Lucene search
K
SeebugMost viewed

56796 matches found

seebug.org
seebug.org
added 2017/09/12 12:0 a.m.56 views

Gdk-Pixbuf TIFF tiff_image_parse Code Execution Vulnerability(CVE-2017-2870)

Summary An exploitable integer overflow vulnerability exists in the tiffimageparse functionality of Gdk-Pixbuf 2.36.6 when compiled with Clang. A specially crafted tiff file can cause a heap-overflow resulting in remote code execution. An attacker can send a file or a URL to trigger this...

6.8CVSS8.5AI score0.02612EPSS
Exploits2
seebug.org
seebug.org
added 2017/08/11 12:0 a.m.56 views

ThinkPHP5. 0. 10-3. 2. 3 cache function design flaws can lead to Getshell

0x00 framework operating environment ThinkPHP is a free open source, fast, simple object-oriented lightweight PHP development framework, in order to agile WEB application development and simplify enterprise application development and birth. ThinkPHP from inception has been adhering to the simple...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2017/04/14 12:0 a.m.56 views

Windows Kernel win32k.sys multiple bugs in the NtGdiGetDIBitsInternal system call (CVE-2017-0058)

We have discovered two bugs in the implementation of the win32k!NtGdiGetDIBitsInternal system call, which is a part of the graphic subsystem in all modern versions of Windows. The issues can potentially lead to kernel pool memory disclosure bug 1 or denial of service bug 1 and 2. Under certain...

1.9CVSS6.9AI score0.03655EPSS
Exploits2
seebug.org
seebug.org
added 2017/04/14 12:0 a.m.56 views

Windows Kernel stack memory disclosure in win32kfull!SfnINLPUAHDRAWMENUITEM (CVE-2017-0167)

We have discovered that it is possible to disclose portions of uninitialized kernel stack memory to user-mode applications in Windows 10 indirectly through the win32k! NtUserPaintMenuBar system call, or more specifically, through the user32! fnINLPUAHDRAWMENUITEM user-mode callback 107 on Windows...

2.1CVSS6.5AI score0.05587EPSS
Exploits2
seebug.org
seebug.org
added 2017/03/03 12:0 a.m.56 views

2017 Visual Studio Code Workspace settings code execution

The following issue constitutes an arbitrary code execution vulnerability in Visual Studio Code herein referred to as "Code". Users should upgrade to Code 1.9.0 or later. says: Visual Studio Code is a source code editor developed by Microsoft for Windows, Linux and macOS. It includes support for...

7.7AI score
Exploits0
seebug.org
seebug.org
added 2016/05/30 12:0 a.m.56 views

天融信TopApp-AD /acc/network/redial_pppoe.php等多处命令执行漏洞

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/05/18 12:0 a.m.56 views

万户ezOffice协同办公管理平台Voituregetsource.jsp svoitureid参数存在sql注入漏洞

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/03/31 12:0 a.m.56 views

shopnc /shop/index.php?act=member&op=address&inajax=1 sql注入漏洞(需要登录)

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/03/19 12:0 a.m.56 views

用友优普U8系统 /Server/CmxGetAppNameByUserName.php等2处 SQL注入漏洞

0x01漏洞简介 用友优普U8系统在以下2处存在SQL注入漏洞: 1/Server/CmxGetAppNameByUserName.php 参数User 2/Server/CmxCS.php 参数pgid 远程攻击者无需登陆,可以利用该漏洞执行SQL指令。 0x02漏洞利用 1sql注入1 sqlmap.py -u "...:8080/Server/CmxCS.php?pgid=CSRemove" --dbms mysql --technique T --cookie "RASAdminUserInfoUserName=1" --data "CSID=1&CSID=1" -p CSID ...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/03/11 12:0 a.m.56 views

极限OA系统 /logincheck.php SQL注入漏洞

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/01/15 12:0 a.m.56 views

泛微oa /iweboffice/officeserver.php 任意文件上传getshell

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/01/11 12:0 a.m.56 views

B&B ELECTRONICS XR5i v2E/XR5i v2/XR5i/XR5i SL 弱口令

参考链接: http://www.cd.lucom.de/vpn-industrie-router/dokumentation/handbuch/xr5iv2e-guide.pdf...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2015/10/10 12:0 a.m.56 views

科信邮件系统 (KXmail)/prog/get_composer_att.php 任意文件下载漏洞

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2015/10/10 12:0 a.m.56 views

Zblog 2.0 /zb_install/index.php 本地文件包含漏洞

问题出现在zbinstall/index.php中 $zbloglang=&$zbp-option'ZCBLOGLANGUAGEPACK'; //首先定义zbloglang ifisset$POST'zbloglang'$zbloglang=$POST'zbloglang';//如果设置了post的 就用post传递来的做这变量了。 因为zblog防止sql注入都是通过在查询函数的时候 不采用拼接 所以他们也没对post转义 这样是注入少了 但是也造成了这里的漏洞。 $zbp-LoadLanguage'system','',$zbloglang;//跟跟跟...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2015/09/19 12:0 a.m.56 views

WordPress <= 4.3.0 跨站脚本漏洞

WordPress 在编辑文章内容时允许使用简码(shorcodes)来表示资源(图片,链接等)。WordPress 中开启了白名单机制去过滤 HTML 标签,只有在白名单规则里的标签,才允许被使用,并且会使用专用脚本 "KSES" 去检测和过滤这些 HTML 标签。这里需要说明的是,WordPress 对 HTML 标签的检测和过滤发生在将内容插入数据库时,而简码的解析渲染发生在将内容输出到页面时,下面简单用例子说明一下两个处理过程的差别,编辑文章插入内容为:TEST!!!caption width="1" caption='a href="'...

4.3CVSS6.1AI score0.06389EPSS
Exploits2
seebug.org
seebug.org
added 2015/09/18 12:0 a.m.56 views

施耐德(Schneider) Modicon PLC 数据包重放远程控制(Start/Stop Command)

施耐德Modicon系列PLC支持通过Unity Pro软件控制PLC,包括程序的上传下载、设备的启动关闭等管理员权限操作。该软件与PLC设备的通信无加密与身份认证,可进行数据包重放攻击。抓包分析:远程关闭设备:说明:该攻击通过以下POC实现较为容易,攻击能使得远程PLC直接停止运行,可能会对目标所在工业运行环境造成严重后果。可以通过pocsuite去验证漏洞存在,验证模式不会对设备造成影响,建议不要轻易尝试攻击。切记。...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2015/08/31 12:0 a.m.56 views

Multiple EMC RSA Products ESA-2015-081 Multiple Security Vulnerabilities

受影响的产品: RSA BSAFE Micro Edition Suite MES all 4.1.x versions prior to 4.1.3 RSA BSAFE Micro Edition Suite MES all 4.0.x versions prior to 4.0.8 RSA BSAFE Crypto-C Micro Edition Crypto-C ME 4.1 RSA BSAFE Crypto-C Micro Edition Crypto-C ME all versions prior to 4.0.4 RSA BSAFE Crypto-J all versions...

7.5CVSS7.8AI score0.02644EPSS
Exploits2
seebug.org
seebug.org
added 2015/03/22 12:0 a.m.56 views

53KF一处通用注入通杀旗下大部分域名

简要描述: RT 详细说明: 案例如下: http://www3.53kf.com/zdydbgg2.php?styleid=103458019&companyid=62748324&dbggtype=2 http://www22.53kf.com/zdydbgg2.php?styleid=103766842&companyid=70818335&dbggtype=2 http://www17.53kf.com/zdydbgg2.php?styleid=106052692&companyid=72028138&dbggtype=2...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2015/02/10 12:0 a.m.56 views

phpems设置缺陷直接添加管理员导致getshell

简要描述: phpems 默认uckey是1234567890 导致可以用uc的加密函数加密恶意代码带到sql语句中。 详细说明: if!defined'INUC' errorreporting0; setmagicquotesruntime0; defined'MAGICQUOTESGPC' || define'MAGICQUOTESGPC', getmagicquotesgpc; requireonce 'config.inc.php'; $DCACHE = $get = $post = array; $code = @$GET'code'; //code=加密代码...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/10/31 12:0 a.m.56 views

万户OA未修补漏洞致多个政府&amp;集团OA中招

简要描述: 该漏洞在7月份已经有人在wooyun报了,可修补效果几乎为0。 详细说明: 瘦蛟舞 提交的漏洞地址: WooYun: 万户OA任意文件上传导致代码执行(多处总结) 漏洞还是瘦蛟舞(http://www.wooyun.org/whitehats/%E7%98%A6%E8%9B%9F%E8%88%9E)提交的漏洞。 于是用google搜索:inurl:7001/defaultroot 有324条记录。 随便测其中一个上传: 被改名的文件名直接返回到页面: 然后访问:...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/09/24 12:0 a.m.56 views

新云cms建站系统存在ewebeditor上传和iis解析漏洞可批量getshell

简要描述: 详细说明: 新云cms建站系统存在ewebeditor上传和iis解析漏洞,可批量getshell. 利用ewebeditor上传漏洞可以新建一个1.asp的文件夹,再配合iis的解析漏洞就可以成功的拿到shell. 可通过谷歌获得大量的漏洞网站,关键字如下: inurl:Showservices.asp?id= inurl:showkbxx.asp?id= None...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/09/18 12:0 a.m.56 views

KesionCMS X1 /KS_Data/KesionCMSX1.mdb 数据库发现漏洞

默认的数据库文件在KSData目录下的 KesionCMSX1.mdb,攻击者可以直接下载。漏洞利用过程访问地址http://127.0.0.1/KSData/KesionCMSX1.mdb !/usr/bin/env python coding=utf-8 test: import urllib2 from comm import cmdline from comm import generic pocinfo = 'VulId' : '1503', webvul的ID号 'Name' : 'KesionCMS X1 /KSData/KesionCMSX1.mdb 数据库发现漏洞...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/09/16 12:0 a.m.56 views

shop7 价格处注入

简要描述: price.asp 文件注入 详细说明: price.asp文件 96行 if kind"" then sql="select pkid,model,productname,smallpicpath,price1,price"&session"customkind"&",kindname,pipai,addtime from viewproduct where kind like '"&kind&"%' and updown='1' order by pkid desc" else sql="select...

7.7AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.56 views

Dexter (CasinoLoader) Panel - SQL Injection

No description provided by source. Exploit Title: Dexter CasinoLoader Panel SQLi Date: Feb, 13, 2014 Exploit Author: Brian Wallace @botnethunter Version: CasinoLoader Tested on: Windows 7, Ubuntu, Debian import pycurl import urllib import cStringIO import base64 import argparse import sys import...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.56 views

Wordpress HTML5 AV Manager Plugin 0.2.7 - Arbitrary File Upload

No description provided by source. Description : Wordpress Plugins - HTML5 AV Manager for WordPress Shell Upload Vulnerability Version : 0.2.7 Link : http://wordpress.org/extend/plugins/html5avmanager/ Plugins : http://downloads.wordpress.org/plugin/html5avmanager.0.2.7.zip Date : 26-05-2012 Goog...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.56 views

Blender 2.34, 2.35a, 2.4, 2.49b .blend File Command Injection

No description provided by source. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ Blender .blend Project Arbitrary Command Execution 1. Advisory Information Title: Blender .blend Project Arbitrary Command Executio...

9.3CVSS6.5AI score0.09439EPSS
Exploits8
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.56 views

Linux Kernel - Sendpage Local Privilege Escalation

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' require 'rex' require...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.56 views

MS HyperV Persistent DoS Vulnerability

No description provided by source. Core Security Technologies - Corelabs Advisory http://corelabs.coresecurity.com/ MS HyperV Persistent DoS Vulnerability 1. Advisory Information Title: MS HyperV Persistent DoS Vulnerability Advisory ID: CORE-2011-0203 Advisory URL:...

4.9CVSS6.4AI score0.02644EPSS
Exploits6
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.56 views

Oracle WebCenter Sites (FatWire Content Server) Multiple Vulnerabilities

No description provided by source. SEC Consult Vulnerability Lab Security Advisory 20121017-2 ======================================================================= title: Multiple vulnerabilities in Oracle WebCenter Sites product: Oracle WebCenter Sites former FatWire Content Server vulnerable...

4.9CVSS6.5AI score0.04455EPSS
Exploits5
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.57 views

Microsoft Windows XP/2000/NT 4 ntdll.dll Buffer Overflow Vulnerability (1)

No description provided by source. source: http://www.securityfocus.com/bid/7116/info The Windows library ntdll.dll includes a function that does not perform sufficient bounds checking. The vulnerability is present in the function RtlDosPathNameToNtPathNameU and may be exploited through other...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.56 views

Coppermine Photo Gallery <= 1.4.20 (IMG) Privilege Escalation Exploit

No description provided by source. !/usr/bin/perl inphex - inphex0 at gmail dot com based on http://milw0rm.com/exploits/8114 - found by StAkeR In case this does not work check out posLine 80 and find another value for it use IO::Socket; use LWP::UserAgent; use LWP::Simple; use HTTP::Cookies; $1 ...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.56 views

Spaceacre Multiple SQL Injection Vulnerability

No description provided by source. Spaceacre Multiple SQL Injection Vulnerability by Wiro Sablenk aka Gendenk vendor :http://www.spaceacre.com/ dork: Designed by Spaceacre poc: http://target/cat1.php?catID=SQL http://target/cat2.php?catID=SQL http://target/cat3.php?catID=SQL...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.56 views

Android Zygote - Socket Vulnerability Fork bomb Attack

No description provided by source. BootReceiver.java / Android Application that performs the fork bomb attack http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3918 Further informations can be found at http://www.ai-lab.it/bugAndroid/bugAndroid.html @author Luca Verderame...

7.8CVSS6.6AI score0.01354EPSS
Exploits6
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.56 views

Microsoft Windows NT 4.0 MSIEXEC Registry Permissions Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1835/info Due to weak permission settings for the registry key that handles the Microsoft Installer Service MSIEXEC, it is possible for a local user on Windows NT to escalate their privilege level. The file extension...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.56 views

UseBB 1.0.7 install/upgrade-0-3.php PHP_SELF Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/24990/info UseBB is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.56 views

John Donoghue Knapster 0.9/1.3.8 File Access Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1186/info Various open source clones of the Napster software package have a vulnerability by which users may view files on a machine running a vulnerable Napster clone client. The file access is limited to files accessibl...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.56 views

Ruby <= 1.9.1 WEBrick Terminal Escape Sequence in Logs Command Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/37710/info Ruby WEBrick is prone to a command-injection vulnerability because it fails to adequately sanitize user-supplied input in log files. Attackers can exploit this issue to execute arbitrary commands in a terminal...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.56 views

DMXReady Contact Us Manager <= 1.1 - Remote Contents Change Vuln

No description provided by source. Title : DMXReady Contact Us Manager = 1.1 Remote Contents Change Vulnerability Author : ajann from Turkey Contact : : S.Page : http://www.dmxready.com $$ : 49.97 $ Dork : inurl:inccontactusmanager.asp DorkEx :...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.56 views

QNAP Turbo NAS 3.6.1 Build 0302T Multiple Vulnerabilities

No description provided by source. Sense of Security - Security Advisory - SOS-12-006 Release Date. 13-Jun-2012 Last Update. - Vendor Notification Date. 12-Mar-2012 Product. QNAP Platform. Turbo NAS verified and possibly others Affected versions. Firmware Version: 3.6.1 Build 0302T and prior...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.56 views

frontaccounting 1.12 build 31 - Remote File Inclusion Vulnerability

0x01漏洞简介 FrontAccounting 1.12 Build 31的config.php中存在PHP远程文件包含漏洞。远程攻击者可以借助pathtoroot参数中的一个URL,执行任意PHP代码。 0x02漏洞分析 漏洞代码位于config.php文件中,如下所示: includeonce$pathtoroot . "/configdb.php"; includeonce$pathtoroot . "/includes/lang/language.php"; 参数$pathtoroot没有进行正确的处理,导致了文件包含漏洞的产生。 0x03漏洞利用...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.56 views

Nvidia (nvsvc) Display Driver Service - Local Privilege Escalation

No description provided by source. This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'rex' require 'msf/core/post/common' require 'msf/core/post/windows/priv' require...

7.2CVSS0.4AI score0.04472EPSS
Exploits6
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.56 views

Clipbucket 2.5 - Directory Traversal

No description provided by source. Author: loneferret of Offensive Security Product: ClipBucket Version: 2.5 and maybe older versions Vendor Site: http://clip-bucket.com/ Software Download: http://sourceforge.net/projects/clipbucket/ Software description: ClipBucket is an OpenSource Multimedia...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.56 views

Dotproject 2.0 /modules/projects/gantt2.php dPconfig[root_dir] Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/16648/info Dotproject is prone to multiple remote file-include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit these issues to includ...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.56 views

4images 1.7.6 - 9 - CSRF Inject PHP Code

No description provided by source. !/usr/bin/perl Title : 4images 1.7.6 9 Csrf inject php code Author : Or4nG.M4n Version : 1.7.6 9 Homepage : http://www.4homepages.de/ Dork : Powered by 4images video : http://youtu.be/NYFzC9hH54 Thnks+----------------------------------+ | xSs m4n i-Hmx h311c0d3...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.56 views

Wordpress Foxypress Plugin 0.4.1.1 - 0.4.2.1 - Arbitrary File Upload

No description provided by source. Description : Wordpress Plugins - Foxypress Shell Upload Vulnerability Version : 0.4.1.1 - 0.4.2.1 Link : http://wordpress.org/extend/plugins/foxypress/ Plugins : http://downloads.wordpress.org/plugin/foxypress.zip Date : 26-05-2012 Google Dork :...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.56 views

McMurtrey/Whitaker & Associates Cart32 3.0/3.1/3.5 Path Disclosure Vulnerability

No description provided by source. source : http://www.securityfocus.com/bid/1932/info Cart32 is a shopping cart application for e-commerce enabled sites. Cart32 contains a vulnerability which reveals server information. Requesting a specially crafted URL, by way of the CGI application, will reve...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.56 views

Oracle VirtualBox 3D Acceleration - Multiple Vulnerabilities

No description provided by source. Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ Oracle VirtualBox 3D Acceleration Multiple Memory Corruption Vulnerabilities 1. Advisory Information Title: Oracle VirtualBox 3D Acceleration Multiple Memory Corruption Vulnerabilities Advisory...

6.9CVSS6.8AI score0.08195EPSS
Exploits13
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.56 views

Adobe Flash Player Regular Expression Heap Overflow

No description provided by source. This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 Msf::Exploit::Remote Rank = NormalRanking include Msf::Exploit::Remote::BrowserExploitServer def...

9.3CVSS0.3AI score0.77597EPSS
Exploits10
seebug.org
seebug.org
added 2014/06/19 12:0 a.m.56 views

Discuz某默认插件存在本地文件包含漏洞(需后台配置权限可拿shell)

简要描述: 18号更新了程序 所以我们首当其冲的先来检测检测 详细说明: 看见木有有个微信登陆功能 漏洞也出现在这里 无截断 所以不鸡肋 接下来看代码 文件在source\plugin\wechat\wechat.class.php static public function redirect$type global $G; $hook = unserialize$G'setting''wechatredirect'; if !$hook || !inarray$hook'plugin', $G'setting''plugins''available' return;...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/06/04 12:0 a.m.56 views

NetGear DGN2200 N300无线路由器多个漏洞

Title: Multiple vulnerabilities in NETGEAR N300 WIRELESS ADSL2+ MODEM ROUTER DGN2200 ==================================================================================== Notification Date: 11 February 2014 Affected Vendor: NetGear Affected Hardware: NetGear DGN2200 N300 Wireless ADSL2+ Modem Rout...

8.6AI score
Exploits0
Total number of security vulnerabilities5000