CVECAN ID: CVE-2007-0061,CVE-2007-0062,CVE-2007-0063,CVE-2007-4059,CVE-2007-4155,CVE-2007-4496,CVE-2007-4497 VMWare是一款虚拟PC软件,允许在一台机器上同时运行两个或多个Windows、DOS、LINUX系统。 VMWare的实现上存在多个安全漏洞,可导致多种威胁。 具体如下: 1 VMWare的DHCP服务器可被恶意网页用来获取系统权限。 2...

10CVSS6.4AI score0.20413EPSS
Exploits2
seebug.org
seebug.org
added 2006/12/12 12:0 a.m.167 views

AY Systems Web Content System远程文件包含漏洞

AY Systems Web Content System是一款基于PHP的WEB内容管理程序。 AY Systems Web Content System不正确过滤用户提交的URI数据,远程攻击者可以利用漏洞以WEB进程权限执行任意命令。 问题是由于'main.php'脚本对用户提交的'pathShowProcessHandle'参数缺少过滤,提交恶意的远程服务器作为包含对象,可导致以WEB进程权限执行任意PHP代码。 AY System Solutions Web Content System 2.6 http://www.aysad.net/...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2017/04/04 12:0 a.m.166 views

macOS/IOS: mach_msg doesn't copy memory in a certain case(CVE-2017-2456)

When sending ool memory via |machmsg| with |deallocate| flag or |MACHMSGVIRTUALCOPY| flag, |machmsg| performs moving the memory to the destination process instead of copying it. But it doesn't consider the memory entry object that could resurrect the moved memory. As a result, it could lead to a...

7.6CVSS8.4AI score0.04244EPSS
Exploits3
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.166 views

TFM MMPlayer (m3u/ppl File) Buffer Overflow

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core'...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2009/10/14 12:0 a.m.166 views

Microsoft Windows SMBv2协商远程代码执行漏洞(MS09-050)

Bugraq ID: 36299 CVE ID:CVE-2009-3103 Microsoft windows是一款流行的操作系统。 Microsoft windows SMB2是新版windows捆绑的SMB协议实现,SRV2.SYS驱动不正确处理发送给NEGOTIATE PROTOCOL REQUEST功能的畸形SMB头字段数据,NEGOTIATE PROTOCOL REQUEST是客户端发送给SMB服务器的第一个SMB查询,用于识别SMB语言并用于之后的通信。 远程攻击者可以构建Process Id...

10CVSS9AI score0.90121EPSS
Exploits20
seebug.org
seebug.org
added 2007/05/18 12:0 a.m.166 views

Sun JDK JPG/BMP解析存在多个漏洞

Sun JDK存在多个安全问题,攻击者可以利用漏洞使应用程序崩溃,也可能执行任意指令。 Sun JDK解析特殊构建的JPG/BMP文件存在问题,目前没有详细漏洞细节提供。 Sun JDK 1.5 07-b03 JDK 1.5.011-b03和1.6.001-b06不受此漏洞影响: http://java.sun.com/ 攻击者可以参考如下测试文件: http://www.securityfocus.com/data/vulnerabilities/exploits/24004.bmp...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2006/12/06 12:0 a.m.166 views

Apache Mod_Rewrite单字节缓冲区溢出漏洞

Apache是一款流行的开放源代码的HTTPD服务程序。 Apache modrewrite模块中LDAP机制处理存在单字节溢出错误,远程攻击者可以利用漏洞以WEB进程权限执行任意指令。 Apache modrewrite模块提供了一个基于规则的使用正则表达式分析器的实时转向URL请求的引擎。modrewrite模块在转义绝对URI机制时存在单字节错误,当分离LDAP URL的数据时escapeabsoluteuri 函数中会触发此漏洞。触发此漏洞可导致指向用户提供数据的指针写入字符指针数组边界之外,可用于控制程序,以WEB权限执行任意指令。...

