Lucene search
K
SeebugMost viewed

56796 matches found

seebug.org
seebug.org
added 2014/07/10 12:0 a.m.70 views

FengCMS绕过补丁依旧任意文件下载

简要描述: 非常感谢各位白帽子的辛勤工作!FengCms安全测试站地址:http://guf521656.h163.92hezu.org/ 已经升级到最新版本 有效期2014-7-8至2014-7-15 欢迎各位安全界的朋友帮我们寻找安全漏洞!作为一个小小的创业团队,对各位朋友对FengCms的关注表示衷心的感谢!@路人甲 唉 厂商今天又艾特了,本来不想再看的。。 详细说明: app/contorller/downController.php alert"您要下载的文件不存在!";history.back;'; else echo...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.70 views

Signed Applet Social Engineering - Code Execuction

No description provided by source. $Id: javasignedapplet.rb 11516 2011-01-08 01:13:26Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms o...

10CVSS0.1AI score0.84807EPSS
Exploits19
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.70 views

Linux Kernel < 2.6.37-rc2 ACPI custom_method Privilege Escalation

No description provided by source. / american-sign-language.c Linux Kernel 2.6.37-rc2 ACPI custommethod Privilege Escalation Jon Oberheide [email protected] http://jon.oberheide.org Information: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4347 This custommethod file allows to inject...

6.9CVSS0.2AI score0.02203EPSS
Exploits6
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.70 views

FreePBX 2.5.x - Information Disclosure

FreePBX 2.5.x 'admin/config.php'密码信息泄漏漏洞 1. 漏洞信息 FreePBX是一款用来控制Asterisk的图形化接口。 能访问管理段的用户可以通过查看HTML源代码来获得其他管理员的密码信息。 2.漏洞使用方法 访问管理段用户的url http://localhost/admin/config.php?display=ampusers&userdisplay=admin 查看网页源码 PasswordCreate a password for this new user: 可以看到了密码 3.厂商解决方案 freePBX...

7.2AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.70 views

Factux LFI Vulnerability

No description provided by source. InformatioN Title : Factux LFI Vulnerability Author: altbta l9athotmail.com download : http://www.toocharger.com/telecharger/scripts/factux/3468.htm ExploiT dork: Factux le facturier libre V 1.1.5 includeonceinclude/language/$lang.php; Vulnerable File :...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.70 views

RunCMS <= 1.2 (class.forumposts.php) Arbitrary Remote Inclusion Exploit

No description provided by source. ?php ---runcms13axpl.php 17.30 09/02/2006 RunCMS = 1.2 arbitrary remote inclusion exploit = 1.3a shell upload through FCKEditor coded by rgod site: http://retrogod.altervista.org usage: launch from Apache, fill in requested fields, then go! Sun-Tzu: But when the...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.70 views

Grandora Rialto 1.6 /admin/default.asp Multiple Field SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/21191/info Grandora Rialto is prone to multiple input-validation vulnerabilities, including SQL-injection and cross-site scripting issues, because it fails to sufficiently sanitize user-supplied data. Exploiting this issu...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.70 views

TinyWebGallery 1.8.3 - Multiple Vulnerabilities

No description provided by source. Date: 01/02/2011 dd/MM/yyyy Script: TinyWebGallery Version: 1.8.3 No fixes yet, might work on other versions too. Home: http://www.tinywebgallery.com -- Vulnerability: Non-persistent XSS Where: File: /admin/index.php Parameters: sview, tview, dir, item. Examples...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.70 views

E107 Website System 0.6 Attached File Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/14495/info e107 Website System is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.70 views

SquirrelMail 1.2.x Theme Remote Command Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/4385/info SquirrelMail is a feature rich webmail program implemented in the PHP4 language. It is available for Linux and Unix based operating systems. SquirrelMail allows for extended functionality through a plugin system...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.70 views

DUportal Pro 3.4 cat.asp Multiple Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/13285/info DUportal Pro is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in SQL queries. A successful exploit could allow an attacke...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.70 views

suPHP <= 0.7 'suPHP_ConfigPath' Safe Mode Restriction-Bypass Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/33073/info suPHP is prone to a 'safemode' restriction-bypass vulnerability. Successful exploits may allow attackers to bypass arbitrary PHP configuration options, including the 'safemode' setting. This vulnerability would...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.70 views

Spaceacre (index.php) SQL/HTML/XSS Injection Vulnerability

No description provided by source. ------------------------------------------------------------------------------------------- Spaceacre index.php SQL/HTML/XSS Injection Vulnerability ------------------------------------------------------------------------------------------- Author: CoBRa21 Scrip...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.70 views

Adobe Reader X Atom Type Confusion Vulnerability Exploit

No description provided by source. Exploit Title: Adobe Reader X Atom Type Confusion Vulnerability Exploit Date: 7/3/2011 Author: Snake Shahriyar.j at gmail Version: Adobe Reader X 10.1 Tested on: 10.0.0 - 10.0.1 - Windows 7 - IE/FF/Opera CVE : CVE-2011-0611 This is the exploit I wrote for Abysss...

9.3CVSS0.1AI score0.9941EPSS
Exploits14
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.70 views

PHP 5.3.3 NumberFormatter::getSymbol Integer Overflow

No description provided by source. From: Maksymilian Arciemowicz cxib securityreason com Date: Fri, 10 Dec 2010 14:43:32 +0100 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 PHP 5.3.3 NumberFormatter::getSymbol Integer Overflow Author: Maksymilian Arciemowicz http://securityreason.com/...

5CVSS0.18878EPSS
Exploits5
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.70 views

Sunbird 0.9 - Array Overrun (code execution) 0day

No description provided by source. full disclosure: http://seclists.org/fulldisclosure/2009/Dec/253 Sunbird 0.9 Array Overrun code execution Author: Maksymilian Arciemowicz and sp3x http://SecurityReason.com Date: - Dis.: 07.05.2009 - Pub.: 11.12.2009 CVE: CVE-2009-0689 CWE: CWE-199 Risk: High...

6.8CVSS0.3AI score0.28167EPSS
Exploits43
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.70 views

Social Sites MyBB Plugin 0.2.2 - Cross Site Scripting

No description provided by source. Exploit Title: Social Sites MyBB Plugin 0.2.2 Cross Site Scripting Google Dork: inurl:usercp.php?action=socialsites Date: 13.12.2012 Exploit Author: s3m00t Vendor Homepage: http://mattrogowski.co.uk/mybb/ Software Link: http://mods.mybb.com/view/social-sites...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.70 views

Ultimate PHP Board 1.0 final beta ViewTopic.PHP Directory Contents Browsing

No description provided by source. source: http://www.securityfocus.com/bid/6334/info Ultimate PHP Board UPB is a freely available, open source PHP Bulletin Board. It is available for the Unix and Linux operating systems. Under some circumstances, it may be possible to disclose the contents of...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.70 views

Siemens SIMATIC WinCC Flexible (Runtime) Multiple Vulnerabilities

No description provided by source. Luigi Auriemma Application: Siemens SIMATIC WinCC flexible Runtime http://www.automation.siemens.com/mcms/human-machine-interface/en/visualization-software/wincc-flexible/wincc-flexible-runtime/Pages/Default.aspx Versions: 2008 SP2 + security patch 1 Platforms:...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.70 views

GIMP 2.8.0 FIT File Format DoS

No description provided by source. Summary ======= There is a file handling DoS in GIMP the GNU Image Manipulation Program for the 'fit' file format affecting all versions Windows and Linux up to and including 2.8.0. A file in the fit format with a malformed 'XTENSION' header will cause a crash i...

4.3CVSS6.5AI score0.10748EPSS
Exploits5
seebug.org
seebug.org
added 2014/06/30 12:0 a.m.70 views

XYCMS心理咨询中心建站系统存在SQL注入

简要描述: 。。。 详细说明: 下载地址:http://down.chinaz.com/soft/34989.htm 漏洞存在于: pxxmdetail.asp id=request.QueryString"id" set rs=server.createobject"adodb.recordset" exec="select from pxxm where id="& id rs.open exec,conn,1,1 if rs.eof then response.Write "没有相关信息!" response.End end if 未加入过滤代码导致注入产生 漏洞证明: 关键字:...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/06/19 12:0 a.m.70 views

某教务系统组合漏洞可直接重置任意用户密码

简要描述: 某教务系统组合漏洞可直接重置任意用户密码 详细说明: 重置密码时验证身份的功能形同虚设!重置密码根本不需要验证身份证号,空值直接搞定 漏洞证明: 它要验证的身份证号我根本没打,只是随便点了一下,然后…… 成功了?!!!这就成功了?!!! 好吧,去试试…… 咦?原来的密码还真进不取了诶!那试试身份证号后6位呢? 哇塞!我和我的小伙伴都惊呆了诶! 好了,到这里你可能会说身份证号后6位别人也不一定知道呀 不要紧,有问题,强智科技来帮你! 这个时候以前一个“无关紧要”的漏洞就派上用场喽! http://kdjw.hnust.cn/kdjw/xscjcx.jsp?yzbh=【学号】...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/03/25 12:0 a.m.70 views

OpenSSL ECDSA Nonces恢复漏洞

CVE ID:CVE-2014-0076 OpenSSL是一款开放源码的SSL实现,用来实现网络通信的高强度加密。 OpenSSL椭圆曲线签名与校验ECDSA实现存在错误,允许攻击者通过FLUSH+RELOAD缓存边道攻击来获取nonce值并之后得出私钥。 0 OpenSSL 1.x 用户可参考厂商的GIT库以获得补丁修复此漏洞: http://www.openssl.org/...

1.9CVSS0.00942EPSS
Exploits1
seebug.org
seebug.org
added 2014/03/25 12:0 a.m.70 views

Linux Kernel &quot;rds_ib_laddr_check()&quot;空指针引用漏洞

CVE ID:CVE-2013-7339 Linux Kernel是一款开源的操作系统。 Linux Kernel "rdsibladdrcheck"函数net/rds/ib.c存在一个空指针引用错误,允许本地攻击者利用漏洞使内核崩溃,造成拒绝服务攻击。 0 Linux Kernel 2.6.32.61 用户可参考厂商的GIT库以获得补丁修复此漏洞: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c2349758acf1874e4c2b93fe41d072336f1a31d0...

4.7CVSS0.1AI score0.00476EPSS
Exploits2
seebug.org
seebug.org
added 2014/02/28 12:0 a.m.70 views

WordPress Feedweb Plugin '_wp_http_referer'参数跨站脚本漏洞

Bugtraq ID:65800 WordPress是一种使用PHP语言开发的博客平台,用户可以在支持PHP和MySQL数据库的服务器上架设自己的网志。 WordPress Feedweb插件wp-content/plugins/feedweb/feedwebsettings.php不正确过滤"wphttpreferer" POST参数请求,远程攻击者可以利用漏洞构建恶意URI,诱使用户解析,可获得敏感Cookie,劫持会话或在客户端上进行恶意操作。 0 WordPress Feedweb Plugin 2.4 目前没有详细解决方案提供:...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/02/27 12:0 a.m.70 views

Apache Tomcat会话固定漏洞

Bugtraq ID:65769 CVE ID:CVE-2014-0033 Apache Tomcat是一款开放源码的JSP应用服务器程序。 由于对路径参数处理的修复引入的回溯,即使在启用disableURLRewriting的情况下也可导致一个会话固定攻击,允许远程攻击者利用漏洞未授权访问应用。 0 Apache Tomcat 6.0.0 - 6.0.37 厂商补丁: Apache ----- Apache Tomcat 6.0.39已经修复该漏洞,建议用户下载更新: http://tomcat.apache.org/...

4.3CVSS8.1AI score0.09895EPSS
Exploits1
seebug.org
seebug.org
added 2014/01/14 12:0 a.m.70 views

建站之星任意文件上传漏洞(续二)

简要描述: 建站之星任意文件上传漏洞续二 详细说明: 1 漏洞产生 /module/modmedia.php flashpicker 和 imagepicker 两个函数 imagepicker 函数 None 访问upload.php并上传文件,上传的时候用Burpsuite 抓包 并修改 点击Forward即可在 https://images.seebug.org/upload/flash 下面生成php文件...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2013/10/18 12:0 a.m.70 views

程氏舞曲CMSPHP3.0储存型xss与后台任意文件写入漏洞

简要描述: 插入 构造的js 可 getshell 详细说明: user/space.php?ac=edit&op=zl 修改 签名处,没有 任何过滤。xss产生 后台 看了下 可以写任意格式文件。。 抓包。。 POST /admin/skins/skins.php?ac=xgmb&op=go&path=../../skins/index/html/ HTTP/1.1 Accept: text/html, application/xhtml+xml, / Referer:...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2013/09/27 12:0 a.m.70 views

PmWiki 2.2.34 /scripts/pagelist.php 代码执行漏洞

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2013/09/23 12:0 a.m.70 views

大汉网络几处命令执行漏洞

简要描述: RT 详细说明: 存在漏洞的地址: http://oa5.hanweb.com/notice/admin/login/login.action http://oa6.hanweb.com/jact/admin/login/login.action 不是小厂商吧? 漏洞证明:...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2013/03/07 12:0 a.m.70 views

Ruby on Rails 远程安全绕过漏洞(CVE-2013-0276)

BUGTRAQ ID: 57896 CVECAN ID: CVE-2013-0276 Ruby on Rails简称RoR或Rails,是一个使用Ruby语言写的开源Web应用框架,它是严格按照MVC结构开发的。 Ruby on Rails 3.2.12, 3.1.11, 2.3.17之前版本在ActiveRecord的 "attrprotected" 方法中存在错误,没有正确限制访问模块属性的黑名单,通过特制的请求,可导致非法修改某些值。 0 Ruby on Rails 3.2.x Ruby on Rails 3.1.x Ruby on Rails 2.3.x 厂商补丁: Ruby o...

4.3CVSS0.2AI score0.0246EPSS
Exploits1
seebug.org
seebug.org
added 2013/01/21 12:0 a.m.70 views

部分Discuz!论坛 用户可以任意刷积分!

简要描述: 有些Discuz!论坛 用户可以任意刷积分 详细说明: 对于有些Discuz!论坛对推广访问这个地方不重视从而可以使用户能够任意的刷论坛的用户积分和等级 先点击推广访问 可以看到这个界面 “如果您的朋友通过下面任意一个链接访问站点,您将获得积分奖励 金钱+1”我们可以复制一个推广链接 用流量精灵挂着 不一会儿 我们的积分就会上去。论坛等级也会提高! 漏洞证明:...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2013/01/05 12:0 a.m.70 views

nginx 中间人攻击漏洞(CVE-2011-4968)

Bugtraq ID:57139 CVE ID:CVE-2011-4968 nginx是一款高性能的web服务器,使用非常广泛,其不仅经常被用作反向代理,也可以非常好的支持PHP的运行 nginx包含的Http代理模块允许通过https与源服务器通信,但是没有正确校验源服务器身份,允许攻击者在代理和源服务器之间进行中间人攻击 0 Igor Sysoev nginx 0.8.40 Igor Sysoev nginx 0.8.36 Igor Sysoev nginx 0.8.35 Igor Sysoev nginx 0.8.33 Igor Sysoev nginx 0.7.66 Igor...

5.7AI score0.03989EPSS
Exploits1
seebug.org
seebug.org
added 2012/06/11 12:0 a.m.70 views

MariaDB/MySQL 概率性任意密码(身份认证)登录漏洞(CVE-2012-2122)

No description provided by source. $Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit...

5.1CVSS6AI score0.96188EPSS
Exploits9
seebug.org
seebug.org
added 2012/04/20 12:0 a.m.70 views

MS11-046 Microsoft Windows (x86) - 'afd.sys' Privilege Escalation (CVE-2011-1249)

No description provided by source. / MS11-046 Was a Zero day found in the wild , reported to MS by Steven Adair from the Shadowserver Foundation and Chris S . Ronnie Johndas wrote the writeup dissecting a malware with this exploit . I Rahul Sasifb1h2s just made the POC exploit available...

7.2CVSS6.4AI score0.08488EPSS
Exploits5
seebug.org
seebug.org
added 2011/10/27 12:0 a.m.70 views

Apple Mac OS X CoreMedia H.264编码视频文件缓冲区溢出漏洞

BUGTRAQ ID: 50068 CVE ID: CVE-2011-3219 Mac OS X是苹果家族机器所使用的操作系统。 Apple Mac OS X在实现上存在缓冲区溢出漏洞,此漏洞可影响CoreMedia组件,允许攻击者以当前用户权限执行任意代码。 当解析H.264流的Sequence Parameter Set数据时,会读取帧剪裁偏移字段,当这些字段包含错误数据时,Quicktime会最终在视频流所分配的缓冲区之外写入,造成任意代码执行。 Apple Mac OS X 10.x Apple MacOS X Server 10.6.x 厂商补丁: Apple -----...

9.3CVSS8.4AI score0.04756EPSS
Exploits2
seebug.org
seebug.org
added 2011/05/04 12:0 a.m.70 views

DirectAdmin硬链接本地特权提升漏洞

Bugtraq ID: 47690 DirectAdmin是一款功能强大的虚拟主机在线管理系统。 当创建备份时不正确检查部分硬链接,本地攻击者可以通过硬链接攻击操作部分文件,提升特权。 JBMC Software DirectAdmin 1.33.6 JBMC Software DirectAdmin 1.33.4 JBMC Software DirectAdmin 1.33.3 JBMC Software DirectAdmin 1.30.2 JBMC Software DirectAdmin 1.30.1 JBMC Software DirectAdmin 1.381 JBMC...

6.9AI score
Exploits0
seebug.org
seebug.org
added 2010/05/31 12:0 a.m.70 views

Python audioop模块远程拒绝服务漏洞

CVE ID: CVE-2010-2089 Python是一种开放源代码的脚本编程语言。 Python的audioop模块中的多数函数直接将字节字符串(音频数据)和size参数(采样的字节数)用作了输入,但没有检查字节字符串的长度为 size的整数倍。如果用户从音频文件读取了特制参数,就可能对未经初始化的内存执行读写访问,应用程序可能会崩溃。 Python Software Foundation Python 3.2 Python Software Foundation Python 2.7 厂商补丁: Python Software Foundation...

5CVSS6.8AI score0.14643EPSS
Exploits1
seebug.org
seebug.org
added 2010/04/30 12:0 a.m.70 views

动网(DVbbs) Ver 8.3.0 多个跨站漏洞

动网论坛做为目前国内最大的社区论坛软件服务提供商,依靠其强大的功能、非凡的访问速度和负载能力、友好方便的客户操作界面、优质的客户服务、国内领先的 技术和强大而持续的产品研发并保持不断创新的能力,动网所提供的动网社区论坛产品已经占据了国内社区论坛产品使用比例的70%以上。 目标网站对用户提交的变量代码未进行有效的过滤或转换,允许攻击者插入恶意WEB代码。 此版本新存在两处跨站漏洞 DVbbs Version 8.3.0 等待官方补丁 demo1:...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2010/02/20 12:0 a.m.70 views

Microsoft Windows ShellExecute()输入验证漏洞(MS10-002/MS10-007)

BUGTRAQ ID: 37884 CVE ID: CVE-2010-0027 Microsoft Windows是微软发布的非常流行的操作系统。 IE浏览器等应用使用ShellExecute API函数处理文件。由于没有正确的对数据流执行验证,用户受骗跟随了恶意URL就可能导致绕过安全过滤执行本地系统上的二进制程序。 Microsoft Windows XP SP3 Microsoft Windows XP SP2 Microsoft Windows Server 2003 SP2 Microsoft Windows 2000SP4 厂商补丁: Microsoft ---------...

9.3CVSS6.4AI score0.33985EPSS
Exploits2
seebug.org
seebug.org
added 2010/01/19 12:0 a.m.70 views

FreePBX admin/config.php页面口令泄露漏洞

BUGTRAQ ID: 37848 FreePBX之前被称为Asterisk Management Portal,是IP电话工具Asterisk的标准化实现,可提供Web配置界面和其他工具。 可以访问FreePBX的administrators部分的用户可以通过查看html源码获得其他用户的管理员口令。 FreePBX 2.5.x 厂商补丁: FreePBX ------- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://mirror.freepbx.org/freepbx-2.6.0.tar.gz a href=...

6.9AI score
Exploits0
seebug.org
seebug.org
added 2009/12/17 12:0 a.m.70 views

ActiveBuyandSell v6.2 (buyersend.asp catid) Blind SQL Injection Vulnerability

No description provided by source. ? ?????????????????????????In The Name Of Allah The Mercifull?????????????????????? ? Tybe: buyersend.asp catid Blind SQL Injection Vulnerability Vendor: :www.activewebsoftwares.com Software: ActiveBuyandSell v 6.2 author: R3d-D3v!L Date: 18.dec.2009 T!ME: 12:00...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2009/12/10 12:0 a.m.70 views

Easy RM to MP3 Converter 2.7.3.700

No description provided by source. import sys print "\n============================" print " Easy RM to MP3 Converter 2.7.3.700 .m3u File Buffer Overflow Exploit " print " Tested on Windows XP SP3 " print "============================\n" calc.exe - 85 bytes shellcode...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2009/05/20 12:0 a.m.70 views

Oracle Outside In多个缓冲区溢出漏洞

Bugraq ID: 34994 CVE ID:CVE-2009-1009 CVE-2009-1010 CVE-2009-1011 CNCVE ID:CNCVE-20091009 CNCVE-20091010 CNCVE-20091011 Oracle Outside In是一款软件开发工具包套件SDK,为开发人员提供了一个访问、转换和控制 400 多种非结构化文件格式的内容的综合解决方案。 Oracle Outside In存在多个缓冲区溢出,远程攻击者可以利用漏洞以应用程序权限执行任意指令。 -处理Microsoft...

4.4CVSS6.3AI score0.00434EPSS
Exploits2
seebug.org
seebug.org
added 2008/12/23 12:0 a.m.70 views

CUPS cupsd RSS订阅空指针引用本地拒绝服务漏洞

BUGTRAQ ID: 32419 CVECAN ID: CVE-2008-5183 Common Unix Printing System(CUPS)是一款通用Unix打印系统,是Unix环境下的跨平台打印解决方案,基于Internet打印协议,提供大多数PostScript和raster打印机服务。 如果向默认监听于631/tcp端口的CUPS守护程序(/usr/sbin/cupsd)添加了多于100个RSS订阅的话,就会触发空指针引用,导致守护程序崩溃。 Easy Software Products CUPS 1.3.8 RedHat ------...

4.3CVSS0.4AI score0.0921EPSS
Exploits1
seebug.org
seebug.org
added 2008/11/28 12:0 a.m.71 views

Discuz! admin/database.inc.php get-webshell bug

由于Discuz!的admin\database.inc.php里action=importzip解压zip文件时,导致可以得到webshell.br / 在文件admin\database.inc.php里代码:br / .....br / elseif$operation == 'importzip' br / br / requireonce DISCUZROOT.'admin/zip.func.php';br / $unzip = new SimpleUnzip;br / $unzip-ReadFile$datafileserver;br / if$unzip-Count == ...

7AI score
Exploits0
seebug.org
seebug.org
added 2008/03/19 12:0 a.m.70 views

MG-SOFT Net Inspector多个远程安全漏洞

BUGTRAQ ID: 28266 MG-SOFT Net Inspector是一个综合的网络管理系统(NMS)应用程序,能够监控并管理多协议分布式系统,如计算机网络或公共交换网络等。 Net Inspector的实现上存在多个安全漏洞,远程攻击者可能利用这些漏洞控制服务器或导致拒绝服务。 --------------------------- A mghttpd格式串漏洞 --------------------------- mghttpd是运行在5228端口上的HTTP守护程序,允许客户端下载Net Inspector...

6.9AI score
Exploits0
seebug.org
seebug.org
added 2007/12/22 12:0 a.m.70 views

Xen copy_to_user()函数本地绕过安全限制漏洞

BUGTRAQ ID: 26954 CVECAN ID: CVE-2007-6416 Xen是可用于Linux内核的一种虚拟化技术,允许同时运行多个操作系统。 Xen的实现上存在漏洞,本地攻击者可能利用此漏洞控制提升权限。 当运行在ia64系统上的时候,Xen的PAL模拟功能中的copytouser函数允许HVM guest用户通过触发某些映射操作访问任意物理内存。 XenSource Xen 3.1.2 XenSource --------- 目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本: http://xen.xensource.com...

4.6CVSS6.3AI score0.0044EPSS
Exploits2
seebug.org
seebug.org
added 2007/12/10 12:0 a.m.70 views

Linux Kernel DO_COREDUMP本地信息泄露漏洞

BUGTRAQ ID: 26701 CVE ID:CVE-2007-6206 CNCVE ID:CNCVE-20076206 Linux是一款开放源代码的操作系统。 Linux内核DOCOREDUMP存在设计错误,本地攻击者可以利用漏洞获得敏感信息。 在内核2.6.x和2.4.x中,如果属于非ROOT用户的CORE文件存在,并ROOT运行一个进程产生CORE释放在相同位置,那么原来属于非ROOT用户的CORE文件将被ROOT的CORE文件替代,导致敏感信息泄露。 Linux kernel 2.6.24 -rc3 Linux kernel 2.6.23 .8 Linux kernel...

2.1CVSS5.4AI score0.00425EPSS
Exploits2
seebug.org
seebug.org
added 2007/07/18 12:0 a.m.70 views

SquirrelMail G/PGP加密插件多个远程命令执行漏洞

BUGTRAQ ID: 24874,24782 CVECAN ID: CVE-2005-1924,CVE-2006-4169 SquirrelMail是一个多功能的用PHP4实现的Webmail程序,可运行于Linux/Unix类操作系统下。 SquirrelMail的实现上存在多个输入验证漏洞,远程攻击者可能利用这些漏洞在服务器上执行任意命令。 SquirrelMail中的G/PGP加密插件没有正确地过滤所包含的某些文件,gpghelp.php和gpghelpbase.php文件中可能包含有通过“help” HTTP GET请求参数所提供的本地文件,代码如下: 68 // Help...

9.3CVSS6.4AI score0.10263EPSS
Exploits1
Total number of security vulnerabilities5000