Lucene search
K
SeebugMost viewed

56796 matches found

seebug.org
seebug.org
added 2008/05/14 12:0 a.m.72 views

Rgboard <= 3.0.12 (RFI/XSS) Multiple Remote Vulnerabilities

No description provided by source. Rgboard 3.0.x Multiple Vulnerabilities RFI/XSS // Author:: e.wiZz! // Site:: www.balcanwarez.com // Contact:: N/A :D =========================================================== // Script :: Rgboard // Vulnerable version :: 3.0.0/3.0.12 // Not vulnerable :: 4.0 /...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2007/07/13 12:0 a.m.72 views

PHP 5.2.3 bz2 com_print_typeinfo() Denial of Service Exploit

No description provided by source. ?php //PHP 5.2.3 bz2 comprinttypeinfo Remote DoS Exploit //author: shinnai //mail: shinnaiatautisticidotorg //site: http://shinnai.altervista.org //Tested on xp sp2, worked both from the cli and on apache //Bug discovered with "Footzo" thanks to rgod. //...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2007/04/20 12:0 a.m.72 views

3proxy HTTP Proxy请求远程缓冲区溢出漏洞

3Proxy是一款小型的代理软件。 3Proxy处理HTTP代理请求存在缓冲区溢出,远程攻击者可以利用漏洞以应用程序进程权限执行任意指令。 目前没有详细漏洞细节提供。 3proxy 3proxy 0.6b devel 20061014 3proxy 3proxy 0.5.3g 3proxy 3proxy 0.5 升级到最新程序: http://3proxy.ru/0.5.3h/Changelog.txt...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2007/03/28 12:0 a.m.72 views

PHP-Nuke Module Eve-Nuke 0.1 (mysql.php) RFI Vulnerability

No description provided by source. =========================================================================================== Eve-NukePortal file include phpbbrootpath =========================================================================================== Script name :Eve-Nuke Portal Downloa...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2007/01/18 12:0 a.m.72 views

GnuPG包含多个安全漏洞

GnuPG是一款开放源代码的PGP加密、解密、签名工具。 GnuPG存在多个未明安全问题,远程攻击者可以利用漏洞可能以应用程序进程权限执行任意指令。 这些问题只是可能存在的问题,因此这些问题的发现是由于代码审核后对代码进行增加一些代码检查和其他源代码的修补。根据报告可能由于整数溢出和缓冲区溢出错误而造成代码执行。 GNU Privacy Guard 1.4.6 目前没有解决方案提供: http://www.gnupg.org/...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2006/12/10 12:0 a.m.72 views

LeighBusinessEnterprisesWebHelpDeskSQL注入漏洞

LBE Web Helpdesk是一款可通过WEB浏览器进行操作的Helpdesk系统。LBE Web Helpdesk不正确过滤用户提交的数据,远程攻击者可以利用这个漏洞进行SQL注入攻击,可能获得敏感数据或修改数据库。问题存在于jobedit.asp脚本对用户提交给'id'参数缺少过滤,提交包含恶意SQL命令的数据作为'id'参数,可修改'users'表,增加操作员相等权限的新用户。 Leigh Business Enterprises Web HelpDesk 4.0.0.80 临时解决方法:如果您不能立刻安装补丁或者升级,NSFOCUS建议您采取以下措施以降低威胁: 在$nick...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2006/12/10 12:0 a.m.72 views

Microsoft Internet Explorer MSOE.DLL拒绝服务漏洞

Microsoft Internet Explorer是一款流行的WEB浏览器。 Microsoft Internet Explorer实例化msoe.dll COM对象存在问题,远程攻击者可以利用漏洞进行内存破坏攻击,可能以进程权限执行任意指令。 当Microsoft Internet Explorer尝试以ActiveX控件实例化msoe.dll COM对象,可能破坏系统内存造成拒绝服务,可能导致任意代码执行。 Microsoft Internet Explorer 6.0 SP2 Microsoft Internet Explorer 6.0 SP1 Microsoft...