6.9AI score
Exploits0
seebug.org
seebug.org
added 2006/08/24 12:0 a.m.166 views

phpCOIN 1.2.3 (session_set.php) Remote Include Vulnerability

No description provided by source. phpCOIN 1.2.3 CCFGPKGPATHINCL Remote Include Vulnerability Discovered by: Timq http://www.securitydb.org Email: timqathackernetworkdotcom http://www.securitydb.org Vulnerable: requireonce include $CCFG'PKGPATHINCL'.'redirect.php'; Exploit PoC:...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2006/07/10 12:0 a.m.166 views

SQuery <= 4.5 (gore.php) Remote File Inclusion Vulnerability

No description provided by source. ================================================================= SQuery = 4.5libpath Remote File Inclusion Exploit ================================================================= Worked On : ALL VERSIONS | | Critical Level : Dangerous | | Gug Found In :...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2021/06/07 12:0 a.m.165 views

畅乘科技--北斗主动安全云平台默认弱口令

...

0.3AI score
Exploits0
seebug.org
seebug.org
added 2018/01/18 12:0 a.m.165 views

DeDecms 任意用户登录,管理员密码重置漏洞

简述 Dedecms是一款开源的PHP开源网站管理系统。 DeDecms织梦CMS V5.7.72 正式版20180109 最新版 前台会员模块是采用Cookie中的 DedeUserID+DedeUserIDckMd5字段进行身份鉴别 DedeUserID用于定位区别用户,DedeUserIDckMd5则是服务器生成散列,用于安全验证 Dedecms一处代码由于逻辑不够严谨,导致可以输入字符并获得服务器生成散列 劫持DedeUserIDckMd5字段,绕过安全校验,配合类型转换造成任意用户登录漏洞 漏洞详细原理 文件位置:dedecms/member/index.php:110行...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.165 views

W-Agora 4.1.6 a redir_url.php key Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/11283/info Multiple vulnerabilities are reported to affect the application. These issues arise due to insufficient sanitization of user-supplied data. A remote attacker may leverage these vulnerabilities to carry out SQL...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2013/05/22 12:0 a.m.165 views

ECShop 2.7.3 spellchecker.php 后门漏洞

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2010/01/30 12:0 a.m.165 views

C99Shell v.1.0 pre-release build #16! Cross Site Scripting Vulnerability

No description provided by source. ============================================================================================ | Title : !C99Shell v.1.0 pre-release build 16! Cross Site Scripting Vulnerability | Author : indoushka | email : [email protected] | Home : www.iq-ty.com/vb | Scrip...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2008/08/11 12:0 a.m.165 views

Quicksilver Forums 1.4.1 forums[] Remote SQL Injection Exploit

No description provided by source. ?php / . vuln.: Quicksilver Forums 1.4.1 forums Remote SQL Injection Exploit . download: http://www.quicksilverforums.com/ . . author: irk4zatyahoo.pl . homepage: http://irk4z.wordpress.com/ . . greets: all friends ; . . this is PoC exploit / $host = $argv1; $pa...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2008/07/17 12:0 a.m.165 views

AIX <= 5.3.0 (invscout) Local Command Execution Vulnerability

No description provided by source. !/usr/bin/sh r00t exploit written for the invscout bug reported by Idefense labs http://www.idefense.com/application/poi/display?id=171&type=vulnerabilities coded by ri0t exploitation is trivial but automated with this script www.ri0tnet.net usage ./getr00t.sh :...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/09/14 12:0 a.m.164 views

Atlassian Confluence arbitrary file include Vulnerability (CVE-2015-8399)

Affect the Assembly: Atlassian Confluence Atlassian Confluence is less than 5. 8. 17 versions of the service exist in the arbitrary file read and directory traversal vulnerabilities /spaces/viewdefaultdecorator. action? decoratorName=. Lists the current directory /spaces/viewdefaultdecorator...

4CVSS5.4AI score0.61114EPSS
Exploits5
seebug.org
seebug.org
added 2016/03/10 12:0 a.m.164 views

金蝶AES系统Java web配置文件敏感信息泄露漏洞

0x01 漏洞框架 金蝶软件始创于1993年,是一家ERP、财务等企业管理软件厂商,拥有官网kigndee.com、友商网(youshang.com)、快递100(kuaidi100.com)、云之家(kdweibo.com)等互联网业务应用 官方主页:www.kingdee.com 客户案例: 0x02 漏洞利用 金蝶AES系统Java web配置文件可任意下载。 portal下的配置文件: http://58.63.253.42/portal/WEB-INF/web.xml...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2015/09/23 12:0 a.m.164 views

