Lucene search
K
SeebugMost viewed

56796 matches found

seebug.org
seebug.org
added 2017/11/08 12:0 a.m.106 views

Cesanta Mongoose Websocket Protocol Fragmented Packet Code Execution Vulnerability(CVE-2017-2922)

Summary An exploitable memory corruption vulnerability exists in the Websocket protocol implementation of Cesanta Mongoose 6.8. A specially crafted websocket packet can cause a buffer to be allocated while leaving stale pointers which leads to a use-after-free vulnerability which can be exploited...

9.9AI score0.02625EPSS
Exploits2
seebug.org
seebug.org
added 2016/12/30 12:0 a.m.106 views

SwiftMailer <= 5.4.5-DEV Remote Code Execution (CVE-2016-10074)

DESCRIPTION ------------------------- SwiftMailer class uses PHP mail function as its default transport. SwiftMailer suffers from the same vulnerability as the one disclosed in PHPMailer in the advisory at:...

7.5CVSS10.3AI score0.99714EPSS
Exploits66
seebug.org
seebug.org
added 2015/11/10 12:0 a.m.106 views

Phpwind的v4/5/6/7/8命令执行漏洞

简要描述: 07年那阵挖掘的漏洞,正好这次三个白帽搞了个挑战,借这个机会曝光吧,外面估计也有部分人知道这个吧:) 详细说明: hack/bank/index.php $DDESPOSTDB=array; $query=$db-query"SELECT i.uid,username,ddeposit,dstartdate FROM pwmemberinfo i LEFT JOIN pwmembers m ON m.uid=i.uid ORDER BY ddeposit DESC LIMIT $bknum"; while$deposit=$db-fetcharray$query...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2015/09/30 12:0 a.m.106 views

用友软件企业门户xxe漏洞[测试前用友官域]

简要描述: 用友自带技能。 详细说明: 漏洞描述: 测试的时候发现使用yongyou nc的目录下有uapws/目录。百度百科。 打开后。自带登录模式,密码直接给你准备好了,登录就行了。好有爱。 找个接口,先提交请求。然后进行format the response(在这里抓包) xxe漏洞 漏洞证明: 高清无码 https://images.seebug.org/upload/201509/301834010d7b0d90e830d78290493a8fee...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2015/09/15 12:0 a.m.106 views

ISPConfig <= 3.0.5.4p7 monitor/show_sys_state.php SQL注入漏洞

因为不完整地过滤导致了SQL注入, 通过HTTP GET方式传递的server参数给了 /monitor/showsysstate.php页面攻击者可以传入任意恶意SQL命令并在数据库中执行该漏洞的成功的利用可以让攻击者获得数据库的读写权限甚至危机整个web应用但是该漏洞此时仍然是一个鸡肋漏洞, 因为攻击者要进行此攻击必须是认证通过的用户而且还需要有monitor权限然而, 结合CSRF Cross-Site Request Forgery in ISPConfig:...

6.8CVSS6.5AI score0.0126EPSS
Exploits6
seebug.org
seebug.org
added 2015/05/27 12:0 a.m.106 views

AKCMS 6.0 /akcms/login.php 登录绕过漏洞

该漏洞的问题出现在login.php中,由于编码采用GBK,而对$postusername变量没有进行严格的过滤和转义,导致可以绕过SQL防护,实现注入,下面针对此漏洞进行详细分析。 首先在login.php中第4行 ifisset$postloginsubmit if$editor = $db-getby'', 'admins', "editor='".$db-addslashes$postusername."'" ifakmd5$postpassword, 0, 2 == $editor'password' if$editor'freeze' == 1...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/09/02 12:0 a.m.106 views

用友FE办公平台通用SQL注入(2个)

简要描述: 用友FE办公平台通用SQL注入(2个) 详细说明: SQL注入1 漏洞文件及参数 /witapprovemanage/report/depReimburse.jsp?depid=1 漏洞证明: sqlmap.py -u "http://oa.shunhengli.com:9090/witapprovemanage/report/depReimburse.jsp?depid=1" sqlmap.py -u "http://oa.shunhengli.com:9090/witapprovemanage/report/depReimburse.jsp?depid=1" --dbs...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.106 views

apache tomcat < 6.0.18 utf8 - Directory Traversal vulnerability

No description provided by source. Title: Apache Tomcat Directory Traversal Vulnerability Author: Simon Ryeobar4mi at gmail.com, barami at ahnlab.com Severity: High Impact: Remote File Disclosure Vulnerable Version: prior to 6.0.18 Solution: - Best Choice: Upgrade to 6.0.18 http://tomcat.apache.o...