7AI score
Exploits0
seebug.org
seebug.org
added 2006/11/21 12:0 a.m.72 views

Pearl Forums 2.4 Multiple Remote File Include Vulnerabilities

No description provided by source. | \ | / | \ \ / | | | | | \ / | \ \ / / | | | | '| | |/| |/ \ / / \ / / | | '| | | / | | || | | | | | | | | \ / | | | | || \ \ |/|| || ||,//\ / ||| ,|/...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2006/11/08 12:0 a.m.72 views

RealVNC远程终端控制软件存在远程认证绕过的漏洞

RealVNC VNC Server是一款远程终端控制软件。 RealVNC VNC Server采用的RFB(远程帧缓冲区)协议允许客户端与服务端协商合适的认证方法,协议的实现上存在设计错误,远程攻击者可以绕过认证无需口令实现对服务器的访问。 具体操作细节如下: 1 服务端发送其版本“RFB 003.008\n” 2 客户端回复其版本“RFB 003.008\n” 3 服务端发送1个字节,等于所提供安全类型的编号 3a 服务端发送字节数组说明所提供的安全类型 4 客户端回复1个字节,从3a的数组中选择安全类型 5 如果需要的话执行握手,然后是服务端的“0000” RealVNC...

7AI score
Exploits0
seebug.org
seebug.org
added 2006/10/25 12:0 a.m.72 views

OpenLDAP slapd "selfwrite"绕过安全限制漏洞

OpenLDAP是一款开放源代码的轻量级目录访问协议LDAP实现。 OpenLDAP在处理访问控制列表时存在错误,远程攻击者可能利用此漏洞绕过安全限制。 以下类型的ACL: access to dn.subtree="ou=groups,dc=example,dc=com" attr=member by selfwrite 应该仅允许用户对目标属性添加/删除自己的DN,但拥有selfwrite访问权限的用户确可以修改属性的任意值,允许攻击者绕过安全限制,获得非授权访问。 OpenLDAP OpenLDAP 2.3/HEAD 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载...

7AI score
Exploits0
seebug.org
seebug.org
added 2018/06/26 12:0 a.m.71 views

Emerson Liebert IntelliSlot Web Card family delivers enhanced communications and control to Liebert UPS,AC Power and Thermal Management systems Unauthorized access

Emerson Liebert IntelliSlot Web Card family delivers enhanced communications and control to Liebert UPS,AC Power and Thermal Management systems Unauthorized access。Lots of them No authentication required and The Management configuration uses the default password. Liebert:Liebert devices in ZoomEy...

2AI score
Exploits0
seebug.org
seebug.org
added 2018/03/23 12:0 a.m.71 views

Windows Kernel 64-bit pool memory disclosure in win32k!UMPDOBJ::LockSurface(CVE-2018-0813)

We have discovered that the win32k!UMPDOBJ::LockSurface function discloses portions of uninitialized pool memory to user-mode clients. The bug was encountered on Windows 7 64-bit; other versions were not tested. The leak was detected in the context of the splwow64.exe process, under the following...

5.6AI score0.0188EPSS
Exploits1
seebug.org
seebug.org
added 2017/12/26 12:0 a.m.71 views

Tplink Bridge Authenticated RCE

Vulnerability: Command Injection in bridge.lua ------------------------------------------ Exploitation: Can remote command execution on the root shell. ------------------------------------------ Vendor of Product: Tp-Link router ------------------------------------------ Affected Products and...

8.2AI score
Exploits0
seebug.org
seebug.org
added 2017/10/17 12:0 a.m.71 views

Apple Image I/O EXR Color Component Remote Code Execution Vulnerability(CVE-2016-4629)

SUMMARY An exploitable heap based buffer overflow exists in the handling of EXR images on OS X. A crafted EXR document can lead to a heap based buffer overflow resulting in remote code execution. Vulnerability can be triggered via a saved EXR file delivered by other means when opened in any...

10CVSS9.7AI score0.07418EPSS
Exploits2
seebug.org
seebug.org
added 2017/10/11 12:0 a.m.71 views

HDF5 Group libhdf5 Shareable Message Type Code Execution Vulnerability(CVE-2016-4332)

Description HDF5 is a file format that is maintained by a non-profit organization, The HDF Group. HDF5 is designed to be used for storage and organization of large amounts of scientific data and is used to exchange data structures between applications in industries such as the GIS industry via...

6.9CVSS8.6AI score0.00812EPSS
Exploits2
seebug.org
seebug.org
added 2017/09/20 12:0 a.m.71 views

National Instruments LabVIEW LvVarientUnflatten Code Execution Vulnerability(CVE-2017-2775)

Summary An exploitable memory corruption vulnerability exists in the LvVarientUnflatten functionality of LabVIEW 2016 version 16.0.0.49152. A specially crafted VI file can cause a user controlled value to be used as a loop terminator resulting in internal heap corruption. An attacker controlled V...

6.8CVSS7.9AI score0.0294EPSS
Exploits2
seebug.org
seebug.org
added 2017/08/21 12:0 a.m.71 views

Symantec Messaging Gateway <= 10.6.3-2 unauthenticated root RCE(CVE-2017-6327)

Bug 1: Web authentication bypass The web management interface is available via HTTPS, and you can't do much without logging in. If the current session identified by the JSESSIONID cookie has the user attribute set, the session is considered authenticated. The file LoginAction.class defines a numb...

6.5CVSS9.5AI score0.35341EPSS
Exploits7
seebug.org
seebug.org
added 2016/11/30 12:0 a.m.71 views

New Firefox/Tor Browser 0-day vulnerability (CVE-2016-9079)

No description provided by source. var worker = new Worker'data:javascript,self.onmessage=functionmsgpostMessage"one";postMessage"two";;'; worker.postMessage"zero"; var svgns = 'http://www.w3.org/2000/svg'; worker.onmessage = functione containerA.pauseAnimations; var craftDOM = function container...

7.9AI score0.87598EPSS
Exploits13
seebug.org
seebug.org
added 2016/10/09 12:0 a.m.71 views

FineCMS AttachmentController arbitrary file upload vulnerability

Source link: http://www.hackersb.cn/shenji/170.html Is still AttachmentController, of course, this is no longer kindeditorupload upload the file and then include the file so simple, but directly uploaded the script execution. This time the problem is ajaxswfuploadAction method, the method code is...

7AI score
Exploits0
seebug.org
seebug.org
added 2016/09/27 12:0 a.m.71 views

Safari the showModalDialog method UXSS vulnerability

This article translated from: http://mksben.l0.cm/2016/09/safari-uxss-showModalDialog.html (English version) http://masatokinugawa.l0.cm/2016/09/safari-uxss-showModalDialog.html (Japanese version) Author:Masato Kinugawa Translator: Holic know Chong Yu 404 security lab Translator's note: as the...

4.3CVSS7.2AI score0.01709EPSS
Exploits1
seebug.org
seebug.org
added 2016/05/09 12:0 a.m.71 views

D-Link DI 7200系列路由器命令执行漏洞

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/03/14 12:0 a.m.71 views

KesionCMS ASP版 /item/?c-5,key-1.html SQL注入漏洞

0x01漏洞简介 KesionCMS ASP版在/item/?c-5,key-1.html存在伪静态注入漏洞。 0x02漏洞详情 很明显的一处注入;但是好像需要闭合,先提交了证明下注入 http://.../item/?c-5,key-1%27.html Microsoft JET Database Engine 错误 '80040e14' 语法错误 在查询表达式 'Verific=1 and deltf=0 And Title Like '%1'%' Order by ID Desc' 中。 /item/Index.asp,行 618 0x03修复方案 过滤。...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/01/28 12:0 a.m.71 views

正方教务系统 ResultXml_common.aspx 文件 column 参数SQL注入漏洞

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/01/26 12:0 a.m.71 views

泛微E-Office /inc/priv_user_list/priv_xml.php SQL注入漏洞

0x01 框架概述 泛微e-office是泛微公司面向中小型组织推出的OA产品,简单易用高效,部署快、投资少。提供免费试用体验。至今已为超过一万家客户提供方便高效的办公体验. 官方主页: www.weaver.com.cn 主页截图如下。 0x02 漏洞信息 先对系统进行解密。 /inc/privuserlist/privxml.php 大概18行开始 $pararr = explodestpar $REQUEST'par' ; $userpriv = $pararr'userpriv'; ... if $pararr'viewtype' == 0 unset $deptnameutf8...

7AI score
Exploits0
seebug.org
seebug.org
added 2015/09/28 12:0 a.m.71 views

SunshineCRM v1 /general/ERP/LOGIN/logincheck.php SQL注入漏洞

(0day)郑州单点科技软件有限公司开发的开源软件SunShineCRMv1版存在SQL注入漏洞漏洞分析过程如下:1、 源码分析: SunShineCRM系统登录页面index.php的POST表单action跳转到logincheck.php页面 Logincheck.php页面负责对登录的用户名和密码进行验证,虽然有校验特殊字符的代码,但却并 未过滤和转义这些特殊字符2、 POC过程: 首先检测注入是否存在 然后使用SQLMAP探测目标数据库信息,默认数据库mysql和CRM系统数据库crmmarket sqlmap-u...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2015/01/09 12:0 a.m.71 views

某校园管理系统后台SQL注入(无需登录/SA权限)

简要描述: ... 详细说明: 百度dork:inurl:/ws2004/ 技术支持:南京苏亚星资讯科技开发有限公司 ---------------------------------------- 漏洞页面:ws2004/SysManage/LeaveWord/List.asp?AbPage=1&where=%20where%20Title%20like%20111 漏洞参数:where 均为sa权限 ---------------------------------------- 漏洞证明: 1 http://www.suyaxing.com:81/ws2004/...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/12/29 12:0 a.m.71 views

某大型政府系统任意文件读取及Oracle注入

简要描述: 某大型政府系统任意文件读取及Oracle注入 详细说明: 这系统有人提交过,详情: WooYun: 某大型政府服务系统Oracle注入使用量大 文件读取(获取数据库用户、密码等): /download?url=../../WEB-INF/classes/wssp/util/dbconfig.properties http://hxasc.cn/download?url=../../WEB-INF/classes/wssp/util/dbconfig.properties...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/10/27 12:0 a.m.71 views

金蝶政务GSiS服务平台通用任意文件上传漏洞

简要描述: 参照下前人的描述:GSiS政务服务平台:首个完全根据国家政策要求全新开发的,支撑政务服务体系和行政权力监督体系融合运转的一体化平台。 存在任意文件上传漏洞,可获取webshell PS:两$$符啥感觉,给一个爽爽吧 详细说明: 程序名称:Kingdee GSIS 开发公司:金蝶 漏洞类型:任意文件上传 漏洞文件:/corehttps://images.seebug.org/upload/upload.jsp 关键词:inurl:/kdgs/ 收集几个案例,方便测试 //判断上传格式 String fileDesc; String fileExt; String...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/09/05 12:0 a.m.71 views

帝国CMS(全版) 验证码可无视!可导致验证码无效(验证码识别都是渣渣)

简要描述: 帝国CMS 验证码可无视!可导致验证码无效(验证码识别都是渣渣) 详细说明: 看帝国 获取验证码的代码 //显示验证码 function ShowKey$v $vname=ecmsReturnKeyVarname$v; $key=strtolowerdomakepassword4; ecmsSetShowKey$vname,$key; .................. ecmsReturnKeyVarname 是返回保存验证码的cookie的名称 比如本列打开的页面上注册页面的验证码 url 是...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/11 12:0 a.m.71 views

方维团购 4.3 /app/source/goods_list.php SQL注入漏洞

No description provided by source. !/usr/bin/env python coding: utf-8 from pocsuite.net import req from pocsuite.poc import POCBase, Output from pocsuite.utils import register class TestPOCPOCBase: vulID = 'SSV-87131' vul ID version = '1' author = 'fenghh' vulDate = '2014-07-11' createDate =...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/08 12:0 a.m.71 views

用友CRM注入漏洞(无需登录通杀所有版本)

简要描述: 用友CRM注入漏洞,无需登录,通杀所有版本 详细说明: 漏洞url: http://220.178.27.116:8001/webservice/service.php?class=WSSystem&orgcode=1 使用sqlmap进行注入。 sqlmap.py -u "http://220.178.27.116:8001/webservice/service.php?class=WSSystem&orgcode=1" --current-user --current-db --is-dba sqlmap identified the following injectio...

7.8AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.71 views

MS14-017 Microsoft Word RTF Object Confusion

No description provided by source. This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 Msf::Exploit::Remote Rank = NormalRanking include Msf::Exploit::FILEFORMAT def initializeinfo =...

9.3CVSS0.2AI score0.77734EPSS
Exploits10
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.71 views

Zavio IP Cameras Firmware 1.6.03 - Multiple Vulnerabilities

No description provided by source. Core Security - Corelabs Advisory http://corelabs.coresecurity.com Zavio IP Cameras multiple vulnerabilities 1. Advisory Information Title: Zavio IP Cameras multiple vulnerabilities Advisory ID: CORE-2013-0302 Advisory URL:...

0.3AI score0.48539EPSS
Exploits9
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.71 views

SmartWin CyberOffice Shopping Cart 2.0 Client Information Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1734/info Smartwin Technology CyberOffice Shopping Cart is a shopping cart application for e-commerce enabled websites running Windows NT 4.0 or 2000. It is possible for a remote user to gain read access to the private...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.71 views

ProductCart 1.x/2.x advSearch_h.asp Multiple Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/9669/info EarlyImpact ProductCart is reportedly prone to multiple vulnerabilities. The specific issues include SQL injection, cross-site scripting and cryptographic weaknesses. These issues could expose sensitive data suc...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.71 views

Sharetronix 3.3 - Multiple Vulnerabilities

No description provided by source. Advisory ID: HTB23214 Product: Sharetronix Vendor: Blogtronix, LLC Vulnerable Versions: 3.3 and probably prior Tested Version: 3.3 Advisory Publication: May 7, 2014 without technical details Vendor Notification: May 7, 2014 Vendor Patch: May 27, 2014 Public...

6.8CVSS6.5AI score0.01947EPSS
Exploits7
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.71 views

SpamAssassin spamd Remote Command Execution

No description provided by source. $Id: spamassassinexec.rb 9179 2010-04-30 08:40:19Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of...

5.1CVSS0.2AI score0.7431EPSS
Exploits12
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.71 views

Sun Java Web Server 1.1 Beta Viewable .jhtml Source Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1891/info A vulnerability exists in Sun Microsystems' JavaWebServer for Win32, version 1.1Beta. JavaWebServer is a Java-oriented web application development platform. If a URL is submitted requesting a .jhtml file an HTML...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.71 views

PHP-Fusion 7.02.05 - Multiple Vulnerabilities

No description provided by source. waraxe-2013-SA097 - Multiple Vulnerabilities in PHP-Fusion 7.02.05 =============================================================================== Author: Janek Vind waraxe Date: 27. February 2013 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-97.ht...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.71 views

Lotus Domino <= R6 Webmail Remote Password Hash Dumper Exploit

No description provided by source. !/bin/bash $Id: raptordominohash,v 1.3 2007/02/13 17:27:28 raptor Exp $ raptordominohash - Lotus Domino R5/R6 HTTPPassword dump Copyright c 2007 Marco Ivaldi [email protected] Lotus Domino R5 and R6 WebMail, with Generate HTML for all fields enabled, stores...

5CVSS6.4AI score0.73635EPSS
Exploits11
seebug.org
seebug.org
added 2014/05/25 12:0 a.m.71 views

Srun3000计费系统无限制多处任意命令执行getshell

简要描述: Srun3000计费系统无限制任意命令执行getshell 详细说明: 文件: /enus/radonline.php srun3/web/online.php 4-76行 srun3/web/radonline.php 4-76行 if$POST"action"=="dm" $cmd = "/srun3/bin/raddrop -sdm ".$POST"sid"; if$fp=popen$cmd, "r" $con = fread$fp, 128; pclose$fp; $con = strreplace "\n", " ", $con; echo $con; exit;...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/03/20 12:0 a.m.71 views

Unzipper目录遍历漏洞

Bugtraq ID:66250 CVE ID:CVE-2014-1975 Unzipper是一款基于PHP的在线解压应用。 Unzipper处理文件名存在目录遍历漏洞,允许远程攻击者可创建任意文件或覆盖已存在的文件。 0 Unzipper 1.0.1 用户可联系厂商获得最新的补丁或升级程序: https://play.google.com/store/apps/details?id=org.rhorita777.unzipper...

5.8CVSS6.6AI score0.01496EPSS
Exploits1
seebug.org
seebug.org
added 2014/02/10 12:0 a.m.71 views

GE Intelligent Platforms Proficy HMI/SCADA - CIMPLICITY CimWebServer.exe目录遍历漏洞

CVECAN ID: CVE-2014-0751 GE Proficy CIMPLICITY是客户端/服务器业务可视化和控制解决方案。 GE Intelligent Platforms Proficy HMI/SCADA - CIMPLICITY 8.2 SIM 24之前版本中,CimWebServer.exe(即组件WebView)及Proficy Process Systems在实现上存在目录遍历漏洞,远程攻击者通过向TCP端口10212发送特制的消息,利用此漏洞可执行任意代码。 0 ge-ip Proficy CIMPLICITY 8.2 SIM 24 厂商补丁: ge-ip...

7.5CVSS6.4AI score0.03063EPSS
Exploits2
seebug.org
seebug.org
added 2013/12/26 12:0 a.m.71 views

SiteServer 3.6.4 background_thread.aspx SQL注入漏洞

SiteServer 3.6.4 /siteserver/bbs/backgroundthread.aspx 文件Title参数没有合适过滤,导致SQL注入漏洞。 0 SiteServer 3.6.4 升级到官方最新版: http://www.siteserver.cn...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2013/06/17 12:0 a.m.71 views

o2micro minica_down.php 任意文件下载漏洞

网御神州、天融信、美国凹凸等vpn设备开发疑似源于同一套技术,其中的"/minicadown.php"文件可以再下载其它任意文件 网御神州、天融信、美国凹凸等vpn设备...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2013/05/16 12:0 a.m.71 views

phpwind 9 /src/service/tag/dao/PwTagDao.php SQL注入漏洞

phpwind是国内一款流行的内容管理系统软件,其9版本/src/service/tag/dao/PwTagDao.php文件代码第116行的$tagName变量由$GET方式获得,代码117-119行拼接SQL语句,带入数据查询。在查询之前执行了/wind/db/mysql/WindMysqlPdoAdapter.php文件代码第24行设置编码为gbk,由此导致宽字节漏洞产生。 phpwind 9...

7AI score
Exploits0
seebug.org
seebug.org
added 2013/01/28 12:0 a.m.71 views

正方教务管理系统 可直接查询教师提交但教务处未审核的成绩

简要描述: 可直接查询教师提交,但教务处未审核的成绩。无需登录,可查询全校所有学生。 详细说明: 如该学校教务管理系统地址为1.85.16.39 : 先获取到某学科的课程代码, 在个人信息-信息发送-查看源文件里 然后把获取的代码替换到下面的地址里即可下载 http://1.85.16.39/toexcelPrintDialog.aspx?kc=此处填写课程代码&tab=jxrwblsb&psb=30&qzb=0&qmb=70&syb=0&cjxn=2012-2013&cjxq=1&kclx=必修课 漏洞证明:...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2012/10/25 12:0 a.m.71 views

ShopEx v4.8.5 Cookie数据远程SQL注入漏洞

ShopEx是在国内非常流行的网上商店平台软件。 ShopEx v4.8.5版本在处理某些Cookie的数据时存在输入验证漏洞,远程攻击者可能利用此漏洞执行SQL注入攻击,从而控制应用系统。 0 shopex 4.8.5 厂商补丁: shopex ------ 目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本: http://www.shopex.cn...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2012/01/25 12:0 a.m.71 views

WordPress 3.3.1 Code Execution / Cross Site Scripting

No description provided by source. Trustwave's SpiderLabs Security Advisory TWSL2012-002: Multiple Vulnerabilities in WordPress https://www.trustwave.com/spiderlabs/advisories/TWSL2012-002.txt Published: 1/24/12 Version: 1.0 Vendor: WordPress http://wordpress.org/ Product: WordPress Version...

7.5CVSS6.4AI score0.09551EPSS
Exploits10
seebug.org
seebug.org
added 2010/11/01 12:0 a.m.71 views

Adobe Flash Player authplay.dll库PDF文件解析远程代码执行漏洞

BUGTRAQ ID: 44504 CVE ID: CVE-2010-3654 Flash Player是一款非常流行的FLASH播放器。 Flash Player的authplay.dll库在解析畸形PDF文件时存在内存破坏漏洞,用户受骗打开了内嵌有恶意Flash内容的PDF文件时就可以触发这个漏洞,导致执行任意代码。 Adobe Acrobat 9.4 Adobe Flash Player 10.1.95.2 Adobe Flash Player 10.1.85.3 Adobe Reader 9.4 临时解决方法: 在浏览器中禁用Flash,禁止显示PDF文档。 在Adobe...

9.3CVSS0.5AI score0.69679EPSS
Exploits14
Total number of security vulnerabilities5000