QiboCMS V7 do/job.php 任意文件下载漏洞

1.漏洞分析 /inc/job/download.php $url=trimbase64decode$url; $fileurl=strreplace$webdbwwwurl,"",$url; if eregi".php",$fileurl && isfileROOTPATH."$fileurl" die"ERR"; if!$webdbDownLoadreadfile $fileurl=strstr$url,"://"?$url:tempdir$fileurl; header"location:$fileurl"; exit; $webdbupfileType = strreplace'...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2015/09/06 12:0 a.m.164 views

WordPress CP Multi View Event Calendar Plugin 1.1.7 - SQL Injection

Exploit Title: WordPress cp-multi-view-calendar.1.1.7 Unauthenticated SQL injection vulnerabilities Date: 2015-07-10 Google Dork: Index of /wordpress/wp-content/plugins/cp-multi-view-calendar Vendor Homepage: http://wordpress.dwbooster.com/ Software Link:...

8.2AI score
Exploits0
seebug.org
seebug.org
added 2015/08/28 12:0 a.m.164 views

Raonet Subscriber Ethernet Router MySQL 数据库账户密码泄露

Raonet SER-500 路由器 MySQL 账户密码泄漏, 可远程登录, 高权限. 验证地址: http://61.77.63.86/inc/conndb.inc Google dork: intitle:Raonet Subscriber Ethernet Router !/usr/bin/env python import urlparse import re import urllib2 def assignservice, arg: if service != "www": return arr = urlparse.urlparsearg return True,...

7AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.164 views

PhpMyAdmin Config File Code Injection

漏洞位置在scripts/setup.php 1315行开始: case 'save': $config = @fopen'./config/config.inc.php', 'w'; //以写的方式打开 if $config === FALSE message'error', 'Could not open config file for writing! Bad permissions?'; break; $s = getcfgstring$configuration; //$configuration = unserialize$POST'configuration'; $r =...

7.5CVSS9.6AI score0.95438EPSS
Exploits16
seebug.org
seebug.org
added 2009/12/25 12:0 a.m.164 views

Piwik ofc_upload_image.php远程PHP代码执行漏洞

BUGTRAQ ID: 37314 CVECAN ID: CVE-2009-4140 Piwik是一款利用Php+MySQL技术构建的开源网页访问统计系统。 Piwik中使用了open-flash-chart模块执行制表操作,该模块没有正确的过滤提交给ofcuploadimage.php文件的name和HTTPRAWPOSTDATA参数便用于创建文件: ? $defaultpath = '../tmp-upload-images/'; if !fileexists$defaultpath mkdir$defaultpath, 0777, true; $destination =...

7.5CVSS6.5AI score0.75838EPSS
Exploits8
seebug.org
seebug.org
added 2008/09/10 12:0 a.m.164 views

myPHPNuke 'print.php' SQL注入漏洞

BUGTRAQ ID: 30942 CNCAN ID:CNCAN-2008090203 myPHPNuke是一款基于PHP的WEB应用程序。 myPHPNuke不正确处理用户提交的输入,远程攻击者可以利用漏洞进行SQL注入攻击,可能获得敏感信息或操作数据库。 问题由于'print.php'脚本对用户提交给'sid'参数缺少过滤,构建恶意SQL查询作为参数数据,可更改原来的SQL逻辑,获得敏感信息或操作数据库。 获取管理员帐号密码信息:...

6.9AI score
Exploits0
seebug.org
seebug.org
added 2015/12/11 12:0 a.m.163 views

泛微OA PreDownload.jsp SQL注入漏洞

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2015/10/10 12:0 a.m.163 views

用友致远A6协同管理系统resend.jsp SQL注入漏洞

北京致远协创软件有限公司的致远软件连续10年获得中国协同管理软件市场占有率第一(CCID),连续6年获得中国协同软件用户满意度第一(CCW),被中国软件行业协会评为中国软件行业领军企业,是中国协同管理软件的开创者和领导者。 公司与Oracle、SAP、IBM、Microsoft、Samsung、用友、华为、中国移动、中国联通、中国电信等国内外知名企业形成长期战略合作关系。目前公司拥有1500多家合作伙伴,3000多名伙伴顾问,随时随地为客户提供全方位服务。致远协同管理软件已经拥有30000家企业级客户,每天有超过400万终端用户使用致远协同管理软件产品与服务。...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/05/16 12:0 a.m.163 views

用友NC-IUFO报表系统SQL注入(无需登录通杀所有版本)

简要描述: 用友NC-集团报表为集团企业用户提供全面的报表解决方案,它主要支持各类业务报表的输出、合并报表编制、分部报告编制以及报表的权限与流程管理,客户涉及金融、政府、教育、企业等 ------------------------------------------------ 该SQL注入点简单粗暴!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! 详细说明: 用友IUFO如图: 问题出在单位编码这,点击放大镜查找的时候一直是这页面,还以为没这功能呢,后来才发现可以直接访问URL进入搜索页面; 随便找个:...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/03/19 12:0 a.m.163 views

Joomla! FreiChat组件"id"跨站脚本漏洞

CVE ID:CVE-2013-5952 Joomla!是一款内容管理系统。 由于通过"id" GET参数传递到client/chat.php的输入在被返回用户前没有正确过滤,攻击者可以利用漏洞在受影响站点上下文的用户浏览器会话中执行任意HTML和脚本代码。 0 FreiChat 9.x component for Joomla! 目前没有详细解决方案提供: http://www.joomla.org...

4.3CVSS6.6AI score0.01864EPSS
Exploits3
seebug.org
seebug.org
added 2009/12/17 12:0 a.m.163 views

PostgreSQL空字符CA SSL整数校验安全绕过漏洞

Bugraq ID: 37334 CVE ID:CVE-2009-4034 PostgreSQL是一款对象关系型数据库管理系统,支持扩展的SQL标准子集。 处理部分证书字段中嵌入空字符的SSL证书存在错误,攻击者可以利用漏洞伪造证书,进行中间人等攻击。 SSL证书中的空字符可用于伪造客户端或服务端验证,只影响启用了SSL,执行证书名校验或客户端证书验证,而其CA已经被诱骗发布了非法证书的用户。 PostgreSQL PostgreSQL 8.4.1 PostgreSQL PostgreSQL 8.3.8 PostgreSQL PostgreSQL 8.3.6 PostgreSQL...

5.8CVSS6AI score0.0213EPSS
Exploits2
seebug.org
seebug.org
added 2006/08/18 12:0 a.m.163 views

Joomla Artlinks Component <= 1.0b4 Remote Include Vulnerability

No description provided by source. .: insecurity research team :. ....:...:. . .:. | |/ :/ // :/ .:. : | | | \\ /\ / :. . ..: ||| / \ \ .: .:.. .. ./ .:/:. ./. .:/: . ...:. .advisory. .:... :..................: 18.o8.2oo6 .. Affected Application: Artlinks v1.0 Beta 4 Mambo/Joomla CMS...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2017/03/20 12:0 a.m.162 views

FFmpeg Heap Overflow vulnerability (CVE-2016-10190)

作者:bird@tsrc 1. 前言 FFmpeg是一个著名的处理音视频的开源项目,使用者众多。2016年末paulcher发现FFmpeg三个堆溢出漏洞分别为CVE-2016-10190、CVE-2016-10191以及CVE-2016-10192。本文详细分析了CVE-2016-10190,是二进制安全入门学习堆溢出一个不错的案例。 调试环境: 1. FFmpeg版本:3.2.1按照https://trac.ffmpeg.org/wiki/CompilationGuide/Ubuntu1编译 2. 操作系统:Ubuntu 16.04 x64 2. 漏洞分析...

7.5CVSS9.2AI score0.08359EPSS
Exploits1
seebug.org
seebug.org
added 2016/03/24 12:0 a.m.162 views

中国矿业大学的coremail邮箱任意密码重置

简要描述: coremail邮箱设计逻辑缺陷导致任意密码重置(这种标题是不是行家一看就知道怎么搞了?审核时候把标题改一下吧,我不知道如何改。) 详细说明: 看了学校某个同学提交的漏洞,得到了一台thinkpad,我笔记本也不行了,就来挖洞了。 1 老规矩,走正常重置密码的途径。 http://.../ 2输入自己的邮箱 3 先看参数uid和token是不是一一对应起来的 uid改成17125817 失败,好吧,继...

7AI score
Exploits0
seebug.org
seebug.org
added 2016/01/13 12:0 a.m.162 views

Shop7z /show.asp pkid参数SQL注入漏洞

漏洞出现在show.asp 358行开始 dim pkid,model,productname,smallpicpath,price1,price2,pipai pkid=request"pkid" sql="select from viewproduct where pkid = "&pkid set rs=server.createobject"adodb.recordset" rs.open sql,conn,1,1 if rs.bof or rs.eof then pkid直接通过request获取 并拼接到sql语句中 没有任何过滤 poc:...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2015/08/13 12:0 a.m.162 views

三星 SCX-8240 型打印机未授权访问

直接访问打印机 ip 可以进入打印机控制台, 如图所示 可以在文档箱位置查看之前打印过的内容 各种资料和保密协议都齐了...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.162 views

phpRaid < 3.0.7 (rss.php phpraid_dir) Remote File Inclusion Exploit

No description provided by source. !/usr/bin/perl phpraid = 3.x.x rss.php Remote File Inclusion Exploit Download Script : http://up.9q9q.net/up/index.php?f=994a86950 Founded & Coded by: Cold z3ro , [email protected] Dork : inurl:phpRaid , phpRaid , roster.php?Sort=Race perl cold-z3ro.pl targe...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.162 views

Hassan Consulting Shopping Cart 1.23 Arbitrary Command Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/3308/info Hassan Consulting's Shopping Cart is commercial web store software. Shopping Cart does not filter certain types of user-supplied input from web requests. This makes it possible for a malicious user to submit a...

6.7AI score
Exploits0
seebug.org
seebug.org
added 2013/12/27 12:0 a.m.162 views

TP-LINK /userRpmNatDebugRpm26525557/linux_cmdline.html 后门漏洞

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2012/08/21 12:0 a.m.162 views

PostgreSQL 'xml_parse()'任意文件访问漏洞

Bugtraq ID:55074 CVE ID: CVE-2012-3489 PostgreSQL是一款对象关系型数据库管理系统,支持扩展的SQL标准子集。 PostgreSQL解析XML文档中的DTD数据时"xmlparse"函数存在错误,可被利用读取任意文件。 0 PostgreSQL 8.x PostgreSQL 9.x 厂商解决方案 PostgreSQL 9.1.5, 9.0.9, 8.4.13或8.3.20已经修复此漏洞,建议用户下载使用: http://www.postgresql.org...

4CVSS6.8AI score0.03057EPSS
Exploits1
seebug.org
seebug.org
added 2009/12/15 12:0 a.m.162 views

PHP php_getuid 函数存在权限绕过漏洞

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2009/03/19 12:0 a.m.162 views

PostgreSQL转换编码远程拒绝服务漏洞

BUGTRAQ ID: 34090 CVECAN ID: CVE-2009-0922 PostgreSQL是一款高级对象-关系型数据库管理系统,支持扩展的SQL标准子集。 PostgreSQL处理转换编码时存在栈溢出漏洞,通过认证的用户可以通过提交特制的SQL查询请求在一段时间期间杀死到PostgreSQL服务器的连接,中断其他用户和客户端的事务处理。 PostgreSQL 8.3.6 厂商补丁: PostgreSQL ---------- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://www.postgresql.org =cut=...

4CVSS7.5AI score0.10242EPSS
Exploits2
seebug.org
seebug.org
added 2021/05/20 12:0 a.m.161 views

Cisco HyperFlex HX 未授权命令注入漏洞(CVE-2021-1497 CVE-2021-1498)

CVE-2021-1497 and/or CVE-2021-1498 Command injection in the /storfs-asup endpoint’s token and mode parameters. Patch --- unpatched/web.xml 2021-05-17 19:06:17.000000000 -0500 +++ patched/web.xml 2021-05-17 19:06:23.000000000 -0500 @@ -69,17 +69,6 @@ - Springpath Storfs ASUP -...

10CVSS0.1AI score0.99999EPSS
Exploits6
seebug.org
seebug.org
added 2018/04/09 12:0 a.m.161 views

Cisco Smart Install Protocol Misuse

SIET Smart Install Exploitation Tool Cisco Smart Install is a plug-and-play configuration and image-management feature that provides zero-touch deployment for new switches. You can ship a switch to a location, place it in the network and power it on with no configuration required on the device. Y...

7.7AI score
Exploits0
seebug.org
seebug.org
added 2018/01/26 12:0 a.m.161 views

Libc Realpath缓冲区下溢漏洞(CVE-2018-1000001)

Introduction The vulnerability described here is caused by Linux kernel behaviour change in the syscall API returning relative pathnames in getcwd and non-defensive function implementation in libc failing to process that pathname correctly. Other libraries are very likely to be affected as well. ...

9.5AI score0.13614EPSS
Exploits9
seebug.org
seebug.org
added 2015/12/30 12:0 a.m.161 views

Cacti SQL注入漏洞(CNVD-2015-08486)

0x01 漏洞简述 Cacti是Cacti集团的一套开源的网络流量监测和分析工具。该工具通过snmpget来获取数据,使用RRDtool绘画图形进行分析,并提供数据和用户管理功能。 Cacti 0.8.8f以前版本存在SQL注入漏洞。允许远程攻击者通过graphphp属性行动中的rraid参数执行任意SQL命令。 0x02 漏洞细节 漏洞存在于文件 /cacti-0.8.8f/graph.php line 25 includeonce"./include/topgraphheader.php"; / set default action / if !isset"action"...

7.5CVSS9.1AI score0.02319EPSS
Exploits4
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.161 views

YeaLink IP Phone Firmware <= 9.70.0.100 - Unauthenticated Phone Call Vulnerability

No description provided by source. Exploit Title: YeaLink IP Phone SIP-TxxP firmware =9.70.0.100 phone call vulnerability Date: 05-28-2013 Exploit Author: b0hr franciscoatgarnelo.eu Vendor Homepage: http://yealink.com Software Link:...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.161 views

MidiCart PHP Item_Show.PHP Code_No Parameter SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/13515/info MidiCart PHP is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation could...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2007/04/19 12:0 a.m.161 views

McAfee VirusScan On-Access扫描器超长Unicode文件名缓冲区溢出漏洞

McAfee VirusScan是一款流行的实时病毒保护应用程序。 McAfee VirusScan产品中的On-Access扫描器组件在处理包含有多字节字符的超长文件名时存在堆溢出漏洞,远程攻击者可能利用此漏洞控制受影响的系统。 如果目标系统安装了东亚语言文件并且将默认的Unicode代码页设置为包含有多字节的语言(如中文)的话,则在试图打开恶意文件或仅仅将鼠标悬停在该文件上就可能触发这个溢出,导致执行任意指令。 0 McAfee VirusScan Enterprise 8.0.0 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: a...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2006/07/18 12:0 a.m.161 views

Linux Kernel 2.6.13 &lt;= 2.6.17.4 prctl() Local Root Exploit (logrotate)

No description provided by source. / $Id: raptorprctl2.c,v 1.3 2006/07/18 13:16:45 raptor Exp $ raptorprctl2.c - Linux 2.6.x suiddumpable2 logrotate Copyright c 2006 Marco Ivaldi [email protected] The suiddumpable support in Linux kernel 2.6.13 up to versions before 2.6.17.4, and 2.6.16 befo...

4.6CVSS6.4AI score0.04387EPSS
Exploits17
seebug.org
seebug.org
added 2017/10/11 12:0 a.m.160 views

ArcGIS Server 10.3.1: RMIClassLoader RCE

Using an Esri-provided image on Azure's Marketplace, ArcGIS Server 10.3.1 started Java's rmid on port 1098 and explicitly set the property java.rmi.server.useCodebaseOnly equal to false. Screenshot: https://www.dropbox.com/s/xz9ugal3ixnfh1c/10.3.1rmiduseCodebaseOnly%3Dfalse.png?dl=0 As discussed ...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2017/09/20 12:0 a.m.160 views

Network Time Protocol Origin Timestamp Check Denial of Service Vulnerability(CVE-2016-9042)

Summary An exploitable denial of service vulnerability exists in the origin timestamp check functionality of ntpd 4.2.8p9. A specially crafted unauthenticated network packet can be used to reset the expected origin timestamp for target peers. Legitimate replies from targeted peers will fail the...

5CVSS7.2AI score0.0864EPSS
Exploits3
Total number of security vulnerabilities5000