4.3CVSS7.6AI score0.99708EPSS
Exploits22
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.106 views

MetaCart E-Shop V-8 IntProdID Parameter Remote SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/13376/info An SQL injection vulnerability affects MetaCart e-Shop V-8. This issue is due to a failure of the application to properly sanitize user-supplied input prior to including it in SQL queries. An attacker may explo...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.106 views

PHP-Nuke <= 7.9 Final (phpbb_root_path) Remote File Inclusions

No description provided by source. Milli-Harekat Advisory www.milli-harekat.org PHP-Nuke = All version - Remote File Include Vulnerabilities Risk : High Class: Remote Script : PHP NUKE ALL VERSION Credits : ERNE Thanks : DjReMix,Eskobar,TRIP,ßy KorsaN,OsL3m7,Poizonbox,Dilejyoner and All MHG USERS...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.106 views

GNU C library dynamic linker $ORIGIN expansion Vulnerability

No description provided by source. from: http://marc.info/?l=full-disclosure&m=128739684614072&w=2 The GNU C library dynamic linker expands $ORIGIN in setuid library search path ------------------------------------------------------------------------------ Gruezi, This is CVE-2010-3847. The dynam...

7.2CVSS0.4AI score0.08747EPSS
Exploits22
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.106 views

Firefox 5.0 - 15.0.1 - __exposedProps__ XCS Code Execution

No description provided by source. This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 Msf::Exploit::Remote Rank = ExcellentRanking include Msf::Exploit::Remote::BrowserExploitServer...

10CVSS9AI score0.42609EPSS
Exploits13
seebug.org
seebug.org
added 2014/04/16 12:0 a.m.106 views

Barracuda多个产品OpenSSL TLS/DTLS心跳信息泄漏漏洞

CVE ID:CVE-2014-0160 Barracuda多个产品存在安全漏洞。 Barracuda所绑定的OpenSSL存在安全漏洞,OpenSSL处理TLS”心跳“扩展存在一个边界错误,允许攻击者利用漏洞获取64k大小的已链接客户端或服务器的内存内容。内存信息可包括私钥,用户名密码等。 0 Barracuda CudaTel Communication Server 2.x Barracuda CudaTel Communication Server 3.x Barracuda Firewall 6.x Barracuda Link Balancer 2.x Barracuda...

5CVSS0.3AI score0.99999EPSS
Exploits87
seebug.org
seebug.org
added 2014/04/11 12:0 a.m.106 views

亿邮某版本OPENSSL heartbleed 通杀

简要描述: 打包了一堆网站,内存里有cookies :D 详细说明: eYouMail 5 inurl:edu 搜素出来就能有漏洞的机率90%左右 前三页成功的结果 mail.jn.gov.cn mail.hpu.edu.cn mail.just.edu.cn mail.hnust.edu.cn mail.tjut.edu.cn mail.shupl.edu.cn mail.haust.edu.cn mail.dufe.edu.cn mail.jliae.edu.cn mail.hist.edu.cn dn1s.cmc.edu.cn mail.hbpu.edu.cn...

5CVSS8.1AI score0.99999EPSS
Exploits87
seebug.org
seebug.org
added 2014/02/11 12:0 a.m.106 views

ZTE ZXV10 W300 Router信任管理漏洞

CVE ID:CVE-2014-0329 ZTE ZXV10 W300 Router是中国中兴通讯(ZTE)公司的一款无线路由器产品。 ZTE ZXV10 W300路由器2.1.0版本上的TELNET服务中存在安全漏洞,该漏洞源于程序安装使用默认的硬编码凭证,将admin帐户密码‘XXXXairocon’中的前四位设置为MAC地址后四位。远程攻击者可通过已知的密码利用该漏洞获取管理访问权限。 0 ZTE ZXV10 W300 Router 厂商补丁: ZTE ----- 目前厂商已经发布了升级补丁以修复此安全问题,补丁获取链接:...

9.3CVSS6.5AI score0.08521EPSS
Exploits6
seebug.org
seebug.org
added 2011/03/22 12:0 a.m.106 views

libzip 0.9.3 _zip_name_locate空指针引用(incl PHP 5.3.5)

CVE ID: CVE-2011-0421 libzip是读取、创建和修改zip文档的库。 libzip 0.9.3 zipnamelocate在实现上存在空指针引用漏洞,远程攻击者可利用此漏洞进行拒绝服务。 设置ZIPFLUNCHANGED标签后,libzip可使远程和本地攻击者进行拒绝服务攻击。对于空zip文件和ZIPFLUNCHANGED旗标,libzip会发生崩溃。目前对于PHP,安全影响只是远程拒绝服务。 PHP PHP 5.3.5 libzip libzip 0.9.3 厂商补丁: libzip ------...

4.3CVSS1.1AI score0.13514EPSS
Exploits7
seebug.org
seebug.org
added 2010/05/21 12:0 a.m.106 views

PostgreSQL RESET ALL操作不安全权限检查漏洞

BUGTRAQ ID: 40304 CVE ID: CVE-2010-1975 PostgreSQL是一款高级对象-关系型数据库管理系统,支持扩展的SQL标准子集。 PostgreSQL在执行某些RESET ALL操作期间没有正确地执行权限检查,通过认证的远程用户可以通过ALTER USER或ALTER DATABASE语句删除任意参数设置。 PostgreSQL 8.4 PostgreSQL 8.3 PostgreSQL 8.2 PostgreSQL 8.1 PostgreSQL 8.0 PostgreSQL 7.4 厂商补丁: PostgreSQL ----------...

5.5CVSS6.2AI score0.02658EPSS
Exploits1
seebug.org
seebug.org
added 2009/12/17 12:0 a.m.106 views

Ruby on Rails 'protect_from_forgery'跨站脚本请求伪造漏洞

Bugraq ID: 37322 CVE ID:CVE-2009-4136 Ruby on Rails是一款Web应用程序框架,构建在Ruby语言之上。 Ruby on Rails 'protectfromforgery'存在跨站请求伪造攻击,远程攻击者可以利用漏洞执行部分管理员操作,获得对应用程序的未授权访问或删除部分数据。 Ruby on Rails Ruby on Rails 2.3.5 Ruby on Rails Ruby on Rails 2.3.4 Ruby on Rails Ruby on Rails 2.3.3 Ruby on Rails Ruby on Rails...

6.5CVSS6.7AI score0.03644EPSS
Exploits3
seebug.org
seebug.org
added 2009/08/24 12:0 a.m.106 views

VMware Server libpng Uninitialised Pointer Arrays Vulnerability

CVE-2009-0040 VMware已经承认在VMware Server中,它可以被恶意用户用来发动DoS攻击(拒绝服务),或可能损害应用程序使用的libpng库中的漏洞。 VMware Server 1.x VMware Server 2.x 临时解决办法: 不处理不信任的PNG图像。...

6.8CVSS2.8AI score0.04825EPSS
Exploits2
seebug.org
seebug.org
added 2008/10/25 12:0 a.m.106 views

动力文章(Powereasy)存在严重上传漏洞

动力文章采用无惧上传方式,对于上传文件的判断,只过滤了asp,aspx,asa等扩展上,忽略了cer,cdx等经过asp.dll映射过的其它扩展,以及,动力文章其upfileclass.asp对扩展的判断不严,导致asp 后面有空格,被当作合法的扩展,恶意用户可以通过构造表单,上传asp,asa等恶意扩展。 Access&SQL www.asp163.net下载最新的补丁,用最新的动力文章的upfileclass.asp和upfile.asp替换有漏洞的文件。...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2008/10/24 12:0 a.m.106 views

Windows Server服务RPC请求缓冲区溢出漏洞(MS08-067)

BUGTRAQ ID: 31874 CVECAN ID: CVE-2008-4250 Microsoft Windows是微软发布的非常流行的操作系统。 Windows的Server服务在处理特制RPC请求时存在缓冲区溢出漏洞,远程攻击者可以通过发送恶意的RPC请求触发这个溢出,导致完全入侵用户系统,以SYSTEM权限执行任意指令。 对于Windows 2000、XP和Server 2003,无需认证便可以利用这个漏洞;对于Windows Vista和Server 2008,可能需要进行认证。...

10CVSS9.3AI score0.98751EPSS
Exploits12
seebug.org
seebug.org
added 2008/07/29 12:0 a.m.106 views

DNS BailiWicked Host Attack

No description provided by source. /msf3/msfconsole require 'msf/core' require 'net/dns' require 'scruby' require 'resolv' module Msf class Auxiliary::Spoof::Dns::BailiWickedHost Msf::Auxiliary include Exploit::Remote::Ip def initializeinfo = superupdateinfoinfo, 'Name' = 'DNS BailiWicked Host...

7.1AI score0.95182EPSS
Exploits20
seebug.org
seebug.org
added 2007/05/06 12:0 a.m.106 views

PHPtree 1.3 (cms2.php s_dir) Remote File Inclusion Vulnerability

No description provided by source. PHPtree Remote file inclusion sdir Download script : http://www.phptree.de/content/download/public/phptree/phptreev1.3.zip Thanks Str0ke Exploit http://site.com/phptreepath/plugin/HPDEV/cms2.php?sdir=shell.txt? Discovered by : ThE TiGeR MiroTiger100atHotmaildotc...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2007/03/16 12:0 a.m.106 views

Creative Guestbook 1.0 Multiple Remote Vulnerabilities

No description provided by source. .-""""""""-. / Dj7xpl &nbsp...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2007/03/15 12:0 a.m.106 views

Activist Mobilization Platform (AMP) 3.2 Remote File Include Vuln

No description provided by source. \ /\ / | \ | / // / | | \ \ Y / | / / \ /\| /\ / / / / / .OR.ID ECHOADV71$2007 --------------------------------------------------------------------------- ECHOADV71$2007 AMP v3.2 basepath Remote File Inclusion Vulnerability...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2007/03/12 12:0 a.m.106 views

JobSitePro 1.0 (search.php) Remote SQL Injection Exploit

No description provided by source. //Coded by ajann //'=============================================================================================== //'Script Name: JobSitePro 1.0 search.php Remote BLIND SQL Injection Exploit //'Coded by : ajann //'Author : ajann //'Contact : : //'S.Page :...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2021/03/19 12:0 a.m.105 views

MyBB 未授权RCE漏洞(CVE-2021-27889 CVE-2021-27890)

MyBB Remote Code Execution Chain BY SIMON SCANNELL & CARL SMITH Today SonarSource is pleased to share with you a guest contribution to our Code Security blog series. The following blog post is authored by Simon Scannell and Carl Smith -two independent security researchers- joining us in sharing...

6.8CVSS0.4AI score0.1059EPSS
Exploits10
seebug.org
seebug.org
added 2018/06/08 12:0 a.m.105 views

WebKit: Info leak in WebAssembly Compilation(CVE-2018-4222)

There is an out-of-bounds read when compiling WebAssembly source buffers in WebKit. When a source buffer is compiled, it is first copied into a read-only buffer by the functuion getWasmBufferFromValue. This function returns the code buffer as follows: return arrayBufferView ?...

0.4AI score0.10508EPSS
Exploits3
seebug.org
seebug.org
added 2017/12/18 12:0 a.m.105 views

GOAHEAD 命令执行漏洞(CVE-2017-17562)

INTRODUCTION This blog post details CVE-2017-17562, a vulnerability which can be exploited to gain reliable remote code execution in all versions of the GoAhead web server 3.6.5. The vulnerability is a result of Initialising the environment of forked CGI scripts using untrusted HTTP request...

8.4AI score0.96327EPSS
Exploits15
seebug.org
seebug.org
added 2017/12/06 12:0 a.m.105 views

Mailsploit vulnerability exists in email address resolution

TL;DR: Mailsploit is a collection of bugs in email clients that allow effective sender spoofing and code injection attacks. The spoofing is not detected by Mail Transfer Agents MTA aka email servers, therefore circumventing spoofing protection mechanisms such as DMARC DKIM/SPF or spam filters. Bu...

7.2AI score
Exploits0
seebug.org
seebug.org
added 2017/10/24 12:0 a.m.105 views

Linux Kernel 4.14.0-rc4+ - 'waitid()' Privilege Escalation(CVE-2017-5123)

This is a guest post by a young and talented Portuguese exploiter, Federico Bento. He won this year’s Pwnie for Epic Achievement exploiting TIOCSTI ioctl. Days ago he posted a video demonstrating an exploit for CVE-2017-5123 and luckly for you I managed to convince him to do a write-up about it. ...

8.2AI score0.03714EPSS
Exploits10
seebug.org
seebug.org
added 2015/09/17 12:0 a.m.105 views

TP-Link NC200/NC220 无线网络云摄像头硬编码漏洞

TP-Link NC200/NC220 Cloud Camera 300Mbps Wi-Fi Hard-Coded Credentials Vendor: TP-LINK Technologies Co., Ltd. Product web page: http://www.tp-link.us Affected version: NC220 V1 1.0.28 Build 150629 Rel.22346 NC200 V1 2.0.15 Build 150701 Rel.20962 Summary: Designed with simplicity in mind, TP-LINK's...

7AI score
Exploits0
seebug.org
seebug.org
added 2015/01/19 12:0 a.m.105 views

53kf任意文件遍历漏洞

简要描述: 听说你们很给力啊,先试试水。 详细说明: 存在漏洞的地址为: http://www.53kf.com/?controller=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd%00login 漏洞证明: 成功猜到了nginx的配置文件,如下: 得到了网站根路径,读个robots.txt试试看 那么是不是可以代码审计了呢...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.105 views

MS15-061 Windows NTUserMessageCall Win32k Kernel Pool Overflow (Schlamperei)

No description provided by source. include include / Exploiting MS15-061 with reverse engineering Win32k.sys by steps : 1: hook PEB callback Function 2: trigger vulnerability make proper Window to lead vulnerable function 3: replace fake object with NtUserDefSetText in Desktop heap inside PEB...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2013/04/18 12:0 a.m.105 views

WordPress plugin AllVideoGallery 1.1 /wp-content/plugins/all-video-gallery/config.php SQL注入漏洞

WordPress是一款非常流行的使用PHP开发的博客平台,其All Video Gallery插件1.1文件/wp-content/plugins/all-video-gallery/config.php在line 39中 $vid被毫无过滤的传入了SQL语句,造成了SQL注入漏洞。 WordPress plugin AllVideoGallery 1.1...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2010/06/25 12:0 a.m.105 views

InterScan Web Security Virtual Appliance本地权限提升和任意文件上传/下载漏洞

BUGTRAQ ID: 41072 InterScan Web Security Virtual Appliance是一款能安装在VMware平台上的网页过滤产品。 InterScan Web Security Virtual Appliance没有正确地过滤提交给/servlet/com.trend.iwss.gui.servlet.exportreport的 exportname"参数和提交给/servlet/com.trend.iwss.gui.servlet.ConfigBackup的 pkgname参数,远程攻击者可以通过目录遍历攻击从系统下载任意文件。 InterScan W...

6.9AI score
Exploits0
seebug.org
seebug.org
added 2010/04/29 12:0 a.m.105 views

Pligg CMS (story.php?id) SQL Injection Vulnerability

No description provided by source. / ! Pligg CMS story.php?id SQL Injection Vulnerability ! Author : Don Tukulesto [email protected] ! Homepage: http://indonesiancoder.com ! Date : Tue, April 27, 2010 ! Tune in : http://antisecradio.fm choose your weapon / Software Information Vendor :...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2010/03/12 12:0 a.m.105 views

eGroupware跨站脚本和远程命令执行漏洞

BUGTRAQ ID: 38609 eGroupWare是一套PHP语言开发的团队协作软件,采用GPL的开放源码授权。 eGroupWare没有正确地过滤提交给login.php页面的lang参数便返回给了用户,远程攻击者可以通过提交恶意参数请求执行跨站脚本攻击;此外由于没有正确地过滤提交给phpgwapi/js/fckeditor/editor/dialog/fckspellerpages /spellerpages/server-scripts/spellchecker.php的spellcheckerlang参数,远程用户可以注入并执行任意shell命令。 EGroupware.o...

6.9AI score
Exploits0
seebug.org
seebug.org
added 2010/01/23 12:0 a.m.105 views

IntelliTamper 2.07/2.08 (SEH) Remote Buffer Overflow

No description provided by source. IntelliTamper 2.07/2.08 SEH Remote Buffer Overflow Based on PoC: http://www.exploit-db.com/exploits/11217 Author: loneferret Big thanks to: dookie Tested on WinXP SP3 English Just copy the resulting html file on a web server, and point Intelli Tamper to that...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2009/12/24 12:0 a.m.105 views

expat big2_toUtf8()函数XML文件解析拒绝服务漏洞

BUGTRAQ ID: 37203 CVE ID: CVE-2009-3560 Expat是用C语言编写的XML解析器库。 Expat库的lib/xmltok.c文件中的big2toUtf8函数存在拒绝服务漏洞。如果用户受骗打开了包含有畸形UTF-8序列的XML文档,就会在lib/xmlparse.c的doProlog函数中触发缓冲区越界读取,导致链接到Expat库上的应用崩溃。 James Clark Expat 2.0.1 厂商补丁: Debian ------ Debian已经为此发布了一个安全公告(DSA-1953-1)以及相应补丁: DSA-1953-1:New expat...

5CVSS0.24313EPSS
Exploits2
seebug.org
seebug.org
added 2009/04/28 12:0 a.m.105 views

Linux Kernel 2.6.x SCTP FWD Memory Corruption Remote Exploit

No description provided by source. / CVE-2009-0065 SCTP FWD Chunk Memory Corruption Linux Kernel 2.6.x SCTP FWD Memory COrruption Remote Exploit coded by: sgrakkyu at antifork.org http://kernelbof.blogspot.com NOTE: you need at least one sctp application bound on the target box Supported target:...

10CVSS0.4AI score0.1673EPSS
Exploits5
seebug.org
seebug.org
added 2007/12/26 12:0 a.m.105 views

Tikiwiki CMS tiki-listmovies.php文件目录遍历漏洞

BUGTRAQ ID: 27008 TikiWiki是一款网站内容管理系统,基于PHP+ADOdb+Smarty等技术构建。 TikiWiki的实现上存在输入验证漏洞,远程攻击者可能利用此漏洞非授权访问到服务器上任意文件的部分内容。 TikiWiki的tiki-listmovies.php脚本允许用户获得任意文件的前1000个字节。该脚本将movie参数值设置为$movie,删除最后4字节并添加.xml扩展名,然后调用fopen$confFile,'r'打开文件并读取文件的前1000个字节,接着传送这1000字节用作MovieWidth和MovieHeight...

6.9AI score
Exploits0
seebug.org
seebug.org
added 2007/10/13 12:0 a.m.105 views

TikiWiki Tiki-Graph_Formula.PHP代码注入漏洞

TikiWiki是一款基于PHP的WIKI程序。 TikiWiki不正确处理用户提交的输入,远程攻击者可以利用漏洞以WEB权限执行任意PHP代码。 问题存在于tiki-graphformula.php脚本中,提交包含恶意PHP代码的参数可导致以WEB权限执行。 TikiWiki Project TikiWiki 1.9.8 目前没有解决方案提供: http://info.tikiwiki.org/tiki-index.php?page=homepage...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2006/12/08 12:0 a.m.105 views

Hastymail IMAP SMTP命令注入漏洞

Hastymail IMAP是一款由PHP编写的IMAP协议实现客户端。 Hastymail IMAP不充分过滤用户提交的URI输入,远程攻击者可以利用漏洞执行其他SMTP命令。 由于对命令和信息缺少验证,可导致恶意用户注入任意IMAP/SMTP命令到邮件服务器,可导致绕过限制进行访问。 Hastymail Hastymail 1.5 Hastymail Hastymail 1.2 Hastymail Hastymail 1.1 Hastymail Hastymail 1.0.2 Hastymail Hastymail 1.0.1 升级程序: Hastymail Hastymail...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2006/07/09 12:0 a.m.105 views

Sabdrimer PRO &lt;= 2.2.4 (pluginpath) Remote File Include Vulnerability

No description provided by source. VIRANGAR SECURITY TEAM Discovered By : A.nosrati www.virangar.org Public www.virangar.net Priv8 Mail: infoatvirangar.net Sabdrimer PRO v.2.2.4 Remote File Include Vulnerability Google Dork : "© Sabdrimer CMS" bug found in file : advanced1.php web Site :...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2021/04/08 12:0 a.m.104 views

和信下一代云桌面VENGD 任意文件上传漏洞

...

0.5AI score
Exploits0
seebug.org
seebug.org
added 2018/05/28 12:0 a.m.104 views

Bitmain Antminer D3/L3+/S9 - Remote Command Execution(CVE-2018-11220)

Exploit Title: Bitmain Antminer D3, L3+, and S9 devices allow Remote Command Execution Google Dork: N/A Date: 27/05/2018 Exploit Author: Corrado Liotta Vendor Homepage: https://www.bitmain.com/ Software Link: N/A Version: Antminer - D3, L3+, S9, and other Tested on: Windows/Linux CVE :...

0.9AI score0.16409EPSS
Exploits6
seebug.org
seebug.org
added 2017/11/16 12:0 a.m.104 views

Chrome < 62 UXSS(CVE-2017-5124)

No description provided by source. PoC.mht ------------------------- MIME-Version: 1.0 Content-Type: multipart/related; type="text/html"; boundary="----MultipartBoundary--" CVE-2017-5124 ------MultipartBoundary-- Content-Type: application/xml; ------MultipartBoundary-- Content-Type: text/html...

7.6AI score0.05245EPSS
Exploits5
seebug.org
seebug.org
added 2017/10/24 12:0 a.m.104 views

REMOTE CODE EXECUTION (CVE-2017-13772) WALKTHROUGH ON A TP-LINK ROUTER

INTRODUCTION In this post, I will be discussing my recent findings while conducting vulnerability research on a home router: TP-Link’s WR940N home WiFi router. This post will outline the steps taken to identify vulnerable code paths, and how we can exploit those paths to gain remote code executio...

9CVSS10.1AI score0.52559EPSS
Exploits8
seebug.org
seebug.org
added 2016/05/14 12:0 a.m.104 views

深澜安全认证网络管理计费系统(Srun 3000) /srun3/srun/services/modules/login/controller/login_controller.php任意文件下载漏

0x01 漏洞框架 Srun3000深澜校园宽带客户端是深澜软件面向校园网推出的安全认证网络管理计费产品。 /srun3/srun/services/modules/login/controller/logincontroller.php存在任意文件下载漏洞。 影响厂商:深澜软件 官方主页:http://www.srun.com/ 深澜软件的Srun 3000 安全认证网络管理计费产品家族由Srun 3000 Gateway System和 Srun 3000 Radius System组成。获得众多用户好评的Srun 3000 Gateway 认证计费系统在...

7.1AI score
Exploits0
Total number of security vulnerabilities5000