Lucene search
K
SeebugMost viewed

56796 matches found

seebug.org
seebug.org
added 2014/07/01 12:0 a.m.58 views

PhpLinkExchange 1.02 - XSS/Upload Vulerability

No description provided by source. PhpLinkExchange v1.02 - XSS/Upload Vulerability Discovered by : Stink' Date : 2009-12-16 Dork : PhpLinkExchange v1.02 Website Publisher : http://www.idevspot.com/PhpLinkExchange.php -- XSS in URL -- http://server/links/PhpLinkExchange/index.php?page=home&catid=X...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.58 views

Clicky Web Pseudo-frames 1.0 - Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/4756/info Pseudo-frames is an application written in PHP and is maintained by Clicky Web. Pseudo-frames permit remote file including. As a result, a remote attacker may include an arbitrary file located on a remote host. ...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.58 views

coppermine photo gallery <= 1.4.22 Multiple Vulnerabilities

No description provided by source. Author: girex Site: http://girex.altervista.org/ CMS: Coppermine Photo Gallery = 1.4.22 Coppermine Foto Gallery suffers from different vulnerabilities. There is a Local File Inclusion and a Blind SQL Injection working with registerglobals = On and magicquotesgpc...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.58 views

Nvidia (nvsvc) Display Driver Service - Local Privilege Escalation

No description provided by source. This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'rex' require 'msf/core/post/common' require 'msf/core/post/windows/priv' require...

7.2CVSS0.4AI score0.04472EPSS
Exploits6
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.58 views

PhotoPost PHP 4.6.5 (ecard.php) SQL Injection Vulnerability

No description provided by source. PhotoPost PHP 4.6.5 ecard.php?ecard SQL Injection Vulnerability Author : CoBRa21 Author Web Page : http://www.ipbul.org Dork: Powered by: PhotoPost PHP 4.6.5 Sql Injection: http://localhost/path/ecard.php?ecard=418337 Sql...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.58 views

ASX to MP3 Converter 3.1.2.1 - SEH Exploit (Multiple OS, DEP and ASLR Bypass)

No description provided by source. Exploit Title: ASX to MP3 Converter v3.1.2.1 SEH Exploit Multiple OS, DEP and ASLR Bypass Date: July 13, 2010 Author: Node Software Link: http://www.mini-stream.net/downloads/ASXtoMP3Converter.exe Version: Mini-Stream Software ASX to MP3 Converter...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.58 views

vKios <= 2.0.0 (products.php cat) Remote SQL Injection Exploit

No description provided by source. !/usr/bin/perl Indonesian Newhack Security Advisory ------------------------------------ vKios = 2.0.0 products.php cat Remote SQL Injection Exploit Waktu : Feb 8 2008 10:00PM Software : vKios Versi : = 2.0.0 Vendor : http://www.vkios.com/...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.58 views

lotuscms 3.0.3 - Multiple Vulnerabilities

No description provided by source. Vulnerability ID: HTB22886 Reference: http://www.htbridge.ch/advisory/xsrfcsrfinlotuscms.html Product: LotusCMS Vendor: Arboroia Network http://www.lotuscms.org/ Vulnerable Version: 3.0.3 and probably prior versions Vendor Notification: 01 March 2011 Vulnerabili...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.58 views

Webcam Corp Webcam Watchdog 1.0/1.1/3.63 Web Server Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/9351/info A problem has been identified in the handling of remote web requests by the Webcam Watchdog software. Because of this, it may be possible for a remote attacker to gain unauthorized access to a vulnerable system...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.58 views

WANGKONGBAO CNS-1000 UTM IPS-FW Directory Traversal

No description provided by source. Exploit Title: WANGKONGBAO CNS-1000 and 1100 Network Security Platform UTM Directory Traversal Date: 7/2/2012 Exploit Author: Dillon Beresford Vendor Homepage: http://www.wangkongbao.com/products.html Version: CNS-1000 and 1100 The issue is in the...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.58 views

Linux Kernel - Sendpage Local Privilege Escalation

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' require 'rex' require...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.58 views

SharePoint 2007/2010 and DotNetNuke < 6 - File disclosure via XEE

No description provided by source. Exploit Title: File disclosure via XEE in SharePoint and DotNetNuke Date: September 15, 2011 Author: Nicolas Gregoire Version: SharePoint 2007 / 2010, DotNetNuke 6 CVE : CVE-2011-1892 poc filename: xee.xml !DOCTYPE doc !ENTITY boom SYSTEM...

4CVSS6.4AI score0.38332EPSS
Exploits6
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.58 views

Fully Modded phpBB <= 2021.4.40 Multiple File Include Vulnerabilities

No description provided by source. Fully Modded phpBB 2 Remote File Include PHPBB Exploit 2 Source Code: http://phpbbfm.net/support/indexfm.php http://kent.dl.sourceforge.net/sourceforge/phpbbfm/FM2021-4-40.tar.gz Vulnerable Code: include'includes/common.php'; $phpbbrootpath = $foingrootpath...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/05/08 12:0 a.m.58 views

U-Mail任意文件上传漏洞一枚

简要描述: U-Mail存一处任意文件上传漏洞。 详细说明: 先登录官方测试站点: 这里登录的账号为:mailtest3721 再获取当前登录用户的userid http://mail.comingchina.com/webmail/client/oab/index.php?module=operate&action=member-get&page=1&orderby=&isreverse=1&keyword=mailtest3721 这里mailtest3721对应的userid为:78609 html exp: 上传文件: 上传后获取"fileid":"13995534500" im...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/04/14 12:0 a.m.58 views

TIBCO Spotfire多个产品远程代码执行漏洞

CVE ID:CVE-2014-2544 TIBCO Spotfire是业务数据智能分析软件。 TIBCO Spotfire Server 3.3.3及更早版本、4.5.0、5.0.0、5.0.1、5.5.0、6.0.0、6.0.1、TIBCO Spotfire Professional, Web Player、Automation Services、Deployment Kit 4.0.3及之前版本、4.5.0、4.5.1、5.0.0、5.0.1、5.5.0、6.0.0在实现上存在安全漏洞,可使远程攻击者利用此漏洞执行任意代码。 0 TIBCO Spotfire...

7.5CVSS6.6AI score0.03063EPSS
Exploits1
seebug.org
seebug.org
added 2014/02/20 12:0 a.m.58 views

Belkin Wemo Home Automation 'peerAddresses' API XML外部实体注入漏洞

BUGTRAQ ID: 65623 CVECAN ID: CVE-2013-6948 Belkin Wemo Home Automation devices 是家电远程控制系列产品。 Belkin Wemo Home Automation API服务器存在XML注入漏洞,通过XML注入可攻击peerAddresses API,从而泄露系统文件的内容。 0 Belkin Wemo Home Automation 目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本:...

7.8CVSS6.5AI score0.01632EPSS
Exploits1
seebug.org
seebug.org
added 2014/01/09 12:0 a.m.58 views

SQL Server 弱口令 PoC

SQL Server在配置过程中往往被设置成弱密码,导致被黑客猜解到,造成若密码漏洞。 SQL Server...

7.6AI score
Exploits0
seebug.org
seebug.org
added 2014/01/08 12:0 a.m.58 views

vTiger CRM SOAP AddEmailAttachment任意文件上传漏洞

BUGTRAQ ID:61558 CVE ID:CVE-2013-3214 vtiger CRM是一套基于Web以销售能力自动化SFA为主的客户关系管理系统CRM 。 vtiger CRM /soap/vtigerolservice.php所定义的AddEmailAttachment SOAP方法不正确过滤通过"filedata"和"filename"参数提交的输入,允许攻击者利用漏洞写/覆盖任意文件,并以WEB权限执行。 0 vtiger vtiger CRM 5.0.0 - 5.4.0 厂商补丁: vtiger ----- 用户可参考如下厂商提供的安全补丁以修复此漏洞:...

9.6AI score0.84535EPSS
Exploits13
seebug.org
seebug.org
added 2013/09/26 12:0 a.m.58 views

IceWarp 10.4.5 /rpc/gw.html 任意文件读取漏洞

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2013/08/27 12:0 a.m.58 views

Django is_safe_url() 跨站脚本 和 URLField 脚本插入漏洞

CVECAN ID: CVE-2013-4249 Django是Python编程语言驱动的一个开源Web应用程序框架。 Django 1.4、1.5没有正确过滤django.contrib.admin的URLField字段、django.utils.http.issafeurl函数utils/http.py 的URL重定向相关输入没有被正确过滤,可被利用插入任意HTML和脚本代码,导致这些恶意代码被查看时,会在受影响站点上下文的浏览器会话中执行。 0 Django 1.4.x 厂商补丁: Django ------ 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...

4.3CVSS6.3AI score0.0288EPSS
Exploits2
seebug.org
seebug.org
added 2013/07/02 12:0 a.m.58 views

Apache XML Security签名伪造漏洞

CVE ID:CVE-2013-2172 Apache XML Security是一个XML安全标准下的数字签名实现 XML签名包含一个"CanonicalizationMethod"参数用于指定应用于签名的SignedInfo部分所需的规范化算法canonicalization algorithm。而实际是XML签名的Apache Santuario XML Security for Java实现允许把任意算法指定给此参数,可被利用对XML签名进行伪造攻击 0 Apache XML Security Java 1.5.x Apache XML Security Java 1.4.x...

4.3CVSS0.4AI score0.0593EPSS
Exploits1
seebug.org
seebug.org
added 2013/06/03 12:0 a.m.58 views

Linux Kernel &quot;iscsi_add_notunderstood_response()&quot;缓冲区溢出漏洞

CVE ID: CVE-2013-2850 Linux Kernel是一款开源的操作系统。 Linux iSCSI子系统存在一个基于堆的缓冲区溢出,允许远程攻击者利用漏洞发送特制请求获得内核执行控制。 在处理超大key时"iscsiaddnotunderstoodresponse"函数drivers/target/iscsi/iscsitargetparameters.c存在一个边界错误,允许攻击者发送超过64字节的KEY触发漏洞,可以以应用程序上下文执行任意代码。 要成功利用漏洞需要配置了iSCSI target并监听网络。 0 Linux Kernel 3.0.x Linux...

7.9CVSS0.2AI score0.07313EPSS
Exploits1
seebug.org
seebug.org
added 2013/04/24 12:0 a.m.58 views

OpenStack Keystone不安全文件权限漏洞(CVE-2013-1977)

BUGTRAQ ID: 59310 CVECAN ID: CVE-2013-1977 OpenStack Keystone为OpenStack系列计划提供身份、令牌、目录和策略服务的项目。 Keystone.conf管理方式上存在安全漏洞,本地攻击者可利用此漏洞获取LDAP密码配置和admintoken。 0 openstack Keystone 厂商补丁: openstack --------- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://lists.openstack.org/pipermail/openstack-announce/...

2.1CVSS6.4AI score0.00438EPSS
Exploits2
seebug.org
seebug.org
added 2013/02/03 12:0 a.m.58 views

IBM InfoSphere Information Server Suite权限提升漏洞

CVE ID: CVE-2012-0701 IBM InfoSphere Information Server是一款数据集成软件平台,可以帮助企业从分散在系统中的复杂的异类信息中获得更多价值。 由于依赖客户端控制,允许攻击者利用漏洞在IBM Information Server数据存储管理客户端DataStage Administrator client系统上提升权限。 0 IBM InfoSphere Information Server 8.1 IBM InfoSphere Information Server 8.5 IBM InfoSphere Information Serve...

6.5CVSS6.4AI score0.01066EPSS
Exploits1
seebug.org
seebug.org
added 2011/10/05 12:0 a.m.58 views

Google Chrome &lt; 14.0.835.163 PDF File Handling Memory Corruption

No description provided by source. ----------------Security Adisory---------------- Title: Google Chrome 14.0.835.163 PDF File Handling Memory Corruption Vulnerability CVE-2011-2841 Sec-Security: Hich CVE-Number: CVE-2011-2841 Date of discovery: 04/06/2011MM/DD/YYYY Fix date: 06/28/2011MM/DD/YYYY...

6.8CVSS6.5AI score0.0369EPSS
Exploits4
seebug.org
seebug.org
added 2011/08/28 12:0 a.m.58 views

RealVNC 4.1 Authentication Bypass

No description provided by source. $Id: realvnc41bypass.rb 13641 2011-08-26 04:40:21Z bannedit $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms...

7.5CVSS0.2AI score0.91522EPSS
Exploits13
seebug.org
seebug.org
added 2011/07/17 12:0 a.m.58 views

Apache Tomcat sendfile请求安全限制绕过和拒绝服务漏洞

CVE ID: CVE-2011-2526 Tomcat是由Apache软件基金会下属的Jakarta项目开发的一个Servlet容器,按照Sun Microsystems提供的技术规范,实现了对Servlet和JavaServer Page(JSP)的支持,并提供了作为Web服务器的一些特有功能。 Apache Tomcat在sendfile请求的处理上存在安全限制绕过和拒绝服务漏洞,本地攻击者可利用此漏洞绕过安全限制或造成拒绝服务。 1)当Apache Tomcat运行在安全管理器下时没有正确验证sendfile请求的属性,可被恶意Web应用程序利用绕过目标限制并泄露本地文件。...

4.4CVSS4.7AI score0.00699EPSS
Exploits1
seebug.org
seebug.org
added 2011/06/16 12:0 a.m.58 views

IBM WebSphere Application Server 7.0.0.13 CSRF Vulnerability

No description provided by source. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://corelabs.coresecurity.com/ IBM WebSphere Application Server Cross-Site Request Forgery 1. Advisory Information Title: IBM WebSphere Application Server Cross-Site...

6.8CVSS0.3AI score0.02096EPSS
Exploits6
seebug.org
seebug.org
added 2011/03/14 12:0 a.m.58 views

Apache Tomcat &quot;@ServletSecurity&quot; 注释安全限制绕过漏洞

CVE ID: CVE-2011-1088 Apache Tomcat是一个流行的开放源码的JSP应用服务器程序。 Apache Tomcat在实现上存在"@ServletSecurity" 注释安全限制绕过漏洞,远程攻击者可利用此漏洞绕过某些安全限制。 由于应用程序在加载小服务程序时未能正确执行"@ServletSecurity" 注释,可通过绕过注释指定的安全限制并泄露某些信息。 Apache Group Tomcat 7.x 厂商补丁: Apache Group ------------ 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...

5.8CVSS0.1AI score0.06453EPSS
Exploits1
seebug.org
seebug.org
added 2010/11/17 12:0 a.m.58 views

Android 2.0/2.1 Use-After-Free Remote Code Execution on Webkit

No description provided by source. Exploit Title: Android 2.0/2.1 Use-After-Free Remote Code Execution on Webkit Date: 14/11/2010 Author: Itzhak Avraham, mj Tested on: Droid 2.1 CVE : CVE-2010-1807 Better exploit better rate and more flexible for changes, also shorter shellcode than what you have...

9.3CVSS9.3AI score0.61319EPSS
Exploits13
seebug.org
seebug.org
added 2010/07/10 12:0 a.m.58 views

Ubuntu PAM MOTD File Tampering (Privilege Escalation)

No description provided by source. !/bin/sh Exploit Title: Ubuntu PAM MOTD file tampering privilege escalation Date: July 7, 2010 Author: Kristian Erik Hermansen [email protected] Software Link: http://packages.ubuntu.com/ Version: pam-1.1.0 Tested on: Ubuntu 10.04 LTS Lucid Lynx CVE :...

6.9CVSS0.1AI score0.00941EPSS
Exploits11
seebug.org
seebug.org
added 2010/06/21 12:0 a.m.58 views

Joomla Component com_eportfolio Upload Vulnerability

No description provided by source. Name : Joomla comeportfolio Upload Vulnerability Date : june, 20 2010 Critical Level : HIGH Vendor Url : http://www.joomplace.com/e-portfolio/e-portfolio-description.html Google Dork:inurl:comeportfolio Author : Sid3^effects aKa HaRi shellc99atyahoo.com special...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2010/05/20 12:0 a.m.58 views

Microsoft Windows cdd.dll驱动远程拒绝服务漏洞

BUGTRAQ ID: 40237 CVE ID: CVE-2009-3678 Windows是微软发布的非常流行的操作系统。 Windows所使用的规范显示驱动(cdd.dll)没有正确的解析从用户态拷贝到内核态的信息。用户受骗打开了包含有大量以缩略图形式显示图形文件的文件夹并同时选中删除了大约15到20张图形就会导致系统蓝屏死机。理论上利用该漏洞也可能导致执行任意代码,但由于地址是随机的,因此很难预测最终的指针目标。 Microsoft Windows Server 2008 R2 Microsoft Windows 7 临时解决方法: 禁用Windows Aero主题。 厂商补丁:...

9.3CVSS6.4AI score0.12614EPSS
Exploits1
seebug.org
seebug.org
added 2010/02/05 12:0 a.m.58 views

CityAdmin suffers from a remote blind SQL injection vulnerability

No description provided by source. .:. Author : AtT4CKxT3rR0r1ST [email protected] .:. Team : Sec Attack Team .:. Home : www.sec-attack.com/vb .:. Script : cityadmin .:. Download Script: http://www.redcow.ca/products/cityadmin/ .:. Bug Type : Blind Sql Injection .:. Dork : "Powered by cityadmin and Red...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2010/01/19 12:0 a.m.58 views

FreePBX config.php页面SQL注入漏洞

BUGTRAQ ID: 37847 FreePBX之前被称为Asterisk Management Portal,是IP电话工具Asterisk的标准化实现,可提供Web配置界面和其他工具。 FreePBX没有正确地过滤提交给config.php页面的extdisplay参数,远程攻击者可以通过提交恶意的查询请求执行SQL注入攻击。 FreePBX 2.5.1 厂商补丁: FreePBX ------- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://www.freepbx.org/trac/changeset/7594...

6.9AI score
Exploits0
seebug.org
seebug.org
added 2009/10/14 12:0 a.m.58 views

Microsoft .NET Framework类型校验远程代码执行漏洞(MS09-059)

Bugraq ID: 36617 CVE ID:CVE-2009-0091 Microsoft .NET Framework是一个流行的软件开发工具包。 Microsoft .NET Framework存在一个远程代码执行漏洞,允许恶意Microsoft .NET应用程序绕过类型等式检查,恶意Microsoft .NET应用程序通过指派某个对象类型为其他类型,导致任意未管理代码执行。 目前没有详细漏洞细节提供。 Microsoft .NET Framework 1.x Microsoft .NET Framework 2.x Microsoft .NET Framework 3.x...

9.3CVSS6.3AI score0.25811EPSS
Exploits2
seebug.org
seebug.org
added 2009/09/25 12:0 a.m.58 views

Drupal任意文件上传和会话固定漏洞

Bugraq ID: 36431 Drupal是一款开放源码的内容管理平台。 Drupal存在多个安全漏洞,攻击者可以利用漏洞上传任意文件到服务器,劫持任意会话,未授权访问受影响应用程序。 文件API不正确处理使用部分扩展的文件上传,可导致上传的文件被Apache执行。.htaccess保存在Drupal文件目录中可防止上传被执行。只有当服务器配置忽略.htaccess文件中的指令时这些文件才会被执行。 当匿名用户使用单次登录链接用于确认EMAIL地址和重设忘记的密码时Drupal没有重生成会话ID,在部分条件下恶意用户可以修复和重用目标用户的会话ID。 Drupal Drupal 6....

6.9AI score
Exploits0
seebug.org
seebug.org
added 2009/09/02 12:0 a.m.58 views

DataLife Engine 8.2 dle_config_api Remote File Inclusion Vulnerability

No description provided by source. ====================================================== DatalifeEngine 8.2 Remote File Inclusion Vulnerability ! Found by : kurdish hackers team ! C0ntact : pshela at YaHoo .com ! Groups : Kurd-Team ! site : www.kurdteam.org...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2009/05/01 12:0 a.m.58 views

Linux Kernel 2.6 UDEV &lt; 141 Local Privilege Escalation Exploit

No description provided by source. / cve-2009-1185.c udev 141 Local Privilege Escalation Exploit Jon Oberheide [email protected] http://jon.oberheide.org Information: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1185 udev before 1.4.1 does not verify whether a NETLINK message originates...

7.2CVSS0.4AI score0.81528EPSS
Exploits12
seebug.org
seebug.org
added 2009/03/05 12:0 a.m.58 views

MySQL ExtractValue()和UpdateXML()函数拒绝服务漏洞

MySQL是一款使用非常广泛的开放源代码关系数据库系统,拥有各种平台的运行版本。 MySQL没有正确地处理包含有FilterExp表达式的XPath表达式,远程攻击者可以通过特制的XPath表达式调用ExtractValue或UpdateXML函数导致服务器崩溃。 MySQL AB MySQL 5.1.30 MySQL AB MySQL 5.1.15 厂商补丁: MySQL AB -------- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://dev.mysql.com/doc/refman/5.1/en/news-5-1-32.html select...

7AI score
Exploits0
seebug.org
seebug.org
added 2009/02/23 12:0 a.m.58 views

Vim PySys_SetArgv函数本地命令执行漏洞

BUGTRAQ ID: 33447 CVECAN ID: CVE-2009-0316 VIM是一款免费开放源代码文本编辑器,可使用在Unix/Linux操作系统下。 VIM的python接口使用argv0调用PySysSetArgv函数。由于Python对sys.path变量附加了空字符串,如果工作目录中的文件名匹配VIM试图导入的python模块名,就可能允许本地用户在系统中执行任意代码。 VIM Development Group VIM...

6.9CVSS6AI score0.02845EPSS
Exploits1
seebug.org
seebug.org
added 2008/11/07 12:0 a.m.58 views

Adobe Reader util.printf() JavaScript Function Stack Overflow Exploit #2

No description provided by source. Adobe Reader Javascript Printf Buffer Overflow Exploit =========================================================== Reference: http://www.coresecurity.com/content/adobe-reader-buffer-overflow CVE-2008-2992 Thanks to coresecurity for the technical background...

9.3CVSS6.5AI score0.98482EPSS
Exploits19
seebug.org
seebug.org
added 2008/09/17 12:0 a.m.58 views

趋势科技OfficeScan cgiRecvFile.exe栈溢出漏洞

BUGTRAQ ID: 31139 CVECAN ID: CVE-2008-2437 OfficeScan是一种针对整个网段的分布式杀毒软件。 OfficeScan的cgiRecvFile.exe中存在栈溢出漏洞,如果远程攻击者在提交的HTTP请求中包含了超长的ComputerName参数的话,就可以触发这个溢出,导致执行任意指令。必须还要控制TempFileName、NewFileSize和Verify参数才能利用这个漏洞。 Trend Micro OfficeScan 7.3 patch 4 build 1362 Trend Micro -----------...

10CVSS6.4AI score0.06673EPSS
Exploits5
seebug.org
seebug.org
added 2008/09/14 12:0 a.m.58 views

Linkarity (link.php) Remote SQL Injection Vulnerability

No description provided by source. ================================================================================ Linkarity link.php Remote SQL Injection Vulnerability ================================================================================ Discovered By: Egypt Coder home :...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2008/05/05 12:0 a.m.58 views

Linux Kernel dnotify.c文件本地竞争条件漏洞

BUGTRAQ ID: 29003 CVECAN ID: CVE-2008-1375 Linux Kernel是开放源码操作系统Linux所使用的内核。 Linux Kernel的dnotify子系统在fcntl和close调用之间存在竞争条件,在最后一个描述符已经离开current-files之后可以将dnotifystruct注入到inode的列表中,这可能导致系统崩溃或获得root用户权限。 Linux kernel 2.6.25.1 厂商补丁: Debian ------ Debian已经为此发布了一个安全公告(DSA-1565-1)以及相应补丁: DSA-1565-1:New...

6.9CVSS2.8AI score0.00306EPSS
Exploits1
seebug.org
seebug.org
added 2008/03/11 12:0 a.m.58 views

Remotely Anywhere 'Accept-Charset'字符NULL指针拒绝服务漏洞

BUGTRAQ ID: 28175 CNCAN ID:CNCAN-2008031103 Remotely Anywhere是一款远程管理软件。 Remotely Anywhere不正确处理特殊构建的HTTP请求,远程攻击者可以利用漏洞对应用程序进行拒绝服务攻击。 提交包含非法Accept-Charset参数的HTTP请求,可导致NULL指针引用而导致应用程序崩溃,造成拒绝服务攻击。 RemotelyAnywhere RemotelyAnywhere Workstation Edition 8.0.668 RemotelyAnywhere RemotelyAnywhere Server...

6.9AI score
Exploits0
seebug.org
seebug.org
added 2008/02/26 12:0 a.m.58 views

Titan FTP Server USER/PASS命令远程堆溢出漏洞

BUGTRAQ ID: 27568 CVECAN ID: CVE-2008-0702,CVE-2008-0725 Titan FTP Server是一款FTP服务程序。 Titan FTP Server处理超长命令请求时存在缓冲区溢出漏洞,远程攻击者可能利用此漏洞控制服务器。 如果向Titan FTP Server的FTP服务和管理服务提交了超长的USER或PASS命令的话,就可能触发堆溢出,导致执行任意指令。 South River Technologies Titan FTP Server 3.21 临时解决方法:...

10CVSS6.4AI score0.07707EPSS
Exploits1
seebug.org
seebug.org
added 2007/12/13 12:0 a.m.58 views

MS Internet Explorer (createTextRang) Download Shellcoded Exploit

No description provided by source. / Internet Explorer "createTextRang" Download Shellcoded Exploit Bug discovered by Computer Terrorism UK http://www.computerterrorism.com/research/ct22-03-2006 Reliable exploitation by Darkeagle of Unl0ck Research Team http://www.milw0rm.com/exploits/1606...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2007/06/20 12:0 a.m.58 views

Subversion修改属性远程信息泄露漏洞

Subversion是一款开放源码的多用户版本控制系统,支持非ASCII 文本和二进制数据。 Subversion在处理日志访问时存在漏洞,远程攻击者可能利用此漏洞获取敏感信息。 由于日志消息中可能会包含有关更改的详细信息,因此Subversion为用户访问指定的修改元数据设置了三级权限,分别为“完全访问”、“不可访问”和“部分访问”,其中设置为“部分访问”权限的用户仅可以看到svn:date和svn:author修改属性,以及changed-paths信息的路径(但不是信息)。 如果读者可以访问修改中所变更的所有路径,但不可以访问修改中所拷贝的所有路径,且使用svn propget、s...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2007/06/14 12:0 a.m.58 views

Microsoft IE语言包安装远程代码执行漏洞(MS07-033)

Internet Explorer是一款非常流行的WEB浏览器。 用于负责按需安装Internet Explorer语言包的例程存在竞争条件错误,成功利用此漏洞的攻击者可以完全控制受影响的系统。 如果网页所包含的一些内容是由所安装语言包不支持的语言编写的话,则用户访问了该网页就可以触发这个漏洞,导致内存破坏。攻击者可以通过构建特制的网页来利用该漏洞,当用户查看网页时,该漏洞可能允许远程执行代码。 Microsoft Internet Explorer 7.0 Microsoft Internet Explorer 6.0 SP1 Microsoft Internet Explorer 6...

7.1AI score
Exploits0
Total number of security vulnerabilities5000