Lucene search
+L
SeebugRecent

56796 matches found

seebug
seebug
added 2014/07/01 12:0 a.m.27 views

iPhone MobileSafari LibTIFF Buffer Overflow

No description provided by source. $Id: safarilibtiff.rb 10394 2010-09-20 08:06:27Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.10 views

Webfroot Shoutbox 2.32 Remote Command Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7746/info Shoutbox is prone to an issue that may result in the execution of attacker-supplied code. The vulnerability exists due to insufficient sanitization of the 'conf' URI parameter. An attacker can exploit this...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.16 views

Lodel CMS 0.7.3 Calcul-Page.PHP Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/20551/info Lodel CMS is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. A successful exploit of this issue allows an attacker to execute arbitrary server-side script...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.15 views

Synkron.Web 3.0 HTML Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7833/info Synkron.web is prone to HTML injection attacks. The vulnerability exists in the search script and is a result of insufficient sanitization of malicious HTML code from user-supplied input. HTML and script code ma...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.146 views

Paddelberg Topsite Script Authentication Bypass Vulnerability

No description provided by source. Exploit Title: Paddelberg's topsite-script admin auth bypass. Google Dork: intext:powered by php scripte webmaster resource Date: 8. 1. 2012 Author: Christian Inci Software Link: http://www.paddelberg.de/gratis-toplisten-script/gratis-download/ Version: = 1.23 2...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.23 views

ArGoSoft FTP Server 1.2.2 .2 Weak Password Encryption Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/3029/info ArGoSoft FTP server is an FTP server for the Windows platform. A design error exists in ArGoSoft FTP which enables an authenticated user to view other users encrypted passwords. However due to a weak encryption...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.15 views

osCommerce 2.2 manufacturers_id Parameter Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/9277/info A vulnerability has been reported to exist in the software that may allow a remote user to launch cross-site scripting attacks. The problem is reported to exist due to improper sanitizing of user-supplied data i...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.16 views

Winds3D Viewer 3 'GetURL()' Arbitrary File Download Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/35595/info Winds3D Viewer is prone to a vulnerability that can allow malicious files to be downloaded an executed within the context of the affected browser that uses the plugin. Successfully exploiting this issue will...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.8 views

Google Chrome 3.0 Style Sheet Redirection Information Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/37917/info Google Chrome is prone to a remote information-disclosure vulnerability. Attackers can exploit this issue to obtain potentially sensitive information that may lead to further attacks. link rel=stylesheet...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.13 views

ZilekPortal 1.0 Haberdetay.ASP SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/20062/info ZilekPortal is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.19 views

AVCON H323Call Buffer Overflow

No description provided by source. !/usr/bin/perl Exploit Title: AVCON H323Call Buffer Overflow Date: 5/9/10 Author: Dillon Beresford URL: http://www.avcon.com.cn/ Versions: 4.6.8.7 | 4.6.4.0 Tested on: XP SP2 and SP3 CVE : NONE Code : exploit.pl Twitter: http://twitter.com/D1N Download:...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.21 views

Halloween Linux 4.0,RedHat Linux 6.1/6.2 imwheel Vulnerability (2)

No description provided by source. source: http://www.securityfocus.com/bid/1060/info A vulnerability exists in the 'imwheel' package for Linux. This package is known to be vulnerable to a buffer overrun in its handling of the HOME environment variable. By supplying a sufficiently long string...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.24 views

Flux Player 3.1.0 iOS - Multiple Vulnerabilities

No description provided by source. Title: ====== Flux Player v3.1.0 iOS - File Include & Arbitrary File Upload Vulnerability Date: ===== 2013-07-16 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=1013 VL-ID: ===== 1013 Common Vulnerability Scoring System:...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.13 views

AVCon DEP Bypass

No description provided by source. DEP Bypass for OptIn/OptOut all modules used are not aslr aware script produces a text file, copy the contents paste in the input field next to the call button discovered by Dillon Beresford import sys from struct import pack print \n===================== print...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.18 views

Forum Rank System 6 - 'settings['locale']' Parameter Multiple Local File Include Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/29077/info Forum Rank System is prone to local file-include vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can exploit these vulnerabilities using directory-traversal strings to vie...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.24 views

PlutoStatus Locator 1.0pre alpha 'index.php' Local File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/27802/info PlutoStatus Locator is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability using directory-traversal strings to...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.18 views

Invision Power Services Invision Board 2.0.4 Help Action HID Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/17144/info Invision Power Board is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issu...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.18 views

Ashwebstudio Ashnews 0.83 Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/16426/info Ashnews is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.12 views

iParty Conferencing Server Denial of Service Vulnerability

No description provided by source...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.29 views

Wordpress Buddypress Plugin 1.9.1 - Privilege Escalation

No description provided by source. Exploit Title: Wordpress plugin Buddypress = 1.9.1 privilege escalation Date: 11/02/2014 Exploit Author: Pietro Oliva Vendor Homepage: http://buddypress.org Software Link: http://downloads.wordpress.org/plugin/buddypress.1.9.1.zip Version: 1.9.1 CVE :...

6.4AI score0.10817EPSS
Exploits6
seebug
seebug
added 2014/07/01 12:0 a.m.11 views

eGroupWare 1.0 sitemgr-site/index.php category_id Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/13212/info eGroupWare is prone to multiple input validation vulnerabilities. A fixed version is available. The issues arise due to a failure of the application to properly validate user-supplied input. These issues result...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.13 views

jetAudio 8.0.0.2 Basic (m3u) Stack Overflow Exploit

No description provided by source. !/usr/bin/perl Title: jetAudio 8.0.0.2 Basic m3u Stack Overflow Exploit Author: cr4wl3r cr4wl3r!linuxmail.org Tested: Windows xpsp2 my $file=b00m.m3u; my $header = http://; my $junk = A x 1017; my $nseh = \xeb\x06\x90\x90; my $seh = pack'V',0x01221045; my...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.24 views

IBM DB2 db2govd Command Line Argument Local Overflow

No description provided by source. source: http://www.securityfocus.com/bid/8990/info IBM DB2 has been reported to be prone to multiple buffer overflow vulnerabilities that present themselves in binaries that are shipped with DB2. The vulnerabilities are likely caused due to a lack of sufficient...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.11 views

Xlight FTP Server 1.25/1.41 PASS Command Remote Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/9285/info It has been reported that Xlight FTP Server is prone to a remote buffer overflow condition that may allow an attacker to gain unauthorized access to a system running the vulnerable software. The issue presents...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.16 views

Zoomla /API/GetPageHtml.aspx 任意文件下载漏洞

No description provided by source...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.16 views

Microsoft Internet Explorer 5/6 Browser Popup Window Object Type Validation Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8556/info Internet Explorer does not properly handle object types, when rendering malicious popup windows. This may result in the possibility of the execution of malicious software. The problem occurs when Internet Explor...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.19 views

MS10-073 Windows Class Handling Vulnerability

No description provided by source. include windows.h / Source: http://mista.nu/blog/2010/12/01/windows-class-handling-gone-wrong/ / int mainint argc, char argv WNDCLASSA Class = 0; CREATESTRUCTA Cs = 0; FARPROC MenuWindowProcA; HMODULE hModule; HWND hWindow; Class.lpfnWndProc = DefWindowProc;...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.19 views

WordPress MM Duplicate plugin <= 1.2 - SQL Injection Vulnerability

No description provided by source. Exploit Title: WordPress MM Duplicate plugin = 1.2 SQL Injection Vulnerability Date: 2011-08-22 Author: Miroslav Stampar miroslav.stamparatgmail.com @stamparm Software Link: http://downloads.wordpress.org/plugin/mm-duplicate.zip Version: 1.2 tested --- PoC ---...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.24 views

Dick Lin ZetaMail 2.1 Login DoS Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/813/info The ZetaMail mail server will crash if a username/password pair longer than 3500 characters is supplied by the client. 19636-1.exe - binary for windows 19636-2.zip - source for windows 19636-3.tgz - source for...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.15 views

Magic Photo Storage Website user/user_extend.php _config[site_path] Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/21965/info Magic Photo Storage Website is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to compromise the...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.18 views

PHP-Nuke 7.x Block-Old_Articles.PHP SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/22037/info PHP-Nuke is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.9 views

Essentia Web Server 2.1 Long URL Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/4159/info Essentia Web Server is a multi-threaded HTTP server designed for Microsoft Windows and Linux environments. Essentia is maintained by Essen. Essentia is prone to a remote denial of service. This condition may be...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.25 views

MS Internet Explorer GDI+ - Proof of Concept (MS08-052)

No description provided by source. html head STYLE ef: behavior: urldefaultVML; /STYLE /head body pre ================================================ MS08-052: GDI+ Vulnerability ------------------------------------------------ Operating System: XP SP2 Internet Explorer Version: 6.0.2900.2180...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.14 views

CGIWrap 2.x/3.x Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/3081/info CGIWrap is a free, open-source program for running CGI securely. CGIWrap does not filter embedded scripting commands from user-supplied input. A web user may submit a malicious link into any form which displays...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.18 views

linux/x86 setuid(0) + execve("/bin/sh", ["/bin/sh", NULL]) 31 bytes

No description provided by source. / Linux/x86 setuid0 + execve/bin/sh, /bin/sh, NULL - 31 bytes - [email protected] / char shellcode = \x6a\x17 // push $0x17 \x58 // pop %eax \x31\xdb // xor %ebx, %ebx \xcd\x80 // int $0x80 \x31\xd2 // xor %edx, %edx \x6a\x0b // push $0xb \x58 // pop %eax \x52 //...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.18 views

Mediacoder 0.7.5.4792 - Buffer Overflow Exploit (SEH)

No description provided by source. Exploit Title: Mediacoder 0.7.5.4792 SEH Buffer Overflow Exploit Date: 11/29/2010 Author: 0v3r Software Link: http://www.mediacoderhq.com/mirrors.htm?file=MediaCoder-0.7.5.4792.exe Version: 0.7.5.4792 Tested on: Windows XP SP3 EN CVE: N/A !/usr/bin/python...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.10 views

w-CMS 2.0.1 - Remote Code Execution Vulnerability

No description provided by source...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.12 views

Text File Search Classic TextFileSearch.ASP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/25350/info Text File Search Classic is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.10 views

primitive cms 1.0.9 - Multiple Vulnerabilities

No description provided by source. Exploit Title: Primitive CMS 1.0.9 Multiple Vulnerabilities Date: 20.09.2010 Author: Stephan Sattler // Solidmedia.de Software Website: http://www.bouzouste.info/ Software Link: http://www.bouzouste.info/link/click.php?id=1 Version: 1.0.9 Vulnerability 1...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.41 views

Joomla JE Media Player Component LFI Vulnerability

No description provided by source. Name : Joomla je-media-player LFI Vulnerability Date : june, 26 2010 Critical Level : HIGH Vendor Url : http://joomlaextensions.co.in/extensions/components/je-media-player.html Google Dork: inurl:/components/je-media-player.html? Price:$15.00 Author : Sid3^effec...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.14 views

Free Realty 3.1-0.6 - Multiple Vulnerabilities

No description provided by source...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.27 views

Pine <= 4.56 Remote Buffer Overflow Exploit

No description provided by source. / Mon Sep 15 09:35:01 CEST 2003 remote? Pine = 4.56 exploit by sorbo sorbox yahoo com darkirco Ok won't talk much about the bug since as usual idefense advisories are proper advisories and explain everything... exploiting the bug is trivial after reading the adv...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.13 views

Faq-O-Matic 2.711 Multiple Cross-Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/16251/info Faq-O-Matic is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to hav...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.10 views

Alt-N MDaemon 2-8 Remote Pre-Authentication IMAP Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/18129/info Alt-N MDaemon IMAP Server is susceptible to a remote buffer-overflow vulnerability. This issue is due to the application's failure to properly bounds-check user-supplied input before copying it to an...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.38 views

ownCloud 6.0.0a - Multiple Vulnerabilities

No description provided by source. Exploit Title: ownCloud 6.0.0a File Deletion XSS and CSRF Protection Bypass Vendor Homepage: www.ownCloud.org OwnCloud Version: 6.0.0a Browsers tested: Iceweasel 22.0; Internet Explorer 11; Server: Debian. Default LAMP set-up. Exploit Author: James Sibley absane...

3.7CVSS5.8AI score0.03148EPSS
Exploits6
seebug
seebug
added 2014/07/01 12:0 a.m.21 views

Linux Kernel <= 2.6.3 (setsockopt) Local Denial of Service Exploit

No description provided by source. / setsockopt proof of concept code by Julien TINNES julien a.t cr0.org vulnerability found as always by Paul Starzetz This is only a lame POC which will crash the machine, no root shell here. Maybe later, when everybody will have an updated box. It should work o...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.11 views

Wordpress Dimension Theme - CSRF Vulnerability

No description provided by source. Title : Wordpress Dimension Themes CSRF File Upload Vulnerability Author : DevilScreaM Date : 11/17/2013 - 17 November 2013 Category : Web Applications Type : PHP Vendor : http://themeforest.net Download :...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.14 views

PunBBAnnuaire <= 0.4 - Blind SQL Injection Vulnerability

No description provided by source. PunBBAnnuaire =0.4 Blind SQL Injection Vulnerability ======================================================== .:. Author : Metropolis .:. Home : http://xrayoptics.by.ru/ .:. Script : PunBBAnnuaire .:. Version : 0.4 .:. Download Script:...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.19 views

symphony cms 2.3 - Multiple Vulnerabilities

No description provided by source. Symphony cms 2.3 multiple vulnerabilities -------------------------------------------------------------------------------------------- 20121017 - Justanotherhacker.com : Symphony cms - Multiple vulnerabilities JAHx122 -...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.17 views

Captaris Infinite WebMail 3.61.5 HTML Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/6411/info An HTML injection vulnerability has been discovered in Captaris Infinite WebMail. Due to insufficient sanitization of HTML content, it is possible for an attacker to embed malicious script code into HTML email...

7.1AI score
Exploits0
Total number of security vulnerabilities